reurl.cc Open in urlscan Pro
35.185.130.121 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://reurl.cc/MRLnD
Effective URL:
https://reurl.cc/MRLnD
Submission: On April 15 via manual (April 15th 2023, 8:02:53 am UTC) from GB — Scanned from GB

Summary HTTP 349 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 57 IPs in 7 countries across 34 domains to perform 349 HTTP transactions. The main IP is 35.185.130.121, located in Taipei, Taiwan and belongs to GOOGLE, US. The main domain is reurl.cc. The Cisco Umbrella rank of the primary domain is 253294.
TLS certificate: Issued by R3 on March 23rd 2023. Valid for: 3 months.

This is the only time reurl.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 7	35.185.130.121 35.185.130.121	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
21	203.75.214.136 203.75.214.136	3462 (HINET Dat...) (HINET Data Communication Business Group)
1	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
1	35.186.215.140 35.186.215.140	15169 (GOOGLE) (GOOGLE)
28	18.65.39.127 18.65.39.127	16509 (AMAZON-02) (AMAZON-02)
34	2600:9000:223... 2600:9000:223c:4800:0:e06c:e940:93a1	16509 (AMAZON-02) (AMAZON-02)
33	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
8	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	35.244.196.223 35.244.196.223	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
4	210.59.219.180 210.59.219.180	3462 (HINET Dat...) (HINET Data Communication Business Group)
4	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
2	52.69.218.118 52.69.218.118	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.227.194.51 35.227.194.51	15169 (GOOGLE) (GOOGLE)
1	192.0.78.244 192.0.78.244	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2606:4700::68... 2606:4700::6810:fc04	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.102.176.152 34.102.176.152	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.185.136.122 35.185.136.122	15169 (GOOGLE) (GOOGLE)
1	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
4	52.194.43.130 52.194.43.130	16509 (AMAZON-02) (AMAZON-02)
1	34.95.67.231 34.95.67.231	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 5	35.201.76.93 35.201.76.93	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a00:1450:400... 2a00:1450:400c:c0d::9b	15169 (GOOGLE) (GOOGLE)
3 10	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
6	210.59.219.181 210.59.219.181	3462 (HINET Dat...) (HINET Data Communication Business Group)
10	2a02:2638:3::7 2a02:2638:3::7	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	103.132.192.30 103.132.192.30	138552 (RTBHOUSE-...) (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD.)
2	162.210.196.208 162.210.196.208	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
7	54.238.32.19 54.238.32.19	16509 (AMAZON-02) (AMAZON-02)
5	2600:9000:225... 2600:9000:2250:a800:3:1794:2540:93a1	16509 (AMAZON-02) (AMAZON-02)
7	2a02:2638:d::2 2a02:2638:d::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
8 16	35.190.36.98 35.190.36.98	15169 (GOOGLE) (GOOGLE)
8 8	172.105.221.240 172.105.221.240	63949 (AKAMAI-AP...) (AKAMAI-AP Akamai Technologies)
2 6	210.59.219.175 210.59.219.175	3462 (HINET Dat...) (HINET Data Communication Business Group)
4 8	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
16	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
6	178.250.7.13 178.250.7.13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5 5	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
2 2	2.19.35.65 2.19.35.65	16625 (AKAMAI-AS) (AKAMAI-AS)
4	104.109.78.125 104.109.78.125	16625 (AKAMAI-AS) (AKAMAI-AS)
4	192.96.203.13 192.96.203.13	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
3	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
23	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
2	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
1	35.227.249.156 35.227.249.156	() ()
2	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1 2	142.250.185.230 142.250.185.230	() ()
3	2a00:1450:400... 2a00:1450:4001:813::2002	() ()
1	210.59.219.38 210.59.219.38	() ()
1	2a00:1450:400... 2a00:1450:4001:812::2006	() ()
1	23.35.237.151 23.35.237.151	() ()
349	57

7 35.185.130.121 (Taipei, Taiwan) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 121.130.185.35.bc.googleusercontent.com

reurl.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 203.75.214.136 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-75-214-136.hinet-ip.hinet.net

t.ssp.hinet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
5f55589a-f605-48a4-ba3f-e32c0a1ae6a0.t.ssp.hinet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.215.140 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 140.215.186.35.bc.googleusercontent.com

ad.sitemaji.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 18.65.39.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-39-127.ams1.r.cloudfront.net

img.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2600:9000:223c:4800:0:e06c:e940:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
scontent.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.196.223 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 223.196.244.35.bc.googleusercontent.com

storage.re-news.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 210.59.219.180 (Taichung, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 210-59-219-180.hinet-ip.hinet.net

bw.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.69.218.118 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-69-218-118.ap-northeast-1.compute.amazonaws.com

referer-log.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

img.gbyhn.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.racingcharger.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.194.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.194.227.35.bc.googleusercontent.com

www.rayskyinvest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.78.244 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

creditcards.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:fc04 (United States)

ASN13335 (CLOUDFLARENET, US)

mma.prnasia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.176.152 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 152.176.102.34.bc.googleusercontent.com

static.wixstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.185.136.122 (Taipei, Taiwan)

ASN15169 (GOOGLE, US)
PTR: 122.136.185.35.bc.googleusercontent.com

re-news.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i2.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.194.43.130 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-194-43-130.ap-northeast-1.compute.amazonaws.com

cm-dev-poc.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.67.231 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 231.67.95.34.bc.googleusercontent.com

fcm.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.201.76.93 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 93.76.201.35.bc.googleusercontent.com

c.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0d::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 210.59.219.181 (Taichung, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 210-59-219-181.hinet-ip.hinet.net

prebid.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net

prebid-asia.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.210.196.208 (Wilmington, United States)

ASN30633 (LEASEWEB-USA-WDC, US)

hb.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 54.238.32.19 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-238-32-19.ap-northeast-1.compute.amazonaws.com

ad.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2250:a800:3:1794:2540:93a1 (United States)

ASN16509 (AMAZON-02, US)

adcdn.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 35.190.36.98 (Kansas City, United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: 98.36.190.35.bc.googleusercontent.com

ad2.apx.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.105.221.240 (Tokyo, Japan) 8 redirects

ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG)
PTR: li1875-240.members.linode.com

gocm.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 210.59.219.175 (Taichung, Taiwan) 2 redirects

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 210-59-219-175.hinet-ip.hinet.net

rec.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:2638:3::c (France) 4 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.194 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.19.35.65 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 192.96.203.13 (Fort Scott, United States)

ASN30633 (LEASEWEB-USA-WDC, US)

sync.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a7a1674dc4c1e15bcd4582a4bca6c9b8.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ff4f0d2892eebc3b05e0b2b8903afd19.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
7457cbdadf303cf3663357f1daae2933.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.249.156 (None, )

ASN- ()

m.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.230 (None, ) 1 redirects

ASN- ()

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2002 (None, )

ASN- ()

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 210.59.219.38 (None, )

ASN- ()

u.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2006 (None, )

ASN- ()

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.237.151 (None, )

ASN- ()

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
59	holmesmind.com 1 redirects cdn.holmesmind.com — Cisco Umbrella Rank: 139273 referer-log.holmesmind.com — Cisco Umbrella Rank: 253838 cm-dev-poc.holmesmind.com — Cisco Umbrella Rank: 150059 fcm.holmesmind.com — Cisco Umbrella Rank: 171189 c.holmesmind.com — Cisco Umbrella Rank: 113989 ad.holmesmind.com — Cisco Umbrella Rank: 104458 adcdn.holmesmind.com — Cisco Umbrella Rank: 161293 m.holmesmind.com	272 KB
45	scupio.com 2 redirects img.scupio.com — Cisco Umbrella Rank: 84859 bw.scupio.com — Cisco Umbrella Rank: 162560 prebid.scupio.com — Cisco Umbrella Rank: 75801 rec.scupio.com — Cisco Umbrella Rank: 131485 u.scupio.com	595 KB
39	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 105 a7a1674dc4c1e15bcd4582a4bca6c9b8.safeframe.googlesyndication.com ff4f0d2892eebc3b05e0b2b8903afd19.safeframe.googlesyndication.com 7457cbdadf303cf3663357f1daae2933.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 138	246 KB
30	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 805 scontent.xx.fbcdn.net — Cisco Umbrella Rank: 441	558 KB
27	doubleclick.net 6 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 80 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 cm.g.doubleclick.net — Cisco Umbrella Rank: 220 ad.doubleclick.net googleads.g.doubleclick.net	523 KB
24	appier.net 16 redirects ad2.apx.appier.net — Cisco Umbrella Rank: 46958 gocm.c.appier.net — Cisco Umbrella Rank: 2302	4 KB
24	criteo.com 4 redirects bidder.criteo.com — Cisco Umbrella Rank: 737 gum.criteo.com — Cisco Umbrella Rank: 416 mug.criteo.com — Cisco Umbrella Rank: 2685	20 KB
21	hinet.net t.ssp.hinet.net — Cisco Umbrella Rank: 80376 5f55589a-f605-48a4-ba3f-e32c0a1ae6a0.t.ssp.hinet.net	23 KB
15	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 382	327 KB
13	google.com 3 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 73	3 KB
8	rubiconproject.com 2 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1064 eus.rubiconproject.com — Cisco Umbrella Rank: 575 token.rubiconproject.com — Cisco Umbrella Rank: 569	23 KB
8	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	51 KB
7	criteo.net static.criteo.net — Cisco Umbrella Rank: 655	230 KB
7	reurl.cc 1 redirects reurl.cc — Cisco Umbrella Rank: 253294	6 KB
6	aralego.com hb.aralego.com — Cisco Umbrella Rank: 29774 sync.aralego.com — Cisco Umbrella Rank: 3307	2 KB
6	creativecdn.com prebid-asia.creativecdn.com — Cisco Umbrella Rank: 20206	1 KB
6	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 323 fonts.googleapis.com — Cisco Umbrella Rank: 39	136 KB
4	google.co.uk www.google.co.uk — Cisco Umbrella Rank: 3333 adservice.google.co.uk — Cisco Umbrella Rank: 5336	1 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29 region1.google-analytics.com — Cisco Umbrella Rank: 2400	20 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 158	91 KB
2	gstatic.com fonts.gstatic.com	59 KB
2	re-news.tw storage.re-news.tw re-news.tw	32 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 358	57 KB
1	moatads.com z.moatads.com	282 B
1	2mdn.net s0.2mdn.net	63 KB
1	wp.com i0.wp.com — Cisco Umbrella Rank: 3274	488 KB
1	wixstatic.com static.wixstatic.com — Cisco Umbrella Rank: 5036	331 KB
1	racingcharger.tw img.racingcharger.tw	114 KB
1	prnasia.com mma.prnasia.com — Cisco Umbrella Rank: 582643	17 KB
1	creditcards.com.tw creditcards.com.tw	56 KB
1	rayskyinvest.com www.rayskyinvest.com	274 KB
1	gbyhn.com.tw img.gbyhn.com.tw	129 KB
1	sitemaji.com ad.sitemaji.com — Cisco Umbrella Rank: 122586	6 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 48	80 KB
349	34

	Domain	Requested by
34	cdn.holmesmind.com	reurl.cc cdn.holmesmind.com ad.holmesmind.com
28	static.xx.fbcdn.net	www.facebook.com static.xx.fbcdn.net
28	img.scupio.com	reurl.cc img.scupio.com rec.scupio.com ajax.googleapis.com
23	tpc.googlesyndication.com	securepubads.g.doubleclick.net reurl.cc tpc.googlesyndication.com cdn.ampproject.org ad.doubleclick.net
17	t.ssp.hinet.net	reurl.cc cdn.holmesmind.com t.ssp.hinet.net
16	securepubads.g.doubleclick.net	reurl.cc securepubads.g.doubleclick.net
16	ad2.apx.appier.net	8 redirects reurl.cc
15	cdn.ampproject.org	securepubads.g.doubleclick.net
13	pagead2.googlesyndication.com	securepubads.g.doubleclick.net reurl.cc tpc.googlesyndication.com
10	bidder.criteo.com	img.scupio.com static.criteo.net
10	www.google.com	3 redirects reurl.cc tpc.googlesyndication.com
8	gum.criteo.com	4 redirects static.criteo.net
8	gocm.c.appier.net	8 redirects
8	www.facebook.com	reurl.cc static.xx.fbcdn.net img.scupio.com
7	static.criteo.net	cdn.holmesmind.com img.scupio.com static.criteo.net
7	ad.holmesmind.com	img.scupio.com cdn.holmesmind.com
7	reurl.cc	1 redirects reurl.cc
6	mug.criteo.com	reurl.cc
6	rec.scupio.com	2 redirects img.scupio.com ajax.googleapis.com
6	prebid-asia.creativecdn.com	img.scupio.com cdn.holmesmind.com
6	prebid.scupio.com	img.scupio.com cdn.holmesmind.com
5	cm.g.doubleclick.net	5 redirects
5	adcdn.holmesmind.com	cdn.holmesmind.com
5	c.holmesmind.com	1 redirects cdn.holmesmind.com img.scupio.com
4	sync.aralego.com	img.scupio.com reurl.cc
4	eus.rubiconproject.com	reurl.cc eus.rubiconproject.com
4	5f55589a-f605-48a4-ba3f-e32c0a1ae6a0.t.ssp.hinet.net	reurl.cc t.ssp.hinet.net cdn.holmesmind.com
4	cm-dev-poc.holmesmind.com	cdn.holmesmind.com
4	ajax.googleapis.com	img.scupio.com rec.scupio.com
4	bw.scupio.com	img.scupio.com ajax.googleapis.com
3	googleads.g.doubleclick.net	reurl.cc
3	adservice.google.com	securepubads.g.doubleclick.net
3	adservice.google.co.uk	securepubads.g.doubleclick.net
3	www.google-analytics.com	reurl.cc www.google-analytics.com
3	connect.facebook.net	reurl.cc connect.facebook.net
2	ad.doubleclick.net	1 redirects img.scupio.com
2	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	securepubads.g.doubleclick.net
2	token.rubiconproject.com	eus.rubiconproject.com
2	secure-assets.rubiconproject.com	2 redirects
2	hb.aralego.com	img.scupio.com
2	referer-log.holmesmind.com	cdn.holmesmind.com
2	scontent.xx.fbcdn.net	www.facebook.com
2	cdn.jsdelivr.net	reurl.cc
1	z.moatads.com	ad.doubleclick.net
1	s0.2mdn.net	img.scupio.com
1	u.scupio.com	reurl.cc
1	m.holmesmind.com	cdn.holmesmind.com
1	7457cbdadf303cf3663357f1daae2933.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	ff4f0d2892eebc3b05e0b2b8903afd19.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	a7a1674dc4c1e15bcd4582a4bca6c9b8.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	www.google.co.uk	reurl.cc
1	stats.g.doubleclick.net	www.google-analytics.com
1	fcm.holmesmind.com	cdn.holmesmind.com
1	i0.wp.com	reurl.cc
1	re-news.tw	reurl.cc
1	static.wixstatic.com	reurl.cc
1	img.racingcharger.tw	reurl.cc
1	mma.prnasia.com	reurl.cc
1	creditcards.com.tw	reurl.cc
1	www.rayskyinvest.com	reurl.cc
1	img.gbyhn.com.tw	reurl.cc
1	region1.google-analytics.com	www.googletagmanager.com
1	storage.re-news.tw	reurl.cc
1	ad.sitemaji.com	reurl.cc
1	www.googletagmanager.com	reurl.cc
349	66

This site contains links to these domains. Also see Links.

Domain
pcnews.cc
re-news.tw
youtils.cc
stockinfo.tw

Subject Issuer	Validity	Valid
reurl.cc R3	`2023-03-23` - `2023-06-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-02` - `2023-06-01`	a year	crt.sh
*.t.ssp.hinet.net	`2023-04-06` - `2024-04-06`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
feebee.com.tw R3	`2023-02-28` - `2023-05-29`	3 months	crt.sh
*.scupio.com Sectigo RSA Organization Validation Secure Server CA	`2022-09-26` - `2023-10-27`	a year	crt.sh
*.holmesmind.com Go Daddy Secure Certificate Authority - G2	`2022-05-19` - `2023-06-20`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-22` - `2023-04-22`	3 months	crt.sh
storage.re-news.tw GTS CA 1D4	`2023-04-13` - `2023-07-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.gbyhn.com.tw GTS CA 1P5	`2023-03-29` - `2023-06-27`	3 months	crt.sh
*.rayskyinvest.com R3	`2023-03-09` - `2023-06-07`	3 months	crt.sh
tls.automattic.com R3	`2023-03-24` - `2023-06-22`	3 months	crt.sh
*.prnasia.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-08` - `2023-12-08`	a year	crt.sh
*.wixstatic.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-05` - `2023-09-01`	6 months	crt.sh
re-news.tw R3	`2023-03-01` - `2023-05-30`	3 months	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-14` - `2023-12-15`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
www.google.co.uk GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-09` - `2023-06-03`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS RSA CA G1	`2023-03-29` - `2024-04-28`	a year	crt.sh
*.aralego.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-19` - `2023-11-19`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-24` - `2023-06-18`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
*.google.co.uk GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-18`	a year	crt.sh

This page contains 46 frames:

Primary Page: https://reurl.cc/MRLnD
Frame ID: 29D28263322D84BE1D4865E5105BFDF5
Requests: 43 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FCreditCards.com.tw%252F%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId
Frame ID: B56F9E83E3C9327320273B6C4273F16B
Requests: 43 HTTP requests in this frame

Frame: https://img.scupio.com/html/ad.html?v=1.0.67
Frame ID: 356B35D06EDE767DF9F2F4E532B5DBE1
Requests: 16 HTTP requests in this frame

Frame: https://img.scupio.com/html/ad.html?v=1.0.67
Frame ID: 62D64A849BF1D074A44B19E82E61424E
Requests: 16 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 62560A314C6D84D880F3561FC34DCB9A
Requests: 5 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: D0AC5A96BCBE168A1A82609D854EC91B
Requests: 9 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 400C2135661AB89B3C110460210411AC
Requests: 19 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 017F2F84C4B8D7B8737AB640640FAE7E
Requests: 10 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 7BA9495EB35348B7A775A4685DAB06DA
Requests: 20 HTTP requests in this frame

Frame: https://cm-dev-poc.holmesmind.com/fp
Frame ID: 280683613F075E12EA817BBE22EA0CB4
Requests: 1 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: A5D35E1DFF23DE9A1017E30DC4A2EE67
Requests: 1 HTTP requests in this frame

Frame: https://img.scupio.com/js/rec.js
Frame ID: 4FEF9EC2FED016E1C774FC2C31BD799B
Requests: 8 HTTP requests in this frame

Frame: https://img.scupio.com/js/rec.js
Frame ID: 1CA325E369FF896EC25C4361681F81AF
Requests: 9 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: AAD025BE547BE4EF900FD180F1743EC1
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: C461A04C7B27952B42B7B3C6322BF155
Requests: 2 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/init.js
Frame ID: 9695666966BFD2BD28F93670D146D444
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 3B170E7E5535603A7DD682069A543FB1
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: C879712EA76983F225A82156F0D3C95E
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 0F8FB767DFA67E658A66ED0D3F1B55DB
Requests: 8 HTTP requests in this frame

Frame: https://img.scupio.com/html/ls.html
Frame ID: 1E7480694848DECFB219BD897F88BBDB
Requests: 1 HTTP requests in this frame

Frame: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEF0ZGm8llsY-RAP72PkjkUg&google_cver=1&google_ula=3918219,0
Frame ID: D4B8E8FB8AF3E5357230B5F29DCC642C
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Frame ID: 8C06032D73CF7650DCDDDB89C7BFC7C1
Requests: 3 HTTP requests in this frame

Frame: https://img.scupio.com/html/ls.html
Frame ID: 69D5BC2D6B1A3B7A590D6431B56D2D8E
Requests: 1 HTTP requests in this frame

Frame: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEPzMrEnCLu0UYCD2Nc7isD0&google_cver=1&google_ula=3918219,0
Frame ID: E93797BFA9C93E41EA56F3783386886F
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Frame ID: 52122B8DD2ECDE0225AA676966EC6869
Requests: 3 HTTP requests in this frame

Frame: https://a7a1674dc4c1e15bcd4582a4bca6c9b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Frame ID: F5CAE0EA1ED776E70CE46BE8A2E7E4DD
Requests: 1 HTTP requests in this frame

Frame: https://ff4f0d2892eebc3b05e0b2b8903afd19.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Frame ID: 1E72A9BA4483A9DEC658244F7F5E87CA
Requests: 1 HTTP requests in this frame

Frame: https://7457cbdadf303cf3663357f1daae2933.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Frame ID: 5D4F15532A58418F83D7C70D7C36F021
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012304040531000/amp4ads-v0.mjs
Frame ID: F8CC50B12C773B4717976C0A64583860
Requests: 16 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=1417-ef503fe0ac67631d7f94bab9129c3e92dd8d5ac15d6c4d4ecacda03434c508b4
Frame ID: EA8E1AC2FB1C8A9F70A1097DAB95B650
Requests: 8 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 2ECC4AA7A86C8ED9821E7A29E5F84DBE
Requests: 17 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012304040531000/amp4ads-v0.mjs
Frame ID: 7A2DB9E238DEB905E62BF9171FAADA46
Requests: 16 HTTP requests in this frame

Frame: https://img.scupio.com/html/ls.html?mid=52
Frame ID: C481E1FB113C080CF2D70661ECAFEFC4
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012304040531000/amp4ads-v0.mjs
Frame ID: 1123758A55DC5F52D6EEFEE667BABC8A
Requests: 16 HTTP requests in this frame

Frame: https://img.scupio.com/html/ls.html?mid=52
Frame ID: 5A95B54603C10BAEFE0CB59B96FBC161
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8F19BA336FA48A9CCCF2BBB6D96070BD
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1A0C2A41D3E06B37694B0B9F99EC5DFD
Requests: 2 HTTP requests in this frame

Frame: https://cm-dev-poc.holmesmind.com/fp?fp_uuid=null
Frame ID: ECC20DFF05153E180E4FFE87C711242D
Requests: 1 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: 76400002E1C1AC931866F1FF8553750F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BD247FC3A35B5B3CE8D249BD3E71DA1D
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 44A24ED0C5D523B75DFAD9EDECD2CE0D
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: AE771EE4F8DAF3905CD431E50B71CDD0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 713B01A9ADEB80AC98B5B1C9027D6D1A
Requests: 2 HTTP requests in this frame

Frame: https://img.scupio.com/dsp/ad-image/1106/1/1fff5aa6-b914-47d6-ac51-9db28dceb60f/970x250_150k/970x250_150k.html
Frame ID: 12726B4320EFAE4D178894B576230A05
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 9687D5B1792493986E4AEE7D200A1BF4
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: F24260B8C1AB25969E031F4EA6961407
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

URL Shortener - reurl

Page URL History Show full URLs

http://reurl.cc/MRLnD HTTP 301
https://reurl.cc/MRLnD Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/vue(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

349
Requests

91 %
HTTPS

46 %
IPv6

34
Domains

66
Subdomains

57
IPs

7
Countries

4829 kB
Transfer

10943 kB
Size

33
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: https://pcnews.cc/
Title: Exit

Search URL Search Domain Scan URL

URL: https://re-news.tw/gbyhn/48153

Search URL Search Domain Scan URL

URL: https://re-news.tw/rayskyinvest/99446

Search URL Search Domain Scan URL

URL: https://re-news.tw/creditcard/292631

Search URL Search Domain Scan URL

URL: https://re-news.tw/prnasia/4066729_XG66729_2

Search URL Search Domain Scan URL

URL: https://re-news.tw/racingcharger/38375

Search URL Search Domain Scan URL

URL: https://re-news.tw/zocha/643372f4ae3afc3372568f7b

Search URL Search Domain Scan URL

URL: https://re-news.tw/alphaloan/25257

Search URL Search Domain Scan URL

URL: https://re-news.tw/renews/151

Search URL Search Domain Scan URL

URL: https://re-news.tw/golike/14027

Search URL Search Domain Scan URL

URL: https://youtils.cc/emoji
Title: Emoji

Search URL Search Domain Scan URL

URL: https://youtils.cc/geoip
Title: Geo IP

Search URL Search Domain Scan URL

URL: https://youtils.cc/big5gb
Title: Big5/GB Converter

Search URL Search Domain Scan URL

URL: https://youtils.cc/qrcode
Title: QR Code

Search URL Search Domain Scan URL

URL: https://youtils.cc/length
Title: Length Converter

Search URL Search Domain Scan URL

URL: https://stockinfo.tw/
Title: Taiwan Stock

Search URL Search Domain Scan URL

URL: https://youtils.cc/wordcounter/zh-Hants
Title: Word Counter

Search URL Search Domain Scan URL

URL: https://youtils.cc/password/zh-Hants
Title: Password Generator

Search URL Search Domain Scan URL

URL: https://youtils.cc/dateCalculator
Title: Date Calculator

Search URL Search Domain Scan URL

URL: https://youtils.cc/lunarCalendar
Title: Lunar Calendar

Search URL Search Domain Scan URL

URL: https://youtils.cc/utm
Title: UTM tool

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://reurl.cc/MRLnD HTTP 301
https://reurl.cc/MRLnD Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 71

https://c.holmesmind.com/cm HTTP 302
https://c.holmesmind.com/cm?tc=getIn&

Request Chain 128

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=qhaOfnMBCKOiuyEHJ1o6ZA

Request Chain 130

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=PUo5Kb5kCpSKfmKdJ1o6ZA

Request Chain 132

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=eyIGRMHRBp2QZ-2qJ1o6ZA

Request Chain 133

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=SwogX-UOCLmzD3OHJ1o6ZA

Request Chain 138

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=t8X48btABOGkMRphJ1o6ZA

Request Chain 139

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=22jdN95PBeaJ4iPrJ1o6ZA

Request Chain 154

https://rec.scupio.com/recweb/js/rec.js HTTP 301
https://img.scupio.com/js/rec.js

Request Chain 160

https://rec.scupio.com/recweb/js/rec.js HTTP 301
https://img.scupio.com/js/rec.js

Request Chain 184

https://gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=30Jm5Xxsd01xOUVJRWlUcjcva1B6TGZuazZoM0VQczBoK2c5WHl0S05xanpmb3ZXWGN0U1VRSk1LODg2cUMyZEQvV3VZMzQ2bGhVS004ZXE5eUFUSDdLMGEyZTVrZk54aWdWb1BzczRwa1dqV2RGZlgwdjZYY3NOTUdUM0lxc0hJQWRxRk5pRUlWcWR4dkloY3lHSmhUK0V5TUxtK3QrTUJHR2d1NncwN2YrbUlyOElBYjFNTEs1K056VEZUQ3NpUnQ0YStqV21YZzhQL2hlaHM0M3R4VWNxUEJLU1p0cUlYbDlIQ2VtQUhNb2oxSktWbExwMjdPMDFWQzAvdVhVazY3Z0QzcENlQ29mbUFzMlhXRUNWUkt5eC9SQ3N4OTlST0s5TGZTNllVbnpudUNLND18&cppv=2

Request Chain 185

https://gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=AYBgj3x1dXJFRFg2NnlpTDg1NlBsVlpHOE93TlVqZGFHYThvRENnc3daZTgzN0RNa3VtN3o3MUFydTRCWi9NaGZXNU0yUWNRREg4NjIwR08vTlRMWFo3Q3hZZFRoRU1LakJ5MDRqVXc5UWlPUGRZNS8rd0s2eDA4RjdtbzVIdzkyZlVoMklCeDdqc3dOdWNER1dYcXQ5ZTVvUTRseG8vTU42Q2IrdWFmQ0xvT2VoaFdMTnYrU2Q2cUcvNzloekhHWUU0eExxRWlqZ29mMXNHQlJlWERpMzFzem9hRTlBRDlHdTF1QTZuMFNYTnFWcXlmMmlTMk5FTGFjK0dURHZaS2ZLdmNJU01EeHlnTU9QU25GRDlZbTFnK0UrTnArdXdML0J6L3FydjVEUitQdDBKQT18&cppv=2

Request Chain 193

https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q0pBMjAyMzA0MTUxNjAyNDc0OTA0NTg%3d&layout=js HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm=&google_ula=3918219&google_hm=Q0pBMjAyMzA0MTUxNjAyNDc0OTA0NTg%3D&layout=js&google_tc= HTTP 302
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEF0ZGm8llsY-RAP72PkjkUg&google_cver=1&google_ula=3918219,0

Request Chain 194

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac HTTP 301
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac

Request Chain 198

https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q1ZBMjAyMzA0MTUxNjAyNDc4MzY0Ng%3d%3d&layout=js HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm=&google_ula=3918219&google_hm=Q1ZBMjAyMzA0MTUxNjAyNDc4MzY0Ng%3D%3D&layout=js&google_tc= HTTP 302
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEPzMrEnCLu0UYCD2Nc7isD0&google_cver=1&google_ula=3918219,0

Request Chain 199

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac HTTP 301
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac

Request Chain 276

https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=414619-sPbZ0aAmRlRtGIo4VLd3ruxovQSWqv3i&uu_m=undefined HTTP 302
https://m.holmesmind.com/ml/google?cf_uid=414619-sPbZ0aAmRlRtGIo4VLd3ruxovQSWqv3i&uu_m=undefined&google_gid=CAESEHGs1jGsobpnkBf_QZ6OAp8&google_cver=1

Request Chain 288

https://ad.doubleclick.net/ddm/trackimpj/N1579222.3596942BRIDEWELL/B29461065.360610284;dc_trk_aid=551410387;dc_trk_cid=187636275;ord=1681545768897835;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimpj/N1579222.3596942BRIDEWELL/B29461065.360610284;dc_pre=CNXBj5K2q_4CFeac_QcdEzgJGA;dc_trk_aid=551410387;dc_trk_cid=187636275;ord=1681545768897835;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=

Request Chain 290

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=snKNw3xqSkhzeC83b0dDVjM4bXkxaDF2Tk5TUmpGVHZrc2o5QTBUU0ZVdys3cUpUU24rWGJhblVlbDhVdklKdDJaelIxOFJlak5kR1dYUDNDODRqMVpoYmhBN296bDRlMEIzMWVBQkJJbVc1akdtUmR2b2lHNEZrTlUzbE1mMGtyZ0poL29yOTZpV1lTU1dGWk1xTzZlY0RKRkVYRWpQOFhvR25NR0tSdzdZU1p4TTB2NEEzRjdYWEdQUnkyVTBuOXQ3VkNUYzV1QzB2TDhOeUZGN3V2Ynd4S2oxYnY4NXFOR05uV2I1d1NJc2tZODRvK3B0N1RrQ2EvK3RPYVIrOWdLNlB4UjBuVHhZbng4R3UyU3B1cDdHVFNUTTR6alJ6RzM1UnJYdm5KNXN0OC9hND18&cppv=2

Request Chain 295

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=hYw7enxpejdSckhkeFZtaFYxOWs0cGQ3a3h5UlpwamFtc1NoS2FaR1JhMllQWTZQUmY1L0phV1Q4bU1HQXEvWTNWQmpwelFVbUVzNUJuSisxS3M3TWhoLzR4U29JRklaamt0UDhaREZiR29vNnh3ckFUMURqREFYTlJhQVE2QURKcC84SVJoeXFOVWNrZ3dCdURIZWcra1Vab2FxWk1uSE8vQWRlZHlTZ2pHckZSeTNFRFNLRjlZeVpFQmJUOS9UL01wUjIwbW9FOHF1QTY2V1ZOUjMxdXdLbHVydDVveXhkQ3paTDYzdlUrMHJwbWZoY2s4WlltUjcySlp1ODJaQysrVU9sK2FrQlA0VXVXMEh4cUFGdkxMRWtUMVZXbVlXMmhONmVqNGE5RnN3Nm5aMD18&cppv=2

Request Chain 298

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 299

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 306

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 335

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=t8X48btABOGkMRphJ1o6ZA

Request Chain 336

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=t8X48btABOGkMRphJ1o6ZA

349 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request MRLnD Show response
reurl.cc/
Redirect Chain

http://reurl.cc/MRLnD
https://reurl.cc/MRLnD

8 KB
2 KB

821ms
274ms

Document
text/html

35.185.130.121
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/MRLnD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 8d267f4b082132571adfae2f05ed423c700216a6124429eaa942d7f429c0adfc

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 15 Apr 2023 08:02:42 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Length: 178
Content-Type: text/html
Date: Sat, 15 Apr 2023 08:02:41 GMT
Location: https://reurl.cc/MRLnD
Server: nginx/1.18.0 (Ubuntu)

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/ 152 KB
25 KB 115ms
40ms Stylesheet
text/css 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/bootstrap.min.css

Requested by

Host: reurl.cc
URL: https://reurl.cc/MRLnD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4490922
x-jsd-version: 4.3.1
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230028-FRA, cache-yyz4557-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"2606e-bhA1SChFSJj9qA9V897LNH/Z7SE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6YvX60lnc7Y4ubCQiCYbCM0T99yZwnOZ3ghsSgiRV%2FTNXR2MMgWGFOUGUeey2c1UeJiQpcs%2FjC%2FbzW6WvgLFPYvxqttBjiCE9hDElGy5mVtNxxC6sljagj1dv48a8Lx6TI9H6VAWe7fUpLoXPkc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 7b82aafa8a864130-LHR

GET
H2 200 style.css
reurl.cc/stylesheets/rwd/ 2 KB
1 KB 274ms
265ms Stylesheet
text/css 35.185.130.121
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/stylesheets/rwd/style.css?v=1
Requested by: Host: reurl.cc
URL: https://reurl.cc/MRLnD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 749079c4e18ad34ac381e98d3fa23e070937ae17b73e27bb066eae5350ed667d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/MRLnD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:43 GMT
content-encoding: gzip
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"63356adf-9f6"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
expires: Sun, 14 Apr 2024 08:02:43 GMT

GET
H2 200 pixel.js Show response
reurl.cc/javascripts/ 429 B
524 B 279ms
270ms Script
application/javascript 35.185.130.121
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/javascripts/pixel.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/MRLnD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3050a5556edc5876cd83e63f15e56fe19cb428129345a58d1f57687414504698

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/MRLnD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:43 GMT
content-encoding: gzip
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"63356adf-1ad"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Sun, 14 Apr 2024 08:02:43 GMT

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ 5 KB
3 KB 1079ms
253ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/MRLnD

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:44 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Sat, 15 Apr 2023 08:12:44 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 234 KB
80 KB 165ms
57ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0

Requested by

Host: reurl.cc
URL: https://reurl.cc/MRLnD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

213c62fcde5831324abaaa32c9ca36ae0289409789a825f88028aea848c2ad32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81974
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 15 Apr 2023 08:02:43 GMT

GET
H2 200 ysm_reurl.js Show response
ad.sitemaji.com/ 17 KB
6 KB 115ms
29ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/ysm_reurl.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/MRLnD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 8290d97b04510b940ddca9f2aea802eaafb36fc7a8f52e4466ed2b77db35c632

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 17:49:49 GMT
content-encoding: br
via: 1.1 google
last-modified: Thu, 20 Jun 2019 08:48:16 GMT
server: nginx/1.12.1 (Ubuntu)
age: 51174
etag: W/"5d0b4850-4488"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5880
expires: Sat, 15 Apr 2023 17:49:49 GMT

GET
H2 200 ad.js Show response
img.scupio.com/js/ 76 KB
23 KB 183ms
41ms Script
application/javascript 18.65.39.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/ad.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/MRLnD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-127.ams1.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: cfb9efc885f20a99b4de4a37da33b3d25262b880f14df6b13aadd0c3e3754944

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:00:55 GMT
content-encoding: gzip
via: 1.1 5e1e1cde81deec56515dcc5317501fe8.cloudfront.net (CloudFront)
last-modified: Wed, 22 Mar 2023 01:19:47 GMT
server: nginx/1.12.1
x-amz-cf-pop: AMS1-P1
age: 111
etag: W/"641a57b3-12f95"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=900
x-amz-cf-id: k6cdwP8aZW077vX_XMfx90CIO331N8hBlRFZ5RDCQBP4cO2gTTHyFA==
expires: Sat, 15 Apr 2023 08:15:52 GMT

GET
H2 200 init.js Show response
cdn.holmesmind.com/js/ 17 KB
18 KB 213ms
53ms Script
application/javascript 2600:9000:223c:4800:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/init.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/MRLnD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:4800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6b554798adaf5cb8c2c6f2607f28041ccb952a5727fac5ef07aa1024cab81a74

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: DUhNY4EFxx.4ZxHOJWw5a1tFjsqena_.
date: Sat, 15 Apr 2023 08:01:48 GMT
via: 1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
last-modified: Thu, 13 Apr 2023 07:03:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 57
x-amz-server-side-encryption: AES256
etag: "6c37b2eb5706a6225b62a75a80493f4a"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 17750
x-amz-cf-id: VhNZC4AUt6BI9Hmgmx2Fni3PQpWrYp9FVj1T2eI4GJ1GB2JdBS4sAA==

GET
H2 200 vue.min.js Show response
cdn.jsdelivr.net/npm/vue@2.5.16/dist/ 84 KB
32 KB 122ms
49ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/vue@2.5.16/dist/vue.min.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/MRLnD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4490868
x-jsd-version: 2.5.16
content-encoding: br
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230020-FRA, cache-yyz4542-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"151b4-KLsckeN7U/TrtIzkgtzLJAAD4Hg"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QK41bgCLtQkTXkLTyFgTj0A9ZePEzqMz9zweLC43IixLkVGRJRx52B5G2sPi%2B8Hv%2Fz%2FT6zU9tCpTBJXV9f5a6zq9SKCeWbtvCu7oIaN6a2EyOjVlxcySY4GflRj5evF2Ca8GjVG%2FCs5B2EHSLfg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 7b82aafa8a884130-LHR

GET
H2 200 renews.js Show response
reurl.cc/javascripts/ 412 B
493 B 280ms
272ms Script
application/javascript 35.185.130.121
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/javascripts/renews.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/MRLnD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 52bb2d07b65ec544edeb2a33f4103397a28f036f0d100090f3e17e4364aea1fb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/MRLnD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:43 GMT
content-encoding: gzip
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"63356adf-19c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Sun, 14 Apr 2024 08:02:43 GMT

GET
H2 200 loading.js Show response
reurl.cc/javascripts/ 134 B
339 B 280ms
273ms Script
application/javascript 35.185.130.121
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/javascripts/loading.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/MRLnD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: ddd9d29beabaeecc9c76408242dfc2b76305ec52511992d3cfbc81a500ee0670

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/MRLnD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:43 GMT
content-encoding: gzip
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"63356adf-86"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Sun, 14 Apr 2024 08:02:43 GMT

GET
H2 200 ga2.js Show response
reurl.cc/javascripts/ 536 B
550 B 281ms
274ms Script
application/javascript 35.185.130.121
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/javascripts/ga2.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/MRLnD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 16cf673198b29bb08e83f5d8f74182d97d9c6dfa729c60f90f6195e739de9d20

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/MRLnD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:43 GMT
content-encoding: gzip
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"63356adf-218"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Sun, 14 Apr 2024 08:02:43 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 107 KB
28 KB 138ms
43ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/javascripts/pixel.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0ec06672fe3c64b5f9a2734153c38dc3aac1a84dd0c656447e4f393339608db6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 15 Apr 2023 08:02:43 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27909
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: FpenrpDBaLOz+FeiaRDgqHSmWJE0b7pPka/r3ZPQ8THyApZKY/77DdFMs8UH/AJoZOO7eMb+s5299a75M8Wfvw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 page.php Show response
www.facebook.com/plugins/ Frame B56F 96 KB
27 KB 213ms
126ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId

Requested by

Host: reurl.cc
URL: https://reurl.cc/MRLnD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

eb75f30c06612f15ecdad0f69c9f417ae7ecec04c0d2fa832066ddf650445d5c

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sat, 15 Apr 2023 08:02:43 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: TWUYDy8Xg5WSn21hyV/yUmKC1AXat2m+kCg5qG2LM2Vtus9zV9HSArVIwcA6xTQ0QPCcWlFB/OiKUAyobkETPQ==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H2 200 feeds Show response
storage.re-news.tw/ 7 KB
8 KB 942ms
284ms XHR
text/html 35.244.196.223
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.re-news.tw/feeds
Requested by: Host: reurl.cc
URL: https://reurl.cc/javascripts/renews.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.196.223 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 223.196.244.35.bc.googleusercontent.com
Software: / Express
Resource Hash: 62997ef9963dd71a8147b9a5a1c24e66464a245bff2390b479b144a6fcc3b94a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:44 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"1dd0-pApZyJdXChuyZr6MzsqnKsVVoVs"
vary: Origin
content-type: text/html; charset=utf-8
access-control-allow-origin: https://reurl.cc
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7632

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 133ms
40ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/javascripts/ga2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 15 Apr 2023 06:11:32 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 6671
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Sat, 15 Apr 2023 08:11:32 GMT

GET
H2 200 1675200226052423 Show response
connect.facebook.net/signals/config/ 150 KB
41 KB 43ms
42ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1675200226052423?v=2.9.101&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9c9f87285251bbcc9a701bc74e755b0c48e1321efdccafd33c28896b40aa3ff3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 15 Apr 2023 08:02:43 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 42315
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 5utoG+TyBqBQFZfqV3xYScLqaeA+H0mqRxLoLK09mEXnUXXzdw/Sz4UZJ40XCdVIdFLoYNN4fotOk0w3QT0Jcg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 17229.json Show response
img.scupio.com/js/config/ 461 B
865 B 690ms
615ms XHR
application/json 18.65.39.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/config/17229.json?v=1.0.3839
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-127.ams1.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: e40fab19fb3fe7b54e20e095695aea442893df40ac66bfaa82e0453dbe66ea5d

Request headers

Accept: application/json, text/javascript, */*
Referer: https://reurl.cc/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sat, 15 Apr 2023 08:02:43 GMT
via: 1.1 18c617ef1621da46798c2b8cbc1c808c.cloudfront.net (CloudFront)
last-modified: Sat, 15 Apr 2023 02:20:47 GMT
server: nginx/1.12.1
x-amz-cf-pop: AMS1-P1
etag: "643a09ff-1cd"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=10800
accept-ranges: bytes
content-length: 461
x-amz-cf-id: rWmaJnFf3Y058wJpCvJUtUedUqaaVREMdW_swx5X04peOuy-vIurKQ==
expires: Sat, 15 Apr 2023 11:02:43 GMT

POST
H/1.1 200
OK adreqlog.aspx Show response
bw.scupio.com/adpinline/ 0
710 B 1344ms
253ms XHR
application/json 210.59.219.180
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://bw.scupio.com/adpinline/adreqlog.aspx?cid=17229&cb=0.6963705141887151
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 210.59.219.180 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 210-59-219-180.hinet-ip.hinet.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/javascript, */*
Referer: https://reurl.cc/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Sat, 15 Apr 2023 08:02:44 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: application/json
Access-Control-Allow-Origin: https://reurl.cc
P3P: CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Length: 0

GET
H2 200 ad.html Show response
img.scupio.com/html/ Frame 356B 83 KB
22 KB 40ms
39ms Document
text/html 18.65.39.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/html/ad.html?v=1.0.67
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-127.ams1.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 56baa57e0239dcc012df1180ca809db66046e9688510327b63c61a3dfc2aabf1

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 1933
cache-control: max-age=2592000
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 15 Apr 2023 07:30:57 GMT
etag: W/"641a5637-14dfe"
expires: Mon, 15 May 2023 07:30:30 GMT
last-modified: Wed, 22 Mar 2023 01:13:27 GMT
server: nginx/1.12.1
vary: Origin
via: 1.1 5e1e1cde81deec56515dcc5317501fe8.cloudfront.net (CloudFront)
x-amz-cf-id: SQ_o1ucx38MxmzgLrLzuBXTcf992cG7aDd3q0_2iFXi9evLJlOdryg==
x-amz-cf-pop: AMS1-P1
x-cache: Hit from cloudfront

GET
H2 200 17253.json Show response
img.scupio.com/js/config/ 461 B
844 B 369ms
340ms XHR
application/json 18.65.39.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/config/17253.json?v=1.0.3839
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-127.ams1.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 06322fc8a6f8e63c959a7361f664450b4db0dbb9151f27a9e47f71c41e4871f6

Request headers

Accept: application/json, text/javascript, */*
Referer: https://reurl.cc/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sat, 15 Apr 2023 08:02:43 GMT
via: 1.1 18c617ef1621da46798c2b8cbc1c808c.cloudfront.net (CloudFront)
last-modified: Sat, 15 Apr 2023 02:20:48 GMT
server: nginx/1.12.1
x-amz-cf-pop: AMS1-P1
etag: "643a0a00-1cd"
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=10800
accept-ranges: bytes
content-length: 461
x-amz-cf-id: BHIktlTP7ynawjc4TmjxJQDV_V9yRkDss135HyTtr1_nBy1bUCyofw==
expires: Sat, 15 Apr 2023 11:02:43 GMT

POST
H/1.1 200
OK adreqlog.aspx Show response
bw.scupio.com/adpinline/ 0
711 B 1340ms
269ms XHR
application/json 210.59.219.180
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://bw.scupio.com/adpinline/adreqlog.aspx?cid=17253&cb=0.6967568500044956
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 210.59.219.180 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 210-59-219-180.hinet-ip.hinet.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/javascript, */*
Referer: https://reurl.cc/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Sat, 15 Apr 2023 08:02:43 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: application/json
Access-Control-Allow-Origin: https://reurl.cc
P3P: CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Length: 0

GET
H2 200 ad.html Show response
img.scupio.com/html/ Frame 62D6 83 KB
22 KB 46ms
45ms Document
text/html 18.65.39.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/html/ad.html?v=1.0.67
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-127.ams1.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 56baa57e0239dcc012df1180ca809db66046e9688510327b63c61a3dfc2aabf1

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 1933
cache-control: max-age=2592000
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 15 Apr 2023 07:30:57 GMT
etag: W/"641a5637-14dfe"
expires: Mon, 15 May 2023 07:30:30 GMT
last-modified: Wed, 22 Mar 2023 01:13:27 GMT
server: nginx/1.12.1
vary: Origin
via: 1.1 5e1e1cde81deec56515dcc5317501fe8.cloudfront.net (CloudFront)
x-amz-cf-id: OxGcBeibK8s2vRP8A5aRJAsF1HnkkPk4l8m24cpJxDvwZuw30qJPcQ==
x-amz-cf-pop: AMS1-P1
x-cache: Hit from cloudfront

GET
H2 200 z7wmxKtIZsi.css
static.xx.fbcdn.net/rsrc.php/v3/yT/l/0,cross/ Frame B56F 20 KB
5 KB 190ms
78ms Stylesheet
text/css 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yT/l/0,cross/z7wmxKtIZsi.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4fbc87a75771407325342610ece2c80083d0b735dc7da625839fde08bcf66285

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:43 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: x3Wn+KCvITgs+5bNyICjZg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5108
x-fb-rlafr: 0
x-fb-debug: YP9ojwDrLsa8ujdN4VUC7NWk4jaKbJS/gcedegeLpZMJH2QgZN8+ETs9woa42pixmAH1abxcfBXpefLWBLMcDQ==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sat, 13 Apr 2024 16:34:05 GMT

GET
H2 200 k9frVvgZWTr.css
static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/ Frame B56F 2 KB
1 KB 191ms
80ms Stylesheet
text/css 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/k9frVvgZWTr.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cb5c67ccd076f55e9436fb016a51b3c33f646751187a7e0053908ca5e265108b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:43 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: q6bCky1+00PrRbx3auADnQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 833
x-fb-rlafr: 0
x-fb-debug: qxhH/OYyk+oPBpv4v+8M8tqcINm3uz0csLiCtfipFMMCiKBeO6Nhmf1f9aT4ZN+qZFLWhg0MUW5fFlzRDs3lzQ==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 04 Apr 2024 20:52:15 GMT

GET
H2 200 5Efu-Dd9ERG.css
static.xx.fbcdn.net/rsrc.php/v3/yZ/l/0,cross/ Frame B56F 33 KB
6 KB 191ms
80ms Stylesheet
text/css 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yZ/l/0,cross/5Efu-Dd9ERG.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0dbdba4e3ae519ca99e112e64fc41409518bc3356804b0a52116c4d88def2774

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:43 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: fl5R7gBdn+7q3joF/eO71w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6398
x-fb-rlafr: 0
x-fb-debug: QDDdCxePS32CBBkB7QAHBL06DIAAGUGxzeaW0j0eGNGC8Vjphv99s7xS9+M97ky2/sqdJ3ZP4Fg1/ve3o4Z7OQ==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 12 Apr 2024 11:03:04 GMT

GET
H2 200 ktJzP47EwrW.css
static.xx.fbcdn.net/rsrc.php/v3/yG/l/0,cross/ Frame B56F 25 KB
6 KB 191ms
80ms Stylesheet
text/css 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yG/l/0,cross/ktJzP47EwrW.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4fe2f1e10ad7169b07a1fa35579e12df94c80710f138fe2ceea62d047d4da43b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:43 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: c/Lr/MUvwswpZDqzOqjszw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5632
x-fb-rlafr: 0
x-fb-debug: r6hv7CswQQvcRkCXsX8M2GpB9GPppmciH8Wv2/x3kL9J/RLNPzcwbvRa/CwptP9e1a4qwwDO5eY/yw6oLImXnA==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 11 Apr 2024 17:42:46 GMT

GET
H2 200 PTAMAF8Hi8v.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y6/r/ Frame B56F 304 KB
80 KB 191ms
81ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y6/r/PTAMAF8Hi8v.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ad7d15812eaa6a06c1ba50fd4e12534afa72ef234e6263ddf5d633fe1ea7a9d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:43 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: +upM8hBNCoEzgKWYl/AzGg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 81667
x-fb-rlafr: 0
x-fb-debug: nXqhr8K4WB6keJYXJRuGnHEEoR3I7Wjp2VUaXR4zESSfwAlvHUjfMiJSHYjUVfd+XQcGBhAkxFLgZIsScG22ug==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 11 Apr 2024 06:56:57 GMT

GET
H2 200 TXms_HrZwKP.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y9/r/ Frame B56F 57 KB
18 KB 191ms
81ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y9/r/TXms_HrZwKP.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

30a288f4b8350f8121ceab4313aa78320d3a313c7425136323191ced5b6a0b65

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:43 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 5xeNXxWs1OEER8b29ktDpw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 17978
x-fb-rlafr: 0
x-fb-debug: 2bJujnyurTHZZxLAWP90em5ZEIqhDgH2BG3pA7VRjYJQ60oe4lBUrH6TpPFMOIXfK+BbFEXrFT5oTzs9rGOc3A==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Wed, 10 Apr 2024 15:14:14 GMT

GET
H2 200 tsYdVHJ-hR3.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yp/r/ Frame B56F 56 KB
18 KB 315ms
205ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/tsYdVHJ-hR3.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

541aa8107ab5589ef7f8da4481836ffeef358d9dba7a3fad482d0bda1c7f9960

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:43 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: SuHECju1lDa01xQE0qV9nA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 17750
x-fb-rlafr: 0
x-fb-debug: g86sI/3FnRsmUSmV50is2MRkRniYTVEfPZ+dcNzsNTnOXPtFDuyc0+KFGBAPmKZcB/1Mnl6qq9RZedXUgFQgtg==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sat, 13 Apr 2024 05:31:11 GMT

GET
H2 200 Pv0iK0zPy4O.js Show response
static.xx.fbcdn.net/rsrc.php/v3i7244/yP/l/en_GB/ Frame B56F 76 KB
22 KB 315ms
205ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i7244/yP/l/en_GB/Pv0iK0zPy4O.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0a3920a01c0dcd03e7617df96bcbd48fb4c6f9ef73ae02927bc9578b15918afd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:43 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: TfS0DiWXKuHxZdy16nO7fQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 22446
x-fb-rlafr: 0
x-fb-debug: cILGk+GaW0G8XT1xlgqTpvhN3yucp1/1QisI/ANLndxWdu2DGLJNFIxWXRbtWS7kFmr6S1aawAeyNaHd+n46uQ==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 11 Apr 2024 20:07:23 GMT

GET
H2 200 9gv42zM66FW.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y0/r/ Frame B56F 17 KB
6 KB 314ms
204ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y0/r/9gv42zM66FW.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

693a43ba2993bd6945ee91c96cdc986d8db5db50dc67aa5c6c631164cb635333

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:43 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 7dm1CR+m7GVkOcKBuUrKJw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5947
x-fb-rlafr: 0
x-fb-debug: /Xhao0njfvBN5Jqx46gOepbw2YFUvBLv5jJAYRVbBzn8WYy4xTUKgyHbUlPUUuYWjryZqAFovZnmwlsj5k7V5w==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Wed, 10 Apr 2024 15:14:25 GMT

GET
H2 200 p55HfXW__mM.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame B56F 507 B
488 B 319ms
209ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:43 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: L5E9gSgR735vyjAzTFly4g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 293
x-fb-rlafr: 0
x-fb-debug: zz0BjjqsF0NYIYyfwaDY5rN6c4XnlNWkCWmELJYiYVH/mwLTEYAGM/Bw+MGVf3wSaJMh90AUJwskWIc++rHP4Q==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 12 Apr 2024 01:51:58 GMT

GET
H2 200 UCbKgtEtu7r.js Show response
static.xx.fbcdn.net/rsrc.php/v3iLl54/y2/l/en_GB/ Frame B56F 206 KB
59 KB 313ms
204ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iLl54/y2/l/en_GB/UCbKgtEtu7r.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d356266cbf28b090f7fa6ee9c515390bec1aa129686a1efe76d076690d4af611

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:43 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: liTOG76UPKsMvH+tXJ+ruA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 60087
x-fb-rlafr: 0
x-fb-debug: RHPSMDMFuPVtWqmvoO7NYLYPmHLjcecb8BV6yrL6c+lA4DPviGqZWPhLhSP/rJmUlvqn/4mzmKEmvH9++JdyHA==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sat, 13 Apr 2024 05:50:36 GMT

GET
H2 200 GG1Y0sYc7My.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yv/r/ Frame B56F 5 KB
2 KB 191ms
81ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8b95825e949e0d6c15b2cea8657756404426fe621d9c187dafb1c7b5133fad87

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:43 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: koakLGY1v5R2GWTxsSnA3g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1615
x-fb-rlafr: 0
x-fb-debug: 6JEKmAsGSoqBUXjsCfiGv8tnTebd8MxHaHyQf1Uv97MZfAWd7tl8Q9FAXOJw+hSbxuugY0+dq1uJw0sVmGvrbw==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sat, 13 Apr 2024 18:36:53 GMT

GET
H2 200 -YfYBc41JI7.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y1/r/ Frame B56F 25 KB
8 KB 191ms
81ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y1/r/-YfYBc41JI7.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e95cae8d40d54a66307d061c442dd08b982292891e91a92be1cb21eec8a2d22d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:43 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: dWoEb7wLFR6Z3VHvF0fu4A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 8322
x-fb-rlafr: 0
x-fb-debug: TV/sOfoWs5fSHvJogF/RhXpJ4kf7mEJss/7u5oRr2biiOf31FM1Qu09RU+X2sxj3ioOSBK1OSVJeYyCjl/Npyg==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 12 Apr 2024 15:58:54 GMT

GET
H2 200 mBu2BfVLkkb.js Show response
static.xx.fbcdn.net/rsrc.php/v3impS4/y0/l/en_GB/ Frame B56F 328 KB
77 KB 318ms
209ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3impS4/y0/l/en_GB/mBu2BfVLkkb.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8fbc4d6db87655c070a74a1a787c657077a12214a8d85da2129cdc1a7bd5d7fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:43 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: pRbQwVPcSQLQ/bTJlD1wuA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 78662
x-fb-rlafr: 0
x-fb-debug: GwsSN8MLB24IXsuFuZ1CHUhC0Z6+LxNXVCD1MxklT/J0ZCNnwmWkINE3lFlG6I8SW9ZTfhZcgy9TakjupSCUMA==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Wed, 10 Apr 2024 15:22:02 GMT

GET
H2 200 6c4xucucgO9.js Show response
static.xx.fbcdn.net/rsrc.php/v3i30-4/yG/l/en_GB/ Frame B56F 410 KB
96 KB 315ms
206ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i30-4/yG/l/en_GB/6c4xucucgO9.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

20b236770c01f9b8cd4ec9c927acb7f55e4fa559fd9b41a1b5c2bd9d39d7a277

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:43 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: dE+znXG0SvyMAg3QWA8TzQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 98559
x-fb-rlafr: 0
x-fb-debug: QqRC4aVXJV3NnPImZriLGIPDMD111ZdZEUyeSS0vYiXU4S5sdWhMONCs5xOPMO3YfNxMHZ5RBGEp6DHCqzYS6w==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 12 Apr 2024 01:51:09 GMT

GET
H2 200 I91dQtKCqtJ.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y5/r/ Frame B56F 4 KB
1 KB 315ms
206ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y5/r/I91dQtKCqtJ.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

35038446d0cae0d4cf68472310f8c4e3775f84d4a6c51036fb52c1276c8a5ef9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:43 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 2IYt6/c/e1MNqkQFb3wwdQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1285
x-fb-rlafr: 0
x-fb-debug: prhw7T6hey47LMKC12yusEJk1fPcaCp+bTWFJYMrC/nmO0kj07MDD6yiyqsF6sXWHN0EW2vQZJkz/we3CdI+CA==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Wed, 10 Apr 2024 07:44:21 GMT

GET
H2 200 G_cSoAztzdC.js Show response
static.xx.fbcdn.net/rsrc.php/v3/ys/r/ Frame B56F 27 KB
7 KB 314ms
205ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/ys/r/G_cSoAztzdC.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f971cb967dcad04a8841f828a2de1be5c99abec685ce5dadb449b5e36c217dee

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:43 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: MzBmMfp4vjooX85fINNmZQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7322
x-fb-rlafr: 0
x-fb-debug: ztqs6KhZWDPAkVuAf+Ro3B+oe5xOArIAWQBXurhAXwG7rqGwnYFgIeEXxGOlIFDmSrd+918s0N6YiSnkScgorw==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 11 Apr 2024 19:36:53 GMT

GET
H2 200 Mx73slMhfF2.js Show response
static.xx.fbcdn.net/rsrc.php/v3ibcU4/y_/l/en_GB/ Frame B56F 53 KB
16 KB 314ms
205ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3ibcU4/y_/l/en_GB/Mx73slMhfF2.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

be4783efeb04d9e88319ad016bb8e7044723c832fa5e87dd1c02029ec045d644

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:43 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: Koqcw5i26jAdQVv8M3vsaA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 16262
x-fb-rlafr: 0
x-fb-debug: d38lqtIzbKSIiXJejRoENxwA2MsVOcBc5zmfprgFKm54U5bmY2KhptwVvU3FXnLaNSCpMsiMEfNKHxHIoW1sEQ==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Wed, 10 Apr 2024 15:21:15 GMT

GET
H2 200 7TQpq0fzfu4.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yl/r/ Frame B56F 2 KB
973 B 297ms
208ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yl/r/7TQpq0fzfu4.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8dc1f8352569662cbb0e100fe0f7459cfcb0682a67bd50e5246059ba2e97a42a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:43 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: TLChQoDhUYzpJFadDZTs1A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 782
x-fb-rlafr: 0
x-fb-debug: Fmj9IykAmSAI60hleM3WbUzoouxglTyt3AbluPThO6h3x1gMlBXp74ujYPQB/e8G5JfBkuAxmOT7Qcs9cMohIQ==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sun, 07 Apr 2024 18:28:46 GMT

GET
H2 200 h8ulkmpky8f.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yG/r/ Frame B56F 55 KB
15 KB 297ms
208ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yG/r/h8ulkmpky8f.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

de22251de744ea11cc272908446d053d0a9012b7356ee1ba8b7561337d0f71fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:43 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: lbhbphR1BNPxW6RqDJiiow==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 15174
x-fb-rlafr: 0
x-fb-debug: 81QFCb8IvZTsCUBAlbMPk2nG/aXhtcIiratnSSnSsr3BiJTcnv/fuDDLjhUWxJ2Q+xCVJqOVC6Bb6nxvHi0nQA==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sun, 07 Apr 2024 10:42:12 GMT

GET
H2 200 325141786_6140032619364934_7377705774471631398_n.jpg
scontent.xx.fbcdn.net/v/t39.30808-6/ Frame B56F 16 KB
17 KB 46ms
42ms Image
image/jpeg 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.xx.fbcdn.net/v/t39.30808-6/325141786_6140032619364934_7377705774471631398_n.jpg?stp=dst-jpg_s350x350&_nc_cat=104&ccb=1-7&_nc_sid=dd9801&_nc_ohc=G4524WmMrN4AX8-lqqi&_nc_ht=scontent.xx&edm=ADwHzz8EAAAA&oh=00_AfAN-5_TQ7uUSqYYvs0qMIJdekJqa-e-Vza3qbV1fKOVBQ&oe=643F17C5
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 0912eb76845cca43ec976e9bc886ca3f240697afb98c9ec95ec6c34fa32a8a71

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-haystack-needlechecksum: 1290236993
date: Sat, 15 Apr 2023 08:02:44 GMT
x-fb-trip-id: 686109401
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Fri, 13 Jan 2023 04:15:10 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=1433450679
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 2910780274
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 16853

GET
H3 200 305964663_450890893727816_1742559653774706626_n.jpg
scontent.xx.fbcdn.net/v/t39.30808-1/ Frame B56F 1 KB
1 KB 63ms
61ms Image
image/jpeg 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.xx.fbcdn.net/v/t39.30808-1/305964663_450890893727816_1742559653774706626_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=1&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=bt6Lld2MPBAAX9Z4MDY&_nc_ht=scontent.xx&edm=ADwHzz8EAAAA&oh=00_AfAqIxEs19mJGVJm_M7NyM1k5Ptz441NgKV7CsfH5CDJYA&oe=643FD195
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 4636fb9df5ae103fbad3764c9f98400be1c9384cbe77fdb6951b96adcac788b1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-haystack-needlechecksum: 760809244
date: Sat, 15 Apr 2023 08:02:44 GMT
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Thu, 08 Sep 2022 19:16:03 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=2540016234
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 88386505
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 1345
priority: u=3,i

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame 356B 95 KB
34 KB 220ms
42ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.67

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 11:22:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74437
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Apr 2024 11:22:06 GMT

GET
H2 200 prebid.js Show response
img.scupio.com/js/ Frame 356B 236 KB
83 KB 49ms
48ms Script
application/javascript 18.65.39.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.67
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-127.ams1.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 97a8ac3778e546a6f181085011be6050889e44dd212ac3e9782389f0b853c23d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://img.scupio.com/html/ad.html?v=1.0.67
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:00:33 GMT
content-encoding: gzip
via: 1.1 5e1e1cde81deec56515dcc5317501fe8.cloudfront.net (CloudFront)
last-modified: Tue, 28 Jun 2022 05:54:43 GMT
server: nginx/1.12.1
x-amz-cf-pop: AMS1-P1
age: 177
etag: W/"62ba97a3-3b047"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
x-amz-cf-id: Kcym3HCtcVGoPyjR2O9it_E7VkBX1U3_P9lSNYyhHEPjUrNX-xKGlQ==
expires: Mon, 15 May 2023 07:59:45 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame 62D6 95 KB
33 KB 269ms
147ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.67

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 11:22:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74437
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Apr 2024 11:22:06 GMT

GET
H2 200 prebid.js Show response
img.scupio.com/js/ Frame 62D6 236 KB
83 KB 60ms
60ms Script
application/javascript 18.65.39.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.67
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-127.ams1.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 97a8ac3778e546a6f181085011be6050889e44dd212ac3e9782389f0b853c23d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://img.scupio.com/html/ad.html?v=1.0.67
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:00:33 GMT
content-encoding: gzip
via: 1.1 5e1e1cde81deec56515dcc5317501fe8.cloudfront.net (CloudFront)
last-modified: Tue, 28 Jun 2022 05:54:43 GMT
server: nginx/1.12.1
x-amz-cf-pop: AMS1-P1
age: 177
etag: W/"62ba97a3-3b047"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
x-amz-cf-id: rUR_jdDXYRy8NjZ59j4qoqB-ujLRkh5ZPzJh9qDpbpjiNCGRlyRxtw==
expires: Mon, 15 May 2023 07:59:45 GMT

GET
H2 200 create Show response
referer-log.holmesmind.com/api/v1/kinesis/ 51 B
261 B 941ms
291ms Fetch
application/json 52.69.218.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://referer-log.holmesmind.com/api/v1/kinesis/create?zone_id=13856&domain=reurl.cc

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.69.218.118 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-69-218-118.ap-northeast-1.compute.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

1bfc2e2068ee2ce434a9273fee1accffeeacdad69ce3c220d9daa5fbed639a62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:44 GMT
x-content-type-options: nosniff
server: nginx/1.18.0 (Ubuntu)
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

GET
H2 200 capmapping.htm Show response
cdn.holmesmind.com/js/ Frame 6256 7 KB
8 KB 59ms
59ms Document
text/html 2600:9000:223c:4800:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/capmapping.htm
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:4800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8804179d4455fb6e29325fe79d0f98396fd305e1de6067621c6f42e7054a7671

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 23
content-length: 7381
content-type: text/html
date: Sat, 15 Apr 2023 08:02:21 GMT
etag: "7043648f76be8783efb738bc06c56fa0"
last-modified: Thu, 13 Apr 2023 07:03:38 GMT
server: AmazonS3
via: 1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
x-amz-cf-id: Mt5fU4DEBWNUa4yoVnJYy-gMRcsK4h9olV13_uFH__z2jVbAT3kGwA==
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256
x-amz-version-id: dx1zZGj7kM5P2QQxgaZZkMgXwhIKv6rf
x-cache: Hit from cloudfront

GET
H2 200 edmp_init.js Show response
cdn.holmesmind.com/js/ 662 B
1 KB 60ms
60ms Script
application/javascript 2600:9000:223c:4800:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/edmp_init.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:4800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: NKk4DvuerUEJSZO2Q_zQvbJHzZhMaWpl
date: Sat, 15 Apr 2023 08:01:56 GMT
via: 1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
last-modified: Thu, 13 Apr 2023 07:03:15 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 52
x-amz-server-side-encryption: AES256
etag: "f58f8a90686f8ffb3325107e8a788b71"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 662
x-amz-cf-id: WrQMkZhNpqjw4xrQS6_hP-vkPyYrVz6zMEYZaSC8jXxffGs6jVscGQ==

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame D0AC 15 KB
16 KB 986ms
980ms Script
application/javascript 2600:9000:223c:4800:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:4800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9f2aa6af4c0a4d80f08fb43a67de08fa12534cae17a1a1b5aa3a6b903638cea6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: BDmwaD25zAZXCzgujfpq5axvW6cde0Fd
date: Sat, 15 Apr 2023 08:02:45 GMT
via: 1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
last-modified: Thu, 13 Apr 2023 07:03:25 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256
etag: "fda6a78844e1e6ff9ca3f87a43daaa6d"
x-cache: RefreshHit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 15489
x-amz-cf-id: VyMuI4t45aIuqQ4Xg7T8pCuFX611a2HVChv2OnzPXBMDKuhCB3_cPQ==

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame 400C 15 KB
16 KB 981ms
980ms Script
application/javascript 2600:9000:223c:4800:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:4800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9f2aa6af4c0a4d80f08fb43a67de08fa12534cae17a1a1b5aa3a6b903638cea6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: BDmwaD25zAZXCzgujfpq5axvW6cde0Fd
date: Sat, 15 Apr 2023 08:02:45 GMT
via: 1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
last-modified: Thu, 13 Apr 2023 07:03:25 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256
etag: "fda6a78844e1e6ff9ca3f87a43daaa6d"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 15489
x-amz-cf-id: 3g7T_l-HhTDb4zgfKeINwt3vOtP59grGdHFHCz0sZCgAV8w9rGvZXw==

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame 017F 15 KB
16 KB 962ms
950ms Script
application/javascript 2600:9000:223c:4800:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:4800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9f2aa6af4c0a4d80f08fb43a67de08fa12534cae17a1a1b5aa3a6b903638cea6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: BDmwaD25zAZXCzgujfpq5axvW6cde0Fd
date: Sat, 15 Apr 2023 08:02:44 GMT
via: 1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
last-modified: Thu, 13 Apr 2023 07:03:25 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256
etag: "fda6a78844e1e6ff9ca3f87a43daaa6d"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 15489
x-amz-cf-id: y_SJ_J7IqePC1Im3fibXJ2ZU4H05874pc_LmeQSB6UA29dCrihAX9w==

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame 7BA9 15 KB
16 KB 875ms
864ms Script
application/javascript 2600:9000:223c:4800:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:4800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9f2aa6af4c0a4d80f08fb43a67de08fa12534cae17a1a1b5aa3a6b903638cea6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: BDmwaD25zAZXCzgujfpq5axvW6cde0Fd
date: Sat, 15 Apr 2023 08:02:44 GMT
via: 1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
last-modified: Thu, 13 Apr 2023 07:03:25 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256
etag: "fda6a78844e1e6ff9ca3f87a43daaa6d"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 15489
x-amz-cf-id: 7gbyY4ZohBSQyP1TQgQ-vcdRJ92XJEjTR0q-pDZhm-B1LmGJCGLs_g==

GET
H3 200 inferredevents.js Show response
connect.facebook.net/signals/plugins/ 72 KB
22 KB 45ms
44ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/inferredevents.js?v=2.9.101

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5849e07d0d6cbb144829b98da75fda4a8eb3fc2b5749d48cc94bb170db54859a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 15 Apr 2023 08:02:44 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 21972
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: ZxZ2N3qCWYPus4+IUt/4PyNE3Yizop6DxFU3RTJmlZVFi8RRQ35r40Z468TVDKtikNps9muN1lahnXuX2BEUIA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
142 B 51ms
50ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=68163842&t=pageview&_s=1&dl=https%3A%2F%2Freurl.cc%2FMRLnD&ul=en-us&de=UTF-8&dt=URL%20Shortener%20-%20reurl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1117048430&gjid=1412935205&cid=1881927675.1681545764&tid=UA-102456694-1&_gid=1965143845.1681545764&_r=1&_slc=1&z=499970102

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://reurl.cc/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 08:02:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 40ms
39ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=68163842&t=event&_s=2&dl=https%3A%2F%2Freurl.cc%2FMRLnD&ul=en-us&de=UTF-8&dt=URL%20Shortener%20-%20reurl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=pause&ea=&el=&ev=1&_u=IEBAAEABAAAAACAAI~&jid=&gjid=&cid=1881927675.1681545764&tid=UA-102456694-1&_gid=1965143845.1681545764&z=197661621

Requested by

Host: reurl.cc
URL: https://reurl.cc/MRLnD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Apr 2023 18:05:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 50252
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
240 B 136ms
47ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-N394QBRGC0&gtm=45je34c0&_p=68163842&cid=1881927675.1681545764&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1681545764&sct=1&seg=0&dl=https%3A%2F%2Freurl.cc%2FMRLnD&dt=URL%20Shortener%20-%20reurl&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 08:02:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1681511369-5f4c8c1d4970a526c7dd0e03447ef085-840x525.jpg
img.gbyhn.com.tw/2023/04/ 128 KB
129 KB 178ms
41ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gbyhn.com.tw/2023/04/1681511369-5f4c8c1d4970a526c7dd0e03447ef085-840x525.jpg
Requested by: Host: reurl.cc
URL: https://reurl.cc/MRLnD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e023dff186832c6a9062473e5bbadbab1a9ba3b12654fc51235a13a407ae60b5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 33004
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 131422
last-modified: Fri, 14 Apr 2023 22:29:29 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tWv%2BVN1lHcXflXGPlDNgLDnU2qmCBkNulnlCejtjayFLWd%2BPqyQP6wDUXZEiWxnkRAqEyMRt3xLrWqAmq77jjAOYlci23800aD813fIrDURHAeRjWeF%2BK2vRWSCJXLkIXpanxRgkzjIJV8XwTQ7T"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7b82ab03a8e3741f-LHR
expires: Fri, 21 Apr 2023 22:41:14 GMT

GET
H2 200 %E8%B7%9F%E9%A2%A8-Youtuber%E3%80%81KOL-%E8%B2%B7%E5%8A%A0%E5%AF%86%E8%B2%A8%E5%B9%A3%E7%9C%9F%E8%83%BD%E8%B3%BA%E9%8C%A2%E5%97%8E-2-750x375.png
www.rayskyinvest.com/wp-content/uploads/2023/04/ 273 KB
274 KB 176ms
36ms Image
image/png 35.227.194.51
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rayskyinvest.com/wp-content/uploads/2023/04/%E8%B7%9F%E9%A2%A8-Youtuber%E3%80%81KOL-%E8%B2%B7%E5%8A%A0%E5%AF%86%E8%B2%A8%E5%B9%A3%E7%9C%9F%E8%83%BD%E8%B3%BA%E9%8C%A2%E5%97%8E-2-750x375.png
Requested by: Host: reurl.cc
URL: https://reurl.cc/MRLnD
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.227.194.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.194.227.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 73e18bfe1a45f8cb774ec7f8526277d36a113618d90ed3b6d44c713962ff26b3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Sat, 15 Apr 2023 08:02:44 GMT
expires: Sat, 13 Apr 2024 19:24:37 GMT
last-modified: Fri, 14 Apr 2023 18:55:23 GMT
server: nginx
etag: "6439a19b-44589"
content-type: image/png
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 279945
x-cdn-c: all
x-sg-cdn: 1

GET
H2 200 %E5%BD%B0%E5%8C%96%E9%8A%80%E8%A1%8C%E6%8E%A8%E8%96%A6%E4%BF%A1%E7%94%A8%E5%8D%A1%EF%BC%8C%E6%8C%87%E5%AE%9A%E9%80%9A%E8%B7%AF%E6%9C%80%E9%AB%98-10-%E5%9B%9E%E9%A5%8B-1080x630.jpg
creditcards.com.tw/wp-content/uploads/2023/04/ 56 KB
56 KB 377ms
240ms Image
image/webp 192.0.78.244
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://creditcards.com.tw/wp-content/uploads/2023/04/%E5%BD%B0%E5%8C%96%E9%8A%80%E8%A1%8C%E6%8E%A8%E8%96%A6%E4%BF%A1%E7%94%A8%E5%8D%A1%EF%BC%8C%E6%8C%87%E5%AE%9A%E9%80%9A%E8%B7%AF%E6%9C%80%E9%AB%98-10-%E5%9B%9E%E9%A5%8B-1080x630.jpg?crop=1

Requested by

Host: reurl.cc
URL: https://reurl.cc/MRLnD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.244 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

18bb0e90797ec6f226137169e5775aceac0cb1ede819c3526b431cc2034db84f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:44 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-ac: 3.lhr _atomic_ams BYPASS
content-length: 57142
x-nc: HIT bur 5
last-modified: Fri, 14 Apr 2023 09:55:21 GMT
server: nginx
etag: "a0eb31a3ae0e1194"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
expires: Sun, 13 Apr 2025 21:55:21 GMT

GET
H2 200 Vymo_Logo.jpg
mma.prnasia.com/media2/1026997/ 16 KB
17 KB 186ms
49ms Image
image/jpeg 2606:4700::6810:fc04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mma.prnasia.com/media2/1026997/Vymo_Logo.jpg?p=medium600
Requested by: Host: reurl.cc
URL: https://reurl.cc/MRLnD
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:fc04 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: f0637711cd180a6cb50f2882d67a419ac556e21ad9ec02ade9f5e2df2bc063b2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:44 GMT
cf-cache-status: HIT
age: 84479
x-powered-by: ASP.NET
server-timing: intid;desc=7353c37452169ead
content-length: 16859
cf-bgj: h2pri
last-modified: Fri, 14 Apr 2023 08:34:30 GMT
server: cloudflare
vary: *, Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
cf-ray: 7b82ab03aedb2508-LHR
access-control-allow-headers: Content-Type
expires: Fri, 14 Apr 2023 08:34:31 GMT

GET
H2 200 2023041403051756.jpg
img.racingcharger.tw/wp-content/uploads/ 114 KB
114 KB 174ms
57ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.racingcharger.tw/wp-content/uploads/2023041403051756.jpg
Requested by: Host: reurl.cc
URL: https://reurl.cc/MRLnD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6729563a7dcd413a09f819cbd4ed5f581a3d3ebd65c52ea411d85d77067f4526

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:44 GMT
cf-cache-status: HIT
last-modified: Fri, 14 Apr 2023 03:05:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 9676
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UgqzFeOXsEhMO%2BXXruw3nm1oQEOIsRS7gIk2s1FZt55xNhViSXr%2Fg3ZD1xChIEa%2B1%2BhGVnEy0%2BKPB9nQGv8ZiNDthXy6w2BWmPZOriNdwU7VzW%2Fy%2FuP%2F0SM3kSJK%2BKifuYzvbCYLpi1SQGmwQDWJcfn39Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 7b82ab0388dcdd84-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 116240

GET
H2 200 file.png
static.wixstatic.com/media/08c74d_ba3a5eb8e092499c974acd5b3e418350~mv2.png/v1/fit/w_1000,h_1000,al_c,q_80/ 331 KB
331 KB 154ms
37ms Image
image/png 34.102.176.152
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.wixstatic.com/media/08c74d_ba3a5eb8e092499c974acd5b3e418350~mv2.png/v1/fit/w_1000,h_1000,al_c,q_80/file.png
Requested by: Host: reurl.cc
URL: https://reurl.cc/MRLnD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.176.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 152.176.102.34.bc.googleusercontent.com
Software: openresty/1.21.4.1 /
Resource Hash: fe3c06eeffb10add536e52ac60fb6cccc3ea545d6fa16231830de8c4630d4851

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 08:45:24 GMT
via: 1.1 google
server: openresty/1.21.4.1
age: 429440
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=15552000, immutable
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 338711
wix-tracer: 2OECOhiadCdvcRlrTuKM5z4fd7s
x-seen-by: image-manipulator-54fd5c7947-57m4m

GET
H2 200 renews-title1.png
re-news.tw/images/ 24 KB
24 KB 1354ms
551ms Image
image/png 35.185.136.122
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://re-news.tw/images/renews-title1.png
Requested by: Host: reurl.cc
URL: https://reurl.cc/MRLnD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.136.122 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 122.136.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e9b96bc538ceb220fc5caff0d0a67916b74cf07b2bada0b3296a17b1b99c9990

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:45 GMT
last-modified: Sun, 28 Nov 2021 04:19:19 GMT
server: nginx/1.18.0 (Ubuntu)
accept-ranges: bytes
etag: "61a30347-5fad"
content-length: 24493
content-type: image/png

GET
H2 200 1672766450-7-scaled.jpg
i0.wp.com/golike.tw/wp-content/uploads/2023/01/ 487 KB
488 KB 150ms
34ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/golike.tw/wp-content/uploads/2023/01/1672766450-7-scaled.jpg?fit=2560%2C1920&ssl=1

Requested by

Host: reurl.cc
URL: https://reurl.cc/MRLnD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

81a83ad8c65b893ec909609444e653b7e0be9395ccf59016e03284e0d1a13844

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-nc: HIT lhr 8
date: Sat, 15 Apr 2023 08:02:44 GMT
x-content-type-options: nosniff
last-modified: Mon, 09 Jan 2023 09:04:11 GMT
server: nginx
etag: "e36ec6663165a6fd"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://golike.tw/wp-content/uploads/2023/01/1672766450-7-scaled.jpg>; rel="canonical"
content-length: 498450
expires: Wed, 08 Jan 2025 21:04:11 GMT

GET
H2 200 fp Show response
cm-dev-poc.holmesmind.com/ Frame 2806 0
217 B 980ms
291ms Document
text/html 52.194.43.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cm-dev-poc.holmesmind.com/fp
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.194.43.130 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-194-43-130.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cdn.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 15 Apr 2023 08:02:45 GMT
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 cm.php Show response
fcm.holmesmind.com/ Frame A5D3 39 B
191 B 231ms
133ms Document
text/html 34.95.67.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fcm.holmesmind.com/cm.php
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.67.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.67.95.34.bc.googleusercontent.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795

Request headers

Referer: https://cdn.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39
content-type: text/html; charset=UTF-8
date: Sat, 15 Apr 2023 08:02:44 GMT
server: Apache/2.4.29 (Ubuntu)
via: 1.1 google

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 6256 5 KB
3 KB 1449ms
1448ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:44 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Sat, 15 Apr 2023 08:12:44 GMT

GET
H2

200

cm
c.holmesmind.com/ Frame 6256
Redirect Chain

https://c.holmesmind.com/cm
https://c.holmesmind.com/cm?tc=getIn&

0
507 B

146ms
145ms

Image
text/html

35.201.76.93
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm?tc=getIn&
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Server: 35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:44 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

Redirect headers

location: https://c.holmesmind.com/cm?tc=getIn&
date: Sat, 15 Apr 2023 08:02:44 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

GET
H2 200 fp
cm-dev-poc.holmesmind.com/ Frame 6256 0
218 B 974ms
290ms Image
text/html 52.194.43.130
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm-dev-poc.holmesmind.com/fp
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.194.43.130 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-194-43-130.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:45 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
content-type: text/html; charset=UTF-8

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 7 B
347 B 133ms
37ms XHR
text/plain 2a00:1450:400c:c0d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-102456694-1&cid=1881927675.1681545764&jid=1117048430&gjid=1412935205&_gid=1965143845.1681545764&_u=IEBAAEAAAAAAACAAI~&z=297601038

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0d::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://reurl.cc/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 15 Apr 2023 08:02:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
t.ssp.hinet.net/ 37 B
401 B 1124ms
1101ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

53a215a3e560218319103ff086f2957a7f3f5a3ebfebd929f954d5ab73104742

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:44 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 165ms
66ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-102456694-1&cid=1881927675.1681545764&jid=1117048430&_u=IEBAAEAAAAAAACAAI~&z=1938671211

Requested by

Host: reurl.cc
URL: https://reurl.cc/MRLnD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 08:02:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.uk/ads/ 42 B
408 B 169ms
64ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-102456694-1&cid=1881927675.1681545764&jid=1117048430&_u=IEBAAEAAAAAAACAAI~&z=1938671211

Requested by

Host: reurl.cc
URL: https://reurl.cc/MRLnD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 08:02:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
127 B 42ms
40ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1675200226052423&ev=PageView&dl=https%3A%2F%2Freurl.cc%2FMRLnD&rl=&if=false&ts=1681545764747&sw=1600&sh=1200&v=2.9.101&r=stable&ec=0&o=28&cs_est=true&fbp=fb.1.1681545764745.268912748&it=1681545763358&coo=false&rqm=GET

Requested by

Host: reurl.cc
URL: https://reurl.cc/MRLnD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 15 Apr 2023 08:02:44 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 UXtr_j2Fwe-.png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame B56F 573 B
626 B 43ms
40ms Image
image/png 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yT/l/0,cross/z7wmxKtIZsi.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yT/l/0,cross/z7wmxKtIZsi.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:44 GMT
x-content-type-options: nosniff
content-md5: 07aG/2AEtDHVAZ5LUajMDQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 573
x-fb-rlafr: 0
x-fb-debug: 8Y2A+UrbGYQD5qMbdQn4bXZeuYAIjRgHi3bDUOxufhPm2sZHfiBdamAfsG4usbBHk78DSxom5F39uAMDKtbUkg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 12 Apr 2024 00:31:27 GMT

GET
H2 200 currency.json Show response
img.scupio.com/js/config/ Frame 356B 108 B
485 B 40ms
40ms XHR
application/json 18.65.39.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/config/currency.json
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-127.ams1.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 1a2dcbaa8da5e1459685453a48b20ad6d18fcc772cc45dffcc2c2c719fee8091

Request headers

Referer: https://img.scupio.com/html/ad.html?v=1.0.67
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 15 Apr 2023 07:58:11 GMT
via: 1.1 5e1e1cde81deec56515dcc5317501fe8.cloudfront.net (CloudFront)
last-modified: Fri, 14 Apr 2023 19:15:04 GMT
server: nginx/1.12.1
x-amz-cf-pop: AMS1-P1
age: 273
etag: "6439a638-6c"
vary: Origin
x-cache: Hit from cloudfront
content-type: application/json
cache-control: max-age=10800
accept-ranges: bytes
content-length: 108
x-amz-cf-id: oAYa1hyJ8JUXeAQ1Qg9oS-5HHqZiwuCDCfBee7rA582_FTMeo35qfQ==
expires: Sat, 15 Apr 2023 10:58:11 GMT

GET
H2 200 currency.json Show response
img.scupio.com/js/config/ Frame 62D6 108 B
476 B 42ms
42ms XHR
application/json 18.65.39.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/config/currency.json
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-127.ams1.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 1a2dcbaa8da5e1459685453a48b20ad6d18fcc772cc45dffcc2c2c719fee8091

Request headers

Referer: https://img.scupio.com/html/ad.html?v=1.0.67
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 15 Apr 2023 07:58:11 GMT
via: 1.1 5e1e1cde81deec56515dcc5317501fe8.cloudfront.net (CloudFront)
last-modified: Fri, 14 Apr 2023 19:15:04 GMT
server: nginx/1.12.1
x-amz-cf-pop: AMS1-P1
age: 273
etag: "6439a638-6c"
vary: Origin
x-cache: Hit from cloudfront
content-type: application/json
cache-control: max-age=10800
accept-ranges: bytes
content-length: 108
x-amz-cf-id: AF08qEwln0A2smAwdIlGuP3mliryDAP59_xtrSwQ4IcvcMp2_J-BHQ==
expires: Sat, 15 Apr 2023 10:58:11 GMT

POST
H/1.1 200
OK prebid.aspx Show response
prebid.scupio.com/recweb/ Frame 356B 2 KB
2 KB 1057ms
271ms XHR
text/html 210.59.219.181
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.scupio.com/recweb/prebid.aspx?cb=0.975084737115826
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 210.59.219.181 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 210-59-219-181.hinet-ip.hinet.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: fe3cea0537c53a762dd2b1a36e07dffb91833f40195352568f23384761c22c89

Request headers

Referer: https://img.scupio.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sat, 15 Apr 2023 08:03:14 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://img.scupio.com
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Length: 1485

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 356B 0
216 B 253ms
45ms XHR
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.21.0-pre&cb=92329265652

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://img.scupio.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 15 Apr 2023 08:02:44 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://img.scupio.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame 356B 0
177 B 600ms
189ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Sat, 15 Apr 2023 08:02:45 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

GET
H/1.1 204
No Content header Show response
hb.aralego.com/ Frame 356B 0
176 B 492ms
128ms XHR
text/plain 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-6272B749823AD3B6FE98336EBDD2A34A&tdid=&schain=1.0%2C1!scupio.com%2C4808%2C1%2C%2C%2C&eids=&pubcid=65f01f5a-1dcf-45e2-8870-ee51f53b4293&u=https%3A%2F%2Freurl.cc%2FMRLnD&host=reurl.cc&xr=0&ao=https%3A%2F%2Freurl.cc&ucfUid=ac9ea28f-4b7a-4307-a0d5-0b1996546697&w=300&h=250
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Wilmington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Sat, 15 Apr 2023 08:02:45 GMT
access-control-allow-credentials: true
connection: close

POST
H2 200 prebid.json Show response
ad.holmesmind.com/adserver/ Frame 356B 0
218 B 914ms
321ms XHR
text/html 54.238.32.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/prebid.json?cb=1681545764765&hb=1&ver=1.21
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.238.32.19 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-238-32-19.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Sat, 15 Apr 2023 08:02:45 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

POST
H2 200 prebid.json Show response
ad.holmesmind.com/adserver/ Frame 62D6 0
219 B 750ms
294ms XHR
text/html 54.238.32.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/prebid.json?cb=1681545764814&hb=1&ver=1.21
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.238.32.19 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-238-32-19.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Sat, 15 Apr 2023 08:02:45 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

POST
H/1.1 200
OK prebid.aspx Show response
prebid.scupio.com/recweb/ Frame 62D6 2 KB
2 KB 1043ms
258ms XHR
text/html 210.59.219.181
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.scupio.com/recweb/prebid.aspx?cb=0.8073753650131685
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 210.59.219.181 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 210-59-219-181.hinet-ip.hinet.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 9201470993e53e5bcc8edf97926c67140b5ef4eeddf95c705af31004724e26f1

Request headers

Referer: https://img.scupio.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sat, 15 Apr 2023 08:02:45 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://img.scupio.com
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Length: 1528

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 62D6 0
215 B 101ms
47ms XHR
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.21.0-pre&cb=1095927428

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://img.scupio.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 15 Apr 2023 08:02:44 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://img.scupio.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H/1.1 204
No Content header Show response
hb.aralego.com/ Frame 62D6 0
176 B 459ms
137ms XHR
text/plain 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-9A2A7263E9EB6DA9F4EB86E487B8648A&tdid=&schain=1.0%2C1!scupio.com%2C4808%2C1%2C%2C%2C&eids=&pubcid=65f01f5a-1dcf-45e2-8870-ee51f53b4293&u=https%3A%2F%2Freurl.cc%2FMRLnD&host=reurl.cc&xr=0&ao=https%3A%2F%2Freurl.cc&ucfUid=52b06be6-7298-4ccb-8629-558ba73b905e&w=970&h=250
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Wilmington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Sat, 15 Apr 2023 08:02:45 GMT
access-control-allow-credentials: true
connection: close

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame 62D6 0
176 B 444ms
190ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Sat, 15 Apr 2023 08:02:45 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

GET
H2 200 BW7a5tS7MH9.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yT/r/ Frame B56F 10 KB
4 KB 57ms
55ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yT/r/BW7a5tS7MH9.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y6/r/PTAMAF8Hi8v.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b4e8897f617acf8c561309a5d51674bc1cbef024b66acf21ceb35ddf76a0c16b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:45 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 35ezpiND1KsgnE8MWEcrlA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3500
x-fb-rlafr: 0
x-fb-debug: uP5XnQaThqju9VfqbAa38oF/ht7Wlsx2ZYHhHSyxV3LAkzs59n4OHSMaT28iNzZpwP6eeoBLhxlNMVLMCn/1Eg==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 12 Apr 2024 10:58:58 GMT

GET
H2 200 Zj4GuFghQl4.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yS/r/ Frame B56F 12 KB
4 KB 43ms
41ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yS/r/Zj4GuFghQl4.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y6/r/PTAMAF8Hi8v.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d8c52fe5bb662564ab7edf0abe01a2202dcc36eaa71ce6a465cd64210c4eb2c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:45 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: dBSAisRg2e2k/EbKxbTt7g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3450
x-fb-rlafr: 0
x-fb-debug: DVOTAdPG1r8ab1UKLbIW9oT1ap6iB+gwBeJ0J1cN4sQsThrvnBvrDLyIFbd2gHC1lAuij+6U5jRkQ4eDZCAE/g==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Wed, 10 Apr 2024 15:15:22 GMT

GET
H2 200 wFDi4gNQG6i.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yG/r/ Frame B56F 335 KB
73 KB 56ms
54ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yG/r/wFDi4gNQG6i.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y6/r/PTAMAF8Hi8v.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1519f65f0646c7ec878163cb3a7034c6db155f9243ae1208e3b3ad3bbd5ad503

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:45 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: +o34IKUMS7CgN5ozA9WUtw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 74026
x-fb-rlafr: 0
x-fb-debug: ZSsVcyfaAdUk9J4ynAHGoF+Pt2xzAjWnjIoScLT45i6JChvY157JADNHrs516gdSQt8uMKdkTxgLw+sNJP+vhg==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sat, 13 Apr 2024 18:16:06 GMT

GET
H2 200 BqEjD1dj1pL.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yY/r/ Frame B56F 840 B
552 B 56ms
55ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yY/r/BqEjD1dj1pL.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y6/r/PTAMAF8Hi8v.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5e6b64548a659799b21cada8e58a9fd1f53faf3208219c395c147194f7acbfe0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:45 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: uknKQ5sJ+8vBWLiIBWWBIg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 356
x-fb-rlafr: 0
x-fb-debug: TYenOT9QPLeWTxgZuI5mg3Llw+WkGZ9uwoba+oBb6El5SYvVAfDLVXBQRuDOuMjjkn8WgKn1wSIwsCB8aWqE4g==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 04 Apr 2024 17:51:45 GMT

GET
H2 200 cm Show response
t.ssp.hinet.net/ 0
187 B 557ms
556ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=a546ca&cid=%%%20Partner%20Cookie%20Here%20%%

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:45 GMT
strict-transport-security: max-age=0
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 Preset.js Show response
adcdn.holmesmind.com/adserver/ Frame D0AC 575 B
642 B 223ms
55ms Script
text/html 2600:9000:2250:a800:3:1794:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adcdn.holmesmind.com/adserver/Preset.js?z=13856
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:a800:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 22d4fe7a41e1b5ac442faeccace387a6e59c4f056bc35b71f1b65cf42e7a6721

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 07:55:20 GMT
content-encoding: gzip
via: 1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA60-P2
age: 444
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
x-amz-cf-id: 3BUfKReSAdfNgoplemnqzTDBJ3aAD_mxObORfAewAw9zxAL9XtGE_w==

GET
H2 200 Preset.js Show response
adcdn.holmesmind.com/adserver/ Frame 400C 905 B
732 B 217ms
56ms Script
text/html 2600:9000:2250:a800:3:1794:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adcdn.holmesmind.com/adserver/Preset.js?z=14210
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:a800:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ed74e72b416728f59f50d31d28e49a600686f2305a5e01b9345f7ca614101b63

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 07:55:21 GMT
content-encoding: gzip
via: 1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA60-P2
age: 444
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
x-amz-cf-id: Eumy_FBU61ORqhsALs9J1SigiPiYNM8ICVlfBiPPNvbUhrX21FNL8A==

GET
H2 200 Preset.js Show response
adcdn.holmesmind.com/adserver/ Frame 7BA9 756 B
690 B 213ms
56ms Script
text/html 2600:9000:2250:a800:3:1794:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adcdn.holmesmind.com/adserver/Preset.js?z=13847
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:a800:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ede20041bf104095302e63753987b35d2b4bd8c1761ca246df8d7350385de315

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 07:55:20 GMT
content-encoding: gzip
via: 1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA60-P2
age: 444
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
x-amz-cf-id: 8V7ybx814mfkoKizjNUC6nvTKmYI3ou2ou3z0Tdg23MDEr4bS7bgVA==

GET
H2 200 Preset.js Show response
adcdn.holmesmind.com/adserver/ Frame 017F 7 KB
1 KB 179ms
54ms Script
text/html 2600:9000:2250:a800:3:1794:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adcdn.holmesmind.com/adserver/Preset.js?z=14209
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:a800:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 67988687e1abdb7513a40ec60f8ed45c834949e86c1c9fa76983d00590ce0da4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 07:55:20 GMT
content-encoding: gzip
via: 1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA60-P2
age: 444
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
x-amz-cf-id: n_r9srx7H_bkRCWGKNss7PrP19-YsBFn2nQoKqm9ilInFpVeQsN6tA==

GET
H3 200 / Show response
www.facebook.com/platform/plugin/tab/renderer/ Frame B56F 94 KB
23 KB 311ms
311ms XHR
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/platform/plugin/tab/renderer/?key=timeline&config_json=%7B%22app_id%22%3A%22776730922422337%22%2C%22href%22%3A%22https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F%22%2C%22width%22%3A340%2C%22height%22%3A500%2C%22has_cta%22%3Atrue%2C%22has_small_header%22%3Afalse%2C%22has_adapt_container_width%22%3Atrue%2C%22has_cover%22%3Atrue%2C%22has_posts%22%3Afalse%2C%22tabs%22%3A%22timeline%22%2C%22can_personalize%22%3Afalse%2C%22is_xfbml%22%3Afalse%2C%22referer_uri%22%3A%22https%3A%2F%2Freurl.cc%2F%22%7D&fb_dtsg_ag&__user=0&__a=1&__req=1&__hs=19462.BP%3Aplugin_default_pkg.2.0..0.0&dpr=1&__ccg=EXCELLENT&__rev=1007321679&__s=%3A%3Acjhesf&__hsi=7222184060587890387&__dyn=7xeUmxa13xu1syUbAihwRwqo98nwgU5Gex-ewSwMwNw8OdwJwvE3vx61cw9y0Ko2_CwjE3awbG782Cwooa85ufw5Zx61vw4iwBgK7o1yEfo2IzU2Xwdq1iwmE2ewnE2Lx-0iS1Axy0gq0Lo4K2e1FwbO0NE&__csr=&__sp=1

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3i7244/yP/l/en_GB/Pv0iK0zPy4O.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7fcc716cd9110cf477d307f10de6d00ee25564b57e20358dfbf840d66777dae7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-FB-LSD: Cs9mNAzMZA-UcZIam_vpW3
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
X-ASBD-ID: 198387
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 15 Apr 2023 08:02:45 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: T97Xx5zOW53b5AVPc/PedTY3E27FqZXCG1+EAUHsxc9EjW2UjaZI8G4F2i15IjBRDEBh5DqtDFBy0NSn7t8Wtw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-cache, no-store, must-revalidate
priority: u=1,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 200 / Show response
www.facebook.com/platform/plugin/page/logging/ Frame B56F 907 B
561 B 87ms
86ms XHR
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/platform/plugin/page/logging/

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3i7244/yP/l/en_GB/Pv0iK0zPy4O.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

442127ff92b9afa98ca1f3264d2ca4ddc545e2635decf858e4c48858dc68415c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-FB-LSD: Cs9mNAzMZA-UcZIam_vpW3
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
X-ASBD-ID: 198387
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 15 Apr 2023 08:02:45 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: OzuNmsDzLKBAW4TF86SuByZCaGL4d8tc195SB3422wy15dDK+VYrs6LqhUcOKnyClsjTCyz9jA+mY3gIZi64UA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-methods: OPTIONS
access-control-allow-credentials: true
vary: Origin, Accept-Encoding
priority: u=1,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 200 / Show response
www.facebook.com/pages/call_to_action/fetch_dialog_data/ Frame B56F 907 B
552 B 80ms
80ms XHR
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/pages/call_to_action/fetch_dialog_data/?id=136500184423162&surface=pagePlugin&unit_type=VIEWER

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3i7244/yP/l/en_GB/Pv0iK0zPy4O.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

29762c5984fb769db5ff800c2ce7d754beb23cf7af0381f49fff41ca890e5c88

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-FB-LSD: Cs9mNAzMZA-UcZIam_vpW3
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
X-ASBD-ID: 198387
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 15 Apr 2023 08:02:45 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: ahrqGcLdOnxKm81boJfyND3roZtaYaSSb2+g2DDZadSvnwudbTyd7K2TzQj7z7kakf9AIEjMa+OAG6JjzOcqbw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-methods: OPTIONS
access-control-allow-credentials: true
vary: Origin, Accept-Encoding
priority: u=1,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 1igfs7II_g6.png
static.xx.fbcdn.net/rsrc.php/v3/yd/r/ Frame B56F 12 KB
12 KB 44ms
42ms Image
image/png 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yd/r/1igfs7II_g6.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yZ/l/0,cross/5Efu-Dd9ERG.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e13547eec8879c9b576c2e06837303ad06ea15905d4eb075291ff21686a5b3da

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yZ/l/0,cross/5Efu-Dd9ERG.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:45 GMT
x-content-type-options: nosniff
content-md5: Bsv/k/2TeJemYEeLUt4www==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 12027
x-fb-rlafr: 0
x-fb-debug: 9hJqboyO1w1Xn+ZqVQWewFSBXUBYXPUONAB0bMmOt1034YHpNk2N9zYc9i34rxKtvkcDuLosq9KGwii8WHwDSA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 12 Apr 2024 04:35:13 GMT

GET
H3 200 xgVgalBG80z.png
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ Frame B56F 1 KB
1 KB 52ms
51ms Image
image/png 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/xgVgalBG80z.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yT/l/0,cross/z7wmxKtIZsi.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yT/l/0,cross/z7wmxKtIZsi.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:45 GMT
x-content-type-options: nosniff
content-md5: rB4cTW8WNZcBsFntToJGtA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1315
x-fb-rlafr: 0
x-fb-debug: kyYAmHjwzwGokWo+M+bC1FUFj+Bd3Tfo4rekuwIwlJnlF24RMmWv0Ij2TsBHyeNscJtj0kVLGjJRh0cvL6c4Hw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 10 Apr 2024 02:54:25 GMT

GET
H2 200 ads.js Show response
ad.holmesmind.com/adserver/ Frame 017F 2 KB
1 KB 346ms
345ms Script
text/html 54.238.32.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/ads.js?z=14209&rf=https%3A%2F%2Freurl.cc%2FMRLnD&n=736&o=1&fc=undefined&d=1&b=2&ts=1&ii=3&FPCK=1417-FjXqNDIcYJIXyIYF4CfMgSpFghGTfsKD&fp_uuid=1417-ef503fe0ac67631d7f94bab9129c3e92dd8d5ac15d6c4d4ecacda03434c508b4&initver=230331P
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.238.32.19 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-238-32-19.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 5df3a45af91ee67a151112369a6db71f4bf8e325df9abd37e41ea313051fff64

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Sat, 15 Apr 2023 08:02:45 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 appier_mainV3.js Show response
cdn.holmesmind.com/js/ Frame 017F 6 KB
7 KB 44ms
43ms Script
application/javascript 2600:9000:223c:4800:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:4800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 17b74954021249d3b59e7ab8c8248edc265666ee65127c8f01825f0ada0adcc2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: lsUCSJJiHzZ.l3kqzr7xEkgy8qV8KR3d
date: Sat, 15 Apr 2023 08:02:23 GMT
via: 1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
last-modified: Thu, 13 Apr 2023 07:03:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 23
x-amz-server-side-encryption: AES256
etag: "d653bf20e2f03cb602105cbd317c55ed"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 6650
x-amz-cf-id: KXTfkpTgJkOXtXnGJoa1hYvZA1-ZAfJD91JCvBg70Pg8o13v838U1g==

GET
H2 200 ads.js Show response
ad.holmesmind.com/adserver/ Frame D0AC 2 KB
998 B 313ms
311ms Script
text/html 54.238.32.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/ads.js?z=13856&rf=https%3A%2F%2Freurl.cc%2FMRLnD&n=272&o=1&fc=undefined&d=1&b=2&ts=1&ii=3&FPCK=1417-FjXqNDIcYJIXyIYF4CfMgSpFghGTfsKD&fp_uuid=1417-ef503fe0ac67631d7f94bab9129c3e92dd8d5ac15d6c4d4ecacda03434c508b4&initver=230331P
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.238.32.19 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-238-32-19.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 9c5a759af3c08b42ee54d6bfb13feb6767cc9f50a5965379730ebee12aef8dae

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Sat, 15 Apr 2023 08:02:45 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 rtbhouseV2.js Show response
cdn.holmesmind.com/js/ Frame D0AC 3 KB
3 KB 45ms
43ms Script
application/javascript 2600:9000:223c:4800:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:4800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: DlDm2.RaHqnwd1PNmY0dNCVp5YdFVv6_
date: Sat, 15 Apr 2023 08:02:00 GMT
via: 1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
last-modified: Thu, 13 Apr 2023 07:03:39 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 45
x-amz-server-side-encryption: AES256
etag: "6a605eea47197fa280f27aaf1fa1521d"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2773
x-amz-cf-id: tOjGMIc1v9e1jVKVXt5CHLCdRE85uvIO0tzaTQ_EPR1o6IrpvuEA0w==

GET
H2 200 appierV2.js Show response
cdn.holmesmind.com/js/ Frame D0AC 3 KB
3 KB 45ms
44ms Script
application/javascript 2600:9000:223c:4800:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appierV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:4800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: bBaDhinVDm2bQtBAHs6w8Ot0TdmtaBTy
date: Sat, 15 Apr 2023 08:02:00 GMT
via: 1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
last-modified: Thu, 13 Apr 2023 07:03:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 45
x-amz-server-side-encryption: AES256
etag: "548ed610a8571343fb3022f543174735"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 3177
x-amz-cf-id: BBw1FOD2KuqFPsXLdBPDK_gwWEjOyuiyNChdXZ5BZS_wW3JM5_7M3A==

GET
H2 200 ads.js Show response
ad.holmesmind.com/adserver/ Frame 400C 2 KB
1 KB 335ms
335ms Script
text/html 54.238.32.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/ads.js?z=14210&rf=https%3A%2F%2Freurl.cc%2FMRLnD&n=780&o=1&fc=undefined&d=1&b=2&ts=1&ii=3&FPCK=1417-FjXqNDIcYJIXyIYF4CfMgSpFghGTfsKD&fp_uuid=1417-ef503fe0ac67631d7f94bab9129c3e92dd8d5ac15d6c4d4ecacda03434c508b4&initver=230331P
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.238.32.19 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-238-32-19.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 78f206bea7c7aa00a992e632c5028ad9fee2d98df6eedaa91c6c76916c92b930

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Sat, 15 Apr 2023 08:02:45 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 rtbhouseV2.js Show response
cdn.holmesmind.com/js/ Frame 400C 3 KB
3 KB 45ms
44ms Script
application/javascript 2600:9000:223c:4800:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:4800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: DlDm2.RaHqnwd1PNmY0dNCVp5YdFVv6_
date: Sat, 15 Apr 2023 08:02:00 GMT
via: 1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
last-modified: Thu, 13 Apr 2023 07:03:39 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 45
x-amz-server-side-encryption: AES256
etag: "6a605eea47197fa280f27aaf1fa1521d"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2773
x-amz-cf-id: -n90zuW47AzuDtwKW7C9xUar3CejLy22UkG-TgC7Vv4TPYsw5TqyWg==

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame 400C 121 KB
40 KB 167ms
43ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ee5dd0a4359b47cc49bbeaa01ee01d9ab77226267bc4999dce2331f35dd4b930

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-1e357"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 16 Apr 2023 08:02:45 GMT

GET
H2 200 criteoV2.js Show response
cdn.holmesmind.com/js/ Frame 400C 2 KB
3 KB 58ms
54ms Script
application/javascript 2600:9000:223c:4800:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/criteoV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:4800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: PY2bcG6xDpnYGIi3HqgNZW1F0xtNtFx9
date: Sat, 15 Apr 2023 08:02:02 GMT
via: 1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
last-modified: Thu, 13 Apr 2023 07:02:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 43
x-amz-server-side-encryption: AES256
etag: "e8f33fcb581483ced4a09b3c8e7550e4"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2443
x-amz-cf-id: OK5bM6JS_iqpW6tgBaUM4XaJLgZx5ZU13V44LSOIIL6sMIkh-C_oAQ==

GET
H2 200 bridgewellV3.js Show response
cdn.holmesmind.com/js/ Frame 400C 4 KB
5 KB 53ms
50ms Script
application/javascript 2600:9000:223c:4800:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:4800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: boIKRsKmKdtT.J77QHrBLe19jkz7V0u.
date: Sat, 15 Apr 2023 08:02:23 GMT
via: 1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
last-modified: Thu, 13 Apr 2023 07:03:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 23
x-amz-server-side-encryption: AES256
etag: "c3b948e5a48dd0ec20c265d6d8da7add"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 4530
x-amz-cf-id: 2Z-Aq6el-jRgWK2F9FWo3gU0frC5NXuzpNbFqHy7IEOYgB4_XfLEWg==

GET
H2 200 appierV2.js Show response
cdn.holmesmind.com/js/ Frame 400C 3 KB
3 KB 46ms
43ms Script
application/javascript 2600:9000:223c:4800:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appierV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:4800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: bBaDhinVDm2bQtBAHs6w8Ot0TdmtaBTy
date: Sat, 15 Apr 2023 08:02:00 GMT
via: 1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
last-modified: Thu, 13 Apr 2023 07:03:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 45
x-amz-server-side-encryption: AES256
etag: "548ed610a8571343fb3022f543174735"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 3177
x-amz-cf-id: JNGWhA91RCrZTYL20yTRg47wbFs8po9ybba-J0KgGjF3NxtqASRatQ==

GET
H2 200 appier_mainV3.js Show response
cdn.holmesmind.com/js/ Frame 400C 6 KB
7 KB 49ms
46ms Script
application/javascript 2600:9000:223c:4800:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:4800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 17b74954021249d3b59e7ab8c8248edc265666ee65127c8f01825f0ada0adcc2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: lsUCSJJiHzZ.l3kqzr7xEkgy8qV8KR3d
date: Sat, 15 Apr 2023 08:02:23 GMT
via: 1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
last-modified: Thu, 13 Apr 2023 07:03:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 23
x-amz-server-side-encryption: AES256
etag: "d653bf20e2f03cb602105cbd317c55ed"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 6650
x-amz-cf-id: gXrUOLNYPqAVS6k5ByKR-IwR5RxwKuBoVC6kFmXyvfQNq9aUshCgNg==

GET
H2 200 ads.js Show response
ad.holmesmind.com/adserver/ Frame 7BA9 2 KB
1 KB 321ms
310ms Script
text/html 54.238.32.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/ads.js?z=13847&rf=https%3A%2F%2Freurl.cc%2FMRLnD&n=241&o=1&fc=undefined&d=1&b=2&ts=1&ii=3&FPCK=1417-FjXqNDIcYJIXyIYF4CfMgSpFghGTfsKD&fp_uuid=1417-ef503fe0ac67631d7f94bab9129c3e92dd8d5ac15d6c4d4ecacda03434c508b4&initver=230331P
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.238.32.19 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-238-32-19.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 547cd958005e974f43a58fefabb897bb8d6248172655b946b4a8450b040ad34f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Sat, 15 Apr 2023 08:02:45 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 rtbhouseV2.js Show response
cdn.holmesmind.com/js/ Frame 7BA9 3 KB
3 KB 69ms
58ms Script
application/javascript 2600:9000:223c:4800:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:4800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: DlDm2.RaHqnwd1PNmY0dNCVp5YdFVv6_
date: Sat, 15 Apr 2023 08:02:00 GMT
via: 1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
last-modified: Thu, 13 Apr 2023 07:03:39 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 45
x-amz-server-side-encryption: AES256
etag: "6a605eea47197fa280f27aaf1fa1521d"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2773
x-amz-cf-id: AKwmLsl6T2xoAZqKVi6CPFn-eFMUDDvVtbwGu21iIHA3P6Hmlwgh3Q==

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame 7BA9 121 KB
40 KB 223ms
111ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ee5dd0a4359b47cc49bbeaa01ee01d9ab77226267bc4999dce2331f35dd4b930

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-1e357"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 16 Apr 2023 08:02:45 GMT

GET
H2 200 criteoV2.js Show response
cdn.holmesmind.com/js/ Frame 7BA9 2 KB
3 KB 70ms
59ms Script
application/javascript 2600:9000:223c:4800:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/criteoV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:4800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: PY2bcG6xDpnYGIi3HqgNZW1F0xtNtFx9
date: Sat, 15 Apr 2023 08:02:02 GMT
via: 1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
last-modified: Thu, 13 Apr 2023 07:02:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 43
x-amz-server-side-encryption: AES256
etag: "e8f33fcb581483ced4a09b3c8e7550e4"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2443
x-amz-cf-id: YW0FodMklic8o25Mj2auaGlTbIAvh5Bp82oI0fmVhs8RrcT-TRITng==

GET
H2 200 bridgewellV3.js Show response
cdn.holmesmind.com/js/ Frame 7BA9 4 KB
5 KB 70ms
60ms Script
application/javascript 2600:9000:223c:4800:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:4800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: boIKRsKmKdtT.J77QHrBLe19jkz7V0u.
date: Sat, 15 Apr 2023 08:02:23 GMT
via: 1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
last-modified: Thu, 13 Apr 2023 07:03:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 23
x-amz-server-side-encryption: AES256
etag: "c3b948e5a48dd0ec20c265d6d8da7add"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 4530
x-amz-cf-id: KfHCPMa5lJEUbpVTCUTQ9ZbrVNj3U3XaYohEpBJzfbV2B448d5NiYg==

GET
H2 200 appierV2.js Show response
cdn.holmesmind.com/js/ Frame 7BA9 3 KB
3 KB 72ms
62ms Script
application/javascript 2600:9000:223c:4800:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appierV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:4800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: bBaDhinVDm2bQtBAHs6w8Ot0TdmtaBTy
date: Sat, 15 Apr 2023 08:02:00 GMT
via: 1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
last-modified: Thu, 13 Apr 2023 07:03:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 45
x-amz-server-side-encryption: AES256
etag: "548ed610a8571343fb3022f543174735"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 3177
x-amz-cf-id: Y9O6oS6Z9Xd2fgh5LAautClHgdi4vLpCEZUSQdcwkNz9sTwKZtgmpg==

GET
H2 200 appier_mainV3.js Show response
cdn.holmesmind.com/js/ Frame 7BA9 6 KB
7 KB 73ms
63ms Script
application/javascript 2600:9000:223c:4800:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:4800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 17b74954021249d3b59e7ab8c8248edc265666ee65127c8f01825f0ada0adcc2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: lsUCSJJiHzZ.l3kqzr7xEkgy8qV8KR3d
date: Sat, 15 Apr 2023 08:02:23 GMT
via: 1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
last-modified: Thu, 13 Apr 2023 07:03:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 23
x-amz-server-side-encryption: AES256
etag: "d653bf20e2f03cb602105cbd317c55ed"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 6650
x-amz-cf-id: ftQnxOIU_FScEMQD-rHRqwbnUJ1LBBRwu3nF_8P1UJYLGrvnijp4aw==

GET
H3 200 OZcLupMIkEN.js Show response
static.xx.fbcdn.net/rsrc.php/v3/ya/r/ Frame B56F 198 B
254 B 76ms
68ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/OZcLupMIkEN.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y6/r/PTAMAF8Hi8v.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

31f2f76d99d19fe98a0917f2b785a37c683b85fae29d66dd476ffa84c9a999fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:45 GMT
x-content-type-options: nosniff
content-md5: gixzAcHA/hBBjzjO9Ez8tQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 198
x-fb-rlafr: 0
x-fb-debug: cZ8NemRG6w5XSWjxZgvB/CuUJmkZw7rkKTfOqkuAdNMYRobxbUPTgJkYZOtyeB/I/1txkQmjjz20lVld0LZDKw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Thu, 11 Apr 2024 03:31:38 GMT

GET
H2 200 emome2 Show response
t.ssp.hinet.net/ 30 B
271 B 262ms
261ms XHR
application/json 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/emome2?u=5f55589a-f605-48a4-ba3f-e32c0a1ae6a0

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:45 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 pixel
5f55589a-f605-48a4-ba3f-e32c0a1ae6a0.t.ssp.hinet.net/ 0
79 B 931ms
251ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://5f55589a-f605-48a4-ba3f-e32c0a1ae6a0.t.ssp.hinet.net/pixel?bd=5f55589a-f605-48a4-ba3f-e32c0a1ae6a0&t=a546ca&referrer=%25%25%20referrer%20%25%25

Requested by

Host: reurl.cc
URL: https://reurl.cc/MRLnD

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:46 GMT
strict-transport-security: max-age=0
server: nginx
content-length: 0
content-type: image/png

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame 6256 36 B
407 B 283ms
282ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

d459b34eec6a83a1e53ff68dd5851a69c815d2cf65ddffd485146554ff7d0b47

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:45 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true

POST
H2

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame 017F
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=qhaOfnMBCKOiuyEHJ1o6ZA

2 B
139 B

358ms
358ms

XHR
application/json

35.190.36.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=qhaOfnMBCKOiuyEHJ1o6ZA
Requested by: Host: reurl.cc
URL: https://reurl.cc/MRLnD
Protocol: H2
Server: 35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 98.36.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:47 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Sat, 15 Apr 2023 08:02:47 GMT
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=qhaOfnMBCKOiuyEHJ1o6ZA
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame D0AC 0
170 B 191ms
190ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://reurl.cc
date: Sat, 15 Apr 2023 08:02:45 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame D0AC
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=PUo5Kb5kCpSKfmKdJ1o6ZA

2 B
168 B

298ms
297ms

XHR
application/json

35.190.36.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=PUo5Kb5kCpSKfmKdJ1o6ZA
Requested by: Host: reurl.cc
URL: https://reurl.cc/MRLnD
Protocol: H2
Server: 35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 98.36.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:47 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Sat, 15 Apr 2023 08:02:47 GMT
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=PUo5Kb5kCpSKfmKdJ1o6ZA
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame 400C 0
170 B 189ms
189ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://reurl.cc
date: Sat, 15 Apr 2023 08:02:45 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame 400C
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=eyIGRMHRBp2QZ-2qJ1o6ZA

2 B
20 B

294ms
287ms

XHR
application/json

35.190.36.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=eyIGRMHRBp2QZ-2qJ1o6ZA
Requested by: Host: reurl.cc
URL: https://reurl.cc/MRLnD
Protocol: H3
Server: 35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 98.36.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:47 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Sat, 15 Apr 2023 08:02:47 GMT
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=eyIGRMHRBp2QZ-2qJ1o6ZA
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame 400C
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=SwogX-UOCLmzD3OHJ1o6ZA

2 B
20 B

300ms
283ms

XHR
application/json

35.190.36.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=SwogX-UOCLmzD3OHJ1o6ZA
Requested by: Host: reurl.cc
URL: https://reurl.cc/MRLnD
Protocol: H3
Server: 35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 98.36.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:47 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Sat, 15 Apr 2023 08:02:47 GMT
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=SwogX-UOCLmzD3OHJ1o6ZA
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK prebid.aspx Show response
prebid.scupio.com/recweb/ Frame 400C 2 KB
2 KB 469ms
265ms XHR
text/html 210.59.219.181
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.scupio.com/recweb/prebid.aspx?cb=0.7776064361996176
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 210.59.219.181 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 210-59-219-181.hinet-ip.hinet.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 8c2fd950860d45adb238c744ab88a5dc75e5839570892bae7d5018a90d362112

Request headers

Referer: https://reurl.cc/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sat, 15 Apr 2023 08:02:45 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://reurl.cc
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Length: 1471

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame 7BA9 0
170 B 213ms
212ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://reurl.cc
date: Sat, 15 Apr 2023 08:02:45 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK prebid.aspx Show response
prebid.scupio.com/recweb/ Frame 7BA9 2 KB
2 KB 468ms
263ms XHR
text/html 210.59.219.181
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.scupio.com/recweb/prebid.aspx?cb=0.30588556720662674
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 210.59.219.181 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 210-59-219-181.hinet-ip.hinet.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: a593bbfcf303c189efef1732001627d2d35c7a59a94e2ee2664eadde2009f085

Request headers

Referer: https://reurl.cc/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sat, 15 Apr 2023 08:03:14 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://reurl.cc
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Length: 1339

POST
H/1.1 200
OK prebid.aspx Show response
prebid.scupio.com/recweb/ Frame 7BA9 2 KB
2 KB 598ms
257ms XHR
text/html 210.59.219.181
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.scupio.com/recweb/prebid.aspx?cb=0.9763891751298321
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 210.59.219.181 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 210-59-219-181.hinet-ip.hinet.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: d9d7fb5968a3bacb10628d22777bab96403b87022154cd9d7131d4cde84663cf

Request headers

Referer: https://reurl.cc/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sat, 15 Apr 2023 08:02:46 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://reurl.cc
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Length: 1429

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame 7BA9
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=t8X48btABOGkMRphJ1o6ZA

2 B
20 B

308ms
278ms

XHR
application/json

35.190.36.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=t8X48btABOGkMRphJ1o6ZA
Requested by: Host: reurl.cc
URL: https://reurl.cc/MRLnD
Protocol: H3
Server: 35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 98.36.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:47 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Sat, 15 Apr 2023 08:02:47 GMT
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=t8X48btABOGkMRphJ1o6ZA
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame 7BA9
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=22jdN95PBeaJ4iPrJ1o6ZA

2 B
20 B

340ms
339ms

XHR
application/json

35.190.36.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=22jdN95PBeaJ4iPrJ1o6ZA
Requested by: Host: reurl.cc
URL: https://reurl.cc/MRLnD
Protocol: H3
Server: 35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 98.36.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:47 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Sat, 15 Apr 2023 08:02:47 GMT
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=22jdN95PBeaJ4iPrJ1o6ZA
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

GET /
www.facebook.com/login/ Frame B56F 0
0

GET
H3 200 /
www.facebook.com/login/ Frame B56F 0
0 159ms
158ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FCreditCards.com.tw%252F%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y6/r/PTAMAF8Hi8v.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 15 Apr 2023 08:02:45 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
pragma: no-cache
priority: u=0,i
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: 6dC0Ow29yV5jqnixrCUzGimNxtcKWFZi1qHuKDjJOhnyupa+KvDnIcCpXWoJ8tVHHbrE5GuaN5fczCmmjkENjQ==
x-frame-options: DENY
x-xss-protection: 0

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 017F 5 KB
3 KB 252ms
251ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:46 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Sat, 15 Apr 2023 08:12:46 GMT

GET
DATA 200
OK truncated
/ Frame B56F 2 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb4a1ce6dfcba35211052403191f739a43aafef3ebab7af5e3866d02da0e60fe

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: text/css;charset=utf-8

GET WjYd8lGD6w4.css
static.xx.fbcdn.net/rsrc.php/v3/yq/l/0,cross/ Frame B56F 0
0

GET TX1Q2Opl48R.js
static.xx.fbcdn.net/rsrc.php/v3/yn/r/ Frame B56F 0
0

GET V8jK12UmQ6C.js
static.xx.fbcdn.net/rsrc.php/v3/yY/r/ Frame B56F 0
0

GET ie38mp0O07P.js
static.xx.fbcdn.net/rsrc.php/v3/y9/r/ Frame B56F 0
0

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame D0AC 5 KB
3 KB 317ms
292ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:46 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Sat, 15 Apr 2023 08:12:46 GMT

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 400C 5 KB
3 KB 342ms
328ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:46 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Sat, 15 Apr 2023 08:12:46 GMT

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 7BA9 5 KB
3 KB 450ms
447ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:46 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Sat, 15 Apr 2023 08:12:46 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 400C 20 B
307 B 73ms
73ms XHR
application/json 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=135&profileId=184&cb=10075059176

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

1a99c7dc79dd2b64ac281c5c9f9e470aa37b28bbb958ef7bc8eff508cded8e25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sat, 15 Apr 2023 08:02:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 46

POST bz
www.facebook.com/ajax/ Frame B56F 0
0

GET
H2

200

rec.js Show response
img.scupio.com/js/ Frame 4FEF
Redirect Chain

https://rec.scupio.com/recweb/js/rec.js
https://img.scupio.com/js/rec.js

21 KB
8 KB

53ms
39ms

Script
application/javascript

18.65.39.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/rec.js
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.67
Protocol: H2
Server: 18.65.39.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-127.ams1.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 0e7ae7978e9374bdfa25d15aa5622977abdd1a1844f24d5e4b98da369f03a2cf

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 07:58:46 GMT
content-encoding: gzip
via: 1.1 5e1e1cde81deec56515dcc5317501fe8.cloudfront.net (CloudFront)
last-modified: Tue, 27 Dec 2022 03:54:11 GMT
server: nginx/1.12.1
x-amz-cf-pop: AMS1-P1
age: 248
etag: W/"63aa6c63-54dc"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=10800
x-amz-cf-id: QoO6j_FXhD--tpne1E5bldbs0ZaFY8rNamGoJV7abHfSt_8S_i0M4w==
expires: Sat, 15 Apr 2023 10:58:39 GMT

Redirect headers

Location: https://img.scupio.com/js/rec.js
Date: Sat, 15 Apr 2023 08:02:46 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Content-Length: 155
Content-Type: text/html; charset=UTF-8

POST
H/1.1 200
OK bidinfo.aspx Show response
bw.scupio.com/adpinline/ Frame 356B 2 KB
2 KB 1275ms
256ms XHR
application/javascript 210.59.219.180
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://bw.scupio.com/adpinline/bidinfo.aspx?cb=0.11506332070024516
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 210.59.219.180 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 210-59-219-180.hinet-ip.hinet.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: de7d92d7d63b41537a3ba46cd668dc7bf1422f88cb9d60831292dd6284cff872

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://img.scupio.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Sat, 15 Apr 2023 08:02:46 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin: https://img.scupio.com
Content-Type: application/javascript; charset=utf-8
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Length: 1476

POST
H2 204 events
bidder.criteo.com/csm/ Frame 400C 0
209 B 45ms
39ms Ping
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 15 Apr 2023 08:02:45 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
DATA 200
OK truncated
/ Frame 356B 762 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ce81ecccefb27ce0f347ef564114da2ba450a9e1d9a7260b4597e62b1f71a72

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 7BA9 20 B
307 B 47ms
42ms XHR
application/json 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=135&profileId=184&cb=13557265780

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

1a99c7dc79dd2b64ac281c5c9f9e470aa37b28bbb958ef7bc8eff508cded8e25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sat, 15 Apr 2023 08:02:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 46

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 7BA9 20 B
307 B 44ms
43ms XHR
application/json 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=135&profileId=184&cb=42367677786

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

1a99c7dc79dd2b64ac281c5c9f9e470aa37b28bbb958ef7bc8eff508cded8e25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sat, 15 Apr 2023 08:02:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 46

GET
H2

200

rec.js Show response
img.scupio.com/js/ Frame 1CA3
Redirect Chain

https://rec.scupio.com/recweb/js/rec.js
https://img.scupio.com/js/rec.js

21 KB
8 KB

43ms
33ms

Script
application/javascript

18.65.39.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/rec.js
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.67
Protocol: H2
Server: 18.65.39.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-127.ams1.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 0e7ae7978e9374bdfa25d15aa5622977abdd1a1844f24d5e4b98da369f03a2cf

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 07:58:46 GMT
content-encoding: gzip
via: 1.1 5e1e1cde81deec56515dcc5317501fe8.cloudfront.net (CloudFront)
last-modified: Tue, 27 Dec 2022 03:54:11 GMT
server: nginx/1.12.1
x-amz-cf-pop: AMS1-P1
age: 248
etag: W/"63aa6c63-54dc"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=10800
x-amz-cf-id: DpK8BMmPEhb_OsHw8PvcAjNI6fgWVtQmHCZSN1Tp3HKPh2GFUfodpw==
expires: Sat, 15 Apr 2023 10:58:39 GMT

Redirect headers

Location: https://img.scupio.com/js/rec.js
Date: Sat, 15 Apr 2023 08:02:46 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Content-Length: 155
Content-Type: text/html; charset=UTF-8

POST
H/1.1 200
OK bidinfo.aspx Show response
bw.scupio.com/adpinline/ Frame 62D6 2 KB
2 KB 1299ms
264ms XHR
application/javascript 210.59.219.180
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://bw.scupio.com/adpinline/bidinfo.aspx?cb=0.2687245422886817
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 210.59.219.180 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 210-59-219-180.hinet-ip.hinet.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: dfab0f349de699da3786f2e4653874de689f80d5aaf0d57b61df5933d2fd09ff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://img.scupio.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Sat, 15 Apr 2023 08:02:47 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin: https://img.scupio.com
Content-Type: application/javascript; charset=utf-8
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Length: 1476

GET
DATA 200
OK truncated
/ Frame 62D6 762 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ce81ecccefb27ce0f347ef564114da2ba450a9e1d9a7260b4597e62b1f71a72

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 drawV2.js Show response
cdn.holmesmind.com/js/ Frame D0AC 10 KB
11 KB 58ms
57ms Script
application/javascript 2600:9000:223c:4800:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/drawV2.js
Requested by: Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13856&rf=https%3A%2F%2Freurl.cc%2FMRLnD&n=272&o=1&fc=undefined&d=1&b=2&ts=1&ii=3&FPCK=1417-FjXqNDIcYJIXyIYF4CfMgSpFghGTfsKD&fp_uuid=1417-ef503fe0ac67631d7f94bab9129c3e92dd8d5ac15d6c4d4ecacda03434c508b4&initver=230331P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:4800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: LIZmdv2hFCXzLRIEC1sZeQc0mxpBBOFG
date: Sat, 15 Apr 2023 08:02:00 GMT
via: 1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
last-modified: Thu, 13 Apr 2023 07:03:03 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 54
x-amz-server-side-encryption: AES256
etag: "84d8b1a745228113e60f5e62f0eff6d3"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 10359
x-amz-cf-id: 0qq1no_K2hjbQsOCnZ1fHmB8FxfVc-BGgcgMvEJJoLj2ccpP_OBHbg==

GET
H2 200 drawV2.js Show response
cdn.holmesmind.com/js/ Frame 400C 10 KB
11 KB 56ms
56ms Script
application/javascript 2600:9000:223c:4800:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/drawV2.js
Requested by: Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=14210&rf=https%3A%2F%2Freurl.cc%2FMRLnD&n=780&o=1&fc=undefined&d=1&b=2&ts=1&ii=3&FPCK=1417-FjXqNDIcYJIXyIYF4CfMgSpFghGTfsKD&fp_uuid=1417-ef503fe0ac67631d7f94bab9129c3e92dd8d5ac15d6c4d4ecacda03434c508b4&initver=230331P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:4800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: LIZmdv2hFCXzLRIEC1sZeQc0mxpBBOFG
date: Sat, 15 Apr 2023 08:02:00 GMT
via: 1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
last-modified: Thu, 13 Apr 2023 07:03:03 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 54
x-amz-server-side-encryption: AES256
etag: "84d8b1a745228113e60f5e62f0eff6d3"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 10359
x-amz-cf-id: v8Ra_Z7AmAaM--dy3EfCc3VntVMYeOijN3Ox7LrPdA2AYj8FgHPyzQ==

GET
H2 200 drawV2.js Show response
cdn.holmesmind.com/js/ Frame 017F 10 KB
11 KB 56ms
55ms Script
application/javascript 2600:9000:223c:4800:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/drawV2.js
Requested by: Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=14209&rf=https%3A%2F%2Freurl.cc%2FMRLnD&n=736&o=1&fc=undefined&d=1&b=2&ts=1&ii=3&FPCK=1417-FjXqNDIcYJIXyIYF4CfMgSpFghGTfsKD&fp_uuid=1417-ef503fe0ac67631d7f94bab9129c3e92dd8d5ac15d6c4d4ecacda03434c508b4&initver=230331P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:4800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: LIZmdv2hFCXzLRIEC1sZeQc0mxpBBOFG
date: Sat, 15 Apr 2023 08:02:00 GMT
via: 1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
last-modified: Thu, 13 Apr 2023 07:03:03 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 54
x-amz-server-side-encryption: AES256
etag: "84d8b1a745228113e60f5e62f0eff6d3"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 10359
x-amz-cf-id: iAqdB4az1KP8Ao_sHhxa6PwyNmw_XPo0V2milx6b68gE4k9CiQSWtw==

GET
H2 200 drawV2.js Show response
cdn.holmesmind.com/js/ Frame 7BA9 10 KB
11 KB 55ms
54ms Script
application/javascript 2600:9000:223c:4800:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/drawV2.js
Requested by: Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13847&rf=https%3A%2F%2Freurl.cc%2FMRLnD&n=241&o=1&fc=undefined&d=1&b=2&ts=1&ii=3&FPCK=1417-FjXqNDIcYJIXyIYF4CfMgSpFghGTfsKD&fp_uuid=1417-ef503fe0ac67631d7f94bab9129c3e92dd8d5ac15d6c4d4ecacda03434c508b4&initver=230331P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:4800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: LIZmdv2hFCXzLRIEC1sZeQc0mxpBBOFG
date: Sat, 15 Apr 2023 08:02:00 GMT
via: 1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
last-modified: Thu, 13 Apr 2023 07:03:03 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 54
x-amz-server-side-encryption: AES256
etag: "84d8b1a745228113e60f5e62f0eff6d3"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 10359
x-amz-cf-id: IR-GtKlcx4snS9mY2409Lyh8yp7HEF4rd5ea0r52YiR0LKWsB-mOuQ==

POST
H2 204 events
bidder.criteo.com/csm/ Frame 7BA9 0
209 B 45ms
45ms Ping
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 15 Apr 2023 08:02:45 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame 017F 36 B
400 B 254ms
254ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

d459b34eec6a83a1e53ff68dd5851a69c815d2cf65ddffd485146554ff7d0b47

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:46 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

POST
H2 204 events
bidder.criteo.com/csm/ Frame 7BA9 0
209 B 38ms
38ms Ping
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 15 Apr 2023 08:02:45 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame 356B 87 KB
28 KB 42ms
42ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 06 Apr 2023 09:13:32 GMT
server: nginx
etag: W/"642e8d3c-15c1d"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 16 Apr 2023 08:02:46 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame AAD0 15 KB
6 KB 281ms
39ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3014acc16bf3744b41bb869785bf686290d9834a5e6f69d4583c4e39fca26bff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://img.scupio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 15 Apr 2023 08:02:46 GMT
server: Kestrel
server-processing-duration-in-ticks: 433791
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame 356B 87 KB
28 KB 144ms
70ms XHR
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 06 Apr 2023 09:13:32 GMT
server: nginx
etag: W/"642e8d3c-15c1d"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 16 Apr 2023 08:02:46 GMT

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame 62D6 87 KB
28 KB 55ms
55ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 06 Apr 2023 09:13:32 GMT
server: nginx
etag: W/"642e8d3c-15c1d"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 16 Apr 2023 08:02:46 GMT

GET
H2 200 cm Show response
t.ssp.hinet.net/ Frame 017F 0
187 B 259ms
258ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=50ef57&cid=1417-FjXqNDIcYJIXyIYF4CfMgSpFghGTfsKD&mp=5f55589a-f605-48a4-ba3f-e32c0a1ae6a0

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:46 GMT
strict-transport-security: max-age=0
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 pixel
5f55589a-f605-48a4-ba3f-e32c0a1ae6a0.t.ssp.hinet.net/ Frame 017F 0
79 B 251ms
250ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://5f55589a-f605-48a4-ba3f-e32c0a1ae6a0.t.ssp.hinet.net/pixel?bd=5f55589a-f605-48a4-ba3f-e32c0a1ae6a0&t=50ef57&referrer=https%3A%2F%2Freurl.cc

Requested by

Host: reurl.cc
URL: https://reurl.cc/MRLnD

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:46 GMT
strict-transport-security: max-age=0
server: nginx
content-length: 0
content-type: image/png

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame C461 15 KB
6 KB 156ms
54ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3014acc16bf3744b41bb869785bf686290d9834a5e6f69d4583c4e39fca26bff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://img.scupio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 15 Apr 2023 08:02:46 GMT
server: Kestrel
server-processing-duration-in-ticks: 370993
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame 62D6 87 KB
28 KB 47ms
46ms XHR
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 06 Apr 2023 09:13:32 GMT
server: nginx
etag: W/"642e8d3c-15c1d"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 16 Apr 2023 08:02:46 GMT

GET
H2 200 pixel
5f55589a-f605-48a4-ba3f-e32c0a1ae6a0.t.ssp.hinet.net/ Frame 400C 0
79 B 251ms
251ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://5f55589a-f605-48a4-ba3f-e32c0a1ae6a0.t.ssp.hinet.net/pixel?bd=5f55589a-f605-48a4-ba3f-e32c0a1ae6a0&t=50ef57&referrer=https%3A%2F%2Freurl.cc

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:46 GMT
strict-transport-security: max-age=0
server: nginx
content-length: 0
content-type: image/png

GET
H2 200 cm Show response
t.ssp.hinet.net/ Frame 400C 0
187 B 254ms
253ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=50ef57&cid=1417-FjXqNDIcYJIXyIYF4CfMgSpFghGTfsKD&mp=5f55589a-f605-48a4-ba3f-e32c0a1ae6a0

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:46 GMT
strict-transport-security: max-age=0
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 init.js Show response
cdn.holmesmind.com/js/ Frame 9695 17 KB
18 KB 988ms
983ms Script
application/javascript 2600:9000:223c:4800:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/init.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/MRLnD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:4800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6b554798adaf5cb8c2c6f2607f28041ccb952a5727fac5ef07aa1024cab81a74

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: DUhNY4EFxx.4ZxHOJWw5a1tFjsqena_.
date: Sat, 15 Apr 2023 08:02:48 GMT
via: 1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
last-modified: Thu, 13 Apr 2023 07:03:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256
etag: "6c37b2eb5706a6225b62a75a80493f4a"
x-cache: RefreshHit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 17750
x-amz-cf-id: SUpu_rtbzTxjiJTXeZ4GZc5KAk8mp1QYq1D-5FGIi_xtRiUaI3EJjA==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 3B17 77 KB
26 KB 230ms
88ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/MRLnD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b1e06fb6e4b94d0ad33efe050dee671013dd1e6a3f7ef2a0bba591e7e2fad81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25623
x-xss-protection: 0
server: cafe
etag: 182 / 19462 / 31073818 / config-hash: 11787412583201714567
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 15 Apr 2023 08:02:47 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame C879 77 KB
25 KB 313ms
196ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/MRLnD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

882a26a77810c5cb733f85af6e85bbf7f72c5bc69034c42efe2c9708e81e5256

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25620
x-xss-protection: 0
server: cafe
etag: 793 / 19462 / m202304110101 / config-hash: 11787412583201714567
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 15 Apr 2023 08:02:47 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 0F8F 77 KB
25 KB 306ms
228ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/MRLnD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

742d1513a69799f4b009e30a6b4b1623158976f4c8cf448d42e0c05202e70801

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25676
x-xss-protection: 0
server: cafe
etag: 284 / 19462 / 31073819 / config-hash: 11787412583201714567
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 15 Apr 2023 08:02:47 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame AAD0
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=30Jm5Xxsd01xOUVJRWlUcjcva1B6TGZuazZoM0VQczBoK2c5WHl0S05xanpmb3ZXWGN0U1VRSk1LODg2cUMyZEQvV3VZMzQ2bGhVS004ZXE5eUFUSDdLMGEyZTVrZk54aWdWb1BzczRwa1dqV2RGZlgwdjZYY3NOTUdUM0...

441 B
656 B

190ms
45ms

Fetch
application/json

178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=30Jm5Xxsd01xOUVJRWlUcjcva1B6TGZuazZoM0VQczBoK2c5WHl0S05xanpmb3ZXWGN0U1VRSk1LODg2cUMyZEQvV3VZMzQ2bGhVS004ZXE5eUFUSDdLMGEyZTVrZk54aWdWb1BzczRwa1dqV2RGZlgwdjZYY3NOTUdUM0lxc0hJQWRxRk5pRUlWcWR4dkloY3lHSmhUK0V5TUxtK3QrTUJHR2d1NncwN2YrbUlyOElBYjFNTEs1K056VEZUQ3NpUnQ0YStqV21YZzhQL2hlaHM0M3R4VWNxUEJLU1p0cUlYbDlIQ2VtQUhNb2oxSktWbExwMjdPMDFWQzAvdVhVazY3Z0QzcENlQ29mbUFzMlhXRUNWUkt5eC9SQ3N4OTlST0s5TGZTNllVbnpudUNLND18&cppv=2

Requested by

Host: reurl.cc
URL: https://reurl.cc/MRLnD

Protocol

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4b383e49691c63fe7f83c57534dd9bf79d8630e67cc5bc91e4d81ba7dcd5e682

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 08:02:46 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1638733
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 15 Apr 2023 08:02:46 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=30Jm5Xxsd01xOUVJRWlUcjcva1B6TGZuazZoM0VQczBoK2c5WHl0S05xanpmb3ZXWGN0U1VRSk1LODg2cUMyZEQvV3VZMzQ2bGhVS004ZXE5eUFUSDdLMGEyZTVrZk54aWdWb1BzczRwa1dqV2RGZlgwdjZYY3NOTUdUM0lxc0hJQWRxRk5pRUlWcWR4dkloY3lHSmhUK0V5TUxtK3QrTUJHR2d1NncwN2YrbUlyOElBYjFNTEs1K056VEZUQ3NpUnQ0YStqV21YZzhQL2hlaHM0M3R4VWNxUEJLU1p0cUlYbDlIQ2VtQUhNb2oxSktWbExwMjdPMDFWQzAvdVhVazY3Z0QzcENlQ29mbUFzMlhXRUNWUkt5eC9SQ3N4OTlST0s5TGZTNllVbnpudUNLND18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 348144
content-length: 0
expires: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame C461
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=AYBgj3x1dXJFRFg2NnlpTDg1NlBsVlpHOE93TlVqZGFHYThvRENnc3daZTgzN0RNa3VtN3o3MUFydTRCWi9NaGZXNU0yUWNRREg4NjIwR08vTlRMWFo3Q3hZZFRoRU1LakJ5MDRqVXc5UWlPUGRZNS8rd0s2eDA4Rjdtbz...

435 B
648 B

185ms
49ms

Fetch
application/json

178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=AYBgj3x1dXJFRFg2NnlpTDg1NlBsVlpHOE93TlVqZGFHYThvRENnc3daZTgzN0RNa3VtN3o3MUFydTRCWi9NaGZXNU0yUWNRREg4NjIwR08vTlRMWFo3Q3hZZFRoRU1LakJ5MDRqVXc5UWlPUGRZNS8rd0s2eDA4RjdtbzVIdzkyZlVoMklCeDdqc3dOdWNER1dYcXQ5ZTVvUTRseG8vTU42Q2IrdWFmQ0xvT2VoaFdMTnYrU2Q2cUcvNzloekhHWUU0eExxRWlqZ29mMXNHQlJlWERpMzFzem9hRTlBRDlHdTF1QTZuMFNYTnFWcXlmMmlTMk5FTGFjK0dURHZaS2ZLdmNJU01EeHlnTU9QU25GRDlZbTFnK0UrTnArdXdML0J6L3FydjVEUitQdDBKQT18&cppv=2

Requested by

Host: reurl.cc
URL: https://reurl.cc/MRLnD

Protocol

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

2e8f19520d5efc75af7c9dc665bf0e77dc450a66dd2ee9ec6aabfaf2f242f103

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 08:02:46 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1600875
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 15 Apr 2023 08:02:47 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=AYBgj3x1dXJFRFg2NnlpTDg1NlBsVlpHOE93TlVqZGFHYThvRENnc3daZTgzN0RNa3VtN3o3MUFydTRCWi9NaGZXNU0yUWNRREg4NjIwR08vTlRMWFo3Q3hZZFRoRU1LakJ5MDRqVXc5UWlPUGRZNS8rd0s2eDA4RjdtbzVIdzkyZlVoMklCeDdqc3dOdWNER1dYcXQ5ZTVvUTRseG8vTU42Q2IrdWFmQ0xvT2VoaFdMTnYrU2Q2cUcvNzloekhHWUU0eExxRWlqZ29mMXNHQlJlWERpMzFzem9hRTlBRDlHdTF1QTZuMFNYTnFWcXlmMmlTMk5FTGFjK0dURHZaS2ZLdmNJU01EeHlnTU9QU25GRDlZbTFnK0UrTnArdXdML0J6L3FydjVEUitQdDBKQT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 386521
content-length: 0
expires: 0

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/ Frame 3B17 400 KB
124 KB 95ms
59ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/pubads_impl.js?cb=31073818

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e06787d09c0170febea7e8d6ec75107fd88e6875072fdab051f36494e4a9784c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 19:40:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44514
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126862
x-xss-protection: 0
server: cafe
etag: 16869941564567738629
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 13 Apr 2024 19:40:53 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame 3B17 530 B
290 B 369ms
247ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=reurl.cc

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

17c2bf10bca31e2a83cedd1d0b0766ced230ffa5f82bacc5338fe1c84efc4747

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 265
x-xss-protection: 0
expires: Sat, 15 Apr 2023 08:02:47 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/ Frame C879 400 KB
124 KB 87ms
79ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e06787d09c0170febea7e8d6ec75107fd88e6875072fdab051f36494e4a9784c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 15:55:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58047
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126862
x-xss-protection: 0
server: cafe
etag: 16869941564567738629
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 13 Apr 2024 15:55:20 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame C879 536 B
297 B 126ms
74ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=reurl.cc

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

021734744894954c8b67206462926a1c51671066849ffd0c3a52e02bd3d3dac9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 272
x-xss-protection: 0
expires: Sat, 15 Apr 2023 08:02:47 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304120101/ Frame 0F8F 401 KB
124 KB 51ms
48ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304120101/pubads_impl.js?cb=31073819

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d126364c6e2a7b5e91d0003b90a0761c94a81c95702e1bc0ede7a2067a48f4df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 14:36:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62792
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127166
x-xss-protection: 0
server: cafe
etag: 9041812995692956310
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 13 Apr 2024 14:36:15 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame 0F8F 530 B
290 B 264ms
260ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=reurl.cc

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

17c2bf10bca31e2a83cedd1d0b0766ced230ffa5f82bacc5338fe1c84efc4747

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 265
x-xss-protection: 0
expires: Sat, 15 Apr 2023 08:02:47 GMT

GET
H2 200 ls.html Show response
img.scupio.com/html/ Frame 1E74 1 KB
1 KB 68ms
42ms Document
text/html 18.65.39.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/html/ls.html
Requested by: Host: reurl.cc
URL: https://reurl.cc/MRLnD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-127.ams1.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce

Request headers

Referer: https://img.scupio.com/html/ad.html?v=1.0.67
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 764
cache-control: max-age=604800
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 15 Apr 2023 07:51:19 GMT
etag: W/"583295c9-4dc"
expires: Sat, 22 Apr 2023 07:50:03 GMT
last-modified: Mon, 21 Nov 2016 06:35:53 GMT
server: nginx/1.12.1
vary: Origin
via: 1.1 5e1e1cde81deec56515dcc5317501fe8.cloudfront.net (CloudFront)
x-amz-cf-id: NCPraAVcVoisEDsVQ4_wUfovZv8-xcTglNDFYHHgGyottMV5rIQYbA==
x-amz-cf-pop: AMS1-P1
x-cache: Hit from cloudfront

GET
H/1.1

200
OK

ggid.aspx Show response
rec.scupio.com/recweb/ Frame D4B8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q0pBMjAyMzA0MTUxNjAyNDc0OTA0NTg%3d&layout=js
https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm=&google_ula=3918219&google_hm=Q0pBMjAyMzA0MTUxNjAyNDc0OTA0NTg%3D&layout=js&google_tc=
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEF0ZGm8llsY-RAP72PkjkUg&google_cver=1&google_ula=3918219,0

0
550 B

255ms
254ms

Script
text/javascript

210.59.219.175
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEF0ZGm8llsY-RAP72PkjkUg&google_cver=1&google_ula=3918219,0
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.67
Protocol: HTTP/1.1
Server: 210.59.219.175 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 210-59-219-175.hinet-ip.hinet.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Sat, 15 Apr 2023 08:02:47 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: text/javascript
P3P: CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control: private
Content-Length: 0

Redirect headers

pragma: no-cache
date: Sat, 15 Apr 2023 08:02:47 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEF0ZGm8llsY-RAP72PkjkUg&google_cver=1&google_ula=3918219,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 332
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 8C06
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac

281 B
554 B

163ms
58ms

Document
text/html

104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Requested by: Host: reurl.cc
URL: https://reurl.cc/MRLnD
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://img.scupio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 15 Apr 2023 08:02:47 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Sat, 15 Apr 2023 08:02:47 GMT
location: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
server: AkamaiGHost

GET
H3 200 /
www.facebook.com/tr/ Frame D4B8 0
15 B 76ms
55ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1588263144793165&ev=ViewContent&dl=https%3A%2F%2Fimg.scupio.com%2Fhtml%2Fad.html%3Fv%3D1.0.67&rl=https%3A%2F%2Fimg.scupio.com%2Fhtml%2Fad.html%3Fv%3D1.0.67&if=true&ts=1681545767551&cd[SBST]=17&cd[PuID]=reurl

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.67

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 15 Apr 2023 08:02:47 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H/1.1 200
OK /
sync.aralego.com/idSync/ Frame D4B8 35 B
413 B 523ms
133ms Image
image/gif 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CJA20230415160247490458
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.67
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Fort Scott, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Sat, 15 Apr 2023 08:02:48 GMT
Connection: close
Content-Length: 35
Content-Type: image/gif

GET
H2 200 ls.html Show response
img.scupio.com/html/ Frame 69D5 1 KB
1 KB 36ms
36ms Document
text/html 18.65.39.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/html/ls.html
Requested by: Host: reurl.cc
URL: https://reurl.cc/MRLnD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-127.ams1.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce

Request headers

Referer: https://img.scupio.com/html/ad.html?v=1.0.67
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 764
cache-control: max-age=604800
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 15 Apr 2023 07:51:19 GMT
etag: W/"583295c9-4dc"
expires: Sat, 22 Apr 2023 07:50:03 GMT
last-modified: Mon, 21 Nov 2016 06:35:53 GMT
server: nginx/1.12.1
vary: Origin
via: 1.1 5e1e1cde81deec56515dcc5317501fe8.cloudfront.net (CloudFront)
x-amz-cf-id: 2OcbgqjIbIMVpBPWqHQF0Xr8yebfaWDJmEhzIEfo_cMDced-uk_fSg==
x-amz-cf-pop: AMS1-P1
x-cache: Hit from cloudfront

GET
H/1.1

200
OK

ggid.aspx Show response
rec.scupio.com/recweb/ Frame E937
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q1ZBMjAyMzA0MTUxNjAyNDc4MzY0Ng%3d%3d&layout=js
https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm=&google_ula=3918219&google_hm=Q1ZBMjAyMzA0MTUxNjAyNDc4MzY0Ng%3D%3D&layout=js&google_tc=
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEPzMrEnCLu0UYCD2Nc7isD0&google_cver=1&google_ula=3918219,0

0
550 B

255ms
254ms

Script
text/javascript

210.59.219.175
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEPzMrEnCLu0UYCD2Nc7isD0&google_cver=1&google_ula=3918219,0
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.67
Protocol: HTTP/1.1
Server: 210.59.219.175 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 210-59-219-175.hinet-ip.hinet.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Sat, 15 Apr 2023 08:02:47 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: text/javascript
P3P: CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control: private
Content-Length: 0

Redirect headers

pragma: no-cache
date: Sat, 15 Apr 2023 08:02:47 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEPzMrEnCLu0UYCD2Nc7isD0&google_cver=1&google_ula=3918219,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 332
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 5212
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac

281 B
554 B

242ms
138ms

Document
text/html

104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Requested by: Host: reurl.cc
URL: https://reurl.cc/MRLnD
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://img.scupio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 15 Apr 2023 08:02:47 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Sat, 15 Apr 2023 08:02:47 GMT
location: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
server: AkamaiGHost

GET
H3 200 /
www.facebook.com/tr/ Frame E937 0
15 B 45ms
41ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.67

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 15 Apr 2023 08:02:47 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H/1.1 200
OK /
sync.aralego.com/idSync/ Frame E937 35 B
413 B 438ms
119ms Image
image/gif 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CVA2023041516024783646
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.67
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Fort Scott, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Sat, 15 Apr 2023 08:02:48 GMT
Connection: close
Content-Length: 35
Content-Type: image/gif

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ Frame 3B17 107 B
531 B 193ms
53ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=reurl.cc

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/pubads_impl.js?cb=31073818

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 3B17 107 B
456 B 145ms
49ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=reurl.cc

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/pubads_impl.js?cb=31073818

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 3B17 43 KB
10 KB 384ms
383ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3366920964606225&correlator=4493622571421275&eid=31073818%2C31073832%2C31073837&output=ldjh&gdfp_req=1&vrg=202304110101&ptt=17&impl=fif&iu_parts=128002626%2CGPT_%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8reurl%2C14210&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=1&adks=1254560718&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1681545767833&lmt=1681545767&dlt=1681545767010&idt=719&adxs=650&adys=108&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=pu06e0mckgcn&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=2&url=https%3A%2F%2Freurl.cc%2FMRLnD&ref=https%3A%2F%2Freurl.cc%2FMRLnD&top=https%3A%2F%2Freurl.cc%2FMRLnD&frm=23&vis=1&psz=300x250&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=1881927675.1681545764&ga_sid=1681545768&ga_hid=1080782791&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/pubads_impl.js?cb=31073818

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

193a876092e67555e41956395a88a74415e8e9b88ce2a7a514abf1161c662a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10536
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://reurl.cc
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 3B17 15 KB
12 KB 195ms
99ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202304110101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/pubads_impl.js?cb=31073818

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2151d74d56dcf4de7ed409453be46b71759b4322a906b96074e0c3e0c4601a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11451
x-xss-protection: 0

GET
H2 200 container.html
a7a1674dc4c1e15bcd4582a4bca6c9b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F5CA 6 KB
0 214ms
56ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a7a1674dc4c1e15bcd4582a4bca6c9b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/pubads_impl.js?cb=31073818

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 15 Apr 2023 08:02:48 GMT
expires: Sun, 14 Apr 2024 08:02:48 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ Frame 0F8F 107 B
165 B 57ms
57ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=reurl.cc

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304120101/pubads_impl.js?cb=31073819

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 0F8F 107 B
165 B 54ms
53ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=reurl.cc

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304120101/pubads_impl.js?cb=31073819

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 0F8F 48 KB
12 KB 436ms
436ms Fetch
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3929259166306693&correlator=3726062488114677&eid=31073320%2C31073819&output=ldjh&gdfp_req=1&vrg=202304120101&ptt=17&impl=fif&iu_parts=128002626%2CGPT_%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8reurl%2C13847&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90&ifi=1&adks=129673690&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1681545767945&lmt=1681545767&dlt=1681545767058&idt=834&adxs=315&adys=610&biw=1600&bih=1200&isw=970&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=56kyxhckdwns&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=2&url=https%3A%2F%2Freurl.cc%2FMRLnD&ref=https%3A%2F%2Freurl.cc%2FMRLnD&top=https%3A%2F%2Freurl.cc%2FMRLnD&frm=23&vis=1&psz=970x90&msz=970x0&fws=256&ohw=0&ea=0&ga_vid=1881927675.1681545764&ga_sid=1681545768&ga_hid=1156934815&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304120101/pubads_impl.js?cb=31073819

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b160538fdb7b762b907085bbad34368c2f30d0104cedda16681a32e86f18585b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11891
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://reurl.cc
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 0F8F 15 KB
11 KB 103ms
102ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202304120101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304120101/pubads_impl.js?cb=31073819

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe3ee879c22ede0f328f9ca9d324c877c184d0319ba005979c8c2063d4db14e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11257
x-xss-protection: 0

GET
H2 200 container.html Show response
ff4f0d2892eebc3b05e0b2b8903afd19.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1E72 6 KB
3 KB 187ms
47ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ff4f0d2892eebc3b05e0b2b8903afd19.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304120101/pubads_impl.js?cb=31073819

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 15 Apr 2023 08:02:48 GMT
expires: Sun, 14 Apr 2024 08:02:48 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ Frame C879 107 B
165 B 70ms
51ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=reurl.cc

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame C879 107 B
122 B 71ms
53ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=reurl.cc

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame C879 53 KB
12 KB 383ms
382ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2833215237799560&correlator=2096287188999127&eid=44777897&output=ldjh&gdfp_req=1&vrg=202304110101&ptt=17&impl=fif&iu_parts=128002626%2CGPT_%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8reurl%2C14209&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x100%7C320x100%7C320x50&ifi=1&adks=2995874615&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1681545768110&lmt=1681545768&dlt=1681545767040&idt=945&adxs=640&adys=364&biw=1600&bih=1200&isw=320&ish=100&scr_x=0&scr_y=0&btvi=0&ucis=s1cclvkc5wwo&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=2&url=https%3A%2F%2Freurl.cc%2FMRLnD&ref=https%3A%2F%2Freurl.cc%2FMRLnD&top=https%3A%2F%2Freurl.cc%2FMRLnD&frm=23&vis=1&psz=320x100&msz=320x0&fws=256&ohw=0&ea=0&ga_vid=1881927675.1681545764&ga_sid=1681545768&ga_hid=1524970508&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4167cd99f0223bdfa47718aab408f00f4dd139badac76370615e57eca8c14d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12400
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://reurl.cc
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame C879 14 KB
11 KB 99ms
92ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202304110101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db32dfe1ba53feecef2bfb397dbdb5788d211a37aeabc18a8f9dbad5aafed92b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11152
x-xss-protection: 0

GET
H2 200 container.html Show response
7457cbdadf303cf3663357f1daae2933.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5D4F 6 KB
3 KB 77ms
52ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7457cbdadf303cf3663357f1daae2933.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 15 Apr 2023 08:02:48 GMT
expires: Sun, 14 Apr 2024 08:02:48 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 8C06 34 KB
10 KB 86ms
85ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: d8bd25441bf08a5a7859480e5e329e2fa8516ea74f69c8f0aa89f815406aedfb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Sat, 15 Apr 2023 08:02:48 GMT
Content-Encoding: gzip
Last-Modified: Fri, 14 Apr 2023 19:04:07 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=39688
Connection: keep-alive
Content-Length: 10019
Expires: Sat, 15 Apr 2023 19:04:16 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.7.2/ Frame 4FEF 93 KB
33 KB 51ms
46ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js

Requested by

Host: rec.scupio.com
URL: https://rec.scupio.com/recweb/js/rec.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 14:19:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63817
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33845
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Apr 2024 14:19:11 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 5212 34 KB
10 KB 68ms
65ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: d8bd25441bf08a5a7859480e5e329e2fa8516ea74f69c8f0aa89f815406aedfb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Sat, 15 Apr 2023 08:02:48 GMT
Content-Encoding: gzip
Last-Modified: Fri, 14 Apr 2023 19:04:07 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=39688
Connection: keep-alive
Content-Length: 10019
Expires: Sat, 15 Apr 2023 19:04:16 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 3B17 17 KB
7 KB 177ms
50ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/pubads_impl.js?cb=31073818

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 15 Apr 2023 08:02:48 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.7.2/ Frame 1CA3 93 KB
33 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js

Requested by

Host: rec.scupio.com
URL: https://rec.scupio.com/recweb/js/rec.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 14:19:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63817
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33845
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Apr 2024 14:19:11 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012304040531000/ Frame F8CC 222 KB
61 KB 206ms
44ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304040531000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/pubads_impl.js?cb=31073818

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b5a06a61cc91207a0766de728cc62f1bc1c987a5baa2155a542248a6ba0d97f4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 15 Apr 2023 04:12:57 GMT
age: 13791
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61837
x-xss-protection: 0
server: sffe
etag: "4c71ce2fa24fb84d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 14 Apr 2024 04:12:57 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012304040531000/v0/ Frame F8CC 15 KB
5 KB 304ms
143ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304040531000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/pubads_impl.js?cb=31073818

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89b0b16db8325b2c6db9a0f68eabea4c6ffab4022ee31fb5ea6ea64a2b19b0ad

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 13 Apr 2023 08:40:45 GMT
age: 170523
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5234
x-xss-protection: 0
server: sffe
etag: "5c3964a98ed5c9e1"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 12 Apr 2024 08:40:45 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012304040531000/v0/ Frame F8CC 94 KB
28 KB 272ms
113ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304040531000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/pubads_impl.js?cb=31073818

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fb9eba0f98fc3a5c9cfa55a0c43ea1d24c5f2e388f06612f404e09fe83fcbc6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 14 Apr 2023 15:45:22 GMT
age: 58646
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28939
x-xss-protection: 0
server: sffe
etag: "55c7a8d78e6c0bd3"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 13 Apr 2024 15:45:22 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012304040531000/v0/ Frame F8CC 5 KB
2 KB 300ms
142ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304040531000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/pubads_impl.js?cb=31073818

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2262d50696110a18e87fa0ac8edb8b9860bccb89680a5c04bad6a5246892090b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 15 Apr 2023 05:36:31 GMT
age: 8777
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1904
x-xss-protection: 0
server: sffe
etag: "d57b42639333a446"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 14 Apr 2024 05:36:31 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012304040531000/v0/ Frame F8CC 40 KB
13 KB 292ms
135ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304040531000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/pubads_impl.js?cb=31073818

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba1c1cba103b212eaa4c5aea8268a6e94d3e0d39a16d5d094b604790db6d4fd5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 15 Apr 2023 00:05:40 GMT
age: 28628
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12940
x-xss-protection: 0
server: sffe
etag: "aa817619b4e21783"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 14 Apr 2024 00:05:40 GMT

GET
DATA 200
OK truncated
/ Frame F8CC 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8e418e28557b7b12cbd37393c9cfd6ad8c403aa867b3e94bb1c3aadec8f99577

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 12266324734467488730
tpc.googlesyndication.com/simgad/ Frame F8CC 35 KB
36 KB 40ms
40ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12266324734467488730?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmzM1Pibqwrer3jHHlJWmubSykRbg

Requested by

Host: reurl.cc
URL: https://reurl.cc/MRLnD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f32dd6772efa0d77a8dbc73cadd09b1bb16d02911160f7291a97bfc5846eb9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 09:23:47 GMT
x-content-type-options: nosniff
age: 340741
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36249
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 09:08:39 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 10 Apr 2024 09:23:47 GMT

GET
H2 200 zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame F8CC 3 KB
4 KB 81ms
80ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png

Requested by

Host: reurl.cc
URL: https://reurl.cc/MRLnD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 18:06:25 GMT
x-content-type-options: nosniff
server: cafe
age: 50183
etag: 7688947696963022458
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3430
x-xss-protection: 0
expires: Sat, 15 Apr 2023 18:06:25 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame F8CC 344 B
449 B 85ms
85ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: reurl.cc
URL: https://reurl.cc/MRLnD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 09:21:18 GMT
x-content-type-options: nosniff
server: cafe
age: 81690
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Sat, 15 Apr 2023 09:21:18 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame F8CC 0
0 52ms
49ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRo_icmCTCTXQH_qu1WpjLnP76OYHbH4Kl5QHU4suypvKI3-Ia4LTmL_yp6FmaD8cKkJbXNCOsIe9ESn7Jk6T1e4xbBvw
Requested by: Host: reurl.cc
URL: https://reurl.cc/MRLnD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame F8CC 0
0 85ms
84ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C6j_OJ1o6ZJDSN5StlgSmyproCK7w7_9v2N7K-M8R2tkeEAEg0syBGmC7BqAB5c6B6ALIAQKpAsqalHyiuWs-4AIAqAMByAMIqgTOAU_QQxWnVsX4wn2V0r212capbjJij0WbVp-soQXGGXUhI9VVzYvbO9A1TMQMcrg9yrLXSP29oyKM1c8gXJ3xpD0cslid8fJBgeUpwZH7K3eShZWW19MWKP20yz7f7eq5F81spwvS0zEEmdxOAYYpQSG37bZD-8BrcI8TcjUUBpwtSBT0HXiWzRjWPOZX8N0C33cC3r2SDrXJZoDd8XKcJbzoMJ95OfhZLmz7o4IFPAmghekDoZKjBABeUHvyeF5jkv7dL37sXxnyy63Rqp7XwASc98-tqgTgBAGSBQQIBBgBkgUECAUYBKAGAoAHs7PqpgKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCj9ATSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAdgTDdAVAYAXAbIXHgocCAASFHB1Yi00MTI2NTU0Nzc5MzkzOTg2GOLMGQ&sigh=SzKroHcuaXk&uach_m=[UACH]&cid=CAQSOwBygQiDGxkVAsYshrECsVgjhUGiepL1aLT9dme2o_-OR-gEHUmjaN6Iih-7IoJcRb8VLV55M1pKgXRmGAE
Requested by: Host: reurl.cc
URL: https://reurl.cc/MRLnD
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 0F8F 17 KB
6 KB 59ms
58ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304120101/pubads_impl.js?cb=31073819

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 15 Apr 2023 08:02:48 GMT

GET
H2 200 create Show response
referer-log.holmesmind.com/api/v1/kinesis/ Frame 9695 51 B
260 B 307ms
304ms Fetch
application/json 52.69.218.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://referer-log.holmesmind.com/api/v1/kinesis/create?zone_id=13857&domain=reurl.cc

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.69.218.118 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-69-218-118.ap-northeast-1.compute.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

aee80027210ae75f2e8fb3327baa7cb67340c226af488b7aeba254096073e4e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:48 GMT
x-content-type-options: nosniff
server: nginx/1.18.0 (Ubuntu)
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

GET
H2 200 capmapping.htm Show response
cdn.holmesmind.com/js/ Frame EA8E 7 KB
8 KB 45ms
44ms Document
text/html 2600:9000:223c:4800:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=1417-ef503fe0ac67631d7f94bab9129c3e92dd8d5ac15d6c4d4ecacda03434c508b4
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:4800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8804179d4455fb6e29325fe79d0f98396fd305e1de6067621c6f42e7054a7671

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 28
content-length: 7381
content-type: text/html
date: Sat, 15 Apr 2023 08:02:21 GMT
etag: "7043648f76be8783efb738bc06c56fa0"
last-modified: Thu, 13 Apr 2023 07:03:38 GMT
server: AmazonS3
via: 1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
x-amz-cf-id: w84qN5urYVq7xnGiyMSXraQvehOubgqWIPfOHkeuJSf0x57SzNiQIA==
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256
x-amz-version-id: dx1zZGj7kM5P2QQxgaZZkMgXwhIKv6rf
x-cache: Hit from cloudfront

GET
H2 200 edmp_init.js Show response
cdn.holmesmind.com/js/ Frame 9695 662 B
1 KB 48ms
42ms Script
application/javascript 2600:9000:223c:4800:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/edmp_init.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:4800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: NKk4DvuerUEJSZO2Q_zQvbJHzZhMaWpl
date: Sat, 15 Apr 2023 08:01:56 GMT
via: 1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
last-modified: Thu, 13 Apr 2023 07:03:15 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 57
x-amz-server-side-encryption: AES256
etag: "f58f8a90686f8ffb3325107e8a788b71"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 662
x-amz-cf-id: LJLvmZketczJcVXDn5d0zOO8oyqgLwy7OHngdg-wdGRWyU4O6O_6fA==

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame 2ECC 15 KB
16 KB 45ms
45ms Script
application/javascript 2600:9000:223c:4800:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:4800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9f2aa6af4c0a4d80f08fb43a67de08fa12534cae17a1a1b5aa3a6b903638cea6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: BDmwaD25zAZXCzgujfpq5axvW6cde0Fd
date: Sat, 15 Apr 2023 08:02:44 GMT
via: 1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
last-modified: Thu, 13 Apr 2023 07:03:25 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 4
x-amz-server-side-encryption: AES256
etag: "fda6a78844e1e6ff9ca3f87a43daaa6d"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 15489
x-amz-cf-id: atRRY1WkOQf-VbtfYbLOyGJ6zKhqUiLaL1A2uh82FgS2xqnHcQbREg==

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame C879 17 KB
6 KB 54ms
52ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 15 Apr 2023 08:02:48 GMT

GET
H2 200 jquery.min.js Show response
img.scupio.com/js/ Frame 4FEF 93 KB
37 KB 39ms
37ms Script
application/javascript 18.65.39.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/jquery.min.js
Requested by: Host: rec.scupio.com
URL: https://rec.scupio.com/recweb/js/rec.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-127.ams1.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 0fb170f24675c84f8228ad6b61d69bf6705030949cc2fec316b3a006eab282f8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://img.scupio.com/html/ad.html?v=1.0.67
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 07:59:48 GMT
content-encoding: gzip
via: 1.1 5e1e1cde81deec56515dcc5317501fe8.cloudfront.net (CloudFront)
last-modified: Wed, 08 Jun 2016 02:46:48 GMT
server: nginx/1.12.1
x-amz-cf-pop: AMS1-P1
age: 205
etag: W/"57578718-17277"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
x-amz-cf-id: e72hOHIMDnfonYdE6MfHxH8O3mFpOh9LKa5jn8gfmmY4i8PqXCfYzA==
expires: Sun, 14 Apr 2024 07:59:23 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 8C06 284 B
536 B 246ms
42ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 5212 284 B
536 B 232ms
43ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 jquery.min.js Show response
img.scupio.com/js/ Frame 1CA3 93 KB
37 KB 35ms
34ms Script
application/javascript 18.65.39.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/jquery.min.js
Requested by: Host: rec.scupio.com
URL: https://rec.scupio.com/recweb/js/rec.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-127.ams1.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 0fb170f24675c84f8228ad6b61d69bf6705030949cc2fec316b3a006eab282f8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://img.scupio.com/html/ad.html?v=1.0.67
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 07:59:48 GMT
content-encoding: gzip
via: 1.1 5e1e1cde81deec56515dcc5317501fe8.cloudfront.net (CloudFront)
last-modified: Wed, 08 Jun 2016 02:46:48 GMT
server: nginx/1.12.1
x-amz-cf-pop: AMS1-P1
age: 205
etag: W/"57578718-17277"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
x-amz-cf-id: eSaU4eULZRPA4iXWFzS-ZUTymkX6aPbZ63yfxA9wkf5dIDvqbD0bfw==
expires: Sun, 14 Apr 2024 07:59:23 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012304040531000/ Frame 7A2D 222 KB
60 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304040531000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304120101/pubads_impl.js?cb=31073819

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b5a06a61cc91207a0766de728cc62f1bc1c987a5baa2155a542248a6ba0d97f4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 15 Apr 2023 04:12:57 GMT
age: 13791
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61837
x-xss-protection: 0
server: sffe
etag: "4c71ce2fa24fb84d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 14 Apr 2024 04:12:57 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012304040531000/v0/ Frame 7A2D 15 KB
5 KB 72ms
71ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304040531000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304120101/pubads_impl.js?cb=31073819

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89b0b16db8325b2c6db9a0f68eabea4c6ffab4022ee31fb5ea6ea64a2b19b0ad

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 13 Apr 2023 08:40:45 GMT
age: 170523
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5234
x-xss-protection: 0
server: sffe
etag: "5c3964a98ed5c9e1"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 12 Apr 2024 08:40:45 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012304040531000/v0/ Frame 7A2D 94 KB
28 KB 74ms
74ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304040531000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304120101/pubads_impl.js?cb=31073819

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fb9eba0f98fc3a5c9cfa55a0c43ea1d24c5f2e388f06612f404e09fe83fcbc6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 14 Apr 2023 15:45:22 GMT
age: 58646
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28939
x-xss-protection: 0
server: sffe
etag: "55c7a8d78e6c0bd3"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 13 Apr 2024 15:45:22 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012304040531000/v0/ Frame 7A2D 5 KB
2 KB 78ms
76ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304040531000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304120101/pubads_impl.js?cb=31073819

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2262d50696110a18e87fa0ac8edb8b9860bccb89680a5c04bad6a5246892090b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 15 Apr 2023 05:36:31 GMT
age: 8777
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1904
x-xss-protection: 0
server: sffe
etag: "d57b42639333a446"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 14 Apr 2024 05:36:31 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012304040531000/v0/ Frame 7A2D 40 KB
13 KB 82ms
81ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304040531000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304120101/pubads_impl.js?cb=31073819

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba1c1cba103b212eaa4c5aea8268a6e94d3e0d39a16d5d094b604790db6d4fd5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 15 Apr 2023 00:05:40 GMT
age: 28628
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12940
x-xss-protection: 0
server: sffe
etag: "aa817619b4e21783"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 14 Apr 2024 00:05:40 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 7A2D 8 KB
1 KB 160ms
49ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304120101/pubads_impl.js?cb=31073819

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

05ee926cc9bf2039ad93af941a67d23d84bd78ecd9d6ef53ff85eeaf744cbd89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 15 Apr 2023 08:02:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 15 Apr 2023 06:12:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 15 Apr 2023 08:02:48 GMT

GET
H3 200 zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 7A2D 3 KB
3 KB 45ms
44ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304120101/pubads_impl.js?cb=31073819

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 18:06:25 GMT
x-content-type-options: nosniff
server: cafe
age: 50183
etag: 7688947696963022458
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3430
x-xss-protection: 0
expires: Sat, 15 Apr 2023 18:06:25 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 7A2D 344 B
368 B 44ms
44ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304120101/pubads_impl.js?cb=31073819

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 09:21:18 GMT
x-content-type-options: nosniff
server: cafe
age: 81690
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Sat, 15 Apr 2023 09:21:18 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 7A2D 0
0 77ms
72ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS4qx3FMbO5B1r9f1u-UnaSWkfEqT4v8fTjmiFRZty4W_x1YjLzwYiU-lImIALtOoKJSUF-PiU3BDgaQJ8ErG1NXxtfKw
Requested by: Host: reurl.cc
URL: https://reurl.cc/MRLnD
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 7A2D 0
0 101ms
96ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CKquEKFo6ZKJ0p4H1-A-DvImYA9qt-qlv76mc2fYKg72f3_gXEAEg0syBGmC7BqAB3qLXowPIAQGpAkVAV69j07Q-4AIAqAMByAMKqgTLAU_QeDVdUay7wJjh6vPxxk-3ZuSaIVc66lsyecvLdET3pDB4PtkpxbaAQOFYCJrFhLH2ljh4IzBIwco60I2dA1sWffaMy03OOZ3JzCn8k24U9HELHQZogUiwB0yehE-b0PykOgMOlcZOONoyjHVp_1HPBzv692bwS7zFMK87gH30v5TPCrNiF1qzuitBvaZfsaULw58k-rpj6WNpx_nQVTPsqzrLltGOSQJn1aQ5VEfpPOvlVgHmfIELYTMVWof_sspa63mYb0kyAO_OwASFnZKVnwHgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAYAHit2oXKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEPaoEtIIEQiA4YAQEAEYHTICqgI6AoBAgAoDyAsB2BMMiBQE0BUBmBYBgBcBshceChwIABIUcHViLTQxMjY1NTQ3NzkzOTM5ODYY4swZ&sigh=YiKPJzS8uCQ&uach_m=[UACH]&cid=CAQSOwBygQiDWZLvuVsYjdDy-k5lxbhHu0gCNXSIeCVbF7HJicljFhqExHPhrloO7YpMj64oFRWlGfu9t9MpGAE
Requested by: Host: reurl.cc
URL: https://reurl.cc/MRLnD
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 7A2D 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa8f232578208fd0ea85cc9f68afab659939aeb06f53f44093fc1ee4d7a71320

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ls.html Show response
img.scupio.com/html/ Frame C481 1 KB
1 KB 75ms
35ms Document
text/html 18.65.39.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/html/ls.html?mid=52
Requested by: Host: rec.scupio.com
URL: https://rec.scupio.com/recweb/js/rec.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-127.ams1.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce

Request headers

Referer: https://img.scupio.com/html/ad.html?v=1.0.67
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 1314
cache-control: max-age=604800
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 15 Apr 2023 07:42:55 GMT
etag: W/"583295c9-4dc"
expires: Sat, 22 Apr 2023 07:40:54 GMT
last-modified: Mon, 21 Nov 2016 06:35:53 GMT
server: nginx/1.12.1
vary: Origin
via: 1.1 5e1e1cde81deec56515dcc5317501fe8.cloudfront.net (CloudFront)
x-amz-cf-id: D9avay4cvCxTUNCymYFdqD_JZT5Mwx1IXsvSyK3ydVl3jK5ZQd5L6A==
x-amz-cf-pop: AMS1-P1
x-cache: Hit from cloudfront

POST
H/1.1 200
OK rec.aspx Show response
rec.scupio.com/recweb/ Frame 4FEF 3 KB
2 KB 283ms
257ms XHR
text/javascript 210.59.219.175
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://rec.scupio.com/recweb/rec.aspx?cb=0.07410743796367214
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 210.59.219.175 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 210-59-219-175.hinet-ip.hinet.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: c20bb27c602be9c2009b660be854017df8fa65505ad0116251c71f9be66bb5c8

Request headers

Accept: */*
Referer: https://img.scupio.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Sat, 15 Apr 2023 08:02:48 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin: https://img.scupio.com
Content-Type: text/javascript; charset=utf-8
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Length: 1771

GET
H3 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012304040531000/ Frame 1123 222 KB
60 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304040531000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b5a06a61cc91207a0766de728cc62f1bc1c987a5baa2155a542248a6ba0d97f4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 15 Apr 2023 04:12:57 GMT
age: 13791
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61837
x-xss-protection: 0
server: sffe
etag: "4c71ce2fa24fb84d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 14 Apr 2024 04:12:57 GMT

GET
H3 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012304040531000/v0/ Frame 1123 15 KB
5 KB 100ms
100ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304040531000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89b0b16db8325b2c6db9a0f68eabea4c6ffab4022ee31fb5ea6ea64a2b19b0ad

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 13 Apr 2023 08:40:45 GMT
age: 170523
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5234
x-xss-protection: 0
server: sffe
etag: "5c3964a98ed5c9e1"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 12 Apr 2024 08:40:45 GMT

GET
H3 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012304040531000/v0/ Frame 1123 94 KB
28 KB 104ms
103ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304040531000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fb9eba0f98fc3a5c9cfa55a0c43ea1d24c5f2e388f06612f404e09fe83fcbc6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 14 Apr 2023 15:45:22 GMT
age: 58646
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28939
x-xss-protection: 0
server: sffe
etag: "55c7a8d78e6c0bd3"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 13 Apr 2024 15:45:22 GMT

GET
H3 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012304040531000/v0/ Frame 1123 5 KB
2 KB 123ms
122ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304040531000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2262d50696110a18e87fa0ac8edb8b9860bccb89680a5c04bad6a5246892090b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 15 Apr 2023 05:36:31 GMT
age: 8777
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1904
x-xss-protection: 0
server: sffe
etag: "d57b42639333a446"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 14 Apr 2024 05:36:31 GMT

GET
H3 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012304040531000/v0/ Frame 1123 40 KB
13 KB 124ms
122ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304040531000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba1c1cba103b212eaa4c5aea8268a6e94d3e0d39a16d5d094b604790db6d4fd5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 15 Apr 2023 00:05:40 GMT
age: 28628
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12940
x-xss-protection: 0
server: sffe
etag: "aa817619b4e21783"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 14 Apr 2024 00:05:40 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 1123 8 KB
966 B 66ms
51ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

05ee926cc9bf2039ad93af941a67d23d84bd78ecd9d6ef53ff85eeaf744cbd89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 15 Apr 2023 08:02:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 15 Apr 2023 06:18:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 15 Apr 2023 08:02:48 GMT

GET
H3 200 zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 1123 3 KB
3 KB 42ms
39ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 18:06:25 GMT
x-content-type-options: nosniff
server: cafe
age: 50183
etag: 7688947696963022458
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3430
x-xss-protection: 0
expires: Sat, 15 Apr 2023 18:06:25 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 1123 344 B
368 B 50ms
39ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 09:21:18 GMT
x-content-type-options: nosniff
server: cafe
age: 81690
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Sat, 15 Apr 2023 09:21:18 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 1123 0
0 56ms
55ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ9SJ8UJIbFN3JjqcQh_ZlyJ07K5TTRbMjSz-9JZyXfTUbDOym_CbSX_he8vzF9fc-rirxgcu0g_mZDEWZdmG8bTefmuw
Requested by: Host: reurl.cc
URL: https://reurl.cc/MRLnD
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 1123 0
0 102ms
100ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CEhz4KFo6ZPflCsGllgTvoqHICJzzifNvhen-iY4Ru82K3-waEAEg0syBGmC7BqABisLK4APIAQHgAgCoAwHIAwqqBMoBT9CTf7-kkeZgMTJ_-PF4Z_draNZsdwXaTR0IgeyC9AA1kDhXA581dmq69-fVBYUeXm_JYRl8KqEd7594QHzshxvhB_UsYge6GPugwH1mRkettbtrpjxofOmYh6zQQ1lbnOdY8khnsZrmrsJPQFn8aZz7aIJihJHMLZp6sMPjGOLLWbA09YIWicPE2-nSctEsvQEqj0DUD_PvDn17dGReT0o5C2vtWLaibKomH6L95fDa1zwUJyeo2RdDjASFmBuFSJmVwvQ6D_lSmcAEhu6P_VDgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAYAH3r21H6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEJXVBdIIEQiA4YAQEAEYHTICqgI6AoBAgAoDyAsB2BMK0BUBmBYBgBcBshceChwIABIUcHViLTQxMjY1NTQ3NzkzOTM5ODYY4swZ&sigh=aWwPX2Jfuyk&uach_m=[UACH]&cid=CAQSOwBygQiDIjwVcrz53iQjPQPwnm79s7LsE5kmda1tV-attu7qJ6eS2R8GNjN7z5IZxgbG5EC9SSRtU5EdGAE
Requested by: Host: reurl.cc
URL: https://reurl.cc/MRLnD
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 1123 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3f47d04ec54a65e837ad3e4fb05f048f61b8128ddfeffb781fb2814b0397a760

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ls.html Show response
img.scupio.com/html/ Frame 5A95 1 KB
1 KB 46ms
45ms Document
text/html 18.65.39.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/html/ls.html?mid=52
Requested by: Host: rec.scupio.com
URL: https://rec.scupio.com/recweb/js/rec.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-127.ams1.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce

Request headers

Referer: https://img.scupio.com/html/ad.html?v=1.0.67
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 1314
cache-control: max-age=604800
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 15 Apr 2023 07:42:55 GMT
etag: W/"583295c9-4dc"
expires: Sat, 22 Apr 2023 07:40:54 GMT
last-modified: Mon, 21 Nov 2016 06:35:53 GMT
server: nginx/1.12.1
vary: Origin
via: 1.1 5e1e1cde81deec56515dcc5317501fe8.cloudfront.net (CloudFront)
x-amz-cf-id: zqEogfWSCAvDb39aVcGgllBGmnsLJgm5C48mEa_4I8o3q0fNb28AiA==
x-amz-cf-pop: AMS1-P1
x-cache: Hit from cloudfront

POST
H/1.1 200
OK rec.aspx Show response
rec.scupio.com/recweb/ Frame 1CA3 3 KB
2 KB 254ms
253ms XHR
text/javascript 210.59.219.175
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://rec.scupio.com/recweb/rec.aspx?cb=0.7496993564056922
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 210.59.219.175 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 210-59-219-175.hinet-ip.hinet.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 7936aa581eefddfa2a0491ca78d502f1dffbf372e83fa2545fa94aa4ec6bb391

Request headers

Accept: */*
Referer: https://img.scupio.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Sat, 15 Apr 2023 08:02:48 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin: https://img.scupio.com
Content-Type: text/javascript; charset=utf-8
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Length: 2049

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8F19 13 KB
5 KB 41ms
40ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 43801
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 14 Apr 2023 19:52:47 GMT
expires: Sat, 13 Apr 2024 19:52:47 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1A0C 783 B
534 B 53ms
52ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

39dbd8a4ae007adead2aafe50b14d72bdd088109b1b26a7aad6596b51b90350e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vjW29Khy_0LwwdxeMwfN_w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-vjW29Khy_0LwwdxeMwfN_w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 15 Apr 2023 08:02:48 GMT
expires: Sat, 15 Apr 2023 08:02:48 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 fp Show response
cm-dev-poc.holmesmind.com/ Frame ECC2 0
217 B 292ms
292ms Document
text/html 52.194.43.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cm-dev-poc.holmesmind.com/fp?fp_uuid=null
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=1417-ef503fe0ac67631d7f94bab9129c3e92dd8d5ac15d6c4d4ecacda03434c508b4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.194.43.130 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-194-43-130.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cdn.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 15 Apr 2023 08:02:49 GMT
server: nginx/1.18.0 (Ubuntu)

GET cm.php
fcm.holmesmind.com/ Frame 7640 0
0

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame EA8E 5 KB
3 KB 251ms
251ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=1417-ef503fe0ac67631d7f94bab9129c3e92dd8d5ac15d6c4d4ecacda03434c508b4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:49 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Sat, 15 Apr 2023 08:12:49 GMT

GET
H2 200 fp
cm-dev-poc.holmesmind.com/ Frame EA8E 0
217 B 292ms
290ms Image
text/html 52.194.43.130
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm-dev-poc.holmesmind.com/fp?fp_uuid=1417-ef503fe0ac67631d7f94bab9129c3e92dd8d5ac15d6c4d4ecacda03434c508b4
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=1417-ef503fe0ac67631d7f94bab9129c3e92dd8d5ac15d6c4d4ecacda03434c508b4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.194.43.130 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-194-43-130.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:49 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
content-type: text/html; charset=UTF-8

GET
H3 200 cm
c.holmesmind.com/ Frame EA8E 0
15 B 1086ms
1085ms Image
text/html 35.201.76.93
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=1417-ef503fe0ac67631d7f94bab9129c3e92dd8d5ac15d6c4d4ecacda03434c508b4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:49 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

GET
H2

200

google
m.holmesmind.com/ml/ Frame EA8E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=414619-sPbZ0aAmRlRtGIo4VLd3ruxovQSWqv3i&uu_m=undefined
https://m.holmesmind.com/ml/google?cf_uid=414619-sPbZ0aAmRlRtGIo4VLd3ruxovQSWqv3i&uu_m=undefined&google_gid=CAESEHGs1jGsobpnkBf_QZ6OAp8&google_cver=1

0
474 B

979ms
899ms

Image
image/png

35.227.249.156

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.holmesmind.com/ml/google?cf_uid=414619-sPbZ0aAmRlRtGIo4VLd3ruxovQSWqv3i&uu_m=undefined&google_gid=CAESEHGs1jGsobpnkBf_QZ6OAp8&google_cver=1
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=1417-ef503fe0ac67631d7f94bab9129c3e92dd8d5ac15d6c4d4ecacda03434c508b4
Protocol: H2
Server: 35.227.249.156 -, , ASN (),
Reverse DNS
Software: UploadServer /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:50 GMT
x-guploader-uploadid: ADPycds5Bj-mmz9_qigTDCNq_qwhIgMquoekOwNABLe2WGR-rp0fONZ3wmzYC_Rcs0c74r3QMorOqrrztoPPNWeQaq9BIw
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
last-modified: Wed, 21 Feb 2018 07:36:41 GMT
server: UploadServer
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-goog-generation: 1519198601160228
content-type: image/png
x-goog-hash: crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
cache-control: public, max-age=3600
x-goog-stored-content-length: 0
accept-ranges: bytes
expires: Sat, 15 Apr 2023 09:02:50 GMT

Redirect headers

pragma: no-cache
date: Sat, 15 Apr 2023 08:02:49 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://m.holmesmind.com/ml/google?cf_uid=414619-sPbZ0aAmRlRtGIo4VLd3ruxovQSWqv3i&uu_m=undefined&google_gid=CAESEHGs1jGsobpnkBf_QZ6OAp8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 358
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v46/ Frame 7A2D 29 KB
30 KB 142ms
39ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://reurl.cc
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 21:54:53 GMT
x-content-type-options: nosniff
age: 382076
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29728
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 16:59:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Apr 2024 21:54:53 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BD24 13 KB
5 KB 43ms
42ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 43802
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 14 Apr 2023 19:52:47 GMT
expires: Sat, 13 Apr 2024 19:52:47 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 44A2 783 B
535 B 55ms
51ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ab62c14080178f8f4e6f96d35f87fd237fa8147bda50c25d1355952be82ad0bb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ldQOp7UAn_NDJ-Fo67vxNA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-ldQOp7UAn_NDJ-Fo67vxNA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 15 Apr 2023 08:02:49 GMT
expires: Sat, 15 Apr 2023 08:02:49 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 Preset.js Show response
adcdn.holmesmind.com/adserver/ Frame 2ECC 1 KB
752 B 44ms
44ms Script
text/html 2600:9000:2250:a800:3:1794:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adcdn.holmesmind.com/adserver/Preset.js?z=13857
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:a800:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: a7cac69ff4c7b905552b1915305ba548a87acdf6205efe6e5bd1eef0d4700793

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 07:55:22 GMT
content-encoding: gzip
via: 1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA60-P2
age: 447
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
x-amz-cf-id: KZlus5ODiLAdJEHkHvGnKV5O71227f9i8glTMqy0FRf3uPyHM0F7xg==

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v46/ Frame 1123 29 KB
29 KB 72ms
72ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://reurl.cc
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 21:54:53 GMT
x-content-type-options: nosniff
age: 382076
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29728
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 16:59:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Apr 2024 21:54:53 GMT

GET
H2 200 adimg.js Show response
img.scupio.com/staticfiles/285f65df57e3167b1a38a0ee73a200fd93898a09/scripts/adbanner/build/ Frame 4FEF 4 KB
2 KB 36ms
34ms XHR
application/javascript 18.65.39.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/staticfiles/285f65df57e3167b1a38a0ee73a200fd93898a09/scripts/adbanner/build/adimg.js
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-127.ams1.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 96ab2c962212f8af22ffc89817fe5094db6a0d27b8cbaacd34323aa9007ca7fa

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://img.scupio.com/html/ad.html?v=1.0.67
X-Requested-With: XMLHttpRequest
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 09:08:55 GMT
content-encoding: gzip
via: 1.1 5e1e1cde81deec56515dcc5317501fe8.cloudfront.net (CloudFront)
last-modified: Wed, 29 Mar 2023 09:05:32 GMT
server: nginx/1.12.1
x-amz-cf-pop: AMS1-P1
age: 1464834
etag: W/"6423ff5c-1128"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: qxsR1YWHag0rpEF5-aIpvXRimsLPyAVXMssjpUUIAJSNN0jifl_-Wg==
expires: Thu, 28 Mar 2024 09:08:55 GMT

GET
H2 200 CoverImage.js Show response
img.scupio.com/staticfiles/285f65df57e3167b1a38a0ee73a200fd93898a09/scripts/adbanner/build/ Frame 4FEF 1 KB
1 KB 36ms
35ms XHR
application/javascript 18.65.39.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/staticfiles/285f65df57e3167b1a38a0ee73a200fd93898a09/scripts/adbanner/build/CoverImage.js
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-127.ams1.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 9ee1b5f0991caed05a8149e2e2d86f43a8a0d8600d5c83d2799601714a8af3c6

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://img.scupio.com/html/ad.html?v=1.0.67
X-Requested-With: XMLHttpRequest
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 09:08:51 GMT
content-encoding: gzip
via: 1.1 5e1e1cde81deec56515dcc5317501fe8.cloudfront.net (CloudFront)
last-modified: Wed, 29 Mar 2023 09:05:32 GMT
server: nginx/1.12.1
x-amz-cf-pop: AMS1-P1
age: 1464838
etag: W/"6423ff5c-54d"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: jHvlvqA2VAUyyZ3alzSGPgQJLytwBCW-y_Kdk7HuQB54qnfww842rg==
expires: Thu, 28 Mar 2024 09:08:51 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame AE77 13 KB
5 KB 40ms
39ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 43802
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 14 Apr 2023 19:52:47 GMT
expires: Sat, 13 Apr 2024 19:52:47 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 713B 783 B
534 B 65ms
52ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a640cd4568d094004aae98923a4475696997401e07e48a54472a76de5aaf9e72

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-pLtKFIUTL0n9DK9cuQN9JA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-pLtKFIUTL0n9DK9cuQN9JA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 15 Apr 2023 08:02:49 GMT
expires: Sat, 15 Apr 2023 08:02:49 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 adimg.js Show response
img.scupio.com/staticfiles/285f65df57e3167b1a38a0ee73a200fd93898a09/scripts/adbanner/build/ Frame 1CA3 4 KB
2 KB 34ms
34ms XHR
application/javascript 18.65.39.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/staticfiles/285f65df57e3167b1a38a0ee73a200fd93898a09/scripts/adbanner/build/adimg.js
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-127.ams1.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 96ab2c962212f8af22ffc89817fe5094db6a0d27b8cbaacd34323aa9007ca7fa

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://img.scupio.com/html/ad.html?v=1.0.67
X-Requested-With: XMLHttpRequest
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 09:08:55 GMT
content-encoding: gzip
via: 1.1 5e1e1cde81deec56515dcc5317501fe8.cloudfront.net (CloudFront)
last-modified: Wed, 29 Mar 2023 09:05:32 GMT
server: nginx/1.12.1
x-amz-cf-pop: AMS1-P1
age: 1464834
etag: W/"6423ff5c-1128"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: qlFZVo4RYUojKB8ypljyfRu0ncr4A11oeKGtZSLgjUee4J5xHUY7sw==
expires: Thu, 28 Mar 2024 09:08:55 GMT

GET
H2 200 CoverImage.js Show response
img.scupio.com/staticfiles/285f65df57e3167b1a38a0ee73a200fd93898a09/scripts/adbanner/build/ Frame 1CA3 1 KB
1 KB 34ms
34ms XHR
application/javascript 18.65.39.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/staticfiles/285f65df57e3167b1a38a0ee73a200fd93898a09/scripts/adbanner/build/CoverImage.js
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-127.ams1.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 9ee1b5f0991caed05a8149e2e2d86f43a8a0d8600d5c83d2799601714a8af3c6

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://img.scupio.com/html/ad.html?v=1.0.67
X-Requested-With: XMLHttpRequest
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 09:08:51 GMT
content-encoding: gzip
via: 1.1 5e1e1cde81deec56515dcc5317501fe8.cloudfront.net (CloudFront)
last-modified: Wed, 29 Mar 2023 09:05:32 GMT
server: nginx/1.12.1
x-amz-cf-pop: AMS1-P1
age: 1464838
etag: W/"6423ff5c-54d"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: 02M_SgniKhW33VEapzWSagyBBlxhR_tGc_ypmuKZutTb4K843ql87A==
expires: Thu, 28 Mar 2024 09:08:51 GMT

GET
H2

200

B29461065.360610284;dc_pre=CNXBj5K2q_4CFeac_QcdEzgJGA;dc_trk_aid=551410387;dc_trk_cid=187636275;ord=1681545768897835;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_c... Show response
ad.doubleclick.net/ddm/trackimpj/N1579222.3596942BRIDEWELL/ Frame 1CA3
Redirect Chain

https://ad.doubleclick.net/ddm/trackimpj/N1579222.3596942BRIDEWELL/B29461065.360610284;dc_trk_aid=551410387;dc_trk_cid=187636275;ord=1681545768897835;dc_lat=;dc_rdid=;tag_for_child_directed_treatme...
https://ad.doubleclick.net/ddm/trackimpj/N1579222.3596942BRIDEWELL/B29461065.360610284;dc_pre=CNXBj5K2q_4CFeac_QcdEzgJGA;dc_trk_aid=551410387;dc_trk_cid=187636275;ord=1681545768897835;dc_lat=;dc_rd...

18 KB
13 KB

76ms
74ms

Script
text/javascript

142.250.185.230

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/trackimpj/N1579222.3596942BRIDEWELL/B29461065.360610284;dc_pre=CNXBj5K2q_4CFeac_QcdEzgJGA;dc_trk_aid=551410387;dc_trk_cid=187636275;ord=1681545768897835;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.67

Protocol

Server

142.250.185.230 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

6e224cfc761a6272186f6976d50ac06b0d5f9c2ccaa1f76ea8f5535459af4c9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 08:02:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12871
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 15 Apr 2023 08:02:49 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimpj/N1579222.3596942BRIDEWELL/B29461065.360610284;dc_pre=CNXBj5K2q_4CFeac_QcdEzgJGA;dc_trk_aid=551410387;dc_trk_cid=187636275;ord=1681545768897835;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 108ms
35ms Preflight
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://img.scupio.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://img.scupio.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sat, 15 Apr 2023 08:02:49 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 233248
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame 356B
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1
https://mug.criteo.com/sid?cpp=snKNw3xqSkhzeC83b0dDVjM4bXkxaDF2Tk5TUmpGVHZrc2o5QTBUU0ZVdys3cUpUU24rWGJhblVlbDhVdklKdDJaelIxOFJlak5kR1dYUDNDODRqMVpoYmhBN296bDRlMEIzMWVBQkJJbVc1akdtUmR2b2lHNEZrTlUzbE...

492 B
579 B

45ms
41ms

XHR
application/json

178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=snKNw3xqSkhzeC83b0dDVjM4bXkxaDF2Tk5TUmpGVHZrc2o5QTBUU0ZVdys3cUpUU24rWGJhblVlbDhVdklKdDJaelIxOFJlak5kR1dYUDNDODRqMVpoYmhBN296bDRlMEIzMWVBQkJJbVc1akdtUmR2b2lHNEZrTlUzbE1mMGtyZ0poL29yOTZpV1lTU1dGWk1xTzZlY0RKRkVYRWpQOFhvR25NR0tSdzdZU1p4TTB2NEEzRjdYWEdQUnkyVTBuOXQ3VkNUYzV1QzB2TDhOeUZGN3V2Ynd4S2oxYnY4NXFOR05uV2I1d1NJc2tZODRvK3B0N1RrQ2EvK3RPYVIrOWdLNlB4UjBuVHhZbng4R3UyU3B1cDdHVFNUTTR6alJ6RzM1UnJYdm5KNXN0OC9hND18&cppv=2

Requested by

Host: reurl.cc
URL: https://reurl.cc/MRLnD

Protocol

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

33decdcadc9cfb0817b65366f21d5139133440a8fa9e512cfd3a7219105c2879

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 08:02:49 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1166003
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 15 Apr 2023 08:02:49 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
location: https://mug.criteo.com/sid?cpp=snKNw3xqSkhzeC83b0dDVjM4bXkxaDF2Tk5TUmpGVHZrc2o5QTBUU0ZVdys3cUpUU24rWGJhblVlbDhVdklKdDJaelIxOFJlak5kR1dYUDNDODRqMVpoYmhBN296bDRlMEIzMWVBQkJJbVc1akdtUmR2b2lHNEZrTlUzbE1mMGtyZ0poL29yOTZpV1lTU1dGWk1xTzZlY0RKRkVYRWpQOFhvR25NR0tSdzdZU1p4TTB2NEEzRjdYWEdQUnkyVTBuOXQ3VkNUYzV1QzB2TDhOeUZGN3V2Ynd4S2oxYnY4NXFOR05uV2I1d1NJc2tZODRvK3B0N1RrQ2EvK3RPYVIrOWdLNlB4UjBuVHhZbng4R3UyU3B1cDdHVFNUTTR6alJ6RzM1UnJYdm5KNXN0OC9hND18&cppv=2
access-control-allow-origin: https://img.scupio.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 330790
content-length: 0
expires: 0

GET
H3 200 cm
c.holmesmind.com/ Frame 356B 0
15 B 1204ms
1203ms Image
text/html 35.201.76.93
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:50 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK idSync
sync.aralego.com/ Frame 356B 35 B
266 B 303ms
103ms Image
image/gif 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idSync
Requested by: Host: reurl.cc
URL: https://reurl.cc/MRLnD
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Fort Scott, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Sat, 15 Apr 2023 08:02:49 GMT
Connection: close
Content-Length: 35
Content-Type: image/gif

GET
H2 200 ff26f32d-3e4e-464f-8bfc-f5f2adbff0a2.jpg
img.scupio.com/dsp/ad-image/798/f/ Frame 4FEF 85 KB
85 KB 35ms
35ms Image
image/jpeg 18.65.39.127
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.scupio.com/dsp/ad-image/798/f/ff26f32d-3e4e-464f-8bfc-f5f2adbff0a2.jpg
Requested by: Host: reurl.cc
URL: https://reurl.cc/MRLnD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-127.ams1.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: df9ccf06ec3dca085e5d3a6661a0cf8cb4ccf2cc886f2415ef4ebf60be9a628d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://img.scupio.com/html/ad.html?v=1.0.67
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 07:08:02 GMT
via: 1.1 5e1e1cde81deec56515dcc5317501fe8.cloudfront.net (CloudFront)
last-modified: Wed, 12 Apr 2023 01:51:07 GMT
server: nginx/1.12.1
x-amz-cf-pop: AMS1-P1
age: 3287
etag: "64360e8b-15329"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=21600
accept-ranges: bytes
content-length: 86825
x-amz-cf-id: CgCOGCHBZRZjyi_Q3hOgA9AmOxpSyXpjTVUJrgGBE8uf5q4_9QvEQg==
expires: Sat, 15 Apr 2023 13:08:02 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 37ms
37ms Preflight
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://img.scupio.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://img.scupio.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sat, 15 Apr 2023 08:02:49 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 326201
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame 62D6
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1
https://mug.criteo.com/sid?cpp=hYw7enxpejdSckhkeFZtaFYxOWs0cGQ3a3h5UlpwamFtc1NoS2FaR1JhMllQWTZQUmY1L0phV1Q4bU1HQXEvWTNWQmpwelFVbUVzNUJuSisxS3M3TWhoLzR4U29JRklaamt0UDhaREZiR29vNnh3ckFUMURqREFYTlJhQV...

498 B
581 B

46ms
42ms

XHR
application/json

178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=hYw7enxpejdSckhkeFZtaFYxOWs0cGQ3a3h5UlpwamFtc1NoS2FaR1JhMllQWTZQUmY1L0phV1Q4bU1HQXEvWTNWQmpwelFVbUVzNUJuSisxS3M3TWhoLzR4U29JRklaamt0UDhaREZiR29vNnh3ckFUMURqREFYTlJhQVE2QURKcC84SVJoeXFOVWNrZ3dCdURIZWcra1Vab2FxWk1uSE8vQWRlZHlTZ2pHckZSeTNFRFNLRjlZeVpFQmJUOS9UL01wUjIwbW9FOHF1QTY2V1ZOUjMxdXdLbHVydDVveXhkQ3paTDYzdlUrMHJwbWZoY2s4WlltUjcySlp1ODJaQysrVU9sK2FrQlA0VXVXMEh4cUFGdkxMRWtUMVZXbVlXMmhONmVqNGE5RnN3Nm5aMD18&cppv=2

Requested by

Host: reurl.cc
URL: https://reurl.cc/MRLnD

Protocol

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

2d0bb0affae7dc6c77d3deb6c2967f599ae98a7715ec56049e68fee2782d9c02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 08:02:49 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1099500
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 15 Apr 2023 08:02:49 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
location: https://mug.criteo.com/sid?cpp=hYw7enxpejdSckhkeFZtaFYxOWs0cGQ3a3h5UlpwamFtc1NoS2FaR1JhMllQWTZQUmY1L0phV1Q4bU1HQXEvWTNWQmpwelFVbUVzNUJuSisxS3M3TWhoLzR4U29JRklaamt0UDhaREZiR29vNnh3ckFUMURqREFYTlJhQVE2QURKcC84SVJoeXFOVWNrZ3dCdURIZWcra1Vab2FxWk1uSE8vQWRlZHlTZ2pHckZSeTNFRFNLRjlZeVpFQmJUOS9UL01wUjIwbW9FOHF1QTY2V1ZOUjMxdXdLbHVydDVveXhkQ3paTDYzdlUrMHJwbWZoY2s4WlltUjcySlp1ODJaQysrVU9sK2FrQlA0VXVXMEh4cUFGdkxMRWtUMVZXbVlXMmhONmVqNGE5RnN3Nm5aMD18&cppv=2
access-control-allow-origin: https://img.scupio.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 296607
content-length: 0
expires: 0

GET
H/1.1 200
OK idSync
sync.aralego.com/ Frame 62D6 35 B
266 B 312ms
106ms Image
image/gif 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idSync
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Fort Scott, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Sat, 15 Apr 2023 08:02:50 GMT
Connection: close
Content-Length: 35
Content-Type: image/gif

GET
H3 200 cm
c.holmesmind.com/ Frame 62D6 0
15 B 1197ms
1195ms Image
text/html 35.201.76.93
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:50 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame F8CC
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

146ms
51ms

Image
text/html

2a00:1450:4001:813::2002

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: reurl.cc
URL: https://reurl.cc/MRLnD
Protocol: H2
Server: 2a00:1450:4001:813::2002 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Redirect headers

date: Sat, 15 Apr 2023 08:02:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 7A2D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

141ms
63ms

Image
text/html

2a00:1450:4001:813::2002

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: reurl.cc
URL: https://reurl.cc/MRLnD
Protocol: H2
Server: 2a00:1450:4001:813::2002 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Redirect headers

date: Sat, 15 Apr 2023 08:02:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 12266324734467488730
tpc.googlesyndication.com/simgad/ Frame F8CC 35 KB
35 KB 40ms
40ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12266324734467488730?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmzM1Pibqwrer3jHHlJWmubSykRbg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012304040531000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f32dd6772efa0d77a8dbc73cadd09b1bb16d02911160f7291a97bfc5846eb9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 09:23:47 GMT
x-content-type-options: nosniff
age: 340742
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36249
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 09:08:39 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 10 Apr 2024 09:23:47 GMT

GET
H3 200 zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame F8CC 3 KB
3 KB 60ms
59ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012304040531000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 18:06:25 GMT
x-content-type-options: nosniff
server: cafe
age: 50184
etag: 7688947696963022458
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3430
x-xss-protection: 0
expires: Sat, 15 Apr 2023 18:06:25 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame F8CC 344 B
368 B 62ms
61ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012304040531000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 09:21:18 GMT
x-content-type-options: nosniff
server: cafe
age: 81691
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Sat, 15 Apr 2023 09:21:18 GMT

GET
H3 200 zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 7A2D 3 KB
3 KB 62ms
61ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012304040531000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 18:06:25 GMT
x-content-type-options: nosniff
server: cafe
age: 50184
etag: 7688947696963022458
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3430
x-xss-protection: 0
expires: Sat, 15 Apr 2023 18:06:25 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 7A2D 344 B
368 B 67ms
66ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012304040531000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 09:21:18 GMT
x-content-type-options: nosniff
server: cafe
age: 81691
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Sat, 15 Apr 2023 09:21:18 GMT

GET
H2 200 970x250_150k.html Show response
img.scupio.com/dsp/ad-image/1106/1/1fff5aa6-b914-47d6-ac51-9db28dceb60f/970x250_150k/ Frame 1272 3 KB
2 KB 68ms
68ms Document
text/html 18.65.39.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/dsp/ad-image/1106/1/1fff5aa6-b914-47d6-ac51-9db28dceb60f/970x250_150k/970x250_150k.html
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-127.ams1.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 80860039f446459e6f34654d02cbf2e08a038f5ebea6ee6bda37a2730ea2c415

Request headers

Referer: https://img.scupio.com/html/ad.html?v=1.0.67
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 446
cache-control: max-age=1500
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 15 Apr 2023 08:02:49 GMT
etag: W/"63f62852-d29"
expires: Sat, 15 Apr 2023 08:20:23 GMT
last-modified: Wed, 22 Feb 2023 14:36:02 GMT
server: nginx/1.12.1
vary: Origin
via: 1.1 5e1e1cde81deec56515dcc5317501fe8.cloudfront.net (CloudFront)
x-amz-cf-id: g5PJg5zyneC0_pfWnC0p0C4JTQoDXmqi8mXVBC85_8Ga5jqh_uCy4w==
x-amz-cf-pop: AMS1-P1
x-cache: Hit from cloudfront

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 1123
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

77ms
55ms

Image
text/html

2a00:1450:4001:813::2002

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: reurl.cc
URL: https://reurl.cc/MRLnD
Protocol: H2
Server: 2a00:1450:4001:813::2002 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Redirect headers

date: Sat, 15 Apr 2023 08:02:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 156ms
42ms Preflight
application/json 178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sat, 15 Apr 2023 08:02:49 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 224336
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 1123 3 KB
3 KB 63ms
46ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012304040531000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 18:06:25 GMT
x-content-type-options: nosniff
server: cafe
age: 50185
etag: 7688947696963022458
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3430
x-xss-protection: 0
expires: Sat, 15 Apr 2023 18:06:25 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 1123 344 B
368 B 63ms
46ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012304040531000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 09:21:18 GMT
x-content-type-options: nosniff
server: cafe
age: 81692
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Sat, 15 Apr 2023 09:21:18 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 49ms
43ms Preflight
application/json 178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sat, 15 Apr 2023 08:02:50 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 295250
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 ads.js Show response
ad.holmesmind.com/adserver/ Frame 2ECC 2 KB
1 KB 321ms
320ms Script
text/html 54.238.32.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/ads.js?z=13857&rf=https%3A%2F%2Freurl.cc%2FMRLnD&n=44&o=1&fc=1417-FjXqNDIcYJIXyIYF4CfMgSpFghGTfsKD&d=1&b=2&ts=1&ii=2&FPCK=1417-FjXqNDIcYJIXyIYF4CfMgSpFghGTfsKD&fp_uuid=1417-ef503fe0ac67631d7f94bab9129c3e92dd8d5ac15d6c4d4ecacda03434c508b4&initver=230331P
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.238.32.19 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-238-32-19.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: c04549a92042926a1c93804eb74781c07fce258a628b04d306a27e02e0505521

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Sat, 15 Apr 2023 08:02:50 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 rtbhouseV2.js Show response
cdn.holmesmind.com/js/ Frame 2ECC 3 KB
3 KB 42ms
40ms Script
application/javascript 2600:9000:223c:4800:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:4800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: DlDm2.RaHqnwd1PNmY0dNCVp5YdFVv6_
date: Sat, 15 Apr 2023 08:02:00 GMT
via: 1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
last-modified: Thu, 13 Apr 2023 07:03:39 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 50
x-amz-server-side-encryption: AES256
etag: "6a605eea47197fa280f27aaf1fa1521d"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2773
x-amz-cf-id: 0d7IKBNo74gMMNE4AppvDFf1XVyKWUH1OoWde4ZpNWWu0cm36tEYDA==

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame 2ECC 121 KB
40 KB 43ms
41ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ee5dd0a4359b47cc49bbeaa01ee01d9ab77226267bc4999dce2331f35dd4b930

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:50 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-1e357"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 16 Apr 2023 08:02:50 GMT

GET
H2 200 criteoV2.js Show response
cdn.holmesmind.com/js/ Frame 2ECC 2 KB
3 KB 49ms
43ms Script
application/javascript 2600:9000:223c:4800:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/criteoV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:4800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: PY2bcG6xDpnYGIi3HqgNZW1F0xtNtFx9
date: Sat, 15 Apr 2023 08:02:02 GMT
via: 1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
last-modified: Thu, 13 Apr 2023 07:02:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 48
x-amz-server-side-encryption: AES256
etag: "e8f33fcb581483ced4a09b3c8e7550e4"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2443
x-amz-cf-id: seofQiqPkhHvRJ-MNcAYMBfMDq9yFS-wr-zkGvKVny2mtlKqt_exWg==

GET
H2 200 bridgewellV3.js Show response
cdn.holmesmind.com/js/ Frame 2ECC 4 KB
5 KB 51ms
49ms Script
application/javascript 2600:9000:223c:4800:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:4800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: boIKRsKmKdtT.J77QHrBLe19jkz7V0u.
date: Sat, 15 Apr 2023 08:02:23 GMT
via: 1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
last-modified: Thu, 13 Apr 2023 07:03:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 28
x-amz-server-side-encryption: AES256
etag: "c3b948e5a48dd0ec20c265d6d8da7add"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 4530
x-amz-cf-id: Jl3OmbTHS_FCLuAlcqwt0HTzpqCx5j3hzZugnv5UhvQFIq9SQ8EzsA==

GET
H2 200 appierV2.js Show response
cdn.holmesmind.com/js/ Frame 2ECC 3 KB
3 KB 52ms
50ms Script
application/javascript 2600:9000:223c:4800:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appierV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:4800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: bBaDhinVDm2bQtBAHs6w8Ot0TdmtaBTy
date: Sat, 15 Apr 2023 08:02:00 GMT
via: 1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
last-modified: Thu, 13 Apr 2023 07:03:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 50
x-amz-server-side-encryption: AES256
etag: "548ed610a8571343fb3022f543174735"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 3177
x-amz-cf-id: OW1Wx-qdbiSY-anzHeons-9cYaqkmzI13EOcuF82uYgyWEwHsXcJEw==

GET
H2 200 appier_mainV3.js Show response
cdn.holmesmind.com/js/ Frame 2ECC 6 KB
7 KB 53ms
51ms Script
application/javascript 2600:9000:223c:4800:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:4800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 17b74954021249d3b59e7ab8c8248edc265666ee65127c8f01825f0ada0adcc2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: lsUCSJJiHzZ.l3kqzr7xEkgy8qV8KR3d
date: Sat, 15 Apr 2023 08:02:23 GMT
via: 1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
last-modified: Thu, 13 Apr 2023 07:03:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 28
x-amz-server-side-encryption: AES256
etag: "d653bf20e2f03cb602105cbd317c55ed"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 6650
x-amz-cf-id: LlkaG6p0RpFrlb17ZhmO5Pcx_PP-Zjhn-FMUX654kbdttlEgKA40fw==

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1A0C 0
0 189ms
91ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202304110101&jk=3366920964606225&rc=
Requested by: Host: reurl.cc
URL: https://reurl.cc/MRLnD
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame EA8E 36 B
407 B 255ms
254ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

d459b34eec6a83a1e53ff68dd5851a69c815d2cf65ddffd485146554ff7d0b47

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:50 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true

POST
H/1.1 200
OK event
u.scupio.com/ Frame 4FEF 0
139 B 1321ms
268ms Ping
text/plain 210.59.219.38

General

Check archive.org

Show headers Download Go to

Full URL: https://u.scupio.com/event?cb=0.36532448987975896&tag=TIME_AdRender&log=%7B%22mid%22%3A0%2C%22mall%22%3A0%2C%22campaign%22%3A0%2C%22layout%22%3A0%2C%22rtbid%22%3A%22%22%2C%22st%22%3A%22%22%2C%22adTypeCode%22%3A%22I-1%22%2C%22adTypeId%22%3A%22adimg%22%2C%22width%22%3A0%2C%22height%22%3A0%2C%22ts%22%3A%222023-04-15T08%3A02%3A50.224Z%22%2C%22IT%22%3A694%2C%22TTT%22%3A696%2C%22ET%22%3Anull%2C%22RT%22%3Anull%7D
Requested by: Host: reurl.cc
URL: https://reurl.cc/MRLnD
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 210.59.219.38 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sat, 15 Apr 2023 08:02:51 GMT
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/plain

GET
H2 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 1272 236 KB
63 KB 201ms
47ms Script
text/javascript 2a00:1450:4001:812::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/dsp/ad-image/1106/1/1fff5aa6-b914-47d6-ac51-9db28dceb60f/970x250_150k/970x250_150k.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 15 Apr 2023 08:02:50 GMT

GET
H2 200 970x250_150k.js Show response
img.scupio.com/dsp/ad-image/1106/1/1fff5aa6-b914-47d6-ac51-9db28dceb60f/970x250_150k/ Frame 1272 94 KB
30 KB 47ms
26ms Script
application/javascript 18.65.39.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/dsp/ad-image/1106/1/1fff5aa6-b914-47d6-ac51-9db28dceb60f/970x250_150k/970x250_150k.js
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/dsp/ad-image/1106/1/1fff5aa6-b914-47d6-ac51-9db28dceb60f/970x250_150k/970x250_150k.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-127.ams1.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 3cf0a027279a8c477ae06724a704afdae7bf0c3ea4ecca10bee308be1b149789

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://img.scupio.com/dsp/ad-image/1106/1/1fff5aa6-b914-47d6-ac51-9db28dceb60f/970x250_150k/970x250_150k.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:50 GMT
content-encoding: gzip
via: 1.1 5e1e1cde81deec56515dcc5317501fe8.cloudfront.net (CloudFront)
last-modified: Wed, 22 Feb 2023 14:33:04 GMT
server: nginx/1.12.1
x-amz-cf-pop: AMS1-P1
age: 446
etag: W/"63f627a0-178f2"
vary: Origin
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=1500
x-amz-cf-id: LwjfY_C1Cx4zuFreVhlyjT1SCOf4ocGu37ST1ikei3svmMQbnO1NUw==
expires: Sat, 15 Apr 2023 08:20:23 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 44A2 0
0 85ms
84ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202304120101&jk=3929259166306693&rc=
Requested by: Host: reurl.cc
URL: https://reurl.cc/MRLnD
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 713B 0
0 76ms
74ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202304110101&jk=2833215237799560&rc=
Requested by: Host: reurl.cc
URL: https://reurl.cc/MRLnD
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

GET
H3 200 MezC-G1ZF-1GZ9yqq0o7IScgI3uEZvBcP5CgXoWKMDE.js Show response
pagead2.googlesyndication.com/bg/ Frame 8F19 36 KB
14 KB 41ms
39ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MezC-G1ZF-1GZ9yqq0o7IScgI3uEZvBcP5CgXoWKMDE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31ecc2f86d5917ed4667dcaaab4a3b212720237b8466f05c3f90a05e858a3031

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 20:27:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41722
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14288
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 10:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 13 Apr 2024 20:27:28 GMT

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 2ECC 5 KB
3 KB 253ms
252ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:50 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Sat, 15 Apr 2023 08:12:50 GMT

GET
H3 200 MezC-G1ZF-1GZ9yqq0o7IScgI3uEZvBcP5CgXoWKMDE.js Show response
pagead2.googlesyndication.com/bg/ Frame BD24 36 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MezC-G1ZF-1GZ9yqq0o7IScgI3uEZvBcP5CgXoWKMDE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31ecc2f86d5917ed4667dcaaab4a3b212720237b8466f05c3f90a05e858a3031

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 20:27:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41722
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14288
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 10:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 13 Apr 2024 20:27:28 GMT

GET
H3 200 MezC-G1ZF-1GZ9yqq0o7IScgI3uEZvBcP5CgXoWKMDE.js Show response
pagead2.googlesyndication.com/bg/ Frame AE77 36 KB
14 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MezC-G1ZF-1GZ9yqq0o7IScgI3uEZvBcP5CgXoWKMDE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31ecc2f86d5917ed4667dcaaab4a3b212720237b8466f05c3f90a05e858a3031

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 20:27:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41722
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14288
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 10:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 13 Apr 2024 20:27:28 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/chaseapacdcmdisplay693238567679/ Frame 1CA3 0
282 B 376ms
40ms Script
application/x-javascript 23.35.237.151

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/chaseapacdcmdisplay693238567679/moatad.js
Requested by: Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/trackimpj/N1579222.3596942BRIDEWELL/B29461065.360610284;dc_trk_aid=551410387;dc_trk_cid=187636275;ord=1681545768897835;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:50 GMT
last-modified: Fri, 03 Mar 2023 12:49:47 GMT
server: AmazonS3
x-amz-request-id: NPNG68QRPPY1JEBQ
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-amz-server-side-encryption: AES256
content-type: application/x-javascript
cache-control: max-age=21136
accept-ranges: bytes
content-length: 0
x-amz-id-2: edBLhr7zyDQ/k1r5FvMReT13qqFVpGFK+652WSioCBe5b1yIpGH2pjqTGirU3yt0i8zulR9m2rA=

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 1CA3 41 KB
15 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/trackimpj/N1579222.3596942BRIDEWELL/B29461065.360610284;dc_trk_aid=551410387;dc_trk_cid=187636275;ord=1681545768897835;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 08:02:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 86410
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Apr 2024 08:02:40 GMT

GET
H2 200 drawV2.js Show response
cdn.holmesmind.com/js/ Frame 2ECC 10 KB
11 KB 46ms
44ms Script
application/javascript 2600:9000:223c:4800:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/drawV2.js
Requested by: Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13857&rf=https%3A%2F%2Freurl.cc%2FMRLnD&n=44&o=1&fc=1417-FjXqNDIcYJIXyIYF4CfMgSpFghGTfsKD&d=1&b=2&ts=1&ii=2&FPCK=1417-FjXqNDIcYJIXyIYF4CfMgSpFghGTfsKD&fp_uuid=1417-ef503fe0ac67631d7f94bab9129c3e92dd8d5ac15d6c4d4ecacda03434c508b4&initver=230331P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:4800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: LIZmdv2hFCXzLRIEC1sZeQc0mxpBBOFG
date: Sat, 15 Apr 2023 08:02:00 GMT
via: 1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
last-modified: Thu, 13 Apr 2023 07:03:03 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 58
x-amz-server-side-encryption: AES256
etag: "84d8b1a745228113e60f5e62f0eff6d3"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 10359
x-amz-cf-id: 6qm-pTij4u_PtV1RC4XukeSMgckDtY-KA_N4p1UDmiXfWmYB84MeYg==

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame 2ECC 0
170 B 188ms
188ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://reurl.cc
date: Sat, 15 Apr 2023 08:02:50 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 2ECC 20 B
307 B 50ms
50ms XHR
application/json 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=135&profileId=184&cb=77665806972

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

1a99c7dc79dd2b64ac281c5c9f9e470aa37b28bbb958ef7bc8eff508cded8e25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sat, 15 Apr 2023 08:02:50 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 46

POST
H/1.1 200
OK prebid.aspx Show response
prebid.scupio.com/recweb/ Frame 2ECC 2 KB
2 KB 258ms
257ms XHR
text/html 210.59.219.181
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.scupio.com/recweb/prebid.aspx?cb=0.585925396917715
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 210.59.219.181 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 210-59-219-181.hinet-ip.hinet.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 93fbb41c6dc079f67031effe0ba2b73a281aa59d0e46dd8858b3589a11533ea8

Request headers

Referer: https://reurl.cc/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sat, 15 Apr 2023 08:02:50 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://reurl.cc
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Length: 1502

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame 2ECC
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=t8X48btABOGkMRphJ1o6ZA

2 B
20 B

287ms
287ms

XHR
application/json

35.190.36.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=t8X48btABOGkMRphJ1o6ZA
Requested by: Host: reurl.cc
URL: https://reurl.cc/MRLnD
Protocol: H3
Server: 35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 98.36.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:51 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Sat, 15 Apr 2023 08:02:51 GMT
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=t8X48btABOGkMRphJ1o6ZA
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame 2ECC
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=t8X48btABOGkMRphJ1o6ZA

2 B
20 B

281ms
281ms

XHR
application/json

35.190.36.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=t8X48btABOGkMRphJ1o6ZA
Requested by: Host: reurl.cc
URL: https://reurl.cc/MRLnD
Protocol: H3
Server: 35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 98.36.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:51 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Sat, 15 Apr 2023 08:02:51 GMT
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=t8X48btABOGkMRphJ1o6ZA
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

GET
H2 200 bg_1.jpg
img.scupio.com/dsp/ad-image/1106/1/1fff5aa6-b914-47d6-ac51-9db28dceb60f/970x250_150k/images/ Frame 1272 40 KB
40 KB 45ms
44ms Image
image/jpeg 18.65.39.127
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.scupio.com/dsp/ad-image/1106/1/1fff5aa6-b914-47d6-ac51-9db28dceb60f/970x250_150k/images/bg_1.jpg?1677047584623
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.67
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-127.ams1.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: a0f0c84d066058cf2d62319dcc1f80f6f71bc7faab03ffc4b9cb8f36fc024b46

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://img.scupio.com/dsp/ad-image/1106/1/1fff5aa6-b914-47d6-ac51-9db28dceb60f/970x250_150k/970x250_150k.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:50 GMT
via: 1.1 5e1e1cde81deec56515dcc5317501fe8.cloudfront.net (CloudFront)
last-modified: Wed, 22 Feb 2023 14:34:04 GMT
server: nginx/1.12.1
x-amz-cf-pop: AMS1-P1
age: 446
etag: "63f627dc-9efb"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=21600
accept-ranges: bytes
content-length: 40699
x-amz-cf-id: iC0mmyJYfN85BClvcptCgcGKnGty8FIKpnwPuUEV8EXxoOeK3pjQWA==
expires: Sat, 15 Apr 2023 13:55:24 GMT

GET
H2 200 cm Show response
t.ssp.hinet.net/ Frame EA8E 0
194 B 262ms
262ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=cf&cid=414619-sPbZ0aAmRlRtGIo4VLd3ruxovQSWqv3i&mp=5f55589a-f605-48a4-ba3f-e32c0a1ae6a0

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:50 GMT
strict-transport-security: max-age=0
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 pixel
5f55589a-f605-48a4-ba3f-e32c0a1ae6a0.t.ssp.hinet.net/ Frame EA8E 0
79 B 261ms
261ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://5f55589a-f605-48a4-ba3f-e32c0a1ae6a0.t.ssp.hinet.net/pixel?bd=5f55589a-f605-48a4-ba3f-e32c0a1ae6a0&t=cf&referrer=https%3A%2F%2Freurl.cc

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=1417-ef503fe0ac67631d7f94bab9129c3e92dd8d5ac15d6c4d4ecacda03434c508b4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:50 GMT
strict-transport-security: max-age=0
server: nginx
content-length: 0
content-type: image/png

GET
H2 200 bg_2jpg.jpg
img.scupio.com/dsp/ad-image/1106/1/1fff5aa6-b914-47d6-ac51-9db28dceb60f/970x250_150k/images/ Frame 1272 34 KB
35 KB 50ms
50ms Image
image/jpeg 18.65.39.127
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.scupio.com/dsp/ad-image/1106/1/1fff5aa6-b914-47d6-ac51-9db28dceb60f/970x250_150k/images/bg_2jpg.jpg?1677047584623
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.67
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-127.ams1.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: cad8b167abd483998bc5688d0ad86b441889ecd5e6a26af4ef13dd754183524d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://img.scupio.com/dsp/ad-image/1106/1/1fff5aa6-b914-47d6-ac51-9db28dceb60f/970x250_150k/970x250_150k.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 07:55:24 GMT
via: 1.1 5e1e1cde81deec56515dcc5317501fe8.cloudfront.net (CloudFront)
last-modified: Wed, 22 Feb 2023 14:34:06 GMT
server: nginx/1.12.1
x-amz-cf-pop: AMS1-P1
age: 445
etag: "63f627de-899f"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=21600
accept-ranges: bytes
content-length: 35231
x-amz-cf-id: khe8dvS7xC898lCFT8f6QpVp7sl2saIXnPP1Ns8IJ-54CUIBwkJkSw==
expires: Sat, 15 Apr 2023 13:55:24 GMT

POST
H2 204 events
bidder.criteo.com/csm/ Frame 2ECC 0
209 B 36ms
35ms Ping
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 15 Apr 2023 08:02:50 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 girl.png
img.scupio.com/dsp/ad-image/1106/1/1fff5aa6-b914-47d6-ac51-9db28dceb60f/970x250_150k/images/ Frame 1272 5 KB
5 KB 58ms
58ms Image
image/png 18.65.39.127
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.scupio.com/dsp/ad-image/1106/1/1fff5aa6-b914-47d6-ac51-9db28dceb60f/970x250_150k/images/girl.png?1677047584623
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.67
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-127.ams1.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 2551865dd99b97818b4d039219dc5c2c356c9de2f9d37ab39f8a7e95abd4989a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://img.scupio.com/dsp/ad-image/1106/1/1fff5aa6-b914-47d6-ac51-9db28dceb60f/970x250_150k/970x250_150k.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 07:55:25 GMT
via: 1.1 5e1e1cde81deec56515dcc5317501fe8.cloudfront.net (CloudFront)
last-modified: Wed, 22 Feb 2023 14:34:06 GMT
server: nginx/1.12.1
x-amz-cf-pop: AMS1-P1
age: 446
etag: "63f627de-13c8"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=21600
accept-ranges: bytes
content-length: 5064
x-amz-cf-id: ps6a42FowlH0Wk2LeJMNijLkZQaiwRtCSCs5A5mN7s5EyAn71iDD_A==
expires: Sat, 15 Apr 2023 13:55:25 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 9687 22 KB
8 KB 40ms
39ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://img.scupio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 86411
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 14 Apr 2023 08:02:40 GMT
expires: Sat, 13 Apr 2024 08:02:40 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 kv.jpg
img.scupio.com/dsp/ad-image/1106/1/1fff5aa6-b914-47d6-ac51-9db28dceb60f/970x250_150k/images/ Frame 1272 37 KB
37 KB 44ms
43ms Image
image/jpeg 18.65.39.127
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.scupio.com/dsp/ad-image/1106/1/1fff5aa6-b914-47d6-ac51-9db28dceb60f/970x250_150k/images/kv.jpg?1677047584623
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.67
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-127.ams1.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 922bbc618accfdaf35e193bb5b3b0b2ff4aa9b2820eb39d8b86e2fae3782516b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://img.scupio.com/dsp/ad-image/1106/1/1fff5aa6-b914-47d6-ac51-9db28dceb60f/970x250_150k/970x250_150k.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 07:55:25 GMT
via: 1.1 5e1e1cde81deec56515dcc5317501fe8.cloudfront.net (CloudFront)
last-modified: Wed, 22 Feb 2023 14:34:06 GMT
server: nginx/1.12.1
x-amz-cf-pop: AMS1-P1
age: 446
etag: "63f627de-9242"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=21600
accept-ranges: bytes
content-length: 37442
x-amz-cf-id: aJEVASmfMdYPfg2TLlVxOBrCwJkCOxF6SfNeR727BmZKQ5lcKi1VZQ==
expires: Sat, 15 Apr 2023 13:55:25 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 8F19 0
10 B 39ms
39ms Image
text/plain 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?aQgzbQ
Requested by: Host: reurl.cc
URL: https://reurl.cc/MRLnD
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:51 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 9687 36 KB
14 KB 50ms
40ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b13f787bf63d4faed75d3fc17342de926a7bd0b8aeda95453484c2988bedaa04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14077
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 10:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 14 Apr 2024 08:02:16 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame F242 77 KB
25 KB 112ms
112ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/MRLnD

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4352b04fa8227b168e7f0f94b2b4efd1fa3f656c9d3fa97c64fc2c91ee55737f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25623
x-xss-protection: 0
server: cafe
etag: 184 / 19462 / 31073818 / config-hash: 11787412583201714567
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 15 Apr 2023 08:02:51 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame F8CC 42 B
64 B 92ms
92ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstRaEBbgWjLxlb6HXEtNbkhqJcRLt4aaa_GbSHLZdyq75PfJGJdRW1pcu1YfyO9CwMNA3Zs_Rh2g8j9GGjLySkWYF5VfnzJJhyQxBVXh1QjKAXRZbxcz_3ZOZx4GZC40ChiJd179g&sai=AMfl-YTnospUZZWwKmN7mq-ZCmkOIeXeFCX4IAaC60A1DwNA6WAgjEhK_XhtDU2s4NHpdolUIMAsg2HSOBCy6Mz2TVGMZ_NfdjWWFTKUPQ7OFBXErIk_0I4rYj0rHdQ&sig=Cg0ArKJSzAApxcIVgHW0EAE&cid=CAQSOwBygQiDGxkVAsYshrECsVgjhUGiepL1aLT9dme2o_-OR-gEHUmjaN6Iih-7IoJcRb8VLV55M1pKgXRmGAE&id=ampim&o=650,108&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1304&mtos=0,0,1304,1304,1304&tos=0,0,1304,0,0&tfs=2120&tls=3424&g=100&h=100&tt=3425&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Requested by

Host: reurl.cc
URL: https://reurl.cc/MRLnD

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 08:02:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 7A2D 42 B
64 B 89ms
88ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstcTqYLwgoqiPcFTKCAvLq49likyZVC4pPUDUmz4xOJzsMUWB0l86yWVYpKY9szkpusc_qzppCUNdvdPu_iRHuAlQpbDlN-CVtdd9sAr9WWjrqhuncvcySUT4xkjoe65SQTgadg2g&sai=AMfl-YSKZwOpNpu9eibTZmVtbAgO7WsQiVSOHPfKN7ON5KN_RrObjNv74jAsI6wzSrels1Qy5sU-0J4bGUNvllng46lonRjHqCBByfkhbUAHYzDI0pXLNSNlInxwKMU&sig=Cg0ArKJSzOjCbwP_0y0yEAE&cid=CAQSOwBygQiDWZLvuVsYjdDy-k5lxbhHu0gCNXSIeCVbF7HJicljFhqExHPhrloO7YpMj64oFRWlGfu9t9MpGAE&id=ampim&o=315,610&d=970,90&ss=1600,1200&bs=1600,1200&mcvt=1291&mtos=0,0,1291,1291,1291&tos=0,0,1291,0,0&tfs=1924&tls=3215&g=100&h=100&tt=3215&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Requested by

Host: reurl.cc
URL: https://reurl.cc/MRLnD

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 08:02:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 1123 42 B
64 B 87ms
86ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvaV7dUG1Ej2Pmtoru1OHseKK5N-Ual0Hlx6IPRar4b1h2tj0YJMquj9k10anywQfoGT86esxrbGNW5kjrJXi_AhIFvrbOwwxeJEGH3UmXlYBNfpxRQiEqZjTbEqs1QP4bJJ7V7QkRjCx6DOKeivGLke327pFwF-UXI&sai=AMfl-YQajC8UYM5MO6JqCHD2wbxHQAmsp5txaGpavI9SEKNo0qA9pRDLdcd_fV7GgRn_GbDRLalsbDXYy5lgAcX9TmNpOJAn5VQnu9pOCT5PNNxQrKydTFdXamxQ-Hs&sig=Cg0ArKJSzLsz8Ge9AzXWEAE&cid=CAQSOwBygQiDIjwVcrz53iQjPQPwnm79s7LsE5kmda1tV-attu7qJ6eS2R8GNjN7z5IZxgbG5EC9SSRtU5EdGAE&id=ampim&o=640,364&d=320,100&ss=1600,1200&bs=1600,1200&mcvt=1246&mtos=0,0,1246,1246,1246&tos=0,0,1246,0,0&tfs=1770&tls=3016&g=100&h=100&tt=3016&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Requested by

Host: reurl.cc
URL: https://reurl.cc/MRLnD

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 08:02:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET generate_204
tpc.googlesyndication.com/ Frame AE77 0
0

GET pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/ Frame F242 0
0

GET ppub_config
securepubads.g.doubleclick.net/pagead/ Frame F242 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.facebook.com
URL: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FCreditCards.com.tw%252F%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId

Domain: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yq/l/0,cross/WjYd8lGD6w4.css?_nc_x=Ij3Wp8lg5Kz

Domain: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/TX1Q2Opl48R.js?_nc_x=Ij3Wp8lg5Kz

Domain: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yY/r/V8jK12UmQ6C.js?_nc_x=Ij3Wp8lg5Kz

Domain: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y9/r/ie38mp0O07P.js?_nc_x=Ij3Wp8lg5Kz

Domain: www.facebook.com
URL: https://www.facebook.com/ajax/bz?__a=1&__ccg=EXCELLENT&__dyn=7xeUmxa13xu1syUbAihwRwqo98nwgU5Gex-ewSwMwNw8OdwJwvE3vx61cw9y0Ko2_CwjE3awbG782Cwooa85ufw5Zx61vw4iwBgK7o1yEfo2IzU2Xwdq1iwmE2ewnE2Lx-0iS1Axy0gq0Lo4K2e1FwbO0NE&__hs=19462.BP%3Aplugin_default_pkg.2.0..0.0&__hsi=7222184060587890387&__req=4&__rev=1007321679&__s=%3A%3Acjhesf&__sp=1&__user=0&dpr=1&jazoest=21906&lsd=Cs9mNAzMZA-UcZIam_vpW3

Domain: www.facebook.com
URL: https://www.facebook.com/ajax/bz?__a=1&__ccg=EXCELLENT&__dyn=7xeUmxa13xu1syUbAihwRwqo98nwgU5Gex-ewSwMwNw8OdwJwvE3vx61cw9y0Ko2_CwjE3awbG782Cwooa85ufw5Zx61vw4iwBgK7o1yEfo2IzU2Xwdq1iwmE2ewnE2Lx-0iS1Axy0gq0Lo4K2e1FwbO0NE&__hs=19462.BP%3Aplugin_default_pkg.2.0..0.0&__hsi=7222184060587890387&__req=5&__rev=1007321679&__s=%3A%3Acjhesf&__sp=1&__user=0&dpr=1&jazoest=21906&lsd=Cs9mNAzMZA-UcZIam_vpW3

Domain: fcm.holmesmind.com
URL: https://fcm.holmesmind.com/cm.php

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/generate_204?rxSXDQ

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/pubads_impl.js?cb=31073818

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=reurl.cc

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

33 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.reurl.cc/	1970-01-20 11:07:12	Name: _gid Value: GA1.2.1965143845.1681545764
.reurl.cc/	1970-01-20 11:05:45	Name: _gat Value: 1
.reurl.cc/	1970-01-20 20:41:45	Name: _ga_N394QBRGC0 Value: GS1.1.1681545764.1.0.1681545764.0.0.0
.reurl.cc/	1970-01-20 20:41:45	Name: _ga Value: GA1.1.1881927675.1681545764
.prnasia.com/	1970-01-20 11:05:47	Name: __cf_bm Value: VFxILIIsHF5S0WToyjXO0G4g751Ypfzff58PnxdWnn4-1681545764-0-ARc6OU5+DvM+YMpN81429GbPqbof+fWBs4/pHvH6DY4vRfcWBFO6JwvNBPGQwS+pwUe0vumPwYpaq9fk5/u3Jz8=
.reurl.cc/	1970-01-20 13:15:21	Name: _fbp Value: fb.1.1681545764745.268912748
.holmesmind.com/	1970-01-20 20:41:45	Name: P Value: 414619-sPbZ0aAmRlRtGIo4VLd3ruxovQSWqv3i
.holmesmind.com/	1970-01-20 11:26:52	Name: Vision Value: 20230415-23:59,20230415-19,20230415-19,20230415-23:59
.holmesmind.com/	1970-01-20 11:26:52	Name: C Value: null
.holmesmind.com/	1970-01-20 13:30:43	Name: RK Value: null
.reurl.cc/	1970-01-20 11:07:12	Name: _ht_a546ca Value: 1
reurl.cc/	1970-01-20 11:48:57	Name: CFFPCKUUID Value: 1867-D7y3g4pjnrnNSoLsC1bbxaDvM76GHqtL
.reurl.cc/	1970-01-20 11:48:57	Name: CFFPCKUUIDMAIN Value: 1417-FjXqNDIcYJIXyIYF4CfMgSpFghGTfsKD
.reurl.cc/	1970-01-20 11:48:57	Name: FPUUID Value: 1417-ef503fe0ac67631d7f94bab9129c3e92dd8d5ac15d6c4d4ecacda03434c508b4
.hinet.net/	1970-01-20 20:41:45	Name: uuid Value: 5f55589a-f605-48a4-ba3f-e32c0a1ae6a0
.reurl.cc/	1970-01-20 19:51:21	Name: __htid Value: 5f55589a-f605-48a4-ba3f-e32c0a1ae6a0
.reurl.cc/	1970-01-20 11:05:49	Name: _ht_em Value: 1
.reurl.cc/	1970-01-20 11:07:12	Name: _ht_hi Value: 1
.reurl.cc/	1970-01-20 11:07:12	Name: _ht_50ef57 Value: 1
.criteo.com/	1970-01-20 20:27:21	Name: uid Value: 3ba35473-b27b-4655-8132-ec0ff099f2e8
.scupio.com/	1970-01-20 11:15:50	Name: fxc Value: 1
.c.appier.net/	1970-01-20 19:51:21	Name: _auid Value: t8X48btABOGkMRphJ1o6ZA
.scupio.com/	1970-01-20 19:52:48	Name: OrgKeyValue Value: CVA2023041516024783646
.scupio.com/	1970-01-20 19:52:48	Name: gx Value: H4sIAKfKOmQA%2fxNmYGDg4ubY8Hv%2ftV1P7lkLsAqxcNgLMAEA4ijAEBcAAAA%3d
.aralego.com/	1970-01-20 19:51:21	Name: gdpr Value: 1
.aralego.com/	1970-01-20 19:51:21	Name: sspid Value: 639366b4-095f-34e5-96d6-207c58f73b9a
.doubleclick.net/	1970-01-20 20:27:21	Name: IDE Value: AHWqTUkBURWzQ6kf-oir4FYhzcmoGfe9NmvKE1-_285JCzI0mnOyvg2Vve3xz3NXPR4
.scupio.com/	1970-01-20 11:15:50	Name: gxc Value: 1
.reurl.cc/	1970-01-20 20:27:21	Name: __gads Value: ID=02d667c947d726e1:T=1681545768:S=ALNI_MaR-Erjz_GXCzscAanKMgmrDlrOSA
.reurl.cc/	1970-01-20 20:27:21	Name: __gpi Value: UID=00000c02b2e59041:T=1681545768:RT=1681545768:S=ALNI_Maxy6IDd_pOKXkgWK4EROMu04caRw
.holmesmind.com/	1970-01-20 11:26:52	Name: R Value: null
.holmesmind.com/	1970-01-20 13:30:43	Name: G Value: we3u7ZGJymKY5J47cKd8kQ==
.holmesmind.com/	1970-01-20 20:41:45	Name: d Value: /jHzqDFxfoBZ4WTyQK3MPaD5j7NQOgUkv1Txfycvr2ReudB2dm6t0KDrpHJuqax6WjAFQ16PJy71RxDiXPBzgA==

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5f55589a-f605-48a4-ba3f-e32c0a1ae6a0.t.ssp.hinet.net
7457cbdadf303cf3663357f1daae2933.safeframe.googlesyndication.com
a7a1674dc4c1e15bcd4582a4bca6c9b8.safeframe.googlesyndication.com
ad.doubleclick.net
ad.holmesmind.com
ad.sitemaji.com
ad2.apx.appier.net
adcdn.holmesmind.com
adservice.google.co.uk
adservice.google.com
ajax.googleapis.com
bidder.criteo.com
bw.scupio.com
c.holmesmind.com
cdn.ampproject.org
cdn.holmesmind.com
cdn.jsdelivr.net
cm-dev-poc.holmesmind.com
cm.g.doubleclick.net
connect.facebook.net
creditcards.com.tw
eus.rubiconproject.com
fcm.holmesmind.com
ff4f0d2892eebc3b05e0b2b8903afd19.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
gocm.c.appier.net
googleads.g.doubleclick.net
gum.criteo.com
hb.aralego.com
i0.wp.com
img.gbyhn.com.tw
img.racingcharger.tw
img.scupio.com
m.holmesmind.com
mma.prnasia.com
mug.criteo.com
pagead2.googlesyndication.com
prebid-asia.creativecdn.com
prebid.scupio.com
re-news.tw
rec.scupio.com
referer-log.holmesmind.com
region1.google-analytics.com
reurl.cc
s0.2mdn.net
scontent.xx.fbcdn.net
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
static.criteo.net
static.wixstatic.com
static.xx.fbcdn.net
stats.g.doubleclick.net
storage.re-news.tw
sync.aralego.com
t.ssp.hinet.net
token.rubiconproject.com
tpc.googlesyndication.com
u.scupio.com
www.facebook.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googletagmanager.com
www.rayskyinvest.com
z.moatads.com
fcm.holmesmind.com
securepubads.g.doubleclick.net
static.xx.fbcdn.net
tpc.googlesyndication.com
www.facebook.com
103.132.192.30
104.109.78.125
142.250.185.194
142.250.185.230
162.210.196.208
172.105.221.240
178.250.7.13
18.65.39.127
192.0.77.2
192.0.78.244
192.96.203.13
2.19.35.65
2001:4860:4802:34::36
203.75.214.136
210.59.219.175
210.59.219.180
210.59.219.181
210.59.219.38
23.35.237.151
2600:9000:223c:4800:0:e06c:e940:93a1
2600:9000:2250:a800:3:1794:2540:93a1
2606:4700::6810:5514
2606:4700::6810:fc04
2a00:1450:4001:801::2002
2a00:1450:4001:808::200a
2a00:1450:4001:80b::2008
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2001
2a00:1450:4001:811::2003
2a00:1450:4001:812::2006
2a00:1450:4001:813::2002
2a00:1450:4001:813::2004
2a00:1450:4001:829::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2002
2a00:1450:400c:c0d::9b
2a02:2638:3::7
2a02:2638:3::c
2a02:2638:d::2
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a06:98c1:3121::3
34.102.176.152
34.95.67.231
35.185.130.121
35.185.136.122
35.186.215.140
35.190.36.98
35.201.76.93
35.227.194.51
35.227.249.156
35.244.196.223
52.194.43.130
52.69.218.118
54.238.32.19
69.173.144.165
021734744894954c8b67206462926a1c51671066849ffd0c3a52e02bd3d3dac9
05ee926cc9bf2039ad93af941a67d23d84bd78ecd9d6ef53ff85eeaf744cbd89
06322fc8a6f8e63c959a7361f664450b4db0dbb9151f27a9e47f71c41e4871f6
0912eb76845cca43ec976e9bc886ca3f240697afb98c9ec95ec6c34fa32a8a71
0a3920a01c0dcd03e7617df96bcbd48fb4c6f9ef73ae02927bc9578b15918afd
0dbdba4e3ae519ca99e112e64fc41409518bc3356804b0a52116c4d88def2774
0e7ae7978e9374bdfa25d15aa5622977abdd1a1844f24d5e4b98da369f03a2cf
0ec06672fe3c64b5f9a2734153c38dc3aac1a84dd0c656447e4f393339608db6
0fb170f24675c84f8228ad6b61d69bf6705030949cc2fec316b3a006eab282f8
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1519f65f0646c7ec878163cb3a7034c6db155f9243ae1208e3b3ad3bbd5ad503
16cf673198b29bb08e83f5d8f74182d97d9c6dfa729c60f90f6195e739de9d20
17b74954021249d3b59e7ab8c8248edc265666ee65127c8f01825f0ada0adcc2
17c2bf10bca31e2a83cedd1d0b0766ced230ffa5f82bacc5338fe1c84efc4747
18bb0e90797ec6f226137169e5775aceac0cb1ede819c3526b431cc2034db84f
193a876092e67555e41956395a88a74415e8e9b88ce2a7a514abf1161c662a89
1a2dcbaa8da5e1459685453a48b20ad6d18fcc772cc45dffcc2c2c719fee8091
1a99c7dc79dd2b64ac281c5c9f9e470aa37b28bbb958ef7bc8eff508cded8e25
1bfc2e2068ee2ce434a9273fee1accffeeacdad69ce3c220d9daa5fbed639a62
1fb9eba0f98fc3a5c9cfa55a0c43ea1d24c5f2e388f06612f404e09fe83fcbc6
204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce
20b236770c01f9b8cd4ec9c927acb7f55e4fa559fd9b41a1b5c2bd9d39d7a277
213c62fcde5831324abaaa32c9ca36ae0289409789a825f88028aea848c2ad32
2262d50696110a18e87fa0ac8edb8b9860bccb89680a5c04bad6a5246892090b
22d4fe7a41e1b5ac442faeccace387a6e59c4f056bc35b71f1b65cf42e7a6721
2551865dd99b97818b4d039219dc5c2c356c9de2f9d37ab39f8a7e95abd4989a
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c
29762c5984fb769db5ff800c2ce7d754beb23cf7af0381f49fff41ca890e5c88
2b1e06fb6e4b94d0ad33efe050dee671013dd1e6a3f7ef2a0bba591e7e2fad81
2d0bb0affae7dc6c77d3deb6c2967f599ae98a7715ec56049e68fee2782d9c02
2e8f19520d5efc75af7c9dc665bf0e77dc450a66dd2ee9ec6aabfaf2f242f103
3014acc16bf3744b41bb869785bf686290d9834a5e6f69d4583c4e39fca26bff
3050a5556edc5876cd83e63f15e56fe19cb428129345a58d1f57687414504698
30a288f4b8350f8121ceab4313aa78320d3a313c7425136323191ced5b6a0b65
31ecc2f86d5917ed4667dcaaab4a3b212720237b8466f05c3f90a05e858a3031
31f2f76d99d19fe98a0917f2b785a37c683b85fae29d66dd476ffa84c9a999fb
33decdcadc9cfb0817b65366f21d5139133440a8fa9e512cfd3a7219105c2879
35038446d0cae0d4cf68472310f8c4e3775f84d4a6c51036fb52c1276c8a5ef9
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
39dbd8a4ae007adead2aafe50b14d72bdd088109b1b26a7aad6596b51b90350e
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
3cf0a027279a8c477ae06724a704afdae7bf0c3ea4ecca10bee308be1b149789
3f32dd6772efa0d77a8dbc73cadd09b1bb16d02911160f7291a97bfc5846eb9d
3f47d04ec54a65e837ad3e4fb05f048f61b8128ddfeffb781fb2814b0397a760
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4352b04fa8227b168e7f0f94b2b4efd1fa3f656c9d3fa97c64fc2c91ee55737f
442127ff92b9afa98ca1f3264d2ca4ddc545e2635decf858e4c48858dc68415c
45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb
45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103
4636fb9df5ae103fbad3764c9f98400be1c9384cbe77fdb6951b96adcac788b1
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4b383e49691c63fe7f83c57534dd9bf79d8630e67cc5bc91e4d81ba7dcd5e682
4ce81ecccefb27ce0f347ef564114da2ba450a9e1d9a7260b4597e62b1f71a72
4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4fbc87a75771407325342610ece2c80083d0b735dc7da625839fde08bcf66285
4fe2f1e10ad7169b07a1fa35579e12df94c80710f138fe2ceea62d047d4da43b
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
52bb2d07b65ec544edeb2a33f4103397a28f036f0d100090f3e17e4364aea1fb
53a215a3e560218319103ff086f2957a7f3f5a3ebfebd929f954d5ab73104742
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
541aa8107ab5589ef7f8da4481836ffeef358d9dba7a3fad482d0bda1c7f9960
547cd958005e974f43a58fefabb897bb8d6248172655b946b4a8450b040ad34f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56baa57e0239dcc012df1180ca809db66046e9688510327b63c61a3dfc2aabf1
5849e07d0d6cbb144829b98da75fda4a8eb3fc2b5749d48cc94bb170db54859a
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5df3a45af91ee67a151112369a6db71f4bf8e325df9abd37e41ea313051fff64
5e6b64548a659799b21cada8e58a9fd1f53faf3208219c395c147194f7acbfe0
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62997ef9963dd71a8147b9a5a1c24e66464a245bff2390b479b144a6fcc3b94a
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6729563a7dcd413a09f819cbd4ed5f581a3d3ebd65c52ea411d85d77067f4526
67988687e1abdb7513a40ec60f8ed45c834949e86c1c9fa76983d00590ce0da4
693a43ba2993bd6945ee91c96cdc986d8db5db50dc67aa5c6c631164cb635333
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b554798adaf5cb8c2c6f2607f28041ccb952a5727fac5ef07aa1024cab81a74
6e224cfc761a6272186f6976d50ac06b0d5f9c2ccaa1f76ea8f5535459af4c9d
73e18bfe1a45f8cb774ec7f8526277d36a113618d90ed3b6d44c713962ff26b3
742d1513a69799f4b009e30a6b4b1623158976f4c8cf448d42e0c05202e70801
749079c4e18ad34ac381e98d3fa23e070937ae17b73e27bb066eae5350ed667d
78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093
78f206bea7c7aa00a992e632c5028ad9fee2d98df6eedaa91c6c76916c92b930
7936aa581eefddfa2a0491ca78d502f1dffbf372e83fa2545fa94aa4ec6bb391
7fcc716cd9110cf477d307f10de6d00ee25564b57e20358dfbf840d66777dae7
80860039f446459e6f34654d02cbf2e08a038f5ebea6ee6bda37a2730ea2c415
81a83ad8c65b893ec909609444e653b7e0be9395ccf59016e03284e0d1a13844
8290d97b04510b940ddca9f2aea802eaafb36fc7a8f52e4466ed2b77db35c632
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8804179d4455fb6e29325fe79d0f98396fd305e1de6067621c6f42e7054a7671
882a26a77810c5cb733f85af6e85bbf7f72c5bc69034c42efe2c9708e81e5256
89b0b16db8325b2c6db9a0f68eabea4c6ffab4022ee31fb5ea6ea64a2b19b0ad
8b95825e949e0d6c15b2cea8657756404426fe621d9c187dafb1c7b5133fad87
8c2fd950860d45adb238c744ab88a5dc75e5839570892bae7d5018a90d362112
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834
8d267f4b082132571adfae2f05ed423c700216a6124429eaa942d7f429c0adfc
8dc1f8352569662cbb0e100fe0f7459cfcb0682a67bd50e5246059ba2e97a42a
8e418e28557b7b12cbd37393c9cfd6ad8c403aa867b3e94bb1c3aadec8f99577
8fbc4d6db87655c070a74a1a787c657077a12214a8d85da2129cdc1a7bd5d7fa
9201470993e53e5bcc8edf97926c67140b5ef4eeddf95c705af31004724e26f1
922bbc618accfdaf35e193bb5b3b0b2ff4aa9b2820eb39d8b86e2fae3782516b
93fbb41c6dc079f67031effe0ba2b73a281aa59d0e46dd8858b3589a11533ea8
96ab2c962212f8af22ffc89817fe5094db6a0d27b8cbaacd34323aa9007ca7fa
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
97a8ac3778e546a6f181085011be6050889e44dd212ac3e9782389f0b853c23d
9c5a759af3c08b42ee54d6bfb13feb6767cc9f50a5965379730ebee12aef8dae
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
9c9f87285251bbcc9a701bc74e755b0c48e1321efdccafd33c28896b40aa3ff3
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
9ee1b5f0991caed05a8149e2e2d86f43a8a0d8600d5c83d2799601714a8af3c6
9f2aa6af4c0a4d80f08fb43a67de08fa12534cae17a1a1b5aa3a6b903638cea6
a0f0c84d066058cf2d62319dcc1f80f6f71bc7faab03ffc4b9cb8f36fc024b46
a2151d74d56dcf4de7ed409453be46b71759b4322a906b96074e0c3e0c4601a9
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a593bbfcf303c189efef1732001627d2d35c7a59a94e2ee2664eadde2009f085
a640cd4568d094004aae98923a4475696997401e07e48a54472a76de5aaf9e72
a7cac69ff4c7b905552b1915305ba548a87acdf6205efe6e5bd1eef0d4700793
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
aa8f232578208fd0ea85cc9f68afab659939aeb06f53f44093fc1ee4d7a71320
ab62c14080178f8f4e6f96d35f87fd237fa8147bda50c25d1355952be82ad0bb
ad7d15812eaa6a06c1ba50fd4e12534afa72ef234e6263ddf5d633fe1ea7a9d0
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aee80027210ae75f2e8fb3327baa7cb67340c226af488b7aeba254096073e4e4
b13f787bf63d4faed75d3fc17342de926a7bd0b8aeda95453484c2988bedaa04
b160538fdb7b762b907085bbad34368c2f30d0104cedda16681a32e86f18585b
b4167cd99f0223bdfa47718aab408f00f4dd139badac76370615e57eca8c14d1
b4e8897f617acf8c561309a5d51674bc1cbef024b66acf21ceb35ddf76a0c16b
b5a06a61cc91207a0766de728cc62f1bc1c987a5baa2155a542248a6ba0d97f4
ba1c1cba103b212eaa4c5aea8268a6e94d3e0d39a16d5d094b604790db6d4fd5
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
be4783efeb04d9e88319ad016bb8e7044723c832fa5e87dd1c02029ec045d644
c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b
c04549a92042926a1c93804eb74781c07fce258a628b04d306a27e02e0505521
c20bb27c602be9c2009b660be854017df8fa65505ad0116251c71f9be66bb5c8
cad8b167abd483998bc5688d0ad86b441889ecd5e6a26af4ef13dd754183524d
cb5c67ccd076f55e9436fb016a51b3c33f646751187a7e0053908ca5e265108b
cfb9efc885f20a99b4de4a37da33b3d25262b880f14df6b13aadd0c3e3754944
d126364c6e2a7b5e91d0003b90a0761c94a81c95702e1bc0ede7a2067a48f4df
d356266cbf28b090f7fa6ee9c515390bec1aa129686a1efe76d076690d4af611
d459b34eec6a83a1e53ff68dd5851a69c815d2cf65ddffd485146554ff7d0b47
d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc
d8bd25441bf08a5a7859480e5e329e2fa8516ea74f69c8f0aa89f815406aedfb
d8c52fe5bb662564ab7edf0abe01a2202dcc36eaa71ce6a465cd64210c4eb2c0
d9d7fb5968a3bacb10628d22777bab96403b87022154cd9d7131d4cde84663cf
db32dfe1ba53feecef2bfb397dbdb5788d211a37aeabc18a8f9dbad5aafed92b
ddd9d29beabaeecc9c76408242dfc2b76305ec52511992d3cfbc81a500ee0670
de22251de744ea11cc272908446d053d0a9012b7356ee1ba8b7561337d0f71fb
de7d92d7d63b41537a3ba46cd668dc7bf1422f88cb9d60831292dd6284cff872
df9ccf06ec3dca085e5d3a6661a0cf8cb4ccf2cc886f2415ef4ebf60be9a628d
dfab0f349de699da3786f2e4653874de689f80d5aaf0d57b61df5933d2fd09ff
e023dff186832c6a9062473e5bbadbab1a9ba3b12654fc51235a13a407ae60b5
e06787d09c0170febea7e8d6ec75107fd88e6875072fdab051f36494e4a9784c
e13547eec8879c9b576c2e06837303ad06ea15905d4eb075291ff21686a5b3da
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40fab19fb3fe7b54e20e095695aea442893df40ac66bfaa82e0453dbe66ea5d
e95cae8d40d54a66307d061c442dd08b982292891e91a92be1cb21eec8a2d22d
e9b96bc538ceb220fc5caff0d0a67916b74cf07b2bada0b3296a17b1b99c9990
eb75f30c06612f15ecdad0f69c9f417ae7ecec04c0d2fa832066ddf650445d5c
ed74e72b416728f59f50d31d28e49a600686f2305a5e01b9345f7ca614101b63
ede20041bf104095302e63753987b35d2b4bd8c1761ca246df8d7350385de315
ee5dd0a4359b47cc49bbeaa01ee01d9ab77226267bc4999dce2331f35dd4b930
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0637711cd180a6cb50f2882d67a419ac556e21ad9ec02ade9f5e2df2bc063b2
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032
f971cb967dcad04a8841f828a2de1be5c99abec685ce5dadb449b5e36c217dee
fb4a1ce6dfcba35211052403191f739a43aafef3ebab7af5e3866d02da0e60fe
fe3c06eeffb10add536e52ac60fb6cccc3ea545d6fa16231830de8c4630d4851
fe3cea0537c53a762dd2b1a36e07dffb91833f40195352568f23384761c22c89
fe3ee879c22ede0f328f9ca9d324c877c184d0319ba005979c8c2063d4db14e6

reurl.cc Open in urlscan Pro 35.185.130.121 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

349 Requests

91 %HTTPS

46 %IPv6

34 Domains

66 Subdomains

57 IPs

7 Countries

4829 kBTransfer

10943 kBSize

33 Cookies

21 Outgoing links

Page URL History

Redirected requests

349 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

reurl.cc Open in urlscan Pro
35.185.130.121 Public Scan

Screenshot
Live screenshot

Full Image

349
Requests

91 %
HTTPS

46 %
IPv6

34
Domains

66
Subdomains

57
IPs

7
Countries

4829 kB
Transfer

10943 kB
Size

33
Cookies

349 HTTP transactions
6 data transactions