urlscan.io logo urlscan.io
SecurityTrails logo

reurl.cc Open in urlscan Pro
35.185.130.121  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://reurl.cc/main/tw
Effective URL: https://reurl.cc/main/tw
Submission: On May 09 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 34 IPs in 9 countries across 28 domains to perform 81 HTTP transactions. The main IP is 35.185.130.121, located in Taipei, Taiwan and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is reurl.cc. The Cisco Umbrella rank of the primary domain is 243425.
TLS certificate: Issued by R3 on March 25th 2022. Valid for: 3 months.
This is the only time reurl.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 5 35.185.130.121 396982 (GOOGLE-CL...)
6 2606:4700::68... 13335 (CLOUDFLAR...)
4 34.149.98.30 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 1 84.17.46.53 60068 (CDN77 ^_^)
1 2606:4700::68... 13335 (CLOUDFLAR...)
8 2600:9000:223... 16509 (AMAZON-02)
3 2a03:2880:f00... 32934 (FACEBOOK)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f10... 32934 (FACEBOOK)
1 142.250.186.162 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 23.75.245.170 16625 (AKAMAI-AS)
2 4 35.201.76.93 15169 (GOOGLE)
1 35.244.196.223 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
8 203.75.214.136 3462 (HINET Dat...)
1 185.33.221.13 29990 (ASN-APPNEX)
1 35.227.202.26 15169 (GOOGLE)
1 2600:9000:225... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 192.0.77.2 2635 (AUTOMATTIC)
1 192.0.78.244 2635 (AUTOMATTIC)
1 34.102.176.152 15169 (GOOGLE)
1 192.0.78.187 2635 (AUTOMATTIC)
1 13.112.163.33 16509 (AMAZON-02)
3 2a02:2638::3 44788 (ASN-CRITE...)
4 8 34.96.119.68 15169 (GOOGLE)
4 4 139.162.40.113 63949 (LINODE-AP...)
2 103.132.192.30 138552 (RTBHOUSE-...)
4 178.250.0.165 44788 (ASN-CRITE...)
1 34.117.219.39 396982 (GOOGLE-CL...)
81 34
5    35.185.130.121 (Taipei, Taiwan)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 121.130.185.35.bc.googleusercontent.com
reurl.cc
6    2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
4    34.149.98.30 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 30.98.149.34.bc.googleusercontent.com
storage.reurl.cc
4    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    84.17.46.53 (Amsterdam, Netherlands)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-84-17-46-53.cdn77.com
cdn.rawgit.com
1    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
8    2600:9000:223c:9600:0:e06c:e940:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.holmesmind.com
3    2a03:2880:f007:8:face:b00c:0:1 (Vienna, Austria)

ASN32934 (FACEBOOK, US)
connect.facebook.net
static.xx.fbcdn.net
3    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.com
2    2a03:2880:f107:83:face:b00c:0:25de (Vienna, Austria)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    23.75.245.170 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-75-245-170.deploy.static.akamaitechnologies.com
static-tagr.gd1.mookie1.com
4    35.201.76.93 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 93.76.201.35.bc.googleusercontent.com
c.holmesmind.com
1    35.244.196.223 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 223.196.244.35.bc.googleusercontent.com
storage.re-news.tw
3    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
8    203.75.214.136 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-75-214-136.hinet-ip.hinet.net
t.ssp.hinet.net
d72d40c4-e463-4c79-a612-c717023ef926.t.ssp.hinet.net
1    185.33.221.13 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    35.227.202.26 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 26.202.227.35.bc.googleusercontent.com
tw-gmtdmp.mookie1.com
1    2600:9000:2250:f400:3:1794:2540:93a1 (United States)

ASN16509 (AMAZON-02, US)
adcdn.holmesmind.com
1    2a00:1450:400c:c08::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a06:98c1:3121::a (United States)

ASN13335 (CLOUDFLARENET, US)
img.gbyhn.com.tw
img.racingcharger.tw
1    192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i0.wp.com
i0.wp.com
1    192.0.78.244 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
creditcards.com.tw
1    34.102.176.152 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 152.176.102.34.bc.googleusercontent.com
static.wixstatic.com
1    192.0.78.187 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
blog.alphaloan.co
1    13.112.163.33 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-112-163-33.ap-northeast-1.compute.amazonaws.com
ad.holmesmind.com
3    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
8    34.96.119.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.119.96.34.bc.googleusercontent.com
ad2.apx.appier.net
4    139.162.40.113 (Singapore, Singapore)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1453-113.members.linode.com
gocm.c.appier.net
2    103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net
prebid-asia.creativecdn.com
4    178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com
bidder.criteo.com
1    34.117.219.39 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 39.219.117.34.bc.googleusercontent.com
fp.holmesmind.com
Apex Domain
Subdomains		 Transfer
15 holmesmind.com
cdn.holmesmind.com — Cisco Umbrella Rank: 128095
c.holmesmind.com — Cisco Umbrella Rank: 97773
fcm.holmesmind.com Failed
adcdn.holmesmind.com — Cisco Umbrella Rank: 134046
ad.holmesmind.com — Cisco Umbrella Rank: 88592
fp.holmesmind.com — Cisco Umbrella Rank: 136474
65 KB
12 appier.net
ad2.apx.appier.net — Cisco Umbrella Rank: 33385
gocm.c.appier.net — Cisco Umbrella Rank: 3799
2 KB
9 reurl.cc
reurl.cc — Cisco Umbrella Rank: 243425
storage.reurl.cc
19 KB
8 hinet.net
t.ssp.hinet.net — Cisco Umbrella Rank: 79459
d72d40c4-e463-4c79-a612-c717023ef926.t.ssp.hinet.net
6 KB
6 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 574
127 KB
4 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 856
837 B
4 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 119
220 KB
3 criteo.net
static.criteo.net — Cisco Umbrella Rank: 760
40 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 101
20 KB
3 mookie1.com
static-tagr.gd1.mookie1.com — Cisco Umbrella Rank: 49392
tw-gmtdmp.mookie1.com — Cisco Umbrella Rank: 390401
3 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 65
stats.g.doubleclick.net — Cisco Umbrella Rank: 175
5 KB
2 creativecdn.com
prebid-asia.creativecdn.com — Cisco Umbrella Rank: 14725
340 B
2 google.com
adservice.google.com — Cisco Umbrella Rank: 128
www.google.com — Cisco Umbrella Rank: 20
1 KB
2 google.de
adservice.google.de — Cisco Umbrella Rank: 5351
www.google.de — Cisco Umbrella Rank: 3632
1 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 100
6 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 195
37 KB
1 alphaloan.co
blog.alphaloan.co
167 KB
1 wixstatic.com
static.wixstatic.com — Cisco Umbrella Rank: 6857
1 MB
1 creditcards.com.tw
creditcards.com.tw
78 KB
1 racingcharger.tw
img.racingcharger.tw
140 KB
1 wp.com
i0.wp.com — Cisco Umbrella Rank: 3393
85 KB
1 gbyhn.com.tw
img.gbyhn.com.tw
709 KB
1 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 511
5 KB
1 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 326
664 B
1 re-news.tw
storage.re-news.tw
6 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 940
644 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 341
5 KB
1 rawgit.com
cdn.rawgit.com — Cisco Umbrella Rank: 11528
723 B
81 28
Domain Requested by
8 ad2.apx.appier.net 4 redirects reurl.cc
8 cdn.holmesmind.com reurl.cc
cdn.holmesmind.com
7 t.ssp.hinet.net cdn.holmesmind.com
t.ssp.hinet.net
6 cdn.jsdelivr.net reurl.cc
5 reurl.cc 1 redirects reurl.cc
4 bidder.criteo.com static.criteo.net
4 gocm.c.appier.net 4 redirects
4 c.holmesmind.com 2 redirects reurl.cc
cdn.holmesmind.com
4 pagead2.googlesyndication.com reurl.cc
pagead2.googlesyndication.com
4 storage.reurl.cc reurl.cc
3 static.criteo.net cdn.holmesmind.com
reurl.cc
3 www.google-analytics.com storage.reurl.cc
www.google-analytics.com
reurl.cc
2 prebid-asia.creativecdn.com cdn.holmesmind.com
2 static-tagr.gd1.mookie1.com cdn.holmesmind.com
2 www.facebook.com reurl.cc
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 connect.facebook.net storage.reurl.cc
connect.facebook.net
1 d72d40c4-e463-4c79-a612-c717023ef926.t.ssp.hinet.net reurl.cc
1 fp.holmesmind.com cdn.holmesmind.com
1 ad.holmesmind.com cdn.holmesmind.com
1 blog.alphaloan.co reurl.cc
1 static.wixstatic.com reurl.cc
1 creditcards.com.tw reurl.cc
1 img.racingcharger.tw reurl.cc
1 i0.wp.com reurl.cc
1 img.gbyhn.com.tw reurl.cc
1 www.google.de reurl.cc
1 www.google.com reurl.cc
1 stats.g.doubleclick.net www.google-analytics.com
1 static.xx.fbcdn.net www.facebook.com
1 adcdn.holmesmind.com cdn.holmesmind.com
1 tw-gmtdmp.mookie1.com reurl.cc
1 ib.adnxs.com static-tagr.gd1.mookie1.com
1 storage.re-news.tw storage.reurl.cc
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 cdnjs.cloudflare.com reurl.cc
1 cdn.rawgit.com 1 redirects
0 fcm.holmesmind.com Failed cdn.holmesmind.com
81 40

This site contains links to these domains. Also see Links.

Domain
imgus.cc
youtils.cc
re-news.tw
stockinfo.tw
Subject Issuer Validity Valid
reurl.cc
R3		 2022-03-25 -
2022-06-23		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-03 -
2022-07-02		 a year crt.sh
storage.reurl.cc
GTS CA 1D4		 2022-05-06 -
2022-08-04		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
*.holmesmind.com
Go Daddy Secure Certificate Authority - G2		 2021-05-18 -
2022-06-19		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-02-15 -
2022-05-16		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
static-tagr.gd1.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-12-03 -
2022-12-01		 a year crt.sh
storage.re-news.tw
GTS CA 1D4		 2022-05-04 -
2022-08-02		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
*.ssp.hinet.net
 2021-10-12 -
2022-10-12		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-24 -
2023-03-27		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
*.gbyhn.com.tw
E1		 2022-04-08 -
2022-07-07		 3 months crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA		 2020-04-02 -
2022-07-05		 2 years crt.sh
tls.automattic.com
R3		 2022-03-17 -
2022-06-15		 3 months crt.sh
*.wixstatic.com
Sectigo RSA Domain Validation Secure Server CA		 2022-04-30 -
2022-10-27		 6 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-11 -
2022-07-13		 3 months crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-17 -
2023-04-12		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-11 -
2022-07-07		 3 months crt.sh
*.t.ssp.hinet.net
 2022-04-14 -
2023-04-14		 a year crt.sh

This page contains 8 frames:

Primary Page: https://reurl.cc/main/tw
Frame ID: 225B6B36E5480D58FC59E830F93D0217
Requests: 45 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220504/r20190131/zrt_lookup.html
Frame ID: BCF6C95C48B94ACFC5CD57BEEB226C5D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1004948140419605&output=html&adk=1812271804&adf=3025194257&lmt=1652096995&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652096994977&bpp=2&bdt=380&idt=227&shv=r20220504&mjsv=m202205050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2625490674696&frm=20&pv=2&ga_vid=1998968982.1652096995&ga_sid=1652096995&ga_hid=1035805380&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067451%2C31061690%2C31067418&oid=2&pvsid=1926205803216770&pem=454&tmod=465829918&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=245
Frame ID: 930CFB7B5F35E1A33ABE10F8B6487A2C
Requests: 1 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 47C3BA8BB14F632CFE60B0892AC22ABE
Requests: 5 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 0339BA482672D79D6D65B35210457EE5
Requests: 25 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Frame ID: 221888FA6B0AF27B8C8EB31D3B8284EC
Requests: 2 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: 7D3A1D6F399634F89AD8BAA30452B3F7
Requests: 1 HTTP requests in this frame

Frame: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=9884-C0XjIFd2AQS1HtlPUr6PRhMz8yMswXek&CFFPCKUUID=5276-ZVGKKv5JgH60tAVerWixjH4sAWAxndCb&url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&maindomain=reurl.cc
Frame ID: FB1B42935BAAB2E3B5DD457819E797C1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

縮短網址產生器 - reurl

Page URL History Show full URLs

  1. http://reurl.cc/main/tw HTTP 301
    https://reurl.cc/main/tw Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/vue(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • /axios(@|/)([\d.]+)(?:/[a-z]+)?/axios(?:.min)?\.js
Overall confidence: 100%
Detected patterns
  • clipboard(?:-([\d.]+))?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • sweetalert2(?:\.all)?(?:\.min)?\.js
  • /npm/sweetalert2@([\d.]+)
  • sweetalert2@([\d.]+)/dist/sweetalert2(?:\.all)(?:\.min)\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

81
Requests

90 %
HTTPS

43 %
IPv6

28
Domains

40
Subdomains

34
IPs

9
Countries

2790 kB
Transfer

3792 kB
Size

23
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://reurl.cc/main/tw HTTP 301
    https://reurl.cc/main/tw Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://cdn.rawgit.com/zenorocha/clipboard.js/v1.7.1/dist/clipboard.min.js HTTP 301
  • https://cdn.jsdelivr.net/gh/zenorocha/clipboard.js@v1.7.1/dist/clipboard.min.js
Request Chain 32
  • https://c.holmesmind.com/cm HTTP 302
  • https://c.holmesmind.com/cm?tc=getIn&
Request Chain 36
  • https://c.holmesmind.com/cm HTTP 302
  • https://c.holmesmind.com/cm?tc=getIn&
Request Chain 60
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=QF02o5idDyGVUDUo5f94Yg
Request Chain 61
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=SYYd-BVQBwGNRHyI5f94Yg
Request Chain 64
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=5Irjoyo4AguWCksy5f94Yg
Request Chain 65
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=xaigJlSqD4OtCpgN5f94Yg

81 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request tw
reurl.cc/main/
Redirect Chain
  • http://reurl.cc/main/tw
  • https://reurl.cc/main/tw
13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/main/tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
d5301cd65ec3279af99bdebe4a75615a9ce8ec73c43753af888fcd41d5b65316

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 09 May 2022 11:49:54 GMT
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding

Redirect headers

Connection
keep-alive
Content-Length
178
Content-Type
text/html
Date
Mon, 09 May 2022 11:49:53 GMT
Location
https://reurl.cc/main/tw
Server
nginx/1.18.0 (Ubuntu)
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/ 		152 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/bootstrap.min.css
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 11:49:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4242483
x-jsd-version
4.3.1
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19179-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"2606e-bhA1SChFSJj9qA9V897LNH/Z7SE"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FPROv%2BZeM8FJKn1EXN56eZ%2BDWIKuAi1eQUdHHdMMuRNRIAf953Eq5wyz%2BLfhYDUHr0aZUytE6qjFGF9F4D3W6LgO0CPybD1iU0YkvYu6pcC%2BljQGFNuZc4RRux7jy%2Fu8l6DW8pPq%2Fllww5%2BESok%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
708a36e8bea79290-FRA
style.css
storage.reurl.cc/stylesheets/rwd/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://storage.reurl.cc/stylesheets/rwd/style.css
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.98.30 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
30.98.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e32272da242ceb6ecfad754975bc09782c6229a7a46c58e46cec347aab22be64

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 08:19:10 GMT
via
1.1 google
last-modified
Thu, 05 May 2022 00:38:33 GMT
age
12644
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
public,max-age=28800
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1091
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		156 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1004948140419605
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5fc0dbf4ff4226cd76269ebf476080a5034a8522efa425ca5e04c44936e76a06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Origin
https://reurl.cc
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 11:49:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55909
x-xss-protection
0
server
cafe
etag
2929144954559445893
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 09 May 2022 11:49:54 GMT
pixel.js
storage.reurl.cc/javascripts/ 		470 B
448 B 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.reurl.cc/javascripts/pixel.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.98.30 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
30.98.149.34.bc.googleusercontent.com
Software
/
Resource Hash
6e9ab8ab1d57a0695a66577e348ae4343e1a92f70cb4835a52c4863f11114037

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:42:13 GMT
via
1.1 google
last-modified
Sun, 08 Aug 2021 17:07:38 GMT
age
14861
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=28800
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
363
clipboard.min.js
cdn.jsdelivr.net/gh/zenorocha/clipboard.js@v1.7.1/dist/
Redirect Chain
  • https://cdn.rawgit.com/zenorocha/clipboard.js/v1.7.1/dist/clipboard.min.js
  • https://cdn.jsdelivr.net/gh/zenorocha/clipboard.js@v1.7.1/dist/clipboard.min.js
11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/zenorocha/clipboard.js@v1.7.1/dist/clipboard.min.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol
H3
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0da7fc1ae23678b2872653962d147fcd1cbd0a5a9c8f84d44ae99bc581fd9062
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 11:49:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4242279
x-jsd-version
1.7.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19180-FRA, cache-hhn4075-HHN
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"2aa5-qeaI8MJlRinRJjDbMhGpT3WiLLY"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R3XNztSVQDu5156Ey1LYdvP%2B2XbLnk01mNrtuwkucCJ7FmMiIsID%2FQ0tpc6aiCHb%2FWYNVk%2FOhYUmw8VbAx1TipOrXSLxw%2BArFBQ4kLpltJItJAdUJ6QP%2FKH9kfEZOj7k6saaZ3i%2FdcW5SNlYkgI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
708a36e9fe409a05-FRA

Redirect headers

date
Mon, 09 May 2022 11:49:54 GMT
x-content-type-options
nosniff
cdn-edgestorageid
459
age
9381
access-control-expose-headers
*
x-cache
MISS, HIT
cdn-cachedat
05/09/2022 11:49:54
cdn-pullzone
201235
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443", h3-29=":443", h3-27=":443"
content-length
113
server
BunnyCDN-AMS1-879
x-served-by
cache-fra19160-FRA, cache-chi-kigq8000114-CHI
access-control-allow-origin
*
cdn-proxyver
1.02
cdn-requestpullcode
301
location
https://cdn.jsdelivr.net/gh/zenorocha/clipboard.js@v1.7.1/dist/clipboard.min.js
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/plain; charset=utf-8
cdn-cache
EXPIRED
vary
Accept-Encoding
cache-control
public, max-age=2592000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
9a677b19d2486ee205c316e3344b8769
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
301
cdn-requestpullsuccess
True
axios.min.js
cdnjs.cloudflare.com/ajax/libs/axios/0.19.0/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/axios/0.19.0/axios.min.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b52781951c70cc8a2ae2afdaac5d673c656c3be0f1c769fa6c1e9e4f5ed8d3b
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 11:49:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
863451
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4224
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:06:02 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d6a-3580"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WGXqwqBZwOR9ZkBcv3Vq7tvo7UmfN92dcbVSAI3ua%2FY6MlrCM4I%2BMzpi9ckTPhUcrIWKkKUO10ONYtTDT3bRw0AQbt%2BsF%2Bbq0pO06xvYuTwd3EBpf%2B0RGemO921BM5zPQ1FXbGLAyy5s6N1ivTUOxtJm"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
708a36e90a89697f-FRA
expires
Sat, 29 Apr 2023 11:49:54 GMT
sweetalert2.all.min.js
cdn.jsdelivr.net/npm/sweetalert2@9/dist/ 		65 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/sweetalert2@9/dist/sweetalert2.all.min.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2950bc3fd628cb8a8c6b1367f664e31353a6ff9edd99c3f2831ce548610a05b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 11:49:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
5965
x-jsd-version
9.17.2
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19148-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"105f5-IoZ47xa2VqsB8s6EqlY9hdo2pRY"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HThIeZ%2BlEdpH8DYjfByoI1uM%2BOBG%2Bk1GGVWXju3NBeOBJf0e3wqMqQxDEOl%2BkIWHPNgLsTHrrN0AFnON8Jpok1aeFCr%2BTIGOgGd1YCpaiDXrhkk0RasSiYONA1B6ugoucEtfaCDvXv%2BMtA8gXSw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
708a36e8feed9290-FRA
FileSaver.js
reurl.cc/javascripts/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/javascripts/FileSaver.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f3481bf12191837d5e19d9526f18fd20fc88395a403c1a0b098eeef10a7f56ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 11:49:54 GMT
content-encoding
gzip
last-modified
Sun, 08 Aug 2021 17:07:38 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"61100f5a-2fce"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
expires
Tue, 09 May 2023 11:49:54 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		156 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
35c6684a7e2ae1c54dfc242f676adb7e5624d580dcf786d021d28b91aae6edaf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 11:49:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55924
x-xss-protection
0
server
cafe
etag
6338287770030648257
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 09 May 2022 11:49:54 GMT
jquery.min.js
cdn.jsdelivr.net/npm/jquery@3.4.1/dist/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/jquery@3.4.1/dist/jquery.min.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 11:49:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4242481
x-jsd-version
3.4.1
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19154-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"15851-iFI5JDUbrAtdVg/gxXgeJVbnaT0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IQsTOO%2BInRvXzl0PY5%2FhEcbq1OcJmMDiB%2Bl%2BS76iMBy%2BpxdrFN4drLXI9%2FTmH95oFmDxZUQjRJ%2BrMnxeK7yN57m9aJ7dwgy4t3aE3AxoteWPmQWSye7is1q6kSCJaMAKD19oO1%2BNCfyh8uh1sP8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
708a36e8beac9290-FRA
bootstrap.min.js
cdn.jsdelivr.net/npm/bootstrap@4.4.1/dist/js/ 		59 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@4.4.1/dist/js/bootstrap.min.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 11:49:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4242291
x-jsd-version
4.4.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19154-FRA, cache-hhn4059-HHN
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"ea6a-s8EWxl5vBTqqtF5WGaeOwAJxpQ8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o5Q%2FW8ODgcz4HITLgAFDrdcijy9nH7qhYSqOAXY0X%2Fv8hyohzJjaqQEUbhef7ifzboOA3JBRgMS8FI%2ByQI0wsnZ83%2BOE%2BFgURukNdkKqVLCiF3xSPR6Qie330D6QfD4zgRhZq92fuv8XVdiDcMY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
708a36e8beab9290-FRA
vue.min.js
cdn.jsdelivr.net/npm/vue@2.5.16/dist/ 		84 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/vue@2.5.16/dist/vue.min.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 11:49:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4242454
x-jsd-version
2.5.16
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19143-FRA, cache-hhn4073-HHN
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"151b4-KLsckeN7U/TrtIzkgtzLJAAD4Hg"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rf2iVACZN3ODdwxvcQoWfabHyQbwdAlwvJEOQwTqIM96t4l3h%2B83px2LnLP8QXTyydOwPUI4lM3BwKt7iHTjxc6z%2BfL66D1DO0KX5Kf7P2nyIrRnmmyF2qUpgUdWqb2YwddkD7VJgMT%2Ftlc8awA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
708a36e8bea99290-FRA
vue-qrcode.min.js
reurl.cc/javascripts/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/javascripts/vue-qrcode.min.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
62a62225a4e6e5ea098b9ed6aa19c2149880cbd6d3e0314f2b875a32b1f8ce25

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 11:49:54 GMT
content-encoding
gzip
last-modified
Sun, 08 Aug 2021 17:07:38 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"61100f5a-470c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
expires
Tue, 09 May 2023 11:49:54 GMT
main.js
reurl.cc/javascripts/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/javascripts/main.js?v=7
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
00fc5eede87ce2644e673193b3ffce854cad06f548d8a6057acce9c0dbef3b2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 11:49:54 GMT
content-encoding
gzip
last-modified
Mon, 29 Nov 2021 04:36:28 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"61a458cc-12bf"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
expires
Tue, 09 May 2023 11:49:54 GMT
rwd_cap.js
cdn.holmesmind.com/js/ 		41 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/rwd_cap.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:9600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
003c6c7476d2158d18f48473e7071c87f48e8e1cf957343020a148c97ba30482

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
BN9WwPCNLHdSgIvzd1_opxGo9OZ3hU5f
via
1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
last-modified
Wed, 23 Mar 2022 02:02:46 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
etag
"8fdf120a4b0155367b0b2347946ccc01"
x-cache
RefreshHit from cloudfront
content-type
application/javascript
date
Mon, 09 May 2022 11:49:56 GMT
accept-ranges
bytes
content-length
41735
x-amz-cf-id
dNfEl4LwlvvaG70yYokGSs8LD7oed_OuwaeGWNdqQ926DxOPoYkv9w==
renews.js
storage.reurl.cc/javascripts/ 		698 B
430 B 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.reurl.cc/javascripts/renews.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.98.30 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
30.98.149.34.bc.googleusercontent.com
Software
/
Resource Hash
12e46b645dde5408be7fc6f4ce9647addac5d09c5f27dc8e3ffe9e07e6c9a935

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 05:33:19 GMT
via
1.1 google
last-modified
Thu, 05 May 2022 00:38:33 GMT
age
22595
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=28800
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
368
ga2.js
storage.reurl.cc/javascripts/ 		618 B
502 B 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.reurl.cc/javascripts/ga2.js?v=2
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.98.30 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
30.98.149.34.bc.googleusercontent.com
Software
/
Resource Hash
9c8c0ac19964706e18280f35973180a896d74c52c760c2d7047d6a94c1329a6f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 06:56:33 GMT
via
1.1 google
last-modified
Thu, 24 Mar 2022 12:16:16 GMT
age
17601
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=28800
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
389
fbevents.js
connect.facebook.net/en_US/ 		99 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: storage.reurl.cc
URL: https://storage.reurl.cc/javascripts/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b819b3ac2fe5857b7026a609f9115f0d50a7d6e8085ba5987d70ed6baaa41f4e
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26311
x-xss-protection
0
pragma
public
x-fb-debug
D4we8cBhPxd8lLiRPGOAQc7rRm5HSKrlemjeuDctqSCI8Ji/stntavlwixE824tZ2EjiTFw/8L7h827K4DoB1g==
x-fb-trip-id
720026100
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 09 May 2022 11:49:54 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
1675200226052423
connect.facebook.net/signals/config/ 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1675200226052423?v=2.9.58&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8a8c3ce2e5b78d7b311a76cfca12199d9c1f5847fefea6fef3ca82468e5b04c0
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
YbEmeIYOQy9rEjrBhiAre5cQVYw3t35HIkqd5KXK7hOL0/kGhzuD8m5pTRj2GfToTXEkcAwod8gGWpH5XWQ+Mg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 09 May 2022 11:49:54 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts
1652096994999
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205050101/ 		308 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205050101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1004948140419605&plah=reurl.cc&bust=31067451
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1004948140419605
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
25a7756dafe16dcbc2247a3178437ba030c2516ec4951971ea3d7391b9a85f72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 11:49:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112663
x-xss-protection
0
server
cafe
etag
4185671574743312800
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 09 May 2022 11:49:55 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220504/r20190131/ Frame BCF6 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220504/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1004948140419605
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
74882
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4421
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 08 May 2022 15:01:53 GMT
etag
1428802124239944296
expires
Sun, 22 May 2022 15:01:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
www.facebook.com/tr/ 		44 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1675200226052423&ev=PageView&dl=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&rl=&if=false&ts=1652096995015&sw=1600&sh=1200&v=2.9.58&r=stable&ec=0&o=28&fbp=fb.1.1652096995014.2139152925&it=1652096994774&coo=false&exp=p0&rqm=GET
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 11:49:55 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Mon, 09 May 2022 11:49:55 GMT
cookie.js
partner.googleadservices.com/gampad/ 		212 B
644 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=reurl.cc&callback=_gfp_s_&client=ca-pub-1004948140419605
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205050101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1004948140419605&plah=reurl.cc&bust=31067451
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
afefaf9e1bf641fd2fe3458db12fe3bf7d7082ad9dc9354e7e3c1f8dafdcd62b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 11:49:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
199
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=reurl.cc
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205050101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1004948140419605&plah=reurl.cc&bust=31067451
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 09 May 2022 11:49:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=reurl.cc
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205050101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1004948140419605&plah=reurl.cc&bust=31067451
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 09 May 2022 11:49:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&tn=NAV&cls=navbar%20navbar-expand-lg%20navbar-dark%20bg-reurl%20fixed-top%20nav-no-padding&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 May 2022 11:49:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 930C 		603 B
67 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1004948140419605&output=html&adk=1812271804&adf=3025194257&lmt=1652096995&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652096994977&bpp=2&bdt=380&idt=227&shv=r20220504&mjsv=m202205050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2625490674696&frm=20&pv=2&ga_vid=1998968982.1652096995&ga_sid=1652096995&ga_hid=1035805380&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067451%2C31061690%2C31067418&oid=2&pvsid=1926205803216770&pem=454&tmod=465829918&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=245
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205050101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1004948140419605&plah=reurl.cc&bust=31067451
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 09 May 2022 11:49:55 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
tagr_lib_learn_tw_v3.js
static-tagr.gd1.mookie1.com/s1/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-tagr.gd1.mookie1.com/s1/tagr_lib_learn_tw_v3.js?tagid=V2_98222&id=ClickForce_Learn
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rwd_cap.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.75.245.170 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-245-170.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
10407b8212733e00354b330f4e4790764e6bc187a9d2b6b62b27aeb387bc268b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Mon, 09 May 2022 11:49:55 GMT
Content-Encoding
gzip
Last-Modified
Thu, 28 Jul 2016 05:38:37 GMT
Server
nginx
ETag
"57999a5d-1153"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1217
checkSegmentsNFI.min.js
static-tagr.gd1.mookie1.com/s1/sas/lh1/ 		1 KB
843 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static-tagr.gd1.mookie1.com/s1/sas/lh1/checkSegmentsNFI.min.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rwd_cap.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.75.245.170 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-245-170.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
afc3261eac9e8f5606c513fa7c62f5add4200b8d171d1972f11abe2ec1a0ac41

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Mon, 09 May 2022 11:49:55 GMT
Content-Encoding
gzip
Last-Modified
Thu, 03 Nov 2016 14:26:27 GMT
Server
nginx
ETag
"581b4913-428"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
552
capmapping.htm
cdn.holmesmind.com/js/ Frame 47C3 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rwd_cap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:9600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c50a4d6505f1216962db6a855d60ebf08222fa6c286e7f21699c002d81b3cd9d

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-length
3044
content-type
text/html
date
Mon, 09 May 2022 11:49:56 GMT
etag
"b585383190cc538c34a520974872d918"
last-modified
Thu, 24 Mar 2022 11:21:34 GMT
server
AmazonS3
via
1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
x-amz-cf-id
NeaIuY77qKXFqYW0V9djNrY0YwDmZYpNG1cmvRPfHGL_Aq3ziEHzbw==
x-amz-cf-pop
FRA56-P2
x-amz-version-id
bA4BdajsGoQu4oL_HyEzRCsNuHmwq3bx
x-cache
Hit from cloudfront
edmp_init.js
cdn.holmesmind.com/js/ 		662 B
1014 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/edmp_init.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rwd_cap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:9600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
last-modified
Fri, 12 Mar 2021 02:45:40 GMT
server
AmazonS3
age
20
etag
"f58f8a90686f8ffb3325107e8a788b71"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Mon, 09 May 2022 11:49:38 GMT
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-length
662
x-amz-cf-id
qRQY2d3Zlgg2UkuVxa-am-KP4sWIOLKyqhWxfjhDnqXtKzRvr_MCjQ==
presetfn.js
cdn.holmesmind.com/js/ Frame 0339 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rwd_cap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:9600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1291c3d774415b830ea3f2c5ce78d160485606386d08a878c87f41ccdbe4a73f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
TffX4.BvLss5nGbaNkDOhki_IqknqyWa
via
1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
last-modified
Fri, 18 Mar 2022 03:26:21 GMT
server
AmazonS3
age
34
etag
"8de5f5c245a6377bb4dc88fbf8c0c6f5"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Mon, 09 May 2022 11:49:38 GMT
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-length
6093
x-amz-cf-id
MPX0q1IVKmWN5g_edscCglcd0EkxvYdj5H8KMOVz5Hy5y-K_-zYJWA==
cm
c.holmesmind.com/
Redirect Chain
  • https://c.holmesmind.com/cm
  • https://c.holmesmind.com/cm?tc=getIn&
0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm?tc=getIn&
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol
H3
Server
35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 11:49:56 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8

Redirect headers

location
https://c.holmesmind.com/cm?tc=getIn&
date
Mon, 09 May 2022 11:49:55 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
feeds
storage.re-news.tw/ 		6 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://storage.re-news.tw/feeds
Requested by
Host: storage.reurl.cc
URL: https://storage.reurl.cc/javascripts/renews.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.196.223 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
223.196.244.35.bc.googleusercontent.com
Software
/ Express
Resource Hash
1c3853406d3d40dffcf15259283a27c9b37bc80e2bd796dd31e2ad6d94bb34e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 11:49:55 GMT
via
1.1 google
etag
W/"1608-ksp6C/NxjDFHlILYfyh+4FnxwjU"
x-powered-by
Express
vary
Origin
content-type
text/html; charset=utf-8
access-control-allow-origin
https://reurl.cc
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5640
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: storage.reurl.cc
URL: https://storage.reurl.cc/javascripts/ga2.js?v=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
5446
date
Mon, 09 May 2022 10:19:09 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 09 May 2022 12:19:09 GMT
page.php
www.facebook.com/plugins/ Frame 2218 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
51eb4150b928c90af804e2e89974b801270983072762b05303299bd41b5436fd
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
date
Mon, 09 May 2022 11:49:55 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
nel
{"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
pragma
no-cache
priority
u=3,i
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
Jc87sB6UBb5bqvJhQKrNou/jDmjXAL4/TDHo6xDSHGfJsDJxn0etEAWUanBHg0XcRnKESwMJj+qJiXktyyODZQ==
x-fb-rlafr
0
x-xss-protection
0
cm
c.holmesmind.com/ Frame 47C3
Redirect Chain
  • https://c.holmesmind.com/cm
  • https://c.holmesmind.com/cm?tc=getIn&
0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm?tc=getIn&
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H3
Server
35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 11:49:56 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8

Redirect headers

location
https://c.holmesmind.com/cm?tc=getIn&
date
Mon, 09 May 2022 11:49:55 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
cm.php
fcm.holmesmind.com/ Frame 7D3A 		0
0
utag.js
t.ssp.hinet.net/ Frame 47C3 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
1419b8b18e2084e1d79ca111dba4eb9ea7dd22171029e13467e77d90c3f1a06e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 11:49:56 GMT
content-encoding
gzip
last-modified
Wed, 23 Feb 2022 08:43:40 GMT
server
nginx
etag
W/"6215f3bc-11a3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
strict-transport-security
max-age=0
expires
Mon, 09 May 2022 11:59:56 GMT
jpt
ib.adnxs.com/ 		0
664 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/jpt?id=10761225&callback=window.xaxS.auctionResult&cb=9990943938
Requested by
Host: static-tagr.gd1.mookie1.com
URL: https://static-tagr.gd1.mookie1.com/s1/sas/lh1/checkSegmentsNFI.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 09 May 2022 11:49:55 GMT
X-Proxy-Origin
185.213.155.177; 185.213.155.177; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
5a206139-2c91-4904-8b33-b50228896e50
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
learn
tw-gmtdmp.mookie1.com/t/v2/ 		43 B
642 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tw-gmtdmp.mookie1.com/t/v2/learn?tagid=V2_98222&src.domain=reurl.cc&src.url=%252Fmain%252Ftw&src.id=ClickForce_Learn&src.rand=8567975452
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.202.26 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
26.202.227.35.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 May 2022 11:49:55 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
Preset.js
adcdn.holmesmind.com/adserver/ Frame 0339 		898 B
701 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adcdn.holmesmind.com/adserver/Preset.js?z=12684
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:f400:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
c78c7112b8c2c2aaa28a1c92691705b8638f9760f86985e64ad6c06c17503adc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 11:49:56 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA60-P2
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
x-amz-cf-id
UP44-JK5fzHQOFxVyaoVVGXY9cvUzbD0Ad_qCHAq2FvlEjxXSR6tbQ==
via
1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
k6NVHBd2WaU.css
static.xx.fbcdn.net/rsrc.php/v3/yV/l/0,cross/ Frame 2218 		18 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yV/l/0,cross/k6NVHBd2WaU.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b29fc8a337f7e1a9690ed671a48fa90138a31fb55b81b65d6406a4a590f23c62
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 11:49:55 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
pMRFG2Mckb2Oxgl7A6454Q==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
4686
x-fb-rlafr
0
x-fb-debug
R1GnQJTOvrysuS/qOXeIKVpJgRTBCiyyD2pJx/DIjkRF/5T9HAZtu+SlM/AAUq4aTIuGODkn7s3yoDu73pehlw==
x-fb-trip-id
720026100
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Mon, 08 May 2023 14:37:09 GMT
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1035805380&t=pageview&_s=1&dl=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&ul=en-us&de=UTF-8&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEABAAAAAC~&jid=2128738747&gjid=2003158925&cid=1998968982.1652096995&tid=UA-102456694-1&_gid=1248500627.1652096996&_r=1&_slc=1&z=896233922
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 09 May 2022 11:49:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1035805380&t=event&_s=2&dl=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&ul=en-us&de=UTF-8&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=pause&ea=0&el=MTg1LjIxMy4xNTUuMTc3&ev=1&_u=IAhAAEABAAAAAC~&jid=&gjid=&cid=1998968982.1652096995&tid=UA-102456694-1&_gid=1248500627.1652096996&z=1646346401
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 May 2022 15:43:28 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
72387
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
437 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-102456694-1&cid=1998968982.1652096995&jid=2128738747&gjid=2003158925&_gid=1248500627.1652096996&_u=IAhAAEAAAAAAAC~&z=65223701
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 09 May 2022 11:49:56 GMT
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-102456694-1&cid=1998968982.1652096995&jid=2128738747&_u=IAhAAEAAAAAAAC~&z=1547817297
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 May 2022 11:49:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-102456694-1&cid=1998968982.1652096995&jid=2128738747&_u=IAhAAEAAAAAAAC~&z=1547817297
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 May 2022 11:49:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1651825121-c728b294675ac2048dee88c48c05e122-840x525.png
img.gbyhn.com.tw/2022/05/ 		708 KB
709 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.gbyhn.com.tw/2022/05/1651825121-c728b294675ac2048dee88c48c05e122-840x525.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ecd3c73e09f67ee78dc9c9f63f7a7f9f4f87fb0a26d7b91a2a92e288798f8b2
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 11:49:56 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11019
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
725003
last-modified
Fri, 06 May 2022 08:18:43 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=78Kv97O3zsqaAAo8zavBsL51K5cYdH%2FbIHe9YRWonbSJ9TaNm8PZgKWW7UzPkqZ0YpzIJ0XS4mtZz0XsDffyBdFptd1sdsx%2FlWacLFbXdcr%2BaavyDFWtXUGfH0K6%2BwD1E0esked%2BPNRKmCOTi03c"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
708a36f25ab99b74-FRA
expires
Fri, 13 May 2022 08:19:11 GMT
S__58269877.jpg
i0.wp.com/golike.tw/wp-content/uploads/2022/04/ 		84 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/golike.tw/wp-content/uploads/2022/04/S__58269877.jpg?fit=1024%2C756&ssl=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
15aa3089d4f5ab7809b28e5a70738100120b43b95db8a392288db04db03f3678
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Mon, 09 May 2022 11:49:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 08 May 2022 10:01:10 GMT
server
nginx
etag
"262f8cb2857ae235"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://golike.tw/wp-content/uploads/2022/04/S__58269877.jpg>; rel="canonical"
content-length
86382
expires
Tue, 07 May 2024 22:01:10 GMT
2022050608550170.jpg
img.racingcharger.tw/wp-content/uploads/ 		139 KB
140 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.racingcharger.tw/wp-content/uploads/2022050608550170.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2b1bba2b1e98b1fc70a18fe787411ca69b3f703599932d8bbe70465a7087fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 11:49:56 GMT
cf-cache-status
HIT
last-modified
Fri, 06 May 2022 08:55:07 GMT
server
cloudflare
age
9707
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jhWfy6yGyVezxnhOZ49qeYdLDWZE8bJefHNm3OT29F0YtNsJl0KbJU5ZfTctD%2FDOf7tLF%2FxzWHVjQNukn0lL65X5uvb7STolSGtAk1%2BAjO3e%2FuvzVpfPXqbFKxAcL0I%2Bmv5BkPI8OmEVeSzppmuoXlJ5fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=28800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
708a36f27f28929c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
142766
%E5%AF%8C%E9%82%A6-J-Points-%E5%8D%A1%E5%9C%8B%E5%85%A7%E6%B6%88%E8%B2%BB-2-%E5%9B%9E%E9%A5%8B%E7%84%A1%E4%B8%8A%E9%99%90%EF%BC%8C%E4%BF%9D%E8%B2%BB%E5%88%86%E6%9C%9F%E6%A9%98%E5%AD%90%E6%94%AF%E4%...
creditcards.com.tw/wp-content/uploads/2021/07/ 		77 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creditcards.com.tw/wp-content/uploads/2021/07/%E5%AF%8C%E9%82%A6-J-Points-%E5%8D%A1%E5%9C%8B%E5%85%A7%E6%B6%88%E8%B2%BB-2-%E5%9B%9E%E9%A5%8B%E7%84%A1%E4%B8%8A%E9%99%90%EF%BC%8C%E4%BF%9D%E8%B2%BB%E5%88%86%E6%9C%9F%E6%A9%98%E5%AD%90%E6%94%AF%E4%BB%98%E7%B9%B3%E8%B2%BB%E4%BA%AB%E5%9B%9E%E9%A5%8B-1080x630.jpg?crop=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.244 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
9f6b3db236da81689801fc4fc81c9ec17533844dd6f682cf1956930281f847ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 11:49:56 GMT
x-ac
2.hhn _atomic_ams
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
content-length
79330
x-nc
HIT bur 6
last-modified
Thu, 03 Feb 2022 15:18:57 GMT
server
nginx
etag
"91e23ad5e5d18c5b"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
expires
Sun, 04 Feb 2024 03:18:57 GMT
file.png
static.wixstatic.com/media/8d2acb_cb660b22f7714eea8d383ad7d04bb8a8~mv2.jpg/v1/fit/w_1000,h_720,al_c,q_80/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.wixstatic.com/media/8d2acb_cb660b22f7714eea8d383ad7d04bb8a8~mv2.jpg/v1/fit/w_1000,h_720,al_c,q_80/file.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.176.152 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
152.176.102.34.bc.googleusercontent.com
Software
openresty/1.19.9.1 /
Resource Hash
35f6f7b4013e431ba8883512a6ed3179f7e7bde7712bbe5f952853b3fde790be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 07:31:08 GMT
via
1.1 google
server
openresty/1.19.9.1
age
965928
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
content-length
1065173
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
wix-tracer
28PvWh1hOMJFqeDaoZ8OkHrLua1
x-seen-by
image-manipulator-5d686cb9d4-75tr9
%E4%BF%A1%E8%B2%B8%E6%A1%88%E4%BE%8B68.jpg
blog.alphaloan.co/wp-content/uploads/2022/04/ 		166 KB
167 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.alphaloan.co/wp-content/uploads/2022/04/%E4%BF%A1%E8%B2%B8%E6%A1%88%E4%BE%8B68.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.187 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
7fe8b88a61735349a26d7c9224d03eacb1773caa6c678369c0fbf9060299423d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 11:49:56 GMT
x-ac
2.hhn _atomic_ams
last-modified
Mon, 18 Apr 2022 07:25:45 GMT
server
nginx
etag
"625d1279-299ab"
strict-transport-security
max-age=31536000
access-control-allow-methods
GET, HEAD
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
170411
expires
Mon, 16 May 2022 11:49:56 GMT
ads.js
ad.holmesmind.com/adserver/ Frame 0339 		0
215 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=12684&rf=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&n=372&o=1&d=1&b=2&ts=1&ii=undefined&FPCK=5276-ZVGKKv5JgH60tAVerWixjH4sAWAxndCb&initver=210830P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.112.163.33 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-163-33.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Mon, 09 May 2022 11:49:56 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame 0339 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:9600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:10 GMT
server
AmazonS3
age
56
etag
"6a605eea47197fa280f27aaf1fa1521d"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Mon, 09 May 2022 11:49:01 GMT
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-length
2773
x-amz-cf-id
rf3NAN36oiFEPrj3fzFl2Z0-9vERIDEf45tQThQwOeANoG8YOW0fHA==
publishertag.js
static.criteo.net/js/ld/ Frame 0339 		119 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
850a150239aa319a9c772f1e6e71c15680d670c980c3daf41734c6ce8e0e8255
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 11:49:56 GMT
content-encoding
gzip
last-modified
Tue, 03 May 2022 11:21:03 GMT
server
nginx
etag
W/"6271101f-1dc01"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 10 May 2022 11:49:56 GMT
criteoV2.js
cdn.holmesmind.com/js/ Frame 0339 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:9600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:12 GMT
server
AmazonS3
age
26
etag
"e8f33fcb581483ced4a09b3c8e7550e4"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Mon, 09 May 2022 11:49:38 GMT
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-length
2443
x-amz-cf-id
Tve6xKAsAd1Fdwpok07arzENs6MMsL4dXe3sp5X-j3ozSdzp3-IXcg==
appierV2.js
cdn.holmesmind.com/js/ Frame 0339 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:9600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
last-modified
Thu, 11 Mar 2021 07:54:26 GMT
server
AmazonS3
age
26
etag
"548ed610a8571343fb3022f543174735"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Mon, 09 May 2022 11:49:38 GMT
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-length
3177
x-amz-cf-id
Wj3LGgG5Iw7nQhrmBO1ChU6mf_EAV0XgZjdvKwvOKGpYpbvBFBK8_Q==
appier_mainV3.js
cdn.holmesmind.com/js/ Frame 0339 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:9600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d541f77dd45df41c827a1c2b2899696c336c7bb3a1a06422d66ca4f37454258e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
last-modified
Fri, 15 Oct 2021 07:41:44 GMT
server
AmazonS3
age
26
etag
"adc35fd9401ac04bdb2a47c466e46174"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Mon, 09 May 2022 11:49:38 GMT
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-length
2568
x-amz-cf-id
k_6FlKe_avWYU8OHnVP2YtWCX25cxSc0BpxZqRh0fQ4AEpYJ7ZDAQA==
bid
ad2.apx.appier.net/v1/prebid/ Frame 0339
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=QF02o5idDyGVUDUo5f94Yg
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=QF02o5idDyGVUDUo5f94Yg
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 11:49:57 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Mon, 09 May 2022 11:49:57 GMT
server
nginx
access-control-allow-origin
null
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=QF02o5idDyGVUDUo5f94Yg
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame 0339
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=SYYd-BVQBwGNRHyI5f94Yg
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=SYYd-BVQBwGNRHyI5f94Yg
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 11:49:57 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Mon, 09 May 2022 11:49:57 GMT
server
nginx
access-control-allow-origin
null
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=SYYd-BVQBwGNRHyI5f94Yg
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame 0339 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Mon, 09 May 2022 11:49:56 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame 0339 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Mon, 09 May 2022 11:49:56 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
bid
ad2.apx.appier.net/v1/prebid/ Frame 0339
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=5Irjoyo4AguWCksy5f94Yg
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=5Irjoyo4AguWCksy5f94Yg
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 11:49:57 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Mon, 09 May 2022 11:49:57 GMT
server
nginx
access-control-allow-origin
null
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=5Irjoyo4AguWCksy5f94Yg
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame 0339
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=xaigJlSqD4OtCpgN5f94Yg
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=xaigJlSqD4OtCpgN5f94Yg
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 11:49:57 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Mon, 09 May 2022 11:49:57 GMT
server
nginx
access-control-allow-origin
null
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=xaigJlSqD4OtCpgN5f94Yg
cache-control
no-store
access-control-allow-credentials
true
content-length
0
cdb
bidder.criteo.com/ Frame 0339 		0
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=123&profileId=184&cb=61747018573
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 09 May 2022 11:49:55 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
cdb
bidder.criteo.com/ Frame 0339 		0
210 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=123&profileId=184&cb=48399438019
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 09 May 2022 11:49:55 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
/
t.ssp.hinet.net/ Frame 47C3 		37 B
409 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
1f78f32155da9b7d4b232795844f595a9b5a7ed5f0eec300db3259af56109ba4
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 11:49:56 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
events
bidder.criteo.com/csm/ Frame 0339 		0
209 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 09 May 2022 11:49:56 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
pixel.gif
static.criteo.net/images/ Frame 0339 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 11:49:56 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
strict-transport-security
max-age=31536000; preload;
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Thu, 04 May 2023 11:49:56 GMT
pixel.gif
static.criteo.net/images/ Frame 0339 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 11:49:56 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
strict-transport-security
max-age=31536000; preload;
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Thu, 04 May 2023 11:49:56 GMT
events
bidder.criteo.com/csm/ Frame 0339 		0
209 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 09 May 2022 11:49:56 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
landing.php
fp.holmesmind.com/ Frame FB1B 		0
249 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=9884-C0XjIFd2AQS1HtlPUr6PRhMz8yMswXek&CFFPCKUUID=5276-ZVGKKv5JgH60tAVerWixjH4sAWAxndCb&url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&maindomain=reurl.cc
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.219.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
39.219.117.34.bc.googleusercontent.com
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
x-requested-with,content-type
access-control-allow-methods
*
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 09 May 2022 11:49:56 GMT
server
nginx/1.20.0
vary
Accept-Encoding
via
1.1 google
utag.js
t.ssp.hinet.net/ Frame 0339 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
1419b8b18e2084e1d79ca111dba4eb9ea7dd22171029e13467e77d90c3f1a06e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 11:49:56 GMT
content-encoding
gzip
last-modified
Wed, 23 Feb 2022 08:43:40 GMT
server
nginx
etag
W/"6215f3bc-11a3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
strict-transport-security
max-age=0
expires
Mon, 09 May 2022 11:59:56 GMT
emome2
t.ssp.hinet.net/ Frame 47C3 		30 B
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=d72d40c4-e463-4c79-a612-c717023ef926
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 11:49:56 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
/
t.ssp.hinet.net/ Frame 0339 		36 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
a6c9718a5abd5d3936a4322e80a258bd6e9ecc25af84e7df19a78c7ef52e681c
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 11:49:56 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
emome2
t.ssp.hinet.net/ Frame 0339 		30 B
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=d72d40c4-e463-4c79-a612-c717023ef926
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 11:49:57 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
cm
t.ssp.hinet.net/ Frame 0339 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=50ef57&cid=9884-C0XjIFd2AQS1HtlPUr6PRhMz8yMswXek&mp=d72d40c4-e463-4c79-a612-c717023ef926
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 11:49:57 GMT
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
pixel
d72d40c4-e463-4c79-a612-c717023ef926.t.ssp.hinet.net/ Frame 0339 		0
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d72d40c4-e463-4c79-a612-c717023ef926.t.ssp.hinet.net/pixel?bd=d72d40c4-e463-4c79-a612-c717023ef926&t=50ef57
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 11:49:58 GMT
server
nginx
content-length
0
strict-transport-security
max-age=0
content-type
image/png

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fcm.holmesmind.com
URL
https://fcm.holmesmind.com/cm.php

Verdicts & Comments Add Verdict or Comment

81 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails function| fbq function| _fbq object| adsbygoogle function| $ function| jQuery object| bootstrap function| Vue function| axios function| Sweetalert2 function| SweetAlert function| Swal function| sweetAlert function| swal object| VueQrcode object| app object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint function| saveAs function| saveTextAs function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages number| cmz number| cmc number| edmpvct number| edmpcct function| c_tag_mk number| cftkn function| chktkn function| cookie_mapping function| getOS function| getBrowser function| htmlEscape function| getAdSrVariable function| getSubDomain object| xaxParams function| Fingerprint2 object| renews function| getRenewsFeeds string| labelToken string| category string| GoogleAnalyticsObject function| ga object| xaxS object| ElandTracker function| stfpjs object| gaplugins object| gaData object| criteo_syncframe_state

23 Cookies

Domain/Path Name / Value
reurl.cc/ Name: clientIdV2
Value: cffba54ebbd5e8cf93ab7eac0b26c967a93ba79468f823749807212d0638598d9b437168822e12e0108b2e37212907e0cf53ffef00d0dd2f64fb826ac1c15c26d74dc1cf3b62735c8a794f71
reurl.cc/ Name: clientId
Value: cffba54ebbd5e8cf93ab7eac0b26c967a93ba79468f823749807212d0638598d9b437168822e12e0108b2e37212907e0cf53ffef00d0dd2f64fb826ac1c15c26d74dc1cf3b62735c8a794f71
reurl.cc/ Name: lang
Value: tw
.reurl.cc/ Name: _fbp
Value: fb.1.1652096995014.2139152925
.reurl.cc/ Name: __gads
Value: ID=f1b6c10febc56bba-225441cf8fcd00f8:T=1652096995:RT=1652096995:S=ALNI_MZFUIhPNOHQNRmpXEi-_w2qTlBYAg
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.reurl.cc/ Name: _ga
Value: GA1.2.1998968982.1652096995
.reurl.cc/ Name: _gid
Value: GA1.2.1248500627.1652096996
.reurl.cc/ Name: _gat
Value: 1
.mookie1.com/ Name: id
Value: 10526953023888087316
.mookie1.com/ Name: mdata
Value: 1|10526953023888087316|1652096995997
.mookie1.com/ Name: ov
Value: d5e31484eaf89849c2223c9f388c52f0
.holmesmind.com/ Name: Vision
Value: 20220509-23:59,20220509-22,20220509-22,20220509-23:59
.holmesmind.com/ Name: C
Value: null
.holmesmind.com/ Name: RK
Value: null
.holmesmind.com/ Name: P
Value: 683949-NAWVp8XH1MrSCCCgjOJ0hLuUCd3ibTtz
reurl.cc/ Name: CFFPCKUUID
Value: 5276-ZVGKKv5JgH60tAVerWixjH4sAWAxndCb
.reurl.cc/ Name: CFFPCKUUIDMAIN
Value: 9884-C0XjIFd2AQS1HtlPUr6PRhMz8yMswXek
.hinet.net/ Name: uuid
Value: d72d40c4-e463-4c79-a612-c717023ef926
.reurl.cc/ Name: __htid
Value: d72d40c4-e463-4c79-a612-c717023ef926
.reurl.cc/ Name: _ht_em
Value: 1
.c.appier.net/ Name: _auid
Value: 5Irjoyo4AguWCksy5f94Yg
.reurl.cc/ Name: _ht_50ef57
Value: 1

1 Console Messages

Source Level URL
Text
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1004948140419605&output=html&adk=1812271804&adf=3025194257&lmt=1652096995&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652096994977&bpp=2&bdt=380&idt=227&shv=r20220504&mjsv=m202205050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2625490674696&frm=20&pv=2&ga_vid=1998968982.1652096995&ga_sid=1652096995&ga_hid=1035805380&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067451%2C31061690%2C31067418&oid=2&pvsid=1926205803216770&pem=454&tmod=465829918&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=245
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.holmesmind.com
ad2.apx.appier.net
adcdn.holmesmind.com
adservice.google.com
adservice.google.de
bidder.criteo.com
blog.alphaloan.co
c.holmesmind.com
cdn.holmesmind.com
cdn.jsdelivr.net
cdn.rawgit.com
cdnjs.cloudflare.com
connect.facebook.net
creditcards.com.tw
d72d40c4-e463-4c79-a612-c717023ef926.t.ssp.hinet.net
fcm.holmesmind.com
fp.holmesmind.com
gocm.c.appier.net
googleads.g.doubleclick.net
i0.wp.com
ib.adnxs.com
img.gbyhn.com.tw
img.racingcharger.tw
pagead2.googlesyndication.com
partner.googleadservices.com
prebid-asia.creativecdn.com
reurl.cc
static-tagr.gd1.mookie1.com
static.criteo.net
static.wixstatic.com
static.xx.fbcdn.net
stats.g.doubleclick.net
storage.re-news.tw
storage.reurl.cc
t.ssp.hinet.net
tw-gmtdmp.mookie1.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
fcm.holmesmind.com
103.132.192.30
13.112.163.33
139.162.40.113
142.250.186.162
178.250.0.165
185.33.221.13
192.0.77.2
192.0.78.187
192.0.78.244
203.75.214.136
23.75.245.170
2600:9000:223c:9600:0:e06c:e940:93a1
2600:9000:2250:f400:3:1794:2540:93a1
2606:4700::6810:5914
2606:4700::6811:190e
2a00:1450:4001:803::2003
2a00:1450:4001:812::2002
2a00:1450:4001:813::2004
2a00:1450:4001:828::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2002
2a00:1450:400c:c08::9a
2a02:2638::3
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f107:83:face:b00c:0:25de
2a06:98c1:3121::a
34.102.176.152
34.117.219.39
34.149.98.30
34.96.119.68
35.185.130.121
35.201.76.93
35.227.202.26
35.244.196.223
84.17.46.53
003c6c7476d2158d18f48473e7071c87f48e8e1cf957343020a148c97ba30482
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
00fc5eede87ce2644e673193b3ffce854cad06f548d8a6057acce9c0dbef3b2d
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0da7fc1ae23678b2872653962d147fcd1cbd0a5a9c8f84d44ae99bc581fd9062
10407b8212733e00354b330f4e4790764e6bc187a9d2b6b62b27aeb387bc268b
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1291c3d774415b830ea3f2c5ce78d160485606386d08a878c87f41ccdbe4a73f
12e46b645dde5408be7fc6f4ce9647addac5d09c5f27dc8e3ffe9e07e6c9a935
1419b8b18e2084e1d79ca111dba4eb9ea7dd22171029e13467e77d90c3f1a06e
15aa3089d4f5ab7809b28e5a70738100120b43b95db8a392288db04db03f3678
1c3853406d3d40dffcf15259283a27c9b37bc80e2bd796dd31e2ad6d94bb34e0
1f78f32155da9b7d4b232795844f595a9b5a7ed5f0eec300db3259af56109ba4
25a7756dafe16dcbc2247a3178437ba030c2516ec4951971ea3d7391b9a85f72
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c
2950bc3fd628cb8a8c6b1367f664e31353a6ff9edd99c3f2831ce548610a05b0
35c6684a7e2ae1c54dfc242f676adb7e5624d580dcf786d021d28b91aae6edaf
35f6f7b4013e431ba8883512a6ed3179f7e7bde7712bbe5f952853b3fde790be
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6
4b52781951c70cc8a2ae2afdaac5d673c656c3be0f1c769fa6c1e9e4f5ed8d3b
4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55
4ecd3c73e09f67ee78dc9c9f63f7a7f9f4f87fb0a26d7b91a2a92e288798f8b2
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
51eb4150b928c90af804e2e89974b801270983072762b05303299bd41b5436fd
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
5fc0dbf4ff4226cd76269ebf476080a5034a8522efa425ca5e04c44936e76a06
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
62a62225a4e6e5ea098b9ed6aa19c2149880cbd6d3e0314f2b875a32b1f8ce25
6e9ab8ab1d57a0695a66577e348ae4343e1a92f70cb4835a52c4863f11114037
7fe8b88a61735349a26d7c9224d03eacb1773caa6c678369c0fbf9060299423d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
850a150239aa319a9c772f1e6e71c15680d670c980c3daf41734c6ce8e0e8255
8a8c3ce2e5b78d7b311a76cfca12199d9c1f5847fefea6fef3ca82468e5b04c0
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834
9c8c0ac19964706e18280f35973180a896d74c52c760c2d7047d6a94c1329a6f
9f6b3db236da81689801fc4fc81c9ec17533844dd6f682cf1956930281f847ee
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2b1bba2b1e98b1fc70a18fe787411ca69b3f703599932d8bbe70465a7087fb7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6c9718a5abd5d3936a4322e80a258bd6e9ecc25af84e7df19a78c7ef52e681c
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afc3261eac9e8f5606c513fa7c62f5add4200b8d171d1972f11abe2ec1a0ac41
afefaf9e1bf641fd2fe3458db12fe3bf7d7082ad9dc9354e7e3c1f8dafdcd62b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b29fc8a337f7e1a9690ed671a48fa90138a31fb55b81b65d6406a4a590f23c62
b819b3ac2fe5857b7026a609f9115f0d50a7d6e8085ba5987d70ed6baaa41f4e
c50a4d6505f1216962db6a855d60ebf08222fa6c286e7f21699c002d81b3cd9d
c78c7112b8c2c2aaa28a1c92691705b8638f9760f86985e64ad6c06c17503adc
d5301cd65ec3279af99bdebe4a75615a9ce8ec73c43753af888fcd41d5b65316
d541f77dd45df41c827a1c2b2899696c336c7bb3a1a06422d66ca4f37454258e
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32
e32272da242ceb6ecfad754975bc09782c6229a7a46c58e46cec347aab22be64
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3481bf12191837d5e19d9526f18fd20fc88395a403c1a0b098eeef10a7f56ab