urlscan.io logo urlscan.io
SecurityTrails logo

reurl.cc Open in urlscan Pro
35.185.130.121  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://reurl.cc/xm7nmj
Effective URL: https://reurl.cc/xm7nmj
Submission: On January 08 via manual from HK — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 56 IPs in 9 countries across 36 domains to perform 203 HTTP transactions. The main IP is 35.185.130.121, located in Taipei, Taiwan and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is reurl.cc. The Cisco Umbrella rank of the primary domain is 102175.
TLS certificate: Issued by R3 on November 18th 2023. Valid for: 3 months.
This is the only time reurl.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 35.185.130.121 396982 (GOOGLE-CL...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
3 34.149.98.30 396982 (GOOGLE-CL...)
1 2a00:1450:400... 15169 (GOOGLE)
13 2a00:1450:400... 15169 (GOOGLE)
1 203.66.35.99 3462 (HINET Dat...)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
11 2a02:2638:3::3 44788 (ASN-CRITE...)
1 104.18.35.167 13335 (CLOUDFLAR...)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 65.9.66.97 16509 (AMAZON-02)
22 2a00:1450:400... 15169 (GOOGLE)
1 5 2a00:1450:400... 15169 (GOOGLE)
1 2 34.120.107.143 396982 (GOOGLE-CL...)
1 54.78.109.25 16509 (AMAZON-02)
2 6 2a02:2638:3::c 44788 (ASN-CRITE...)
15 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
10 2600:9000:225... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638:3::12 44788 (ASN-CRITE...)
4 2a00:1450:400... 15169 (GOOGLE)
1 178.250.1.6 44788 (ASN-CRITE...)
1 35.244.159.8 396982 (GOOGLE-CL...)
2 54.64.241.212 16509 (AMAZON-02)
5 2a02:2638:3::10 44788 (ASN-CRITE...)
2 2a02:2638:3::1a 44788 (ASN-CRITE...)
1 2a02:2638:3::9 44788 (ASN-CRITE...)
1 116.50.36.71 18046 (DONGFONG-...)
2 52.195.28.90 16509 (AMAZON-02)
1 34.95.67.231 ()
1 18.177.171.42 16509 (AMAZON-02)
8 203.75.214.136 3462 (HINET Dat...)
1 2 35.201.76.93 396982 (GOOGLE-CL...)
1 1 142.250.184.194 15169 (GOOGLE)
1 35.227.249.156 396982 (GOOGLE-CL...)
1 103.132.192.30 138552 (RTBHOUSE-...)
1 210.59.219.34 3462 (HINET Dat...)
2 4 35.190.36.98 15169 (GOOGLE)
2 2 172.105.221.29 63949 (AKAMAI-LI...)
5 2a03:2880:f17... 32934 (FACEBOOK)
1 35.244.196.223 396982 (GOOGLE-CL...)
2 2a02:2638:3::7 44788 (ASN-CRITE...)
12 2a00:1450:400... 15169 (GOOGLE)
25 2a03:2880:f08... 32934 (FACEBOOK)
1 35.185.136.122 396982 (GOOGLE-CL...)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 192.0.78.25 2635 (AUTOMATTIC)
1 61.216.47.122 3462 (HINET Dat...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 34.160.81.203 396982 (GOOGLE-CL...)
1 2600:9000:205... 16509 (AMAZON-02)
1 192.0.78.187 2635 (AUTOMATTIC)
203 56
2    35.185.130.121 (Taipei, Taiwan)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 121.130.185.35.bc.googleusercontent.com
reurl.cc
2    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
3    34.149.98.30 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 30.98.149.34.bc.googleusercontent.com
storage.reurl.cc
1    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
13    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
1    203.66.35.99 (Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-66-35-99.hinet-ip.hinet.net
ad-specs.guoshipartners.com
3    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:400c:c04::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
2    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
11    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    104.18.35.167 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
1    65.9.66.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-97.fra56.r.cloudfront.net
tags.crwdcntrl.net
22    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
1299f30642d7b2272c1adc45c0872746.safeframe.googlesyndication.com
tpc.googlesyndication.com
a8d2c0901941af5f97d782c8302a05fc.safeframe.googlesyndication.com
5    2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    34.120.107.143 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com
oajs.openx.net
1    54.78.109.25 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-109-25.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
6    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
mug.criteo.com
15    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
3    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
10    2600:9000:2250:3a00:0:e06c:e940:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.holmesmind.com
2    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
4    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl3.eu.criteo.com
1    35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com
google-bidout-d.openx.net
2    54.64.241.212 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-64-241-212.ap-northeast-1.compute.amazonaws.com
ad.holmesmind.com
5    2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
imageproxy.eu.criteo.net
2    2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
1    2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.nl3.eu.criteo.com
1    116.50.36.71 (Taiwan)

ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW)
cm.lndata.com
2    52.195.28.90 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-195-28-90.ap-northeast-1.compute.amazonaws.com
cm-dev-poc.holmesmind.com
1    34.95.67.231 (None, )

ASN- ()
fcm.holmesmind.com
1    18.177.171.42 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-177-171-42.ap-northeast-1.compute.amazonaws.com
fcm2.holmesmind.com
8    203.75.214.136 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-75-214-136.hinet-ip.hinet.net
t.ssp.hinet.net
680ec374-4b0c-4248-a119-71fc165573ee.t.ssp.hinet.net
2    35.201.76.93 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 93.76.201.35.bc.googleusercontent.com
c.holmesmind.com
1    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
cm.g.doubleclick.net
1    35.227.249.156 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 156.249.227.35.bc.googleusercontent.com
m.holmesmind.com
1    103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net
prebid-asia.creativecdn.com
1    210.59.219.34 (Taichung, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 210-59-219-34.hinet-ip.hinet.net
prebid.scupio.com
4    35.190.36.98 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 98.36.190.35.bc.googleusercontent.com
ad2.apx.appier.net
2    172.105.221.29 (Tokyo, Japan)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1875-29.members.linode.com
gocm.c.appier.net
5    2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    35.244.196.223 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 223.196.244.35.bc.googleusercontent.com
storage.re-news.tw
2    2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
12    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
25    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
static.xx.fbcdn.net
scontent.xx.fbcdn.net
connect.facebook.net
1    35.185.136.122 (Taipei, Taiwan)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 122.136.185.35.bc.googleusercontent.com
re-news.tw
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
img.gbyhn.com.tw
1    192.0.78.25 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
creditcards.com.tw
1    61.216.47.122 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 61-216-47-122.hinet-ip.hinet.net
img.racingcharger.tw
1    2606:4700::6811:efc2 (United States)

ASN13335 (CLOUDFLARENET, US)
mma.prnasia.com
1    34.160.81.203 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 203.81.160.34.bc.googleusercontent.com
www.rayskyinvest.com
1    2600:9000:2057:8c00:1e:5c56:d400:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.wixstatic.com
1    192.0.78.187 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
blog.alphaloan.co
Apex Domain
Subdomains		 Transfer
34 googlesyndication.com
1299f30642d7b2272c1adc45c0872746.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 185
pagead2.googlesyndication.com — Cisco Umbrella Rank: 140
a8d2c0901941af5f97d782c8302a05fc.safeframe.googlesyndication.com
175 KB
24 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 770
scontent.xx.fbcdn.net — Cisco Umbrella Rank: 263
570 KB
19 holmesmind.com
cdn.holmesmind.com — Cisco Umbrella Rank: 109334
ad.holmesmind.com — Cisco Umbrella Rank: 88264
cm-dev-poc.holmesmind.com — Cisco Umbrella Rank: 133291
fcm.holmesmind.com
fcm2.holmesmind.com — Cisco Umbrella Rank: 115904
c.holmesmind.com — Cisco Umbrella Rank: 94756
m.holmesmind.com — Cisco Umbrella Rank: 147587
99 KB
18 criteo.net
static.criteo.net — Cisco Umbrella Rank: 894
imageproxy.eu.criteo.net — Cisco Umbrella Rank: 8571
csm.eu.criteo.net — Cisco Umbrella Rank: 7743
124 KB
16 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269
stats.g.doubleclick.net — Cisco Umbrella Rank: 184
googleads.g.doubleclick.net — Cisco Umbrella Rank: 68
cm.g.doubleclick.net — Cisco Umbrella Rank: 338
383 KB
15 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 323
310 KB
11 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 597
mug.criteo.com — Cisco Umbrella Rank: 1867
ads.eu.criteo.com — Cisco Umbrella Rank: 7692
cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 10138
rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 14817
bidder.criteo.com — Cisco Umbrella Rank: 878
63 KB
8 hinet.net
t.ssp.hinet.net — Cisco Umbrella Rank: 81842
680ec374-4b0c-4248-a119-71fc165573ee.t.ssp.hinet.net
7 KB
8 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2014
www.google.com — Cisco Umbrella Rank: 6
2 KB
6 appier.net
ad2.apx.appier.net — Cisco Umbrella Rank: 78820
gocm.c.appier.net — Cisco Umbrella Rank: 4327
2 KB
5 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
50 KB
5 reurl.cc
reurl.cc — Cisco Umbrella Rank: 102175
storage.reurl.cc — Cisco Umbrella Rank: 379939
6 KB
4 gstatic.com
fonts.gstatic.com
98 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 115
4 KB
3 openx.net
oajs.openx.net — Cisco Umbrella Rank: 2214
google-bidout-d.openx.net — Cisco Umbrella Rank: 2217
784 B
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 101
21 KB
2 re-news.tw
storage.re-news.tw
re-news.tw
31 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 271
129 KB
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1411
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1431
12 KB
2 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 3020
prebid-asia.creativecdn.com — Cisco Umbrella Rank: 19327
2 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 4002
515 B
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 438
57 KB
1 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 240
54 KB
1 alphaloan.co
blog.alphaloan.co
181 KB
1 wixstatic.com
static.wixstatic.com — Cisco Umbrella Rank: 8129
248 KB
1 rayskyinvest.com
www.rayskyinvest.com
892 KB
1 prnasia.com
mma.prnasia.com
107 KB
1 racingcharger.tw
img.racingcharger.tw
198 KB
1 creditcards.com.tw
creditcards.com.tw
78 KB
1 gbyhn.com.tw
img.gbyhn.com.tw
94 KB
1 scupio.com
prebid.scupio.com — Cisco Umbrella Rank: 91767
2 KB
1 lndata.com
cm.lndata.com — Cisco Umbrella Rank: 125833
470 B
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 2532
8 KB
1 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1919
5 KB
1 guoshipartners.com
ad-specs.guoshipartners.com — Cisco Umbrella Rank: 158569
42 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
93 KB
203 36
Domain Requested by
22 static.xx.fbcdn.net www.facebook.com
static.xx.fbcdn.net
19 tpc.googlesyndication.com reurl.cc
securepubads.g.doubleclick.net
1299f30642d7b2272c1adc45c0872746.safeframe.googlesyndication.com
tpc.googlesyndication.com
15 cdn.ampproject.org securepubads.g.doubleclick.net
12 pagead2.googlesyndication.com www.googletagservices.com
reurl.cc
securepubads.g.doubleclick.net
tpc.googlesyndication.com
12 securepubads.g.doubleclick.net reurl.cc
securepubads.g.doubleclick.net
1299f30642d7b2272c1adc45c0872746.safeframe.googlesyndication.com
www.googletagservices.com
11 static.criteo.net securepubads.g.doubleclick.net
ads.eu.criteo.com
cdn.holmesmind.com
reurl.cc
10 cdn.holmesmind.com securepubads.g.doubleclick.net
cdn.holmesmind.com
ad.holmesmind.com
7 t.ssp.hinet.net cdn.holmesmind.com
t.ssp.hinet.net
5 www.facebook.com reurl.cc
static.xx.fbcdn.net
5 imageproxy.eu.criteo.net ads.eu.criteo.com
5 www.google.com 1 redirects reurl.cc
tpc.googlesyndication.com
4 ad2.apx.appier.net 2 redirects reurl.cc
4 fonts.gstatic.com fonts.googleapis.com
4 gum.criteo.com 2 redirects static.criteo.net
3 fonts.googleapis.com securepubads.g.doubleclick.net
3 region1.analytics.google.com www.googletagmanager.com
3 www.google-analytics.com storage.reurl.cc
www.google-analytics.com
reurl.cc
3 storage.reurl.cc reurl.cc
2 scontent.xx.fbcdn.net www.facebook.com
2 bidder.criteo.com static.criteo.net
2 gocm.c.appier.net 2 redirects
2 c.holmesmind.com 1 redirects cdn.holmesmind.com
2 cm-dev-poc.holmesmind.com cdn.holmesmind.com
2 csm.eu.criteo.net ads.eu.criteo.com
2 ad.holmesmind.com cdn.holmesmind.com
2 www.googletagservices.com securepubads.g.doubleclick.net
1299f30642d7b2272c1adc45c0872746.safeframe.googlesyndication.com
2 mug.criteo.com reurl.cc
2 oajs.openx.net 1 redirects reurl.cc
2 1299f30642d7b2272c1adc45c0872746.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 www.google.de reurl.cc
2 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
2 cdn.jsdelivr.net reurl.cc
2 reurl.cc 1 redirects
1 680ec374-4b0c-4248-a119-71fc165573ee.t.ssp.hinet.net cdn.holmesmind.com
1 a8d2c0901941af5f97d782c8302a05fc.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 connect.facebook.net fcm2.holmesmind.com
1 blog.alphaloan.co reurl.cc
1 static.wixstatic.com reurl.cc
1 www.rayskyinvest.com reurl.cc
1 mma.prnasia.com reurl.cc
1 img.racingcharger.tw reurl.cc
1 creditcards.com.tw reurl.cc
1 img.gbyhn.com.tw reurl.cc
1 re-news.tw reurl.cc
1 storage.re-news.tw storage.reurl.cc
1 prebid.scupio.com cdn.holmesmind.com
1 prebid-asia.creativecdn.com cdn.holmesmind.com
1 m.holmesmind.com cdn.holmesmind.com
1 cm.g.doubleclick.net 1 redirects
1 fcm2.holmesmind.com cdn.holmesmind.com
1 fcm.holmesmind.com cdn.holmesmind.com
1 cm.lndata.com cdn.holmesmind.com
1 rtb.nl3.eu.criteo.com 1299f30642d7b2272c1adc45c0872746.safeframe.googlesyndication.com
1 google-bidout-d.openx.net oa.openxcdn.net
1 cat.nl3.eu.criteo.com ads.eu.criteo.com
1 googleads.g.doubleclick.net reurl.cc
1 ads.eu.criteo.com 1299f30642d7b2272c1adc45c0872746.safeframe.googlesyndication.com
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn-ima.33across.com securepubads.g.doubleclick.net
1 ad-specs.guoshipartners.com reurl.cc
1 www.googletagmanager.com reurl.cc
203 64

This site contains links to these domains. Also see Links.

Domain
re-news.tw
youtils.cc
www.comptw.com
stockinfo.tw
Subject Issuer Validity Valid
reurl.cc
R3		 2023-11-18 -
2024-02-16		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
storage.reurl.cc
GTS CA 1D4		 2023-12-10 -
2024-03-09		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
ad-specs.guoshipartners.com
Go Daddy Secure Certificate Authority - G2		 2024-01-02 -
2025-01-21		 a year crt.sh
www.google.de
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-15 -
2024-03-10		 3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-11-24 -
2024-02-22		 3 months crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-12-23 -
2024-03-22		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.holmesmind.com
Go Daddy Secure Certificate Authority - G2		 2023-05-19 -
2024-06-19		 a year crt.sh
*.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.nl3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-03 -
2024-02-28		 3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.eu.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-27 -
2024-03-21		 3 months crt.sh
*.lndata.com
GeoTrust G5 TLS RSA4096 SHA384 2022 CA1		 2023-12-04 -
2024-12-07		 a year crt.sh
*.t.ssp.hinet.net
 2023-04-06 -
2024-04-06		 a year crt.sh
*.creativecdn.com
RapidSSL TLS RSA CA G1		 2023-03-29 -
2024-04-28		 a year crt.sh
*.scupio.com
Sectigo RSA Organization Validation Secure Server CA		 2023-09-27 -
2024-10-27		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-10-17 -
2024-01-15		 3 months crt.sh
storage.re-news.tw
GTS CA 1D4		 2023-12-07 -
2024-03-06		 3 months crt.sh
re-news.tw
R3		 2023-12-28 -
2024-03-27		 3 months crt.sh
gbyhn.com.tw
GTS CA 1P5		 2023-11-20 -
2024-02-18		 3 months crt.sh
tls.automattic.com
R3		 2023-12-08 -
2024-03-07		 3 months crt.sh
img.racingcharger.tw
cPanel, Inc. Certification Authority		 2023-10-22 -
2024-01-20		 3 months crt.sh
*.prnasia.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-25 -
2024-11-24		 a year crt.sh
*.rayskyinvest.com
R3		 2024-01-03 -
2024-04-02		 3 months crt.sh
*.wixstatic.com
Sectigo RSA Domain Validation Secure Server CA		 2024-01-01 -
2024-06-29		 6 months crt.sh
*.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh

This page contains 22 frames:

Primary Page: https://reurl.cc/xm7nmj
Frame ID: 49A1063250B5B90806C48520AC3ADE42
Requests: 40 HTTP requests in this frame

Frame: https://1299f30642d7b2272c1adc45c0872746.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 27E537461878846D80E7D2FF26205737
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=reurl.cc
Frame ID: BD787AB9844A1E40345D8369A941D19D
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Frame ID: 479B9A8F5DE7E6E6BEC28363187FB58D
Requests: 15 HTTP requests in this frame

Frame: https://1299f30642d7b2272c1adc45c0872746.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 67176804A2EF374F88437956F6B96ABB
Requests: 9 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Frame ID: 7A553A68A172E6DADB5B63564B680231
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv_s3u8FC-igVKenIxaL20ENqNyrRr5dWzCeIhhe_Klbt0H8gnU09h1e0gIAX6sL8deS1uWUd1q0TM-kEYjwJlysbPtYUdZloWlrM-428KizBeZSg_liRpt-7XCiJEdqmbZOL9pePKyRjZ-HZVTFd0I9FqIzflxQcg0YCD0rB5GoAv8R8CUkwkbwpjBiiwCi9jNCW9YlGPalcFRJ13liAKzpJYNJ6vlzTJE0oZBzghr_TOHWzM53mH-MbYitMI8Xhk_xwAB8UigmTqmlbZ57z6dHIcqULPeMdaA6wcyT6laui5TcwyCtmhaiq4F-2CIbj8W-PRgG1OTIIu7f0JXyCOpTaYQDRQegFR-07RCVm9f-QIe9Nb1cSsyZCBw3wXq8agBfPdANuSyx8A&sai=AMfl-YSu6NvvK1RJzukjEyXb0PyYLd9CukRPbHclZ92EIjUuzGHMETuPZ31qmn4XIozxEaWyb-ar7MixmWod3LLzpOXXUWnoj0nc7bBp8dla7mJk8eUsTkp8wuQcDK_t-fomQ4Rwy1ZlwLhUOWdv1cbr2X4&sig=Cg0ArKJSzGK85RCiFh-rEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 908F97AAE3E2EFD15343A4F59FD7613D
Requests: 6 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZZtJBwAH-0wIVT_7AADHaTua0xPG9qkjdNPMsA&u=%7CS19WjitlcKk5dPE%2B4PdWg429Qd3E6AaiLoPiEW5okpo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5N9mBfGRFouMR7VmjLFtAe7S16-nkL5ahVqX08I0StfUWyxQIJcomi2lgEbJzwhpccyLSD-B6evyWKkn0aXu2j8jmZxgFYfEwIoDm0qEOZiWx97tJICMDTrITA35-h2g9zRAyaASZz036dEUi7JShbryEKQKjsmemHLIfLecKGxr4e1btR2nXRcyzrk-LtpgDYEaAozt5RFQrN0Y6VpwAkmwdo5KJSq5j4qBaI1Qx1NuF80BN7ebf1bhXb4gRJCXnAPqKdkU3RA_ZeIZ_9gxnFWdq5J3Js_f1DXaKA_HJf4x6VIC8pfPRNDZt4GTTNhpoFgxCIHjI03D-LOii4JWmVTT9mmKuM8xUV_YAOlelNMj1VuD1zEpW5s3NWhJHXUwAMuVGVDSBKeaCXPPk4K-_vG_inw8R4Td95OpdAmC5jU6Tp-1RU7PQg1f0_kFDc1cMYdQ6DrfSQPVmPiV6ZxfULe3oxkxvOm3q3n9_JhTEE2InfecryTbka_YGW8DuC0-qKCKRtFIfPJ8AkRxYc2EraOU-z2YcAWr0Sy73nq5Pocx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOd57B0mbZcz2H_v_1PIP6Y6DkAzJntKxXNWdkfdwwI23ARABIABglaqggrAHggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAhMP0DncW7I-4AIAqAMByAMCqgSmAk_Q_cfNGN1n5vZTCBejmjF3c1RWxVbCneSo1UlUgk9gCpp72S9OPPBFk5P-Sn8VR2DSUs82xj3wjmMqPWWtiZB6tZ9QWr2GuYB4UhxtmItkB8ZYpF_aOWJxACJKlMZzyXg8H8SZQ-nSXAGAp9LY-Nl0OqfW9qP5FBv9fHPImFfmYZj2yjpUugruHXCrH-krbF2iFW2748ep4_toLs9gbEBxXWRxiIJr2wZ5-vbbC3MQ_f1yJ3tc3KUYyzSaSPCfyYCgNZT1QJkxTrF-JoO936nH5NoSjW3HTU6ZFLbHothx0hMcRNZhg0cWy022aMMuSEwLn9_uT-BgTNZd_2gnnAllhV3k0wdvrZ7bQOZmQCxE4l9ljtyzl-JuxA_6Jd4hYyowxcuyZ-AEAYAG9aedkJiV_rhwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WN642rjLzIMD-gsCCAGADAHiDRMI5_DauMvMgwMV-z9VCB1pxwDC0BUBgBcB%26num%3D1%26sig%3DAOD64_0Y9-yIouxlnro7eihPXk6_y_EnsQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Frame ID: C6C07DD67A2D2EB7E9614D38C856FA46
Requests: 16 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 1D1AFB66A307C2FB2EEA4832D3C3C6A5
Requests: 12 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js?20231115
Frame ID: 4D3496E9DC377E21F89FB4D15D38FCA2
Requests: 22 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 2ED2573A69451594B82A314F64B52ABA
Requests: 1 HTTP requests in this frame

Frame: https://cm-dev-poc.holmesmind.com/fp
Frame ID: 1513A812ABFF10895F9BD3CC68ABF1C7
Requests: 1 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: 849F0B8EB5BCDABB5C541C766E1D6B92
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FCreditCards.com.tw%252F%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId
Frame ID: 405A670C75C181541B58E76159474587
Requests: 36 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: 64FE5A51208AF73BC77146476C73EA10
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: F3D9C5BFAA3219CB40DBD2934AF29D59
Requests: 6 HTTP requests in this frame

Frame: https://a8d2c0901941af5f97d782c8302a05fc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Frame ID: 80AE55D2E55FFDE8396CCAD5460D0CC7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8BCEF21BF9658807A06A43AC79D7AB33
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4A75A4242C582206A9E396B2407EBD68
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/032312191621000/amp4ads-v0.mjs
Frame ID: 84CB4C2DF70019A1DB2636E63CFCECDD
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 065B638872C2D80FA8C72D7DCA572ACC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C96A5E3F3171C373A7EA5D802773010B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

縮短網址產生器 - reurl

Page URL History Show full URLs

  1. http://reurl.cc/xm7nmj HTTP 301
    https://reurl.cc/xm7nmj Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/vue(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

203
Requests

93 %
HTTPS

47 %
IPv6

36
Domains

64
Subdomains

56
IPs

9
Countries

4146 kB
Transfer

8909 kB
Size

27
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://reurl.cc/xm7nmj HTTP 301
    https://reurl.cc/xm7nmj Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25
  • https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2Fxm7nmj&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2Fxm7nmj&rid=esp&cc=1
Request Chain 28
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=reurl.cc&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=39WSMHxqRG5QVzFiekN0aEdPcFRUVW1KSHNXMmtSZnZraGVtMWM3VWUwZ294Nk85VHhJVy9UWEpwL1FsVHBNYmlPZ3lDMHpVSHV1anpxZUwzTHJURlk5SHoxOXg1OE9Hdit5NUlmME1SNHA4YzVLbGQzN3FMaTFmZWRhNks3VVVhM1E2bFdYc2hSVWM1OGx0QzVlZ0tUMzlZamN0STV0SzU0czdmSzVEUlN0Znc3SmJqVDAyaEM3S3Q5dmJ4ZERWWTJtU3JwbE4xSFpScGVPV2RvVVVmVSt4MzFySlZjdEpya1hOS3lYSzVtTnFJaXh2elZ0TTNKT3VaMEI4WW5jM05NekkwRTZtdSs5VHE5ZDVOUm04VDlHeXh4dz09fA&cppv=2
Request Chain 66
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 94
  • https://c.holmesmind.com/cm HTTP 302
  • https://c.holmesmind.com/cm?tc=getIn&
Request Chain 95
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=undefined&uu_m=undefined HTTP 302
  • https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESEODqvd09V62mP8EfDMvz8Lw&google_cver=1
Request Chain 105
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=nzC5lkHcA3SzwqZDCkmbZQ
Request Chain 106
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=vLyn4d6mA8iagMbDCkmbZQ
Request Chain 113
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=2ByGBl9tM1NEeENKU3FReHpJMW5HQlZtRTEwMkw1VjdmMUclMkZPNHRoaHI1ZXZidGdLZ1VqaXBjYVdvaGxxNUtuOSUyQk5uZ0VJbjclMkZKOHBOJTJGJTJGanMzJTJGV3pCR3hlUkdXcWE5VnF3U1h6MTFDSG1MbnFhSTdTcWJ4R1BvNGZKTVJiNnN3ZFk3dk16RG5UU1NHVGxCUFRnUE8lMkZDenpaUSUzRCUzRA&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=_tzb8HxML1NXdVgrK2QwSVpSOWkrQ1hZQUlnVDRPYXNZSkswd01kVmI1a3RqNG91TGtGT2xjTnlVNHk1WG02aEltZmlpcGNMTXJxVzdsMWk4c21uZW1HNWd6RVFvaE5xUWVrSkE4aGNsankwMlNnbmhiOTRmOHJmRXFJZFJrRFVpRFFITHZNNU42c1pDZ2ZaMmNBNkRRTThBcEV6a3pVaUhBTG1qZXJ0eXlmWlM3SDVZbjFBNFJwVTNIMEdmd2RHcTZ5eCtPVmNZcHVyaUtyLzNMd0FibkdiUkxmQjhLeTE5OVF5TXNFdEtxVXNnSVF0cWhEdWMrU3dJR3VDNE9ocVh5VkYvb294YkxNUktLL2xkTStWVkxHUEtsQzlCU01kOGZuT1pZMm5wZHlVSksyWT18&cppv=2

203 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request xm7nmj
reurl.cc/
Redirect Chain
  • http://reurl.cc/xm7nmj
  • https://reurl.cc/xm7nmj
16 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/xm7nmj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c36a45d686bd609a7bd0240140021ad73effe66c9d62b711a3cebe4641a66309

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
*, Authorization, X-Authorization
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 08 Jan 2024 00:59:50 GMT
referrer-policy
no-referrer-when-downgrade
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding Origin
x-request-id
ed96f456-e078-4f5f-86a2-3a116a366f4b

Redirect headers

Connection
keep-alive
Content-Length
178
Content-Type
text/html
Date
Mon, 08 Jan 2024 00:59:50 GMT
Location
https://reurl.cc/xm7nmj
Server
nginx/1.18.0 (Ubuntu)
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/ 		152 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/bootstrap.min.css
Requested by
Host: reurl.cc
URL: https://reurl.cc/xm7nmj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/xm7nmj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 00:59:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1451608
x-jsd-version
4.3.1
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230028-FRA, cache-lga21960-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"2606e-bhA1SChFSJj9qA9V897LNH/Z7SE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BaY2KJS3HH8yE%2BuTfs3zFxdqZ1PUCsOA250hidh9kAfh9F%2BpFM%2FXgNsIweD3BSa2Y0AwdDC%2BGqOFaWPkkxzzaYT2gW%2B2XjAKhE0%2B38KJ2U2GiH%2F4oYO%2FjAq8tnllLbHFS1Dpr3nPbUvy3O9%2Fg5w%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
8420800b8e8f5c02-FRA
style.css
storage.reurl.cc/stylesheets/rwd/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://storage.reurl.cc/stylesheets/rwd/style.css?v=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/xm7nmj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.98.30 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
30.98.149.34.bc.googleusercontent.com
Software
/
Resource Hash
749079c4e18ad34ac381e98d3fa23e070937ae17b73e27bb066eae5350ed667d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/xm7nmj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 22:25:30 GMT
content-encoding
gzip
via
1.1 google
age
9260
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
904
x-request-id
054439ab-00e4-41eb-b0db-6452e9b3b4a4
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*, Authorization, X-Authorization
cache-control
public,max-age=28800
access-control-allow-credentials
true
accept-ranges
bytes
ga2.js
storage.reurl.cc/javascripts/ 		536 B
443 B 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.reurl.cc/javascripts/ga2.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/xm7nmj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.98.30 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
30.98.149.34.bc.googleusercontent.com
Software
/
Resource Hash
16cf673198b29bb08e83f5d8f74182d97d9c6dfa729c60f90f6195e739de9d20

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/xm7nmj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:49:13 GMT
content-encoding
gzip
via
1.1 google
age
25838
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
348
x-request-id
240bca3e-428a-4862-b022-438300aa7e75
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*, Authorization, X-Authorization
cache-control
public,max-age=28800
access-control-allow-credentials
true
accept-ranges
bytes
js
www.googletagmanager.com/gtag/ 		281 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Requested by
Host: reurl.cc
URL: https://reurl.cc/xm7nmj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
80cf89ef55bcd0bb8f2774c1047251f30edf7a6be6289904a65417c39e5b7db6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/xm7nmj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 00:59:51 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
94763
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 08 Jan 2024 00:59:51 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		90 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/xm7nmj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f32b89ca171d5599478d9b1b297caa391f5fd655ec6c0ea512304a584f17070c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/xm7nmj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 00:59:51 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29323
x-xss-protection
0
server
cafe
etag
303 / 19730 / 31080221 / config-hash: 2026918608723226553
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 08 Jan 2024 00:59:51 GMT
onead-lib.min.js
ad-specs.guoshipartners.com/static/js/ 		152 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad-specs.guoshipartners.com/static/js/onead-lib.min.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/xm7nmj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
203.66.35.99 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-66-35-99.hinet-ip.hinet.net
Software
HiNetCDN/2310 / OneAD
Resource Hash
3c5ae3fe83f4faf2b19e61636508288d1c0e9ea8139739cde1d1a7a24d5c516b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/xm7nmj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 00:59:52 GMT
via
1.1 google
content-encoding
br
age
0
x-powered-by
OneAD
x-cache
HIT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
last-modified
Wed, 03 Jan 2024 08:24:53 GMT
server
HiNetCDN/2310
etag
W/"659519d5-261af"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-varnish
38062090
cache-control
public, max-age=360
access-control-allow-credentials
true
vue.min.js
cdn.jsdelivr.net/npm/vue@2.5.16/dist/ 		84 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/vue@2.5.16/dist/vue.min.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/xm7nmj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/xm7nmj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 00:59:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3453980
x-jsd-version
2.5.16
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230034-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"151b4-KLsckeN7U/TrtIzkgtzLJAAD4Hg"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kq9N%2BqkZ9DBzYUtRxyKt0%2FqCdF4X1%2Fy1SOad%2FSyNKJ4u0ezcVyeSgzdj8e0Ut2%2FXtFxxwalT%2BHgku0Frtlnvnym34F9uHVX2jY62YkEEPf%2F2XxGckD7Yejz0w8DsJHmGcacp9D7b5psB6Il%2Bz74%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
8420800b8e905c02-FRA
renews.js
storage.reurl.cc/javascripts/ 		412 B
406 B 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.reurl.cc/javascripts/renews.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/xm7nmj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.98.30 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
30.98.149.34.bc.googleusercontent.com
Software
/
Resource Hash
52bb2d07b65ec544edeb2a33f4103397a28f036f0d100090f3e17e4364aea1fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/xm7nmj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:57:55 GMT
content-encoding
gzip
via
1.1 google
age
25315
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
286
x-request-id
c36bdcfe-e6cf-4879-94d4-7349e7ef5e5d
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*, Authorization, X-Authorization
cache-control
public,max-age=28800
access-control-allow-credentials
true
accept-ranges
bytes
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: storage.reurl.cc
URL: https://storage.reurl.cc/javascripts/ga2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/xm7nmj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 07 Jan 2024 23:22:25 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
5846
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 08 Jan 2024 01:22:25 GMT
collect
www.google-analytics.com/j/ 		4 B
204 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=634054937&t=pageview&_s=1&dl=https%3A%2F%2Freurl.cc%2Fxm7nmj&ul=en-us&de=UTF-8&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1590513755&gjid=322986960&cid=2071837822.1704675591&tid=UA-102456694-1&_gid=1376516903.1704675591&_r=1&_slc=1&z=1839789760
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://reurl.cc/xm7nmj
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 08 Jan 2024 00:59:51 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
132 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=634054937&t=event&_s=2&dl=https%3A%2F%2Freurl.cc%2Fxm7nmj&ul=en-us&de=UTF-8&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=pause&ea=&el=&ev=1&_u=IEBAAEABAAAAACAAI~&jid=&gjid=&cid=2071837822.1704675591&tid=UA-102456694-1&_gid=1376516903.1704675591&z=1510316451
Requested by
Host: reurl.cc
URL: https://reurl.cc/xm7nmj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/xm7nmj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 02:51:51 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
79680
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/ 		436 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js?cb=31080221
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8538fa1e11fa1334100b86b0c251b8ffa0b51f5db3e732c23963053686a93dc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/xm7nmj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 15:22:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
34619
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140253
x-xss-protection
0
server
cafe
etag
11435206252018266965
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 06 Jan 2025 15:22:52 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-102456694-1&cid=2071837822.1704675591&jid=1590513755&gjid=322986960&_gid=1376516903.1704675591&_u=IEBAAEAAAAAAACAAI~&z=1563495969
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://reurl.cc/xm7nmj
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 08 Jan 2024 00:59:51 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
249 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-N394QBRGC0&gtm=45je4130v897965293&_p=1704675591010&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=2071837822.1704675591&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1704675591&sct=1&seg=0&dl=https%3A%2F%2Freurl.cc%2Fxm7nmj&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1683
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/xm7nmj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Jan 2024 00:59:51 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-N394QBRGC0&cid=2071837822.1704675591&gtm=45je4130v897965293&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/xm7nmj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Jan 2024 00:59:51 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-N394QBRGC0&cid=2071837822.1704675591&gtm=45je4130v897965293&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=860650690
Requested by
Host: reurl.cc
URL: https://reurl.cc/xm7nmj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/xm7nmj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Jan 2024 00:59:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.ids.js
static.criteo.net/js/ld/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js?cb=31080221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
30fe2b25061c04e45888d4eccbe63e113ad09715a8ee40d87485f188a526aa2d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/xm7nmj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 00:59:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 21 Dec 2023 07:50:16 GMT
server
nginx
etag
W/"6583ee38-a9b8"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 09 Jan 2024 00:59:51 GMT
ob.js
cdn-ima.33across.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ob.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js?cb=31080221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c707d5798e40035ef5aa307db04e295703514d654b1e65fa62b04492c687c255

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/xm7nmj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 00:59:51 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 20 Dec 2023 19:21:40 GMT
server
cloudflare
age
363267
etag
W/"65833ec4-2d18"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
8420800f4d36451c-TXL
expires
Thu, 11 Jan 2024 00:59:51 GMT
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js?cb=31080221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/xm7nmj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 18:20:42 GMT
content-encoding
gzip
age
196749
x-guploader-uploadid
ABPtcPrGkX9WdEfraM_2GOgvO4XFku4h6LV8hSZGRCBWDldVHkLv6s4LjI-J4Ekw5y2K4Y2B5aE
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Sat, 04 Jan 2025 18:20:42 GMT
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js?cb=31080221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/xm7nmj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 00:59:51 GMT
via
1.1 google, 1.1 google
last-modified
Thu, 03 Aug 2023 03:28:51 GMT
server
Google Frontend
etag
fc4e6bfe266081c4873c6f08c8298e5c
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
fb6ca1d9ecc2ba2f611232cef431fb23
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1207
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js?cb=31080221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-97.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/xm7nmj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 05:37:13 GMT
content-encoding
gzip
via
1.1 3dd91613764eafe7ad199013ce202442.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
69759
x-amz-server-side-encryption
AES256
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
7g_Rr-1Q-JxgWoWBERhkkVDODNHYhFY74js7D5pIoz8e5bvgQwNrFQ==
ads
securepubads.g.doubleclick.net/gampad/ 		185 KB
37 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=81169713719398&correlator=922856304011774&eid=31079958%2C31080221&output=ldjh&gdfp_req=1&vrg=202401020101&ptt=17&impl=fifs&iu_parts=128002626%2CGPT_%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8reurl%2C13847%2C13848%2C13856%2C14210&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5&prev_iu_szs=728x90%7C970x90%2C300x250%2C300x250%2C300x250&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1704675591449&lmt=1704675591&adxs=245%2C625%2C245%2C1005&adys=498%2C108%2C108%2C108&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C0&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Freurl.cc%2Fxm7nmj&vis=1&psz=1140x90%7C380x250%7C380x250%7C380x250&msz=1110x90%7C350x250%7C350x250%7C350x250&fws=0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0&ga_vid=2071837822.1704675591&ga_sid=1704675591&ga_hid=634054937&ga_fc=true&dlt=1704675590867&idt=537&adks=81851380%2C1451399479%2C827794272%2C3242553145&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js?cb=31080221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
25289bcfb720b8796e4c231b84d39cb9d58260cfac73cdedf199c2cf7cbcc8d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/xm7nmj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 00:59:51 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37357
x-xss-protection
0
google-lineitem-id
-1,-1,-1,6297900949
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-1,-1,138432357881
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://reurl.cc
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
1299f30642d7b2272c1adc45c0872746.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 27E5 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1299f30642d7b2272c1adc45c0872746.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js?cb=31080221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/xm7nmj
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 08 Jan 2024 00:59:51 GMT
expires
Tue, 07 Jan 2025 00:59:51 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-102456694-1&cid=2071837822.1704675591&jid=1590513755&_u=IEBAAEAAAAAAACAAI~&z=933642483
Requested by
Host: reurl.cc
URL: https://reurl.cc/xm7nmj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/xm7nmj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Jan 2024 00:59:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-102456694-1&cid=2071837822.1704675591&jid=1590513755&_u=IEBAAEAAAAAAACAAI~&z=933642483
Requested by
Host: reurl.cc
URL: https://reurl.cc/xm7nmj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/xm7nmj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Jan 2024 00:59:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2Fxm7nmj&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2Fxm7nmj&rid=esp&cc=1
85 B
194 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2Fxm7nmj&rid=esp&cc=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/xm7nmj
Protocol
H2
Server
34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.107.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
481ae4bd77708e55c79012e6d70d9d1b63e1dc4bad828e936158c9ce841de9df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/xm7nmj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 00:59:52 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-0LxWohL+OJ5//6wawCQLy2EuqsU"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Mon, 08 Jan 2024 00:59:51 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://reurl.cc
location
/esp?url=https%3A%2F%2Freurl.cc%2Fxm7nmj&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
map
bcp.crwdcntrl.net/6/ 		60 B
330 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.109.25 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-109-25.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
b37fae3522c0c7b93a2dd89992c4874599e5450f3c86f46999cd8f9b93ab1f0f

Request headers

Referer
https://reurl.cc/xm7nmj
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 08 Jan 2024 00:59:51 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://reurl.cc
cache-control
no-cache
x-server
10.45.24.148
access-control-allow-credentials
true
content-length
60
expires
0
syncframe
gum.criteo.com/ Frame BD78 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=reurl.cc
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
cf66b1a88c1b59fe8d1068ff7ec392816c6a8a43a1d0647bd940591f09974446
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/xm7nmj
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 08 Jan 2024 00:59:50 GMT
server
Kestrel
server-processing-duration-in-ticks
332572
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
sid
mug.criteo.com/ Frame BD78
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=reurl.cc&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=39WSMHxqRG5QVzFiekN0aEdPcFRUVW1KSHNXMmtSZnZraGVtMWM3VWUwZ294Nk85VHhJVy9UWEpwL1FsVHBNYmlPZ3lDMHpVSHV1anpxZUwzTHJURlk5SHoxOXg1OE9Hdit5NUlmME1SNHA4YzVLbGQzN3FMaTFmZWRhNk...
436 B
657 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=39WSMHxqRG5QVzFiekN0aEdPcFRUVW1KSHNXMmtSZnZraGVtMWM3VWUwZ294Nk85VHhJVy9UWEpwL1FsVHBNYmlPZ3lDMHpVSHV1anpxZUwzTHJURlk5SHoxOXg1OE9Hdit5NUlmME1SNHA4YzVLbGQzN3FMaTFmZWRhNks3VVVhM1E2bFdYc2hSVWM1OGx0QzVlZ0tUMzlZamN0STV0SzU0czdmSzVEUlN0Znc3SmJqVDAyaEM3S3Q5dmJ4ZERWWTJtU3JwbE4xSFpScGVPV2RvVVVmVSt4MzFySlZjdEpya1hOS3lYSzVtTnFJaXh2elZ0TTNKT3VaMEI4WW5jM05NekkwRTZtdSs5VHE5ZDVOUm04VDlHeXh4dz09fA&cppv=2
Requested by
Host: reurl.cc
URL: https://reurl.cc/xm7nmj
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
216d243d50d12dd0b4f3a5dd759511e5bf113a9996a1fe8fb83273aa6b3c8b59
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Jan 2024 00:59:51 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1200783
expires
0

Redirect headers

pragma
no-cache
date
Mon, 08 Jan 2024 00:59:50 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=39WSMHxqRG5QVzFiekN0aEdPcFRUVW1KSHNXMmtSZnZraGVtMWM3VWUwZ294Nk85VHhJVy9UWEpwL1FsVHBNYmlPZ3lDMHpVSHV1anpxZUwzTHJURlk5SHoxOXg1OE9Hdit5NUlmME1SNHA4YzVLbGQzN3FMaTFmZWRhNks3VVVhM1E2bFdYc2hSVWM1OGx0QzVlZ0tUMzlZamN0STV0SzU0czdmSzVEUlN0Znc3SmJqVDAyaEM3S3Q5dmJ4ZERWWTJtU3JwbE4xSFpScGVPV2RvVVVmVSt4MzFySlZjdEpya1hOS3lYSzVtTnFJaXh2elZ0TTNKT3VaMEI4WW5jM05NekkwRTZtdSs5VHE5ZDVOUm04VDlHeXh4dz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
242975
content-length
0
expires
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012310301456000/ Frame 479B 		196 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js?cb=31080221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 03 Jan 2024 11:48:30 GMT
age
393081
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56081
x-xss-protection
0
server
sffe
etag
"6a17d296884b026a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 02 Jan 2025 11:48:30 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 479B 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js?cb=31080221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 03 Jan 2024 11:48:30 GMT
age
393081
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5225
x-xss-protection
0
server
sffe
etag
"0b7142e00666043e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 02 Jan 2025 11:48:30 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 479B 		95 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js?cb=31080221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 03 Jan 2024 11:48:30 GMT
age
393081
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29077
x-xss-protection
0
server
sffe
etag
"7b1f1965b6cd6fda"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 02 Jan 2025 11:48:30 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 479B 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js?cb=31080221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 03 Jan 2024 11:48:31 GMT
age
393080
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1911
x-xss-protection
0
server
sffe
etag
"5b0a82507b260c6e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 02 Jan 2025 11:48:31 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 479B 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js?cb=31080221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 05 Jan 2024 11:22:55 GMT
age
221816
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12952
x-xss-protection
0
server
sffe
etag
"9817e561a46c70fa"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 04 Jan 2025 11:22:55 GMT
css
fonts.googleapis.com/ Frame 479B 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C700
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js?cb=31080221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 08 Jan 2024 00:59:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 08 Jan 2024 00:30:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 08 Jan 2024 00:59:52 GMT
zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 479B 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/xm7nmj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:14:23 GMT
x-content-type-options
nosniff
server
cafe
age
27928
etag
7688947696963022458
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3430
x-xss-protection
0
expires
Mon, 08 Jan 2024 17:14:23 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 479B 		344 B
570 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/xm7nmj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 19:01:23 GMT
x-content-type-options
nosniff
server
cafe
age
21508
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Mon, 08 Jan 2024 19:01:23 GMT
container.html
1299f30642d7b2272c1adc45c0872746.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6717 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1299f30642d7b2272c1adc45c0872746.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js?cb=31080221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/xm7nmj
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 08 Jan 2024 00:59:51 GMT
expires
Tue, 07 Jan 2025 00:59:51 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012310301456000/ Frame 7A55 		196 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js?cb=31080221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 03 Jan 2024 11:48:30 GMT
age
393081
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56081
x-xss-protection
0
server
sffe
etag
"6a17d296884b026a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 02 Jan 2025 11:48:30 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 7A55 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js?cb=31080221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 03 Jan 2024 11:48:30 GMT
age
393082
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5225
x-xss-protection
0
server
sffe
etag
"0b7142e00666043e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 02 Jan 2025 11:48:30 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 7A55 		95 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js?cb=31080221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 03 Jan 2024 11:48:30 GMT
age
393082
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29077
x-xss-protection
0
server
sffe
etag
"7b1f1965b6cd6fda"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 02 Jan 2025 11:48:30 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 7A55 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js?cb=31080221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 03 Jan 2024 11:48:31 GMT
age
393081
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1911
x-xss-protection
0
server
sffe
etag
"5b0a82507b260c6e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 02 Jan 2025 11:48:31 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 7A55 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js?cb=31080221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 05 Jan 2024 11:22:55 GMT
age
221817
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12952
x-xss-protection
0
server
sffe
etag
"9817e561a46c70fa"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 04 Jan 2025 11:22:55 GMT
css
fonts.googleapis.com/ Frame 7A55 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js?cb=31080221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 08 Jan 2024 00:59:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 08 Jan 2024 00:45:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 08 Jan 2024 00:59:52 GMT
zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 7A55 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js?cb=31080221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:14:23 GMT
x-content-type-options
nosniff
server
cafe
age
27928
etag
7688947696963022458
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3430
x-xss-protection
0
expires
Mon, 08 Jan 2024 17:14:23 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 7A55 		344 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js?cb=31080221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 19:01:23 GMT
x-content-type-options
nosniff
server
cafe
age
21508
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Mon, 08 Jan 2024 19:01:23 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 908F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv_s3u8FC-igVKenIxaL20ENqNyrRr5dWzCeIhhe_Klbt0H8gnU09h1e0gIAX6sL8deS1uWUd1q0TM-kEYjwJlysbPtYUdZloWlrM-428KizBeZSg_liRpt-7XCiJEdqmbZOL9pePKyRjZ-HZVTFd0I9FqIzflxQcg0YCD0rB5GoAv8R8CUkwkbwpjBiiwCi9jNCW9YlGPalcFRJ13liAKzpJYNJ6vlzTJE0oZBzghr_TOHWzM53mH-MbYitMI8Xhk_xwAB8UigmTqmlbZ57z6dHIcqULPeMdaA6wcyT6laui5TcwyCtmhaiq4F-2CIbj8W-PRgG1OTIIu7f0JXyCOpTaYQDRQegFR-07RCVm9f-QIe9Nb1cSsyZCBw3wXq8agBfPdANuSyx8A&sai=AMfl-YSu6NvvK1RJzukjEyXb0PyYLd9CukRPbHclZ92EIjUuzGHMETuPZ31qmn4XIozxEaWyb-ar7MixmWod3LLzpOXXUWnoj0nc7bBp8dla7mJk8eUsTkp8wuQcDK_t-fomQ4Rwy1ZlwLhUOWdv1cbr2X4&sig=Cg0ArKJSzGK85RCiFh-rEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: reurl.cc
URL: https://reurl.cc/xm7nmj
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/xm7nmj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 00:59:51 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 08 Jan 2024 00:59:51 GMT
init.js
cdn.holmesmind.com/js/ Frame 908F 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js?cb=31080221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:3a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ba17ede1117181a80c53cd062b8888bccf458b5d39978b5078172431c3325a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/xm7nmj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
kqwLJ6.9f5_e_Sr69Yo8hHbOs4Gt6EPi
date
Mon, 08 Jan 2024 00:59:30 GMT
via
1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
last-modified
Wed, 15 Nov 2023 00:04:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
23
x-amz-server-side-encryption
AES256
etag
"2b18447e41c64d14195cefd72eb57400"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
9645
x-amz-cf-id
gmEpHVu2akzoAzSO1lZevm3bFYVau1hzgVz6vQ4PTm0wwQHxIqqc4w==
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 908F 		204 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js?cb=31080221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/xm7nmj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 00:59:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65775
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704286440049996"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 08 Jan 2024 00:59:52 GMT
6592766407814317453
tpc.googlesyndication.com/simgad/6756733972184894635/ Frame 479B 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/6756733972184894635/6592766407814317453
Requested by
Host: reurl.cc
URL: https://reurl.cc/xm7nmj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18aa600d58f6f0deccf99a07d38ed8b2a769534a7cdfb64034ad9ddc21ab3946
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Mon, 06 Jan 2025 07:30:29 GMT
date
Sun, 07 Jan 2024 07:30:29 GMT
x-content-type-options
nosniff
age
62962
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43905
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 07:26:49 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
14763004658117789537
tpc.googlesyndication.com/simgad/17737671929679260944/ Frame 479B 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/17737671929679260944/14763004658117789537?w=100&h=100&tw=1&q=75
Requested by
Host: reurl.cc
URL: https://reurl.cc/xm7nmj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fd8cd01ccf932584b849e4f349b58841f1d2414be0b913d7147cb415df1d2255
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Wed, 01 Jan 2025 01:12:53 GMT
date
Tue, 02 Jan 2024 01:12:53 GMT
x-content-type-options
nosniff
age
517618
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1539
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 07:26:50 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
truncated
/ Frame 479B 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a17a5f5ddc3bed1d2ad069d4b85215268db3cc7e5da15b7df02575791dc9b3a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 7A55 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9f31d63a7a5020a3bd60efc643ea14564a58a9b23a2640375858f535c67a0db5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-N394QBRGC0&gtm=45je4130v897965293&_p=1704675591010&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=2071837822.1704675591&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1704675591&sct=1&seg=0&dl=https%3A%2F%2Freurl.cc%2Fxm7nmj&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&en=scroll&epn.percent_scrolled=90&_et=15&tfd=2316
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/xm7nmj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Jan 2024 00:59:51 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
afr.php
ads.eu.criteo.com/delivery/r/ Frame C6C0 		145 KB
48 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZZtJBwAH-0wIVT_7AADHaTua0xPG9qkjdNPMsA&u=%7CS19WjitlcKk5dPE%2B4PdWg429Qd3E6AaiLoPiEW5okpo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5N9mBfGRFouMR7VmjLFtAe7S16-nkL5ahVqX08I0StfUWyxQIJcomi2lgEbJzwhpccyLSD-B6evyWKkn0aXu2j8jmZxgFYfEwIoDm0qEOZiWx97tJICMDTrITA35-h2g9zRAyaASZz036dEUi7JShbryEKQKjsmemHLIfLecKGxr4e1btR2nXRcyzrk-LtpgDYEaAozt5RFQrN0Y6VpwAkmwdo5KJSq5j4qBaI1Qx1NuF80BN7ebf1bhXb4gRJCXnAPqKdkU3RA_ZeIZ_9gxnFWdq5J3Js_f1DXaKA_HJf4x6VIC8pfPRNDZt4GTTNhpoFgxCIHjI03D-LOii4JWmVTT9mmKuM8xUV_YAOlelNMj1VuD1zEpW5s3NWhJHXUwAMuVGVDSBKeaCXPPk4K-_vG_inw8R4Td95OpdAmC5jU6Tp-1RU7PQg1f0_kFDc1cMYdQ6DrfSQPVmPiV6ZxfULe3oxkxvOm3q3n9_JhTEE2InfecryTbka_YGW8DuC0-qKCKRtFIfPJ8AkRxYc2EraOU-z2YcAWr0Sy73nq5Pocx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOd57B0mbZcz2H_v_1PIP6Y6DkAzJntKxXNWdkfdwwI23ARABIABglaqggrAHggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAhMP0DncW7I-4AIAqAMByAMCqgSmAk_Q_cfNGN1n5vZTCBejmjF3c1RWxVbCneSo1UlUgk9gCpp72S9OPPBFk5P-Sn8VR2DSUs82xj3wjmMqPWWtiZB6tZ9QWr2GuYB4UhxtmItkB8ZYpF_aOWJxACJKlMZzyXg8H8SZQ-nSXAGAp9LY-Nl0OqfW9qP5FBv9fHPImFfmYZj2yjpUugruHXCrH-krbF2iFW2748ep4_toLs9gbEBxXWRxiIJr2wZ5-vbbC3MQ_f1yJ3tc3KUYyzSaSPCfyYCgNZT1QJkxTrF-JoO936nH5NoSjW3HTU6ZFLbHothx0hMcRNZhg0cWy022aMMuSEwLn9_uT-BgTNZd_2gnnAllhV3k0wdvrZ7bQOZmQCxE4l9ljtyzl-JuxA_6Jd4hYyowxcuyZ-AEAYAG9aedkJiV_rhwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WN642rjLzIMD-gsCCAGADAHiDRMI5_DauMvMgwMV-z9VCB1pxwDC0BUBgBcB%26num%3D1%26sig%3DAOD64_0Y9-yIouxlnro7eihPXk6_y_EnsQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Requested by
Host: 1299f30642d7b2272c1adc45c0872746.safeframe.googlesyndication.com
URL: https://1299f30642d7b2272c1adc45c0872746.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4d0fee1349b0d0d7b6394a9a6e82fad7824bded94423ac66d143059dce83ca42
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://1299f30642d7b2272c1adc45c0872746.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Mon, 08 Jan 2024 00:59:52 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=IIferRx65iqJAuwW0gpLSWYHUgNoWV53rWqYwoczJhZXWkLrrmVe1C2efjHf12qP4ggfDIRjARli-eodSbAe2foVCBAq3yVdEKXavqUzaUYhtwJU-oST5J1rJ8pR5GdONrYHpoDzLXTRBm1xbPUKDiSCv6hI4_RZKsXbe-UlC-FE6gwbIWyNnZ4577N81SvW-s4b-QCDWzdOR7dBSk-ulkGl3-z2TOk_QzzX7KbUrRl2WIEoRj_dfIrCFNMXE8j4YkWnmA"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
42129784
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame 6717 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/window_focus_fy2021.js
Requested by
Host: 1299f30642d7b2272c1adc45c0872746.safeframe.googlesyndication.com
URL: https://1299f30642d7b2272c1adc45c0872746.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1299f30642d7b2272c1adc45c0872746.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 14:36:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
37387
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 21 Jan 2024 14:36:45 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame 6717 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 1299f30642d7b2272c1adc45c0872746.safeframe.googlesyndication.com
URL: https://1299f30642d7b2272c1adc45c0872746.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2f764c969a82705ba7838239087f5ff9b33e978b6bae2657e299b6b14c30ad7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1299f30642d7b2272c1adc45c0872746.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 14:36:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
37389
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8523
x-xss-protection
0
server
cafe
etag
16500369019378894752
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 21 Jan 2024 14:36:43 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 6717 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 1299f30642d7b2272c1adc45c0872746.safeframe.googlesyndication.com
URL: https://1299f30642d7b2272c1adc45c0872746.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1299f30642d7b2272c1adc45c0872746.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 18:34:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
455109
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 01 Jan 2025 18:34:43 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 6717 		204 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 1299f30642d7b2272c1adc45c0872746.safeframe.googlesyndication.com
URL: https://1299f30642d7b2272c1adc45c0872746.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1299f30642d7b2272c1adc45c0872746.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 00:59:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65775
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704286440049996"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 08 Jan 2024 00:59:52 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 479B 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://reurl.cc
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 16:39:21 GMT
x-content-type-options
nosniff
age
202831
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 04 Jan 2025 16:39:21 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 479B 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://reurl.cc
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 00:57:14 GMT
x-content-type-options
nosniff
age
259358
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 04 Jan 2025 00:57:14 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 7A55 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://reurl.cc
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 04:01:15 GMT
x-content-type-options
nosniff
age
507517
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Jan 2025 04:01:15 GMT
truncated
/ Frame 6717 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5ac28fcad95e83b09be2c4ebdce00606ad75b6583f19b6fa33be830ca0a03d29

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
capmapping.htm
cdn.holmesmind.com/js/ Frame 1D1A 		10 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:3a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
569cde2a2d9c46b8a90a8c4296aa45d9f52a146d7b075f9e5dba7fcc2f03ce2c

Request headers

Referer
https://reurl.cc/xm7nmj
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-length
9921
content-type
text/html
date
Mon, 08 Jan 2024 00:59:53 GMT
etag
"d9100a146ee339f43d0752ef9c998a0d"
last-modified
Tue, 17 Oct 2023 03:41:19 GMT
server
AmazonS3
via
1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
x-amz-cf-id
HYQWmyWLdh7gSDd7YRirQ1KTrlBHiEyNRU_a3_QBLMzpOAdfUFILcg==
x-amz-cf-pop
FRA60-P2
x-amz-server-side-encryption
AES256
x-amz-version-id
TarNhskOd4wxrR7dgXgmC4vTJkUNVmiW
x-cache
RefreshHit from cloudfront
presetfn.js
cdn.holmesmind.com/js/ Frame 4D34 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js?20231115
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:3a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
40e339b39ab5229aa56624c7df0f88a60ceb6ddce68f0b98b968d8644892af38

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/xm7nmj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
sUewYZ164bQu5qk_dMgvLFORn.sMjJoF
date
Mon, 08 Jan 2024 00:59:31 GMT
via
1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
last-modified
Mon, 04 Dec 2023 05:41:00 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
21
x-amz-server-side-encryption
AES256
etag
"f4a52d8d8c27ce73cc789edbfef51e62"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
10828
x-amz-cf-id
V95kQQo7DOyQKvst4-IRRXivIRtTMNxZdHrAv98gyyFMrdxGs8YjDA==
truncated
/ Frame 908F 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a832c8260e96a46ffafd6a06710480191a06d694224528d44366a77e2fa40cf7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame 7A55
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: reurl.cc
URL: https://reurl.cc/xm7nmj
Protocol
H2
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Redirect headers

date
Mon, 08 Jan 2024 00:59:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
privacy_small.svg
static.criteo.net/flash/icon/ Frame C6C0 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZZtJBwAH-0wIVT_7AADHaTua0xPG9qkjdNPMsA&u=%7CS19WjitlcKk5dPE%2B4PdWg429Qd3E6AaiLoPiEW5okpo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5N9mBfGRFouMR7VmjLFtAe7S16-nkL5ahVqX08I0StfUWyxQIJcomi2lgEbJzwhpccyLSD-B6evyWKkn0aXu2j8jmZxgFYfEwIoDm0qEOZiWx97tJICMDTrITA35-h2g9zRAyaASZz036dEUi7JShbryEKQKjsmemHLIfLecKGxr4e1btR2nXRcyzrk-LtpgDYEaAozt5RFQrN0Y6VpwAkmwdo5KJSq5j4qBaI1Qx1NuF80BN7ebf1bhXb4gRJCXnAPqKdkU3RA_ZeIZ_9gxnFWdq5J3Js_f1DXaKA_HJf4x6VIC8pfPRNDZt4GTTNhpoFgxCIHjI03D-LOii4JWmVTT9mmKuM8xUV_YAOlelNMj1VuD1zEpW5s3NWhJHXUwAMuVGVDSBKeaCXPPk4K-_vG_inw8R4Td95OpdAmC5jU6Tp-1RU7PQg1f0_kFDc1cMYdQ6DrfSQPVmPiV6ZxfULe3oxkxvOm3q3n9_JhTEE2InfecryTbka_YGW8DuC0-qKCKRtFIfPJ8AkRxYc2EraOU-z2YcAWr0Sy73nq5Pocx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOd57B0mbZcz2H_v_1PIP6Y6DkAzJntKxXNWdkfdwwI23ARABIABglaqggrAHggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAhMP0DncW7I-4AIAqAMByAMCqgSmAk_Q_cfNGN1n5vZTCBejmjF3c1RWxVbCneSo1UlUgk9gCpp72S9OPPBFk5P-Sn8VR2DSUs82xj3wjmMqPWWtiZB6tZ9QWr2GuYB4UhxtmItkB8ZYpF_aOWJxACJKlMZzyXg8H8SZQ-nSXAGAp9LY-Nl0OqfW9qP5FBv9fHPImFfmYZj2yjpUugruHXCrH-krbF2iFW2748ep4_toLs9gbEBxXWRxiIJr2wZ5-vbbC3MQ_f1yJ3tc3KUYyzSaSPCfyYCgNZT1QJkxTrF-JoO936nH5NoSjW3HTU6ZFLbHothx0hMcRNZhg0cWy022aMMuSEwLn9_uT-BgTNZd_2gnnAllhV3k0wdvrZ7bQOZmQCxE4l9ljtyzl-JuxA_6Jd4hYyowxcuyZ-AEAYAG9aedkJiV_rhwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WN642rjLzIMD-gsCCAGADAHiDRMI5_DauMvMgwMV-z9VCB1pxwDC0BUBgBcB%26num%3D1%26sig%3DAOD64_0Y9-yIouxlnro7eihPXk6_y_EnsQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 00:59:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 02 Jan 2025 00:59:52 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame C6C0 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZZtJBwAH-0wIVT_7AADHaTua0xPG9qkjdNPMsA&u=%7CS19WjitlcKk5dPE%2B4PdWg429Qd3E6AaiLoPiEW5okpo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5N9mBfGRFouMR7VmjLFtAe7S16-nkL5ahVqX08I0StfUWyxQIJcomi2lgEbJzwhpccyLSD-B6evyWKkn0aXu2j8jmZxgFYfEwIoDm0qEOZiWx97tJICMDTrITA35-h2g9zRAyaASZz036dEUi7JShbryEKQKjsmemHLIfLecKGxr4e1btR2nXRcyzrk-LtpgDYEaAozt5RFQrN0Y6VpwAkmwdo5KJSq5j4qBaI1Qx1NuF80BN7ebf1bhXb4gRJCXnAPqKdkU3RA_ZeIZ_9gxnFWdq5J3Js_f1DXaKA_HJf4x6VIC8pfPRNDZt4GTTNhpoFgxCIHjI03D-LOii4JWmVTT9mmKuM8xUV_YAOlelNMj1VuD1zEpW5s3NWhJHXUwAMuVGVDSBKeaCXPPk4K-_vG_inw8R4Td95OpdAmC5jU6Tp-1RU7PQg1f0_kFDc1cMYdQ6DrfSQPVmPiV6ZxfULe3oxkxvOm3q3n9_JhTEE2InfecryTbka_YGW8DuC0-qKCKRtFIfPJ8AkRxYc2EraOU-z2YcAWr0Sy73nq5Pocx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOd57B0mbZcz2H_v_1PIP6Y6DkAzJntKxXNWdkfdwwI23ARABIABglaqggrAHggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAhMP0DncW7I-4AIAqAMByAMCqgSmAk_Q_cfNGN1n5vZTCBejmjF3c1RWxVbCneSo1UlUgk9gCpp72S9OPPBFk5P-Sn8VR2DSUs82xj3wjmMqPWWtiZB6tZ9QWr2GuYB4UhxtmItkB8ZYpF_aOWJxACJKlMZzyXg8H8SZQ-nSXAGAp9LY-Nl0OqfW9qP5FBv9fHPImFfmYZj2yjpUugruHXCrH-krbF2iFW2748ep4_toLs9gbEBxXWRxiIJr2wZ5-vbbC3MQ_f1yJ3tc3KUYyzSaSPCfyYCgNZT1QJkxTrF-JoO936nH5NoSjW3HTU6ZFLbHothx0hMcRNZhg0cWy022aMMuSEwLn9_uT-BgTNZd_2gnnAllhV3k0wdvrZ7bQOZmQCxE4l9ljtyzl-JuxA_6Jd4hYyowxcuyZ-AEAYAG9aedkJiV_rhwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WN642rjLzIMD-gsCCAGADAHiDRMI5_DauMvMgwMV-z9VCB1pxwDC0BUBgBcB%26num%3D1%26sig%3DAOD64_0Y9-yIouxlnro7eihPXk6_y_EnsQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 00:59:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 02 Jan 2025 00:59:52 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame C6C0 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZZtJBwAH-0wIVT_7AADHaTua0xPG9qkjdNPMsA&u=%7CS19WjitlcKk5dPE%2B4PdWg429Qd3E6AaiLoPiEW5okpo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5N9mBfGRFouMR7VmjLFtAe7S16-nkL5ahVqX08I0StfUWyxQIJcomi2lgEbJzwhpccyLSD-B6evyWKkn0aXu2j8jmZxgFYfEwIoDm0qEOZiWx97tJICMDTrITA35-h2g9zRAyaASZz036dEUi7JShbryEKQKjsmemHLIfLecKGxr4e1btR2nXRcyzrk-LtpgDYEaAozt5RFQrN0Y6VpwAkmwdo5KJSq5j4qBaI1Qx1NuF80BN7ebf1bhXb4gRJCXnAPqKdkU3RA_ZeIZ_9gxnFWdq5J3Js_f1DXaKA_HJf4x6VIC8pfPRNDZt4GTTNhpoFgxCIHjI03D-LOii4JWmVTT9mmKuM8xUV_YAOlelNMj1VuD1zEpW5s3NWhJHXUwAMuVGVDSBKeaCXPPk4K-_vG_inw8R4Td95OpdAmC5jU6Tp-1RU7PQg1f0_kFDc1cMYdQ6DrfSQPVmPiV6ZxfULe3oxkxvOm3q3n9_JhTEE2InfecryTbka_YGW8DuC0-qKCKRtFIfPJ8AkRxYc2EraOU-z2YcAWr0Sy73nq5Pocx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOd57B0mbZcz2H_v_1PIP6Y6DkAzJntKxXNWdkfdwwI23ARABIABglaqggrAHggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAhMP0DncW7I-4AIAqAMByAMCqgSmAk_Q_cfNGN1n5vZTCBejmjF3c1RWxVbCneSo1UlUgk9gCpp72S9OPPBFk5P-Sn8VR2DSUs82xj3wjmMqPWWtiZB6tZ9QWr2GuYB4UhxtmItkB8ZYpF_aOWJxACJKlMZzyXg8H8SZQ-nSXAGAp9LY-Nl0OqfW9qP5FBv9fHPImFfmYZj2yjpUugruHXCrH-krbF2iFW2748ep4_toLs9gbEBxXWRxiIJr2wZ5-vbbC3MQ_f1yJ3tc3KUYyzSaSPCfyYCgNZT1QJkxTrF-JoO936nH5NoSjW3HTU6ZFLbHothx0hMcRNZhg0cWy022aMMuSEwLn9_uT-BgTNZd_2gnnAllhV3k0wdvrZ7bQOZmQCxE4l9ljtyzl-JuxA_6Jd4hYyowxcuyZ-AEAYAG9aedkJiV_rhwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WN642rjLzIMD-gsCCAGADAHiDRMI5_DauMvMgwMV-z9VCB1pxwDC0BUBgBcB%26num%3D1%26sig%3DAOD64_0Y9-yIouxlnro7eihPXk6_y_EnsQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 00:59:52 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Thu, 02 Jan 2025 00:59:52 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame C6C0 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZZtJBwAH-0wIVT_7AADHaTua0xPG9qkjdNPMsA&u=%7CS19WjitlcKk5dPE%2B4PdWg429Qd3E6AaiLoPiEW5okpo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5N9mBfGRFouMR7VmjLFtAe7S16-nkL5ahVqX08I0StfUWyxQIJcomi2lgEbJzwhpccyLSD-B6evyWKkn0aXu2j8jmZxgFYfEwIoDm0qEOZiWx97tJICMDTrITA35-h2g9zRAyaASZz036dEUi7JShbryEKQKjsmemHLIfLecKGxr4e1btR2nXRcyzrk-LtpgDYEaAozt5RFQrN0Y6VpwAkmwdo5KJSq5j4qBaI1Qx1NuF80BN7ebf1bhXb4gRJCXnAPqKdkU3RA_ZeIZ_9gxnFWdq5J3Js_f1DXaKA_HJf4x6VIC8pfPRNDZt4GTTNhpoFgxCIHjI03D-LOii4JWmVTT9mmKuM8xUV_YAOlelNMj1VuD1zEpW5s3NWhJHXUwAMuVGVDSBKeaCXPPk4K-_vG_inw8R4Td95OpdAmC5jU6Tp-1RU7PQg1f0_kFDc1cMYdQ6DrfSQPVmPiV6ZxfULe3oxkxvOm3q3n9_JhTEE2InfecryTbka_YGW8DuC0-qKCKRtFIfPJ8AkRxYc2EraOU-z2YcAWr0Sy73nq5Pocx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOd57B0mbZcz2H_v_1PIP6Y6DkAzJntKxXNWdkfdwwI23ARABIABglaqggrAHggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAhMP0DncW7I-4AIAqAMByAMCqgSmAk_Q_cfNGN1n5vZTCBejmjF3c1RWxVbCneSo1UlUgk9gCpp72S9OPPBFk5P-Sn8VR2DSUs82xj3wjmMqPWWtiZB6tZ9QWr2GuYB4UhxtmItkB8ZYpF_aOWJxACJKlMZzyXg8H8SZQ-nSXAGAp9LY-Nl0OqfW9qP5FBv9fHPImFfmYZj2yjpUugruHXCrH-krbF2iFW2748ep4_toLs9gbEBxXWRxiIJr2wZ5-vbbC3MQ_f1yJ3tc3KUYyzSaSPCfyYCgNZT1QJkxTrF-JoO936nH5NoSjW3HTU6ZFLbHothx0hMcRNZhg0cWy022aMMuSEwLn9_uT-BgTNZd_2gnnAllhV3k0wdvrZ7bQOZmQCxE4l9ljtyzl-JuxA_6Jd4hYyowxcuyZ-AEAYAG9aedkJiV_rhwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WN642rjLzIMD-gsCCAGADAHiDRMI5_DauMvMgwMV-z9VCB1pxwDC0BUBgBcB%26num%3D1%26sig%3DAOD64_0Y9-yIouxlnro7eihPXk6_y_EnsQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 00:59:52 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Thu, 02 Jan 2025 00:59:52 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame C6C0 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=4FcoNJ3gPfgEnCaj6vwb1cS3pMpA6eT-rKJsIaNn6siugGHOFTS3bxPSJzwbKXTO-iXUxd1pVTxspErtqozWXb6k88o4NkByVTWrQZAe_VGbxnHuSsiweDFQZ-Ptzp0yfJUho6s7eaApWWjrBjzD8v0ykpTy-eduslMNeI52bFsn41wYZ_Mh-4fjx0qZzT2PrGDyzmMqkzA4rQ4g31d4NNnSGJDydYfBazELd5X3ngDDj0Pg2sHYls6xwFNReAdlKagmmxcw04TFCXC7HS7XzD616s4WEwy8XJcDbGhg3-i2144A7aVmWG212CZ623sh6257I6qkqZ8T5BzwEXi7Yiu2QwcOefocNnuP_O9J-4L0U4J_2OgOwZ58jiYz0K_xKV5nplm8XjHU_daRTbqQZB1txeWgkcUk6lzhYCz-U7R7IoHb
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZZtJBwAH-0wIVT_7AADHaTua0xPG9qkjdNPMsA&u=%7CS19WjitlcKk5dPE%2B4PdWg429Qd3E6AaiLoPiEW5okpo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5N9mBfGRFouMR7VmjLFtAe7S16-nkL5ahVqX08I0StfUWyxQIJcomi2lgEbJzwhpccyLSD-B6evyWKkn0aXu2j8jmZxgFYfEwIoDm0qEOZiWx97tJICMDTrITA35-h2g9zRAyaASZz036dEUi7JShbryEKQKjsmemHLIfLecKGxr4e1btR2nXRcyzrk-LtpgDYEaAozt5RFQrN0Y6VpwAkmwdo5KJSq5j4qBaI1Qx1NuF80BN7ebf1bhXb4gRJCXnAPqKdkU3RA_ZeIZ_9gxnFWdq5J3Js_f1DXaKA_HJf4x6VIC8pfPRNDZt4GTTNhpoFgxCIHjI03D-LOii4JWmVTT9mmKuM8xUV_YAOlelNMj1VuD1zEpW5s3NWhJHXUwAMuVGVDSBKeaCXPPk4K-_vG_inw8R4Td95OpdAmC5jU6Tp-1RU7PQg1f0_kFDc1cMYdQ6DrfSQPVmPiV6ZxfULe3oxkxvOm3q3n9_JhTEE2InfecryTbka_YGW8DuC0-qKCKRtFIfPJ8AkRxYc2EraOU-z2YcAWr0Sy73nq5Pocx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOd57B0mbZcz2H_v_1PIP6Y6DkAzJntKxXNWdkfdwwI23ARABIABglaqggrAHggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAhMP0DncW7I-4AIAqAMByAMCqgSmAk_Q_cfNGN1n5vZTCBejmjF3c1RWxVbCneSo1UlUgk9gCpp72S9OPPBFk5P-Sn8VR2DSUs82xj3wjmMqPWWtiZB6tZ9QWr2GuYB4UhxtmItkB8ZYpF_aOWJxACJKlMZzyXg8H8SZQ-nSXAGAp9LY-Nl0OqfW9qP5FBv9fHPImFfmYZj2yjpUugruHXCrH-krbF2iFW2748ep4_toLs9gbEBxXWRxiIJr2wZ5-vbbC3MQ_f1yJ3tc3KUYyzSaSPCfyYCgNZT1QJkxTrF-JoO936nH5NoSjW3HTU6ZFLbHothx0hMcRNZhg0cWy022aMMuSEwLn9_uT-BgTNZd_2gnnAllhV3k0wdvrZ7bQOZmQCxE4l9ljtyzl-JuxA_6Jd4hYyowxcuyZ-AEAYAG9aedkJiV_rhwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WN642rjLzIMD-gsCCAGADAHiDRMI5_DauMvMgwMV-z9VCB1pxwDC0BUBgBcB%26num%3D1%26sig%3DAOD64_0Y9-yIouxlnro7eihPXk6_y_EnsQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Jan 2024 00:59:52 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3309043
expires
Mon, 26 Jul 1997 05:00:00 GMT
pd
google-bidout-d.openx.net/w/1.0/ Frame 2ED2 		199 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e

Request headers

Referer
https://reurl.cc/xm7nmj
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
151
content-type
text/html
date
Mon, 08 Jan 2024 00:59:52 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
animejs.js
static.criteo.net/animejs/ Frame C6C0 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZZtJBwAH-0wIVT_7AADHaTua0xPG9qkjdNPMsA&u=%7CS19WjitlcKk5dPE%2B4PdWg429Qd3E6AaiLoPiEW5okpo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5N9mBfGRFouMR7VmjLFtAe7S16-nkL5ahVqX08I0StfUWyxQIJcomi2lgEbJzwhpccyLSD-B6evyWKkn0aXu2j8jmZxgFYfEwIoDm0qEOZiWx97tJICMDTrITA35-h2g9zRAyaASZz036dEUi7JShbryEKQKjsmemHLIfLecKGxr4e1btR2nXRcyzrk-LtpgDYEaAozt5RFQrN0Y6VpwAkmwdo5KJSq5j4qBaI1Qx1NuF80BN7ebf1bhXb4gRJCXnAPqKdkU3RA_ZeIZ_9gxnFWdq5J3Js_f1DXaKA_HJf4x6VIC8pfPRNDZt4GTTNhpoFgxCIHjI03D-LOii4JWmVTT9mmKuM8xUV_YAOlelNMj1VuD1zEpW5s3NWhJHXUwAMuVGVDSBKeaCXPPk4K-_vG_inw8R4Td95OpdAmC5jU6Tp-1RU7PQg1f0_kFDc1cMYdQ6DrfSQPVmPiV6ZxfULe3oxkxvOm3q3n9_JhTEE2InfecryTbka_YGW8DuC0-qKCKRtFIfPJ8AkRxYc2EraOU-z2YcAWr0Sy73nq5Pocx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOd57B0mbZcz2H_v_1PIP6Y6DkAzJntKxXNWdkfdwwI23ARABIABglaqggrAHggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAhMP0DncW7I-4AIAqAMByAMCqgSmAk_Q_cfNGN1n5vZTCBejmjF3c1RWxVbCneSo1UlUgk9gCpp72S9OPPBFk5P-Sn8VR2DSUs82xj3wjmMqPWWtiZB6tZ9QWr2GuYB4UhxtmItkB8ZYpF_aOWJxACJKlMZzyXg8H8SZQ-nSXAGAp9LY-Nl0OqfW9qP5FBv9fHPImFfmYZj2yjpUugruHXCrH-krbF2iFW2748ep4_toLs9gbEBxXWRxiIJr2wZ5-vbbC3MQ_f1yJ3tc3KUYyzSaSPCfyYCgNZT1QJkxTrF-JoO936nH5NoSjW3HTU6ZFLbHothx0hMcRNZhg0cWy022aMMuSEwLn9_uT-BgTNZd_2gnnAllhV3k0wdvrZ7bQOZmQCxE4l9ljtyzl-JuxA_6Jd4hYyowxcuyZ-AEAYAG9aedkJiV_rhwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WN642rjLzIMD-gsCCAGADAHiDRMI5_DauMvMgwMV-z9VCB1pxwDC0BUBgBcB%26num%3D1%26sig%3DAOD64_0Y9-yIouxlnro7eihPXk6_y_EnsQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 00:59:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 02 Jan 2025 00:59:52 GMT
Preset.js
ad.holmesmind.com/adserver/ Frame 4D34 		1 KB
674 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/Preset.js?z=14210
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.64.241.212 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-64-241-212.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
53aaf3175a9c154b8f2e0230b8754717d40ea4a83c13da70300b74d43ef6ad2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/xm7nmj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Mon, 08 Jan 2024 00:59:53 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
js-md5.js
cdn.holmesmind.com/js/ Frame 4D34 		30 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/js-md5.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:3a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0efa8291235243ad1438d266932112aecf4e7dca1963545a22d118cbe5d5d6e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/xm7nmj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
GJjk5mkGsSOM8o1hDQLuy7m.Hsc3NZ3.
date
Mon, 08 Jan 2024 00:59:33 GMT
via
1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
last-modified
Tue, 14 Nov 2023 14:04:56 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
20
x-amz-server-side-encryption
AES256
etag
"ab3f6a2aedec7585237d5fb727bebcbb"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
30621
x-amz-cf-id
UGZNnEPu0CgqP7rfqpq9epIH-lPo9rjCJ9PfdW_fdb-87tGuLvK8Pg==
img
imageproxy.eu.criteo.net/img/ Frame C6C0 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=132&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F105623%2F5022139%2Fde7bb98efd3a445e80511badf471eccc_eu_oveckarna_vertikalni_hneda.png&v=3&w=596&rid=4&s=tjTSKSsIG8TQAGicRvuOPnYH
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZZtJBwAH-0wIVT_7AADHaTua0xPG9qkjdNPMsA&u=%7CS19WjitlcKk5dPE%2B4PdWg429Qd3E6AaiLoPiEW5okpo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5N9mBfGRFouMR7VmjLFtAe7S16-nkL5ahVqX08I0StfUWyxQIJcomi2lgEbJzwhpccyLSD-B6evyWKkn0aXu2j8jmZxgFYfEwIoDm0qEOZiWx97tJICMDTrITA35-h2g9zRAyaASZz036dEUi7JShbryEKQKjsmemHLIfLecKGxr4e1btR2nXRcyzrk-LtpgDYEaAozt5RFQrN0Y6VpwAkmwdo5KJSq5j4qBaI1Qx1NuF80BN7ebf1bhXb4gRJCXnAPqKdkU3RA_ZeIZ_9gxnFWdq5J3Js_f1DXaKA_HJf4x6VIC8pfPRNDZt4GTTNhpoFgxCIHjI03D-LOii4JWmVTT9mmKuM8xUV_YAOlelNMj1VuD1zEpW5s3NWhJHXUwAMuVGVDSBKeaCXPPk4K-_vG_inw8R4Td95OpdAmC5jU6Tp-1RU7PQg1f0_kFDc1cMYdQ6DrfSQPVmPiV6ZxfULe3oxkxvOm3q3n9_JhTEE2InfecryTbka_YGW8DuC0-qKCKRtFIfPJ8AkRxYc2EraOU-z2YcAWr0Sy73nq5Pocx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOd57B0mbZcz2H_v_1PIP6Y6DkAzJntKxXNWdkfdwwI23ARABIABglaqggrAHggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAhMP0DncW7I-4AIAqAMByAMCqgSmAk_Q_cfNGN1n5vZTCBejmjF3c1RWxVbCneSo1UlUgk9gCpp72S9OPPBFk5P-Sn8VR2DSUs82xj3wjmMqPWWtiZB6tZ9QWr2GuYB4UhxtmItkB8ZYpF_aOWJxACJKlMZzyXg8H8SZQ-nSXAGAp9LY-Nl0OqfW9qP5FBv9fHPImFfmYZj2yjpUugruHXCrH-krbF2iFW2748ep4_toLs9gbEBxXWRxiIJr2wZ5-vbbC3MQ_f1yJ3tc3KUYyzSaSPCfyYCgNZT1QJkxTrF-JoO936nH5NoSjW3HTU6ZFLbHothx0hMcRNZhg0cWy022aMMuSEwLn9_uT-BgTNZd_2gnnAllhV3k0wdvrZ7bQOZmQCxE4l9ljtyzl-JuxA_6Jd4hYyowxcuyZ-AEAYAG9aedkJiV_rhwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WN642rjLzIMD-gsCCAGADAHiDRMI5_DauMvMgwMV-z9VCB1pxwDC0BUBgBcB%26num%3D1%26sig%3DAOD64_0Y9-yIouxlnro7eihPXk6_y_EnsQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
69bd2df73c3c16a1a57407663d6598ffe1a349461a214c5e2aa816cb0fbcff44
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 00:59:51 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
9479
expires
Fri, 06 Dec 2024 05:49:29 GMT
img
imageproxy.eu.criteo.net/img/ Frame C6C0 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F9%2F11129_102.jpg%3F1636111187_2&v=3&w=400&rid=4&s=OwJrqLXLfgkHQjehgtmTQxXg&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZZtJBwAH-0wIVT_7AADHaTua0xPG9qkjdNPMsA&u=%7CS19WjitlcKk5dPE%2B4PdWg429Qd3E6AaiLoPiEW5okpo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5N9mBfGRFouMR7VmjLFtAe7S16-nkL5ahVqX08I0StfUWyxQIJcomi2lgEbJzwhpccyLSD-B6evyWKkn0aXu2j8jmZxgFYfEwIoDm0qEOZiWx97tJICMDTrITA35-h2g9zRAyaASZz036dEUi7JShbryEKQKjsmemHLIfLecKGxr4e1btR2nXRcyzrk-LtpgDYEaAozt5RFQrN0Y6VpwAkmwdo5KJSq5j4qBaI1Qx1NuF80BN7ebf1bhXb4gRJCXnAPqKdkU3RA_ZeIZ_9gxnFWdq5J3Js_f1DXaKA_HJf4x6VIC8pfPRNDZt4GTTNhpoFgxCIHjI03D-LOii4JWmVTT9mmKuM8xUV_YAOlelNMj1VuD1zEpW5s3NWhJHXUwAMuVGVDSBKeaCXPPk4K-_vG_inw8R4Td95OpdAmC5jU6Tp-1RU7PQg1f0_kFDc1cMYdQ6DrfSQPVmPiV6ZxfULe3oxkxvOm3q3n9_JhTEE2InfecryTbka_YGW8DuC0-qKCKRtFIfPJ8AkRxYc2EraOU-z2YcAWr0Sy73nq5Pocx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOd57B0mbZcz2H_v_1PIP6Y6DkAzJntKxXNWdkfdwwI23ARABIABglaqggrAHggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAhMP0DncW7I-4AIAqAMByAMCqgSmAk_Q_cfNGN1n5vZTCBejmjF3c1RWxVbCneSo1UlUgk9gCpp72S9OPPBFk5P-Sn8VR2DSUs82xj3wjmMqPWWtiZB6tZ9QWr2GuYB4UhxtmItkB8ZYpF_aOWJxACJKlMZzyXg8H8SZQ-nSXAGAp9LY-Nl0OqfW9qP5FBv9fHPImFfmYZj2yjpUugruHXCrH-krbF2iFW2748ep4_toLs9gbEBxXWRxiIJr2wZ5-vbbC3MQ_f1yJ3tc3KUYyzSaSPCfyYCgNZT1QJkxTrF-JoO936nH5NoSjW3HTU6ZFLbHothx0hMcRNZhg0cWy022aMMuSEwLn9_uT-BgTNZd_2gnnAllhV3k0wdvrZ7bQOZmQCxE4l9ljtyzl-JuxA_6Jd4hYyowxcuyZ-AEAYAG9aedkJiV_rhwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WN642rjLzIMD-gsCCAGADAHiDRMI5_DauMvMgwMV-z9VCB1pxwDC0BUBgBcB%26num%3D1%26sig%3DAOD64_0Y9-yIouxlnro7eihPXk6_y_EnsQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
98a2fbbfdf666c4b875ed5d04436b77dc3890b85788f085967b51bb0305bbee8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 00:59:51 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
3748
expires
Fri, 02 Feb 2024 22:15:30 GMT
img
imageproxy.eu.criteo.net/img/ Frame C6C0 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F0%2F11130_102.jpg%3F1636111195_2&v=3&w=400&rid=4&s=FdSpG128PWngHXeApQMO8ziw&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZZtJBwAH-0wIVT_7AADHaTua0xPG9qkjdNPMsA&u=%7CS19WjitlcKk5dPE%2B4PdWg429Qd3E6AaiLoPiEW5okpo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5N9mBfGRFouMR7VmjLFtAe7S16-nkL5ahVqX08I0StfUWyxQIJcomi2lgEbJzwhpccyLSD-B6evyWKkn0aXu2j8jmZxgFYfEwIoDm0qEOZiWx97tJICMDTrITA35-h2g9zRAyaASZz036dEUi7JShbryEKQKjsmemHLIfLecKGxr4e1btR2nXRcyzrk-LtpgDYEaAozt5RFQrN0Y6VpwAkmwdo5KJSq5j4qBaI1Qx1NuF80BN7ebf1bhXb4gRJCXnAPqKdkU3RA_ZeIZ_9gxnFWdq5J3Js_f1DXaKA_HJf4x6VIC8pfPRNDZt4GTTNhpoFgxCIHjI03D-LOii4JWmVTT9mmKuM8xUV_YAOlelNMj1VuD1zEpW5s3NWhJHXUwAMuVGVDSBKeaCXPPk4K-_vG_inw8R4Td95OpdAmC5jU6Tp-1RU7PQg1f0_kFDc1cMYdQ6DrfSQPVmPiV6ZxfULe3oxkxvOm3q3n9_JhTEE2InfecryTbka_YGW8DuC0-qKCKRtFIfPJ8AkRxYc2EraOU-z2YcAWr0Sy73nq5Pocx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOd57B0mbZcz2H_v_1PIP6Y6DkAzJntKxXNWdkfdwwI23ARABIABglaqggrAHggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAhMP0DncW7I-4AIAqAMByAMCqgSmAk_Q_cfNGN1n5vZTCBejmjF3c1RWxVbCneSo1UlUgk9gCpp72S9OPPBFk5P-Sn8VR2DSUs82xj3wjmMqPWWtiZB6tZ9QWr2GuYB4UhxtmItkB8ZYpF_aOWJxACJKlMZzyXg8H8SZQ-nSXAGAp9LY-Nl0OqfW9qP5FBv9fHPImFfmYZj2yjpUugruHXCrH-krbF2iFW2748ep4_toLs9gbEBxXWRxiIJr2wZ5-vbbC3MQ_f1yJ3tc3KUYyzSaSPCfyYCgNZT1QJkxTrF-JoO936nH5NoSjW3HTU6ZFLbHothx0hMcRNZhg0cWy022aMMuSEwLn9_uT-BgTNZd_2gnnAllhV3k0wdvrZ7bQOZmQCxE4l9ljtyzl-JuxA_6Jd4hYyowxcuyZ-AEAYAG9aedkJiV_rhwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WN642rjLzIMD-gsCCAGADAHiDRMI5_DauMvMgwMV-z9VCB1pxwDC0BUBgBcB%26num%3D1%26sig%3DAOD64_0Y9-yIouxlnro7eihPXk6_y_EnsQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
60e9ef6f562510c79d89371184813093860d273ea3042c2e5d64c6130fdfaeb5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 00:59:51 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
4546
expires
Sat, 03 Feb 2024 01:36:24 GMT
img
imageproxy.eu.criteo.net/img/ Frame C6C0 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F3%2F11463_102.jpg%3F1637921162_2&v=3&w=400&rid=4&s=Y7TV4IKYmPwHaoQnJZw2a1ST&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZZtJBwAH-0wIVT_7AADHaTua0xPG9qkjdNPMsA&u=%7CS19WjitlcKk5dPE%2B4PdWg429Qd3E6AaiLoPiEW5okpo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5N9mBfGRFouMR7VmjLFtAe7S16-nkL5ahVqX08I0StfUWyxQIJcomi2lgEbJzwhpccyLSD-B6evyWKkn0aXu2j8jmZxgFYfEwIoDm0qEOZiWx97tJICMDTrITA35-h2g9zRAyaASZz036dEUi7JShbryEKQKjsmemHLIfLecKGxr4e1btR2nXRcyzrk-LtpgDYEaAozt5RFQrN0Y6VpwAkmwdo5KJSq5j4qBaI1Qx1NuF80BN7ebf1bhXb4gRJCXnAPqKdkU3RA_ZeIZ_9gxnFWdq5J3Js_f1DXaKA_HJf4x6VIC8pfPRNDZt4GTTNhpoFgxCIHjI03D-LOii4JWmVTT9mmKuM8xUV_YAOlelNMj1VuD1zEpW5s3NWhJHXUwAMuVGVDSBKeaCXPPk4K-_vG_inw8R4Td95OpdAmC5jU6Tp-1RU7PQg1f0_kFDc1cMYdQ6DrfSQPVmPiV6ZxfULe3oxkxvOm3q3n9_JhTEE2InfecryTbka_YGW8DuC0-qKCKRtFIfPJ8AkRxYc2EraOU-z2YcAWr0Sy73nq5Pocx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOd57B0mbZcz2H_v_1PIP6Y6DkAzJntKxXNWdkfdwwI23ARABIABglaqggrAHggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAhMP0DncW7I-4AIAqAMByAMCqgSmAk_Q_cfNGN1n5vZTCBejmjF3c1RWxVbCneSo1UlUgk9gCpp72S9OPPBFk5P-Sn8VR2DSUs82xj3wjmMqPWWtiZB6tZ9QWr2GuYB4UhxtmItkB8ZYpF_aOWJxACJKlMZzyXg8H8SZQ-nSXAGAp9LY-Nl0OqfW9qP5FBv9fHPImFfmYZj2yjpUugruHXCrH-krbF2iFW2748ep4_toLs9gbEBxXWRxiIJr2wZ5-vbbC3MQ_f1yJ3tc3KUYyzSaSPCfyYCgNZT1QJkxTrF-JoO936nH5NoSjW3HTU6ZFLbHothx0hMcRNZhg0cWy022aMMuSEwLn9_uT-BgTNZd_2gnnAllhV3k0wdvrZ7bQOZmQCxE4l9ljtyzl-JuxA_6Jd4hYyowxcuyZ-AEAYAG9aedkJiV_rhwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WN642rjLzIMD-gsCCAGADAHiDRMI5_DauMvMgwMV-z9VCB1pxwDC0BUBgBcB%26num%3D1%26sig%3DAOD64_0Y9-yIouxlnro7eihPXk6_y_EnsQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
5fd058e8362e305341a3ff93766fd9e3863bd93e79ef24e04089564e528c5a1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 00:59:51 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
22540
expires
Sat, 03 Feb 2024 04:28:09 GMT
img
imageproxy.eu.criteo.net/img/ Frame C6C0 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F4%2F11464_102.jpg%3F1637921167_2&v=3&w=400&rid=4&s=4YgzIkTZyZP-3tuHQ0kqK0xl&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZZtJBwAH-0wIVT_7AADHaTua0xPG9qkjdNPMsA&u=%7CS19WjitlcKk5dPE%2B4PdWg429Qd3E6AaiLoPiEW5okpo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5N9mBfGRFouMR7VmjLFtAe7S16-nkL5ahVqX08I0StfUWyxQIJcomi2lgEbJzwhpccyLSD-B6evyWKkn0aXu2j8jmZxgFYfEwIoDm0qEOZiWx97tJICMDTrITA35-h2g9zRAyaASZz036dEUi7JShbryEKQKjsmemHLIfLecKGxr4e1btR2nXRcyzrk-LtpgDYEaAozt5RFQrN0Y6VpwAkmwdo5KJSq5j4qBaI1Qx1NuF80BN7ebf1bhXb4gRJCXnAPqKdkU3RA_ZeIZ_9gxnFWdq5J3Js_f1DXaKA_HJf4x6VIC8pfPRNDZt4GTTNhpoFgxCIHjI03D-LOii4JWmVTT9mmKuM8xUV_YAOlelNMj1VuD1zEpW5s3NWhJHXUwAMuVGVDSBKeaCXPPk4K-_vG_inw8R4Td95OpdAmC5jU6Tp-1RU7PQg1f0_kFDc1cMYdQ6DrfSQPVmPiV6ZxfULe3oxkxvOm3q3n9_JhTEE2InfecryTbka_YGW8DuC0-qKCKRtFIfPJ8AkRxYc2EraOU-z2YcAWr0Sy73nq5Pocx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOd57B0mbZcz2H_v_1PIP6Y6DkAzJntKxXNWdkfdwwI23ARABIABglaqggrAHggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAhMP0DncW7I-4AIAqAMByAMCqgSmAk_Q_cfNGN1n5vZTCBejmjF3c1RWxVbCneSo1UlUgk9gCpp72S9OPPBFk5P-Sn8VR2DSUs82xj3wjmMqPWWtiZB6tZ9QWr2GuYB4UhxtmItkB8ZYpF_aOWJxACJKlMZzyXg8H8SZQ-nSXAGAp9LY-Nl0OqfW9qP5FBv9fHPImFfmYZj2yjpUugruHXCrH-krbF2iFW2748ep4_toLs9gbEBxXWRxiIJr2wZ5-vbbC3MQ_f1yJ3tc3KUYyzSaSPCfyYCgNZT1QJkxTrF-JoO936nH5NoSjW3HTU6ZFLbHothx0hMcRNZhg0cWy022aMMuSEwLn9_uT-BgTNZd_2gnnAllhV3k0wdvrZ7bQOZmQCxE4l9ljtyzl-JuxA_6Jd4hYyowxcuyZ-AEAYAG9aedkJiV_rhwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WN642rjLzIMD-gsCCAGADAHiDRMI5_DauMvMgwMV-z9VCB1pxwDC0BUBgBcB%26num%3D1%26sig%3DAOD64_0Y9-yIouxlnro7eihPXk6_y_EnsQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
b085e3451c5c297d21e6911304fbfc045ec67a38adb9fbf05140c2065d4e8a06
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 00:59:52 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
15440
expires
Sat, 03 Feb 2024 08:33:32 GMT
all
csm.eu.criteo.net/ Frame C6C0 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=IIferRx65iqJAuwW0gpLSWYHUgNoWV53rWqYwoczJhZXWkLrrmVe1C2efjHf12qP4ggfDIRjARli-eodSbAe2foVCBAq3yVdEKXavqUzaUYhtwJU-oST5J1rJ8pR5GdONrYHpoDzLXTRBm1xbPUKDiSCv6hI4_RZKsXbe-UlC-FE6gwbIWyNnZ4577N81SvW-s4b-QCDWzdOR7dBSk-ulkGl3-z2TOk_QzzX7KbUrRl2WIEoRj_dfIrCFNMXE8j4YkWnmA&sds=2&rev=90025&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZZtJBwAH-0wIVT_7AADHaTua0xPG9qkjdNPMsA&u=%7CS19WjitlcKk5dPE%2B4PdWg429Qd3E6AaiLoPiEW5okpo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5N9mBfGRFouMR7VmjLFtAe7S16-nkL5ahVqX08I0StfUWyxQIJcomi2lgEbJzwhpccyLSD-B6evyWKkn0aXu2j8jmZxgFYfEwIoDm0qEOZiWx97tJICMDTrITA35-h2g9zRAyaASZz036dEUi7JShbryEKQKjsmemHLIfLecKGxr4e1btR2nXRcyzrk-LtpgDYEaAozt5RFQrN0Y6VpwAkmwdo5KJSq5j4qBaI1Qx1NuF80BN7ebf1bhXb4gRJCXnAPqKdkU3RA_ZeIZ_9gxnFWdq5J3Js_f1DXaKA_HJf4x6VIC8pfPRNDZt4GTTNhpoFgxCIHjI03D-LOii4JWmVTT9mmKuM8xUV_YAOlelNMj1VuD1zEpW5s3NWhJHXUwAMuVGVDSBKeaCXPPk4K-_vG_inw8R4Td95OpdAmC5jU6Tp-1RU7PQg1f0_kFDc1cMYdQ6DrfSQPVmPiV6ZxfULe3oxkxvOm3q3n9_JhTEE2InfecryTbka_YGW8DuC0-qKCKRtFIfPJ8AkRxYc2EraOU-z2YcAWr0Sy73nq5Pocx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOd57B0mbZcz2H_v_1PIP6Y6DkAzJntKxXNWdkfdwwI23ARABIABglaqggrAHggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAhMP0DncW7I-4AIAqAMByAMCqgSmAk_Q_cfNGN1n5vZTCBejmjF3c1RWxVbCneSo1UlUgk9gCpp72S9OPPBFk5P-Sn8VR2DSUs82xj3wjmMqPWWtiZB6tZ9QWr2GuYB4UhxtmItkB8ZYpF_aOWJxACJKlMZzyXg8H8SZQ-nSXAGAp9LY-Nl0OqfW9qP5FBv9fHPImFfmYZj2yjpUugruHXCrH-krbF2iFW2748ep4_toLs9gbEBxXWRxiIJr2wZ5-vbbC3MQ_f1yJ3tc3KUYyzSaSPCfyYCgNZT1QJkxTrF-JoO936nH5NoSjW3HTU6ZFLbHothx0hMcRNZhg0cWy022aMMuSEwLn9_uT-BgTNZd_2gnnAllhV3k0wdvrZ7bQOZmQCxE4l9ljtyzl-JuxA_6Jd4hYyowxcuyZ-AEAYAG9aedkJiV_rhwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WN642rjLzIMD-gsCCAGADAHiDRMI5_DauMvMgwMV-z9VCB1pxwDC0BUBgBcB%26num%3D1%26sig%3DAOD64_0Y9-yIouxlnro7eihPXk6_y_EnsQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 08 Jan 2024 00:59:52 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame C6C0 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZZtJBwAH-0wIVT_7AADHaTua0xPG9qkjdNPMsA&u=%7CS19WjitlcKk5dPE%2B4PdWg429Qd3E6AaiLoPiEW5okpo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5N9mBfGRFouMR7VmjLFtAe7S16-nkL5ahVqX08I0StfUWyxQIJcomi2lgEbJzwhpccyLSD-B6evyWKkn0aXu2j8jmZxgFYfEwIoDm0qEOZiWx97tJICMDTrITA35-h2g9zRAyaASZz036dEUi7JShbryEKQKjsmemHLIfLecKGxr4e1btR2nXRcyzrk-LtpgDYEaAozt5RFQrN0Y6VpwAkmwdo5KJSq5j4qBaI1Qx1NuF80BN7ebf1bhXb4gRJCXnAPqKdkU3RA_ZeIZ_9gxnFWdq5J3Js_f1DXaKA_HJf4x6VIC8pfPRNDZt4GTTNhpoFgxCIHjI03D-LOii4JWmVTT9mmKuM8xUV_YAOlelNMj1VuD1zEpW5s3NWhJHXUwAMuVGVDSBKeaCXPPk4K-_vG_inw8R4Td95OpdAmC5jU6Tp-1RU7PQg1f0_kFDc1cMYdQ6DrfSQPVmPiV6ZxfULe3oxkxvOm3q3n9_JhTEE2InfecryTbka_YGW8DuC0-qKCKRtFIfPJ8AkRxYc2EraOU-z2YcAWr0Sy73nq5Pocx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOd57B0mbZcz2H_v_1PIP6Y6DkAzJntKxXNWdkfdwwI23ARABIABglaqggrAHggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAhMP0DncW7I-4AIAqAMByAMCqgSmAk_Q_cfNGN1n5vZTCBejmjF3c1RWxVbCneSo1UlUgk9gCpp72S9OPPBFk5P-Sn8VR2DSUs82xj3wjmMqPWWtiZB6tZ9QWr2GuYB4UhxtmItkB8ZYpF_aOWJxACJKlMZzyXg8H8SZQ-nSXAGAp9LY-Nl0OqfW9qP5FBv9fHPImFfmYZj2yjpUugruHXCrH-krbF2iFW2748ep4_toLs9gbEBxXWRxiIJr2wZ5-vbbC3MQ_f1yJ3tc3KUYyzSaSPCfyYCgNZT1QJkxTrF-JoO936nH5NoSjW3HTU6ZFLbHothx0hMcRNZhg0cWy022aMMuSEwLn9_uT-BgTNZd_2gnnAllhV3k0wdvrZ7bQOZmQCxE4l9ljtyzl-JuxA_6Jd4hYyowxcuyZ-AEAYAG9aedkJiV_rhwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WN642rjLzIMD-gsCCAGADAHiDRMI5_DauMvMgwMV-z9VCB1pxwDC0BUBgBcB%26num%3D1%26sig%3DAOD64_0Y9-yIouxlnro7eihPXk6_y_EnsQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 00:59:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 02 Jan 2025 00:59:52 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame C6C0 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZZtJBwAH-0wIVT_7AADHaTua0xPG9qkjdNPMsA&u=%7CS19WjitlcKk5dPE%2B4PdWg429Qd3E6AaiLoPiEW5okpo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5N9mBfGRFouMR7VmjLFtAe7S16-nkL5ahVqX08I0StfUWyxQIJcomi2lgEbJzwhpccyLSD-B6evyWKkn0aXu2j8jmZxgFYfEwIoDm0qEOZiWx97tJICMDTrITA35-h2g9zRAyaASZz036dEUi7JShbryEKQKjsmemHLIfLecKGxr4e1btR2nXRcyzrk-LtpgDYEaAozt5RFQrN0Y6VpwAkmwdo5KJSq5j4qBaI1Qx1NuF80BN7ebf1bhXb4gRJCXnAPqKdkU3RA_ZeIZ_9gxnFWdq5J3Js_f1DXaKA_HJf4x6VIC8pfPRNDZt4GTTNhpoFgxCIHjI03D-LOii4JWmVTT9mmKuM8xUV_YAOlelNMj1VuD1zEpW5s3NWhJHXUwAMuVGVDSBKeaCXPPk4K-_vG_inw8R4Td95OpdAmC5jU6Tp-1RU7PQg1f0_kFDc1cMYdQ6DrfSQPVmPiV6ZxfULe3oxkxvOm3q3n9_JhTEE2InfecryTbka_YGW8DuC0-qKCKRtFIfPJ8AkRxYc2EraOU-z2YcAWr0Sy73nq5Pocx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOd57B0mbZcz2H_v_1PIP6Y6DkAzJntKxXNWdkfdwwI23ARABIABglaqggrAHggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAhMP0DncW7I-4AIAqAMByAMCqgSmAk_Q_cfNGN1n5vZTCBejmjF3c1RWxVbCneSo1UlUgk9gCpp72S9OPPBFk5P-Sn8VR2DSUs82xj3wjmMqPWWtiZB6tZ9QWr2GuYB4UhxtmItkB8ZYpF_aOWJxACJKlMZzyXg8H8SZQ-nSXAGAp9LY-Nl0OqfW9qP5FBv9fHPImFfmYZj2yjpUugruHXCrH-krbF2iFW2748ep4_toLs9gbEBxXWRxiIJr2wZ5-vbbC3MQ_f1yJ3tc3KUYyzSaSPCfyYCgNZT1QJkxTrF-JoO936nH5NoSjW3HTU6ZFLbHothx0hMcRNZhg0cWy022aMMuSEwLn9_uT-BgTNZd_2gnnAllhV3k0wdvrZ7bQOZmQCxE4l9ljtyzl-JuxA_6Jd4hYyowxcuyZ-AEAYAG9aedkJiV_rhwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WN642rjLzIMD-gsCCAGADAHiDRMI5_DauMvMgwMV-z9VCB1pxwDC0BUBgBcB%26num%3D1%26sig%3DAOD64_0Y9-yIouxlnro7eihPXk6_y_EnsQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 00:59:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 02 Jan 2025 00:59:52 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 479B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CLjD7B0mbZcv2H_v_1PIP6Y6DkAyuxbbndPjAvoqtEfuK9P0IEAEg0syBGmCVqqCCsAegAZDR-McoyAEJqQITD9A53FuyPuACAKgDAcgDCqoErQJP0C0oDPm5fyW-4y_1D89fCOyDIrhWH_qqXk7cANrwgLSQ03sgo5W3UbmFe_ip8CF3icQs4IrKDhQeV_u-fgDvRQVQaT6ocxT1-EEda_oWgb7Ta5V3hLS83bHsSw0W1ruCgJKF0Ltl6exKOqodzvOWUI2n1fg7JB7c5ZQzc1aMo9XGsGYhxdrtMSysixiZt4Lr1IxvtjVyA07ElWl7QE7EHrll-u0hu9yQbKwPB7NohUhAcugsKqZQBcG66OICnvZ_jRdKqST5NQTqhSWbpQOdXpLqhGvagtXfsOs2C-HOjVI1EDeK_ZxkPydmz5XltxjejvQLKBOyB-foufz2rT4ZUIWqqdkTVjGHkDLYycNfGtasWCtAMgu_eY6Q3bEKVrwF0_9QLLHjnyenIdcEwASOl9q4qwTgBAGIBez4-vZIkgUECAQYAZIFBAgFGASgBi6AB5CJyacDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQ7_0J0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOljeuNq4y8yDA5oJN2h0dHBzOi8vd3d3Lmxpei5zb2x1dGlvbnMvbW9kZXJuZS1hcmJlaXRzemVpdGVyZmFzc3VuZy-ACgPICwHiDRMI5vDauMvMgwMV-z9VCB1pxwDCuBPkA9gTDYgUCdAVAYAXAbIXHgocCAASFHB1Yi00MTI2NTU0Nzc5MzkzOTg2GOLMGQ&sigh=HCAzGt4porg&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTgAvHhf_1p8-iTCZyoFa5R56nsAY90XpUrtbnddu8XYNM9SD2mJgZokRz1xgexWHqa5ulu3Hc4aNXmbzTNB_z7zAzCKEq3uGvDTakkPzuxgB&template_id=484&cbvp=2
Requested by
Host: reurl.cc
URL: https://reurl.cc/xm7nmj
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 7A55 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CDQyMB0mbZc32H_v_1PIP6Y6DkAy4q_aZdbLCs_qDEWQQASDSzIEaYJWqoIKwB6AB_4St7QPIAQHgAgCoAwHIAwqqBLYCT9Cy115rWABF9s6pUKuHOdHxGJDeA6f3ZheYwAYIvSclQCNE0htlI5xfYkQIj6RpSBl-8Eew51UheQnRsBzPe5EOl-AQckKddr5WX8Gk5-AQzbO1LA1J9DX9oauj7B7KHlezEwBAqe-3ebLba6vwPKqrOB-8RkdP2Y5Ycc7ZvnoGngCWV2RFMHnbncvIbxG6MImfBuNaTEUTZrp_jm4cBOIyKvRLEn5xNEckKNCn3ocxC3AIgvHNgvQbAxf1W56zFW8pzD514OtZCq1doBC2HoK1Z_GDYNqbyBwUi85duhx6TkT1xm1TLqcJ9QGSDvZxvtrv0V9lEEXg3djIJwziIrUHWCR1h1PgrDRqo6ltsNrlFirpHA-XpRMdex2ffZMOJIemqkzZ7bpNz0us02KN52cdNsTIrcAE3P_GwvgC4AQBiAXSjfOvJZIFBAgEGAGSBQQIBRgEgAeS-5odqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQ1YkY0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOljeuNq4y8yDA5oJGGh0dHBzOi8vd3d3LnBsdXM1MDAuY29tL4AKA8gLAeINEwjo8Nq4y8yDAxX7P1UIHWnHAMLYEwyIFAPQFQGAFwGyFx4KHAgAEhRwdWItNDEyNjU1NDc3OTM5Mzk4NhjizBk&sigh=89YLibG9P3M&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTgAvHhf_1p8-iTCZyoFa5R56nsAY90XpUrtbnddu8XYNM9SD2mJgZokRz1xgexWHqa5ulu3Hc4aNXmbzTNB_z7zAzCKEq3uGvDTakkPzuxgB&cbvp=2
Requested by
Host: reurl.cc
URL: https://reurl.cc/xm7nmj
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 6717 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CjUeTB0mbZcz2H_v_1PIP6Y6DkAzJntKxXNWdkfdwwI23ARABIABglaqggrAHggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAhMP0DncW7I-4AIAqAMByAMCqgSjAk_Q_cfNGN1n5vZTCBejmjF3c1RWxVbCneSo1UlUgk9gCpp72S9OPPBFk5P-Sn8VR2DSUs82xj3wjmMqPWWtiZB6tZ9QWr2GuYB4UhxtmItkB8ZYpF_aOWJxACJKlMZzyXg8H8SZQ-nSXAGAp9LY-Nl0OqfW9qP5FBv9fHPImFfmYZj2yjpUugruHXCrH-krbF2iFW2748ep4_toLs9gbEBxXWRxiIJr2wZ5-vbbC3MQ_f1yJ3tc3KUYyzSaSPCfyYCgNZT1QJkxTrF-JoO936nH5NoSjW3HTU6ZFLbHothx0hMcRNZhg0cWy022aMMuSEwLn9_uT-BgTNZd_2hlnij3Bc407qG_ikRXYA_CTgtOVFVLll4HX9_INrDkCca5qb4QLOAEAYAG9aedkJiV_rhwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WN642rjLzIMDgAoD-gsCCAGADAHiDRMI5_DauMvMgwMV-z9VCB1pxwDC0BUBgBcBshccChoSFHB1Yi00NDg1MjM5NDI1OTI0Nzg3GOLMGQ&sigh=8DtRLD2PGC8&uach_m=%5BUACH%5D&cid=CAQSTgAvHhf_1p8-iTCZyoFa5R56nsAY90XpUrtbnddu8XYNM9SD2mJgZokRz1xgexWHqa5ulu3Hc4aNXmbzTNB_z7zAzCKEq3uGvDTakkPzuxgB&cbvp=2&vis=1
Requested by
Host: 1299f30642d7b2272c1adc45c0872746.safeframe.googlesyndication.com
URL: https://1299f30642d7b2272c1adc45c0872746.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1299f30642d7b2272c1adc45c0872746.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 6717 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=k47EGMc1rAL6AZ2DYgICAAAAITkBDAJb7ojm5PwhIJto5RAHSZtlAmchuzbY3FOL1QAAEgAACgpBUVVEQVFFQkFR&wp=ZZtJBwAH-0wIVT_7AADHaTua0xPG9qkjdNPMsA&cbvp=2
Requested by
Host: 1299f30642d7b2272c1adc45c0872746.safeframe.googlesyndication.com
URL: https://1299f30642d7b2272c1adc45c0872746.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1299f30642d7b2272c1adc45c0872746.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 00:59:52 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
150022
server
Kestrel
content-length
0
/
cm.lndata.com/ Frame 1D1A 		35 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.lndata.com/?tid=4084&uid=media_cookie_id
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
116.50.36.71 , Taiwan, ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW),
Reverse DNS
Software
TornadoServer/1.2.1 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Date
Mon, 08 Jan 2024 00:59:54 GMT
Server
TornadoServer/1.2.1
Connection
keep-alive
Etag
"0f4e929dd5bb2564f7ab9c76338e04e292a42ace"
Content-Length
35
P3P
CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
fp
cm-dev-poc.holmesmind.com/ Frame 1513 		0
217 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm-dev-poc.holmesmind.com/fp
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.195.28.90 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-195-28-90.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 08 Jan 2024 00:59:53 GMT
server
nginx/1.18.0 (Ubuntu)
cm.php
fcm.holmesmind.com/ Frame 849F 		39 B
182 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fcm.holmesmind.com/cm.php
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.67.231 -, , ASN (),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795

Request headers

Referer
https://cdn.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39
content-type
text/html; charset=UTF-8
date
Mon, 08 Jan 2024 00:59:59 GMT
server
Apache/2.4.29 (Ubuntu)
via
1.1 google
cm.js
fcm2.holmesmind.com/ Frame 1D1A 		409 B
632 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fcm2.holmesmind.com/cm.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.177.171.42 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-177-171-42.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c205c874491530a4288b8f643e5da8fbcf7c54bee71bb787f4444e77de90e821

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 08 Jan 2024 00:59:53 GMT
server
nginx/1.18.0 (Ubuntu)
content-type
application/javascript; charset=utf-8
utag.js
t.ssp.hinet.net/ Frame 1D1A 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
08877dd5d223a866fca13f6c0e069a40cc702fe27d9d2a8fedaaf4a6efe15d83
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 00:59:53 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Wed, 03 Jan 2024 03:38:14 GMT
server
nginx
etag
W/"6594d6a6-142b"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Mon, 08 Jan 2024 01:09:53 GMT
fp
cm-dev-poc.holmesmind.com/ Frame 1D1A 		0
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm-dev-poc.holmesmind.com/fp
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.195.28.90 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-195-28-90.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 00:59:53 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
content-type
text/html; charset=UTF-8
cm
c.holmesmind.com/ Frame 1D1A
Redirect Chain
  • https://c.holmesmind.com/cm
  • https://c.holmesmind.com/cm?tc=getIn&
0
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm?tc=getIn&
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Server
35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 00:59:53 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8

Redirect headers

date
Mon, 08 Jan 2024 00:59:53 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
content-type
text/html; charset=UTF-8
location
https://c.holmesmind.com/cm?tc=getIn&
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
google
m.holmesmind.com/ml/ Frame 1D1A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=undefined&uu_m=undefined
  • https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESEODqvd09V62mP8EfDMvz8Lw&google_cver=1
0
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESEODqvd09V62mP8EfDMvz8Lw&google_cver=1
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Server
35.227.249.156 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
156.249.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 00:59:53 GMT
x-guploader-uploadid
ABPtcPrBVwcO2rTEEW4VWJs77CWCz-aTPmBwya31GlzPf-g4botunNm-ZHGFi0DTSoBuNa57nn4
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
last-modified
Wed, 21 Feb 2018 07:36:41 GMT
server
UploadServer
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-goog-generation
1519198601160228
content-type
image/png
x-goog-hash
crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
cache-control
public, max-age=3600
x-goog-stored-content-length
0
accept-ranges
bytes
expires
Mon, 08 Jan 2024 01:59:53 GMT

Redirect headers

pragma
no-cache
date
Mon, 08 Jan 2024 00:59:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESEODqvd09V62mP8EfDMvz8Lw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
328
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads.js
ad.holmesmind.com/adserver/ Frame 4D34 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=14210&rf=https%3A%2F%2Freurl.cc%2Fxm7nmj&n=282&o=1&fc=undefined&d=1&b=2&ts=1&ii=2&FPCK=7448-FXtZgi6a3UUQhrUOZCL0zqE6cu2hCkSA&fp_uuid=7448-1ac7541ce4a0ee84d87aa6bce4891d1a&initver=230627P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.64.241.212 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-64-241-212.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
0ad98b259e194935a16627dcfc8440f91672818f54fed2797cbc767f00299747

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/xm7nmj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Mon, 08 Jan 2024 00:59:53 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame 4D34 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:3a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b97b6a79b734e9323aa8c3847d0b2a1bb5db32fc6a7df92ac69653d1c8ba13c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/xm7nmj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
BhYfibf8ln9C4F8AF59WvZqelYblDtF0
date
Mon, 08 Jan 2024 00:59:49 GMT
via
1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
last-modified
Mon, 04 Sep 2023 03:28:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
5
x-amz-server-side-encryption
AES256
etag
"519bf06eca29382b4ee4cc4f1dace214"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2905
x-amz-cf-id
ZyhcJ4hTUX1XuQGb3wZS-cNJ_K_QOlaC3_3OlBHe2uMoDvx3_y1J7g==
publishertag.js
static.criteo.net/js/ld/ Frame 4D34 		130 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
7b10e94594afa869ebb2862e1f712af7edcb8ebc667c9c43893bde95dfa29e52
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/xm7nmj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 00:59:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 21 Dec 2023 07:50:16 GMT
server
nginx
etag
W/"6583ee38-20656"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 09 Jan 2024 00:59:53 GMT
criteoV2.js
cdn.holmesmind.com/js/ Frame 4D34 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:3a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cef005a7925817203365e696b47631a1bb7741d6b22f19399f5b958069a09eda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/xm7nmj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
ScZOn53LDZH9EqQBQtTybn_n.yFFnixh
date
Mon, 08 Jan 2024 00:59:49 GMT
via
1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
last-modified
Thu, 27 Jul 2023 02:29:01 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
5
x-amz-server-side-encryption
AES256
etag
"13519f9e63c9828d93a698c47992e115"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3197
x-amz-cf-id
gQDrh1COpmhyEKh2Brw1nShi725H2DfV54ID_1gQ_wl9IDJ2YNI3Pw==
bridgewellV3.js
cdn.holmesmind.com/js/ Frame 4D34 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:3a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3c5e5a0064eec4419f514718f35b3eb4ff163a77ebf16445041f5498a84638b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/xm7nmj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
DID93KRiG7PHJMF22E9BP3B26tce7ZQK
date
Mon, 08 Jan 2024 00:59:49 GMT
via
1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
last-modified
Mon, 02 Oct 2023 08:50:04 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
5
x-amz-server-side-encryption
AES256
etag
"41ecd67a1e57b2a3aa7cf0c876da0a59"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3470
x-amz-cf-id
SlUJcpDLcltNGWi6V0k4L9ckmNd4coaTkquVmPWozs7c3nm3dYOSjQ==
appierV2.js
cdn.holmesmind.com/js/ Frame 4D34 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:3a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2650f0bf9347561322354447171981c0a052401f826695fec1281e29fa16c840

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/xm7nmj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
L_ytFJI.iZbA3Ys9mJ75ciLmXqmRfuVO
date
Mon, 08 Jan 2024 00:59:40 GMT
via
1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
last-modified
Thu, 14 Dec 2023 06:52:43 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
14
x-amz-server-side-encryption
AES256
etag
"21253aa5d7ee0c3b700ce5f1a4a1b4d1"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3446
x-amz-cf-id
gPL_Or5j9Fb9xrmfSq90wcC3-uUzgSoeq_E_TYL_WlQHHAm56xxIpg==
appier_mainV3.js
cdn.holmesmind.com/js/ Frame 4D34 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:3a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8f73a10773dae7dadd7ca1e735ae7da6028aca748f9d01cff8aeebb462767c6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/xm7nmj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
ku3H1MOUSfLuWtW9r59UrEXWrMCJMqc1
date
Mon, 08 Jan 2024 00:59:50 GMT
via
1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
last-modified
Tue, 14 Nov 2023 14:15:25 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
4
x-amz-server-side-encryption
AES256
etag
"ec9ddd169f5fd01f28f9b31866cd4701"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
5467
x-amz-cf-id
tLsE-GylTQkjBxDbYjy1oDWAAKQPi4_SsSBFJuGJ49VL5jhFRIsFOw==
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame 4D34 		0
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/xm7nmj
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Mon, 08 Jan 2024 00:59:53 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid.aspx
prebid.scupio.com/recweb/ Frame 4D34 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.0030562654951808987
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
210.59.219.34 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
210-59-219-34.hinet-ip.hinet.net
Software
Kestrel /
Resource Hash
bdde166deff306398359be7f27da7e1c08c46ff5c348e642515ad26b5abb93f1

Request headers

Referer
https://reurl.cc/xm7nmj
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://reurl.cc
Date
Mon, 08 Jan 2024 00:59:53 GMT
Access-Control-Allow-Credentials
true
Server
Kestrel
Transfer-Encoding
chunked
bid
ad2.apx.appier.net/v1/prebid/ Frame 4D34
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=nzC5lkHcA3SzwqZDCkmbZQ
2 B
131 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=nzC5lkHcA3SzwqZDCkmbZQ
Requested by
Host: reurl.cc
URL: https://reurl.cc/xm7nmj
Protocol
H2
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/xm7nmj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 00:59:54 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Mon, 08 Jan 2024 00:59:54 GMT
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=nzC5lkHcA3SzwqZDCkmbZQ
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame 4D34
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=vLyn4d6mA8iagMbDCkmbZQ
2 B
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=vLyn4d6mA8iagMbDCkmbZQ
Requested by
Host: reurl.cc
URL: https://reurl.cc/xm7nmj
Protocol
H2
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/xm7nmj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 00:59:54 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Mon, 08 Jan 2024 00:59:54 GMT
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=vLyn4d6mA8iagMbDCkmbZQ
cache-control
no-store
access-control-allow-credentials
true
content-length
0
page.php
www.facebook.com/plugins/ Frame 405A 		92 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Requested by
Host: reurl.cc
URL: https://reurl.cc/xm7nmj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3fa726416b13a1cae310c0f4ce0a0d61f78f04fdf8b48e8af17f175e6a2d1c58
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/xm7nmj
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Mon, 08 Jan 2024 00:59:53 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), display-capture=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), encrypted-media=(), keyboard-map=()
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
PGpVoyNEr7R8uR894wI+lCXLTLtkFncV/XiXu3JaExOxW9wC8eYd7ZpMq+oC64qJ63PNka3wVJs6ebktDgoY/g==
x-xss-protection
0
feeds
storage.re-news.tw/ 		7 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://storage.re-news.tw/feeds
Requested by
Host: storage.reurl.cc
URL: https://storage.reurl.cc/javascripts/renews.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.196.223 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
223.196.244.35.bc.googleusercontent.com
Software
/ Express
Resource Hash
fc6d46c23ccc1b5a8fbcf050c1e8768973e6b7c5fc0c63094634ee4b7e09e7f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/xm7nmj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 00:59:53 GMT
via
1.1 google
x-powered-by
Express
etag
W/"1c4c-DC5VsqvxjHlTI6J9lYtuWDs9p2M"
vary
Origin
content-type
text/html; charset=utf-8
access-control-allow-origin
https://reurl.cc
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7244
cdb
bidder.criteo.com/ Frame 4D34 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=146&profileId=184&bundle=2ByGBl9tM1NEeENKU3FReHpJMW5HQlZtRTEwMkw1VjdmMUclMkZPNHRoaHI1ZXZidGdLZ1VqaXBjYVdvaGxxNUtuOSUyQk5uZ0VJbjclMkZKOHBOJTJGJTJGanMzJTJGV3pCR3hlUkdXcWE5VnF3U1h6MTFDSG1MbnFhSTdTcWJ4R1BvNGZKTVJiNnN3ZFk3dk16RG5UU1NHVGxCUFRnUE8lMkZDenpaUSUzRCUzRA&cb=85550302220
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/xm7nmj
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://reurl.cc
date
Mon, 08 Jan 2024 00:59:53 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
syncframe
gum.criteo.com/ Frame 64FE 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
cf66b1a88c1b59fe8d1068ff7ec392816c6a8a43a1d0647bd940591f09974446
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/xm7nmj
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 08 Jan 2024 00:59:52 GMT
server
Kestrel
server-processing-duration-in-ticks
947317
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
activeview
pagead2.googlesyndication.com/pcs/ Frame 6717 		42 B
404 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstlRRfblaxmMJQeT6-bE3UIwMQJGPgvSevyyPEFyYLUBqfLBBWBbMIuEmAkM6pTvb1R4zFKVKklqV1A07KMB16wUV-xtw_IlTtXPKUzXG540agAa_pe&sig=Cg0ArKJSzBmlGtxjnMGcEAE&id=lidar2&mcvt=1005&p=108,650,358,950&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20240103&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1451399479&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704675591906&rpt=368&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1299f30642d7b2272c1adc45c0872746.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Jan 2024 00:59:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
utag.js
t.ssp.hinet.net/ Frame 4D34 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
08877dd5d223a866fca13f6c0e069a40cc702fe27d9d2a8fedaaf4a6efe15d83
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/xm7nmj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 00:59:53 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Wed, 03 Jan 2024 03:38:14 GMT
server
nginx
etag
W/"6594d6a6-142b"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Mon, 08 Jan 2024 01:09:53 GMT
sid
mug.criteo.com/ Frame 64FE
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=2ByGBl9tM1NEeENKU3FReHpJMW5HQlZtRTEwMkw1VjdmMUclMkZPNHRoaHI1ZXZidGdLZ1VqaXBjYVdvaG...
  • https://mug.criteo.com/sid?cpp=_tzb8HxML1NXdVgrK2QwSVpSOWkrQ1hZQUlnVDRPYXNZSkswd01kVmI1a3RqNG91TGtGT2xjTnlVNHk1WG02aEltZmlpcGNMTXJxVzdsMWk4c21uZW1HNWd6RVFvaE5xUWVrSkE4aGNsankwMlNnbmhiOTRmOHJmRXFJZF...
435 B
648 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=_tzb8HxML1NXdVgrK2QwSVpSOWkrQ1hZQUlnVDRPYXNZSkswd01kVmI1a3RqNG91TGtGT2xjTnlVNHk1WG02aEltZmlpcGNMTXJxVzdsMWk4c21uZW1HNWd6RVFvaE5xUWVrSkE4aGNsankwMlNnbmhiOTRmOHJmRXFJZFJrRFVpRFFITHZNNU42c1pDZ2ZaMmNBNkRRTThBcEV6a3pVaUhBTG1qZXJ0eXlmWlM3SDVZbjFBNFJwVTNIMEdmd2RHcTZ5eCtPVmNZcHVyaUtyLzNMd0FibkdiUkxmQjhLeTE5OVF5TXNFdEtxVXNnSVF0cWhEdWMrU3dJR3VDNE9ocVh5VkYvb294YkxNUktLL2xkTStWVkxHUEtsQzlCU01kOGZuT1pZMm5wZHlVSksyWT18&cppv=2
Requested by
Host: reurl.cc
URL: https://reurl.cc/xm7nmj
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
284ea43fffc3c4eb779cbdb6deaa37012a4843481c11dc48eeb95621f27adc6f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Jan 2024 00:59:53 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
634708
expires
0

Redirect headers

pragma
no-cache
date
Mon, 08 Jan 2024 00:59:53 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=_tzb8HxML1NXdVgrK2QwSVpSOWkrQ1hZQUlnVDRPYXNZSkswd01kVmI1a3RqNG91TGtGT2xjTnlVNHk1WG02aEltZmlpcGNMTXJxVzdsMWk4c21uZW1HNWd6RVFvaE5xUWVrSkE4aGNsankwMlNnbmhiOTRmOHJmRXFJZFJrRFVpRFFITHZNNU42c1pDZ2ZaMmNBNkRRTThBcEV6a3pVaUhBTG1qZXJ0eXlmWlM3SDVZbjFBNFJwVTNIMEdmd2RHcTZ5eCtPVmNZcHVyaUtyLzNMd0FibkdiUkxmQjhLeTE5OVF5TXNFdEtxVXNnSVF0cWhEdWMrU3dJR3VDNE9ocVh5VkYvb294YkxNUktLL2xkTStWVkxHUEtsQzlCU01kOGZuT1pZMm5wZHlVSksyWT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
297545
content-length
0
expires
0
all
csm.eu.criteo.net/ Frame C6C0 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=IIferRx65iqJAuwW0gpLSWYHUgNoWV53rWqYwoczJhZXWkLrrmVe1C2efjHf12qP4ggfDIRjARli-eodSbAe2foVCBAq3yVdEKXavqUzaUYhtwJU-oST5J1rJ8pR5GdONrYHpoDzLXTRBm1xbPUKDiSCv6hI4_RZKsXbe-UlC-FE6gwbIWyNnZ4577N81SvW-s4b-QCDWzdOR7dBSk-ulkGl3-z2TOk_QzzX7KbUrRl2WIEoRj_dfIrCFNMXE8j4YkWnmA&sds=2&rev=90025&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZZtJBwAH-0wIVT_7AADHaTua0xPG9qkjdNPMsA&u=%7CS19WjitlcKk5dPE%2B4PdWg429Qd3E6AaiLoPiEW5okpo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5N9mBfGRFouMR7VmjLFtAe7S16-nkL5ahVqX08I0StfUWyxQIJcomi2lgEbJzwhpccyLSD-B6evyWKkn0aXu2j8jmZxgFYfEwIoDm0qEOZiWx97tJICMDTrITA35-h2g9zRAyaASZz036dEUi7JShbryEKQKjsmemHLIfLecKGxr4e1btR2nXRcyzrk-LtpgDYEaAozt5RFQrN0Y6VpwAkmwdo5KJSq5j4qBaI1Qx1NuF80BN7ebf1bhXb4gRJCXnAPqKdkU3RA_ZeIZ_9gxnFWdq5J3Js_f1DXaKA_HJf4x6VIC8pfPRNDZt4GTTNhpoFgxCIHjI03D-LOii4JWmVTT9mmKuM8xUV_YAOlelNMj1VuD1zEpW5s3NWhJHXUwAMuVGVDSBKeaCXPPk4K-_vG_inw8R4Td95OpdAmC5jU6Tp-1RU7PQg1f0_kFDc1cMYdQ6DrfSQPVmPiV6ZxfULe3oxkxvOm3q3n9_JhTEE2InfecryTbka_YGW8DuC0-qKCKRtFIfPJ8AkRxYc2EraOU-z2YcAWr0Sy73nq5Pocx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOd57B0mbZcz2H_v_1PIP6Y6DkAzJntKxXNWdkfdwwI23ARABIABglaqggrAHggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAhMP0DncW7I-4AIAqAMByAMCqgSmAk_Q_cfNGN1n5vZTCBejmjF3c1RWxVbCneSo1UlUgk9gCpp72S9OPPBFk5P-Sn8VR2DSUs82xj3wjmMqPWWtiZB6tZ9QWr2GuYB4UhxtmItkB8ZYpF_aOWJxACJKlMZzyXg8H8SZQ-nSXAGAp9LY-Nl0OqfW9qP5FBv9fHPImFfmYZj2yjpUugruHXCrH-krbF2iFW2748ep4_toLs9gbEBxXWRxiIJr2wZ5-vbbC3MQ_f1yJ3tc3KUYyzSaSPCfyYCgNZT1QJkxTrF-JoO936nH5NoSjW3HTU6ZFLbHothx0hMcRNZhg0cWy022aMMuSEwLn9_uT-BgTNZd_2gnnAllhV3k0wdvrZ7bQOZmQCxE4l9ljtyzl-JuxA_6Jd4hYyowxcuyZ-AEAYAG9aedkJiV_rhwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WN642rjLzIMD-gsCCAGADAHiDRMI5_DauMvMgwMV-z9VCB1pxwDC0BUBgBcB%26num%3D1%26sig%3DAOD64_0Y9-yIouxlnro7eihPXk6_y_EnsQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 08 Jan 2024 00:59:53 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 479B 		42 B
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvcAAYcEBAZyhggFfS6KOBpgpLwo1RSu9oHlJq1NYGHizlhYyk0xVBnnA-VnPmieMc1pwMfUFMH5kbF8zzjFMNPP-blTwziUshkShJoXKg_0EHcVPQxvtzA4zv54LyY12XHAHsgLWpJ_j4arvNI2aLVek3f&sai=AMfl-YRLgQ2LYmovluySCeoncSWCh6dvVv-PmbKkQ4zVbLWdpKQJ-xuD_EIJBWHbxOPXAxfDbTm3lVXIuAmavWkjteSUbLjZ6-t1SaJuF0hKWFu0v0mczOrXsY-ovnDqyj7XDM058w95ubS994elxeRK&sig=Cg0ArKJSzKFxhctgXe13EAE&cid=CAQSTgAvHhf_1p8-iTCZyoFa5R56nsAY90XpUrtbnddu8XYNM9SD2mJgZokRz1xgexWHqa5ulu3Hc4aNXmbzTNB_z7zAzCKEq3uGvDTakkPzuxgB&id=ampim&o=315,498&d=970,90&ss=1600,1200&bs=1600,1200&mcvt=1003&mtos=0,0,1003,1003,1003&tos=0,0,1003,0,0&tfs=555&tls=1558&g=100&h=100&tt=1558&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: reurl.cc
URL: https://reurl.cc/xm7nmj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Jan 2024 00:59:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 7A55 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvQWLs7cpyaGN-cGlvyCD0kBd5Y3qn9ajcLBqmU-RLYGYS774VR6TTTYYkyQA5tamCU2zHNy65LeCv04jGV6ktUDQ-FiPr2sJ5uPTG2S8T4GSaiaAe6e7xCkuG6G2hWtrHzpl34TcV0gtC9q7ANRPZ1yM26&sai=AMfl-YRNG2rDmD2Y9B8st789R-NquYn-ksVF0SgFlNfWT9r0CJVdfDFYfWeKMk86hmhy-GFXF9-1cg_H1VlKb8VmPRjrBZizQ2Wrgcd9oZMY0Jldter1QAlmSR_Oj-N2dDzekYCRP_qdaxw46Z_ZpXfr&sig=Cg0ArKJSzIfxPq8eCiAnEAE&cid=CAQSTgAvHhf_1p8-iTCZyoFa5R56nsAY90XpUrtbnddu8XYNM9SD2mJgZokRz1xgexWHqa5ulu3Hc4aNXmbzTNB_z7zAzCKEq3uGvDTakkPzuxgB&id=ampim&o=270,108&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1006&mtos=0,0,1006,1006,1006&tos=0,0,1006,0,0&tfs=513&tls=1519&g=100&h=100&tt=1519&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: reurl.cc
URL: https://reurl.cc/xm7nmj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Jan 2024 00:59:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
events
bidder.criteo.com/csm/ Frame 4D34 		0
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/xm7nmj
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Mon, 08 Jan 2024 00:59:52 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
pixel.gif
static.criteo.net/images/ Frame 4D34 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/xm7nmj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/xm7nmj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 00:59:53 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Thu, 02 Jan 2025 00:59:53 GMT
pixel.gif
static.criteo.net/images/ Frame 4D34 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: reurl.cc
URL: https://reurl.cc/xm7nmj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/xm7nmj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 00:59:53 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Thu, 02 Jan 2025 00:59:53 GMT
drawV2.js
cdn.holmesmind.com/js/ Frame 4D34 		13 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=14210&rf=https%3A%2F%2Freurl.cc%2Fxm7nmj&n=282&o=1&fc=undefined&d=1&b=2&ts=1&ii=2&FPCK=7448-FXtZgi6a3UUQhrUOZCL0zqE6cu2hCkSA&fp_uuid=7448-1ac7541ce4a0ee84d87aa6bce4891d1a&initver=230627P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:3a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
31b4d2ac4928b0129a5a969594be92783dbbb13112dd350f128de1b8d7215f30

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/xm7nmj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
MSt.illVoQb3pO8IADvHgNboFaeniBxV
date
Mon, 08 Jan 2024 00:59:11 GMT
via
1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
last-modified
Tue, 19 Dec 2023 06:01:02 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
43
x-amz-server-side-encryption
AES256
etag
"dcf480340ca4b65dc9aa76bd9e677036"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
13033
x-amz-cf-id
PKoS6x72zEVPt3AeYq8Z8BsmeCV-3jloG3fykte_wf0j4wIv69bZwg==
GSwcapvLrEq.css
static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/ Frame 405A 		20 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
13e64e2153618f475e94e0e85fa68c9ce910cfc9b24ca9d44fa546a7d2020a24
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Mon, 08 Jan 2024 00:59:53 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
xXCq6/qryia0kWXvm23HIA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5237
reporting-endpoints
x-fb-debug
4RaTwNgbLSYrgVF9vyEQsxt+64Q4EDWoDJT/uSRuCYF6zeIWkZCdPcQwwcZzX8IXVil1B3ypbhK6nBNl+jN0QQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Wed, 01 Jan 2025 12:26:44 GMT
V-GL57iHfEB.css
static.xx.fbcdn.net/rsrc.php/v3/y9/l/0,cross/ Frame 405A 		33 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y9/l/0,cross/V-GL57iHfEB.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d1ea19a19ec8d6220550ff2184b4c0b90caae3b46865454cc42f803d52d2562e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Mon, 08 Jan 2024 00:59:53 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
wItLblWsAEMAkZNj3Qggsw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6438
reporting-endpoints
x-fb-debug
Ngt9ghWLLQRlg/F0Xtimc7AFP/+5yv8DxnnidaMrl40qs5bOJ0UjGNb4yXur8DsPNXTJFikZuJc4EqnxIkBlXQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
x-fb-optimizer
0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Tue, 24 Dec 2024 21:58:18 GMT
atEdO08Ontm.css
static.xx.fbcdn.net/rsrc.php/v3/ym/l/0,cross/ Frame 405A 		21 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/ym/l/0,cross/atEdO08Ontm.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2d9cc15e91cc9e0c00b43b367a157c107bb21f9b4d1951dd1dd614cd5281b05b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Mon, 08 Jan 2024 00:59:53 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
QYVBZwBJk2JlyMrr/hopaw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4758
reporting-endpoints
x-fb-debug
n2iagJCLlkPNk7u8yXikSusa31eHFXyx6A4sb42fI3T217J68SJWXbOrc8oZ3RO1TOc5G60gLLw/zbMoyNKcmw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Mon, 06 Jan 2025 20:42:37 GMT
2H4wLdDD9MP.js
static.xx.fbcdn.net/rsrc.php/v3/y_/r/ Frame 405A 		352 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y_/r/2H4wLdDD9MP.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1fc420734cd9d77c0ea51fca3f80845030474cb8e487f7996c16e33c888ce623
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Mon, 08 Jan 2024 00:59:53 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
CEfNnUYN7hfwk0PlpEHAFQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
93216
reporting-endpoints
x-fb-debug
2mADOrmkdH0x3Dv4P2yQml0NEhsxhHRehulSMLRriUJwdt71BxZttCah6y9+WsDJWlwwSSWa826tNBwWzLoIJw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 04 Jan 2025 16:49:43 GMT
414NUtwuGAO.js
static.xx.fbcdn.net/rsrc.php/v3/ym/r/ Frame 405A 		94 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/ym/r/414NUtwuGAO.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b7a8490d7353f4d29b7a7c0e0da1a610d1067d0bfdbb8d88df5764651b9d25fe
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Mon, 08 Jan 2024 00:59:53 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
hmfTcKzH8YSfKfUldK7oUw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27400
reporting-endpoints
x-fb-debug
YNhbeDlZG5JjkoZR6jiucnw8tWYrAELwV37AYvqxO0nhojzG73OoRlqb38NLLh/APTEIqBJbZXbcPeoV734oDg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Mon, 06 Jan 2025 15:17:50 GMT
Cn_OgNtBsi4.js
static.xx.fbcdn.net/rsrc.php/v3/yd/r/ Frame 405A 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yd/r/Cn_OgNtBsi4.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
da9912d4e908e3788e753fe3583a9063c0b65049f82d366fe871f03368f7ce10
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Mon, 08 Jan 2024 00:59:53 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
B9gIP5hWP1n5LlUoNnhxow==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2301
reporting-endpoints
x-fb-debug
kCqcnZbj8pBEl9GLgxJ8s28ejtYg0Ibm0S8sBzWfn2SnDVsoMOHmlrA4W6cpSyprLTIxXeuz5hTaWkoXq9KVNQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Fri, 03 Jan 2025 17:50:40 GMT
t_SlUrtqj3p.js
static.xx.fbcdn.net/rsrc.php/v3/yu/r/ Frame 405A 		52 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yu/r/t_SlUrtqj3p.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
369570af203fe832b39be7ff64f94f07b6c97c928b733a9b9e6c8bcf1a98652c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Mon, 08 Jan 2024 00:59:53 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
bjNrzrx9as9CpDFfF+BSww==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
16795
reporting-endpoints
x-fb-debug
R4EeGZgfVX/uH4sin2npKEADCF8+QILliJ2Igg2uW6CreJjbElhM9GmZeLzEMPJAsaBMOonuDT380WxKcdXNYA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Tue, 24 Dec 2024 08:55:13 GMT
p55HfXW__mM.js
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 405A 		507 B
488 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Mon, 08 Jan 2024 00:59:53 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
L5E9gSgR735vyjAzTFly4g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
293
reporting-endpoints
x-fb-debug
LqO43bVsr9phSdsSKwthUdZQTAsXUXHcmE8bPF+KshHDrsSOC+o1VK1ume80vHalDr5EVrJgetBs8z/txTIlzg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Wed, 25 Dec 2024 15:44:02 GMT
ZekatFsbYN0.js
static.xx.fbcdn.net/rsrc.php/v3iLNf4/yQ/l/de_DE/ Frame 405A 		28 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iLNf4/yQ/l/de_DE/ZekatFsbYN0.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
806687ad6807f32f3b19b78f5e2e6e071faa8e5c64a990a7a5230e2d61691ddd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Mon, 08 Jan 2024 00:59:53 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
kW9RmhOPGF1Of5aBIClIDA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
7900
reporting-endpoints
x-fb-debug
oW8++8xsNmtL4oHHQhwB2DSJx+yaZjcDWVIf00Icnu07fGtfYSUy18nBSc7azwRqsAMR3bl2LVbuPKCfvhyNIA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 02 Jan 2025 20:22:37 GMT
Gnm9vzFr_bN.js
static.xx.fbcdn.net/rsrc.php/v3iAxA4/y1/l/de_DE/ Frame 405A 		71 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iAxA4/y1/l/de_DE/Gnm9vzFr_bN.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
87d29ebc03c2c2a2090062efabc2ab6fc5b4407ea5c43763f0a3f717d4b23312
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Mon, 08 Jan 2024 00:59:53 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
UvbeZ1sxw5xmNLTmHWgDFA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
20156
reporting-endpoints
x-fb-debug
WexsoelFA4/nM4QI6K7e1P0ZtJ4UkoXvQ5Sg4ILK7ZPFRFxdaDcasEtHtXWAku+dQ5EdWjHTmdmzvtAnL8qrzw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 02 Jan 2025 06:10:45 GMT
JeAmRNe-pq2.js
static.xx.fbcdn.net/rsrc.php/v3iz3M4/yh/l/de_DE/ Frame 405A 		341 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iz3M4/yh/l/de_DE/JeAmRNe-pq2.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7514beac6dab757a70713d1a3836adec7eec50ceff5fd05bb6b497a9b19c2a7d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Mon, 08 Jan 2024 00:59:53 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
QiIXd/R/oUGTLg2ngF9A9g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
83003
reporting-endpoints
x-fb-debug
K+vFy9971jfeXPsRv0PahZ5oLmaIZm2bp5qVTD2QCxK6Eagiv+giF5vHSOGbhViMQF1ZDWfe/n+YKxueyqWH5w==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 04 Jan 2025 16:49:43 GMT
mxGurXttNp4.js
static.xx.fbcdn.net/rsrc.php/v3iUWb4/yV/l/de_DE/ Frame 405A 		405 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iUWb4/yV/l/de_DE/mxGurXttNp4.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e607e12f4e8f93359d1b30796fdb1da5637c6df1de8fa770f2af6394dae5d858
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Mon, 08 Jan 2024 00:59:53 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
btKlM2VuxHgU6KKC+7kkGg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
97938
reporting-endpoints
x-fb-debug
vXCW284/+H6YHdc7k1bYUu6TCKA0ULx5qqtl07gjWfs1cAvSUGHwZglP/YokSnoPNuiqUXvcF6yGffkThvNUHg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Fri, 03 Jan 2025 17:52:09 GMT
mp0MngHmHTt.js
static.xx.fbcdn.net/rsrc.php/v3iUY_4/yU/l/de_DE/ Frame 405A 		58 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iUY_4/yU/l/de_DE/mp0MngHmHTt.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
dd012b7693a676120164242ce1246f164e9b4b893abc6c7d8400a9c5b90b638e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Mon, 08 Jan 2024 00:59:53 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
cZi5UU7dCUUfc7knl/SZtQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
17915
reporting-endpoints
x-fb-debug
f9TRc25sN5MIL6jzPLKOHYPtYAhM2RJzob6hd87sUwuwvF11000lYGQrmstq2XidUXF7XCbjE4HWDaMuJj3Q3w==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Fri, 03 Jan 2025 17:52:09 GMT
RF0fjDAJMsk.js
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame 405A 		210 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/RF0fjDAJMsk.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a7ea7543cc6e96ec9891b500171bc117fa6b108fe85172d63ca34414e988b296
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Mon, 08 Jan 2024 00:59:53 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
ftRIEQPugEivZ51J7jLzSQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
61304
reporting-endpoints
x-fb-debug
QrZJPdYdhqY6hkzLkFONjtxj8FNqhOPW/IRhB+xLDGA/cbj22HjQxe41yejeREYHCRA9ZM7BOLQnbHOXyZ+CWA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sun, 05 Jan 2025 16:35:51 GMT
xg5NEKS2wWK.js
static.xx.fbcdn.net/rsrc.php/v3/y8/r/ Frame 405A 		28 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y8/r/xg5NEKS2wWK.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a75a5c50db4d5628dad52eb05139bf0677fb4d19d6915f18d267806dbdd810ea
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Mon, 08 Jan 2024 00:59:53 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
RD8pDGr4EOhfQQPRrH9Iow==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
7385
reporting-endpoints
x-fb-debug
EMgW4ROtdtAF/1Jmm8SQFo7r/jMgrXJD2a2P/sFl0TEZr7pwqQ8uuVquViboKjUKDbHiL+eC8YOCASNjw/qujA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Fri, 03 Jan 2025 17:35:08 GMT
HzxD9aAXSyD.js
static.xx.fbcdn.net/rsrc.php/v3/yV/r/ Frame 405A 		55 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yV/r/HzxD9aAXSyD.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c7d5594f3a599ccd0b1a336bb68a24d59882f394bb0b9c9a29c5200cd2b48468
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Mon, 08 Jan 2024 00:59:53 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
oRcNmPqvdkv3ysBSBC5rSQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
15157
reporting-endpoints
x-fb-debug
V29dZNkAzuhZLAfJ4LLJCkNrwm0sIZzkBTGm3D094kYU2eZGelfU+3obqp/qn7RyYkvCHmzFilNS/qOpyB9yRw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Fri, 27 Dec 2024 19:03:57 GMT
325141786_6140032619364934_7377705774471631398_n.jpg
scontent.xx.fbcdn.net/v/t39.30808-6/ Frame 405A 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent.xx.fbcdn.net/v/t39.30808-6/325141786_6140032619364934_7377705774471631398_n.jpg?stp=dst-jpg_s350x350&_nc_cat=104&ccb=1-7&_nc_sid=081abc&_nc_ohc=iM960zinevcAX9vazLv&_nc_ht=scontent.xx&edm=ADwHzz8EAAAA&oh=00_AfBx3jjTrQ5Je_r4wGbuiKKG-U7wV9hVMhzYzT5Wm5UBzQ&oe=65A11285
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0912eb76845cca43ec976e9bc886ca3f240697afb98c9ec95ec6c34fa32a8a71

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 00:59:53 GMT
x-storage-error-category
dfs:none;sc_p:200:WSE_NOT_SET
last-modified
Fri, 13 Jan 2023 04:15:10 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=1433450679
thrift_fmhk
GBASftUgFcDALhCeffwNyeyEFfDr4Z0EAA==
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
2910780274
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
16853
305964663_450890893727816_1742559653774706626_n.jpg
scontent.xx.fbcdn.net/v/t39.30808-1/ Frame 405A 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent.xx.fbcdn.net/v/t39.30808-1/305964663_450890893727816_1742559653774706626_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=110&ccb=1-7&_nc_sid=4da83f&_nc_ohc=6ZX6r1DDlVQAX8_6xTW&_nc_ht=scontent.xx&edm=ADwHzz8EAAAA&oh=00_AfAnZb1Iuj8nc-p_q5L5AadG6IXf8kcB4_61Kt6Nz0z2DQ&oe=659FD215
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4636fb9df5ae103fbad3764c9f98400be1c9384cbe77fdb6951b96adcac788b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 00:59:54 GMT
x-storage-error-category
dfs:none;sc_p:200:WSE_NOT_SET
last-modified
Thu, 08 Sep 2022 19:16:03 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=2540016234
thrift_fmhk
GBCIwXwYQUI2u/P6TSMrlnR1FfDr4Z0EAA==
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
88386505
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
1345
renews-title1.png
re-news.tw/images/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://re-news.tw/images/renews-title1.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/xm7nmj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.136.122 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
122.136.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e9b96bc538ceb220fc5caff0d0a67916b74cf07b2bada0b3296a17b1b99c9990

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/xm7nmj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 00:59:55 GMT
last-modified
Sun, 28 Nov 2021 04:19:19 GMT
server
nginx/1.18.0 (Ubuntu)
accept-ranges
bytes
etag
"61a30347-5fad"
content-length
24493
content-type
image/png
1704624617-5f4c8c1d4970a526c7dd0e03447ef085-840x525.jpg
img.gbyhn.com.tw/2024/01/ 		93 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.gbyhn.com.tw/2024/01/1704624617-5f4c8c1d4970a526c7dd0e03447ef085-840x525.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/xm7nmj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f37389df41d9047cdef076a486ed975ef1fb831750250f48c6368e8325b0d139

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/xm7nmj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 00:59:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8513
alt-svc
h3=":443"; ma=86400
content-length
95718
last-modified
Sun, 07 Jan 2024 10:50:18 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cHcq2MqTi48aea3PVgmOqfUvAJDO8W7%2BVLFwla7TKMC6CQsTvO8mcMmHdMrZClQ%2FdmbuJluMImejJxom3ayjIgxr48XpyFjrBCmz9UMn0%2FiH9exd1%2FTzJxmvwiQH%2Bkv%2F3B6a3TLzOE4HcVxJJOs4"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
84208024d8b6463d-SIN
expires
Sun, 14 Jan 2024 22:05:15 GMT
%E7%AC%AC%E4%B8%80%E9%8A%80%E8%A1%8C%E7%B6%A0%E6%B4%BB%E5%8D%A1-%E8%87%AA%E5%8B%95%E5%8A%A0%E5%80%BC%E9%AB%98%E9%90%B5%E5%8F%B0%E9%90%B5-5%EF%BC%8C%E7%B6%A0%E8%89%B2%E4%BA%A4%E9%80%9A%E6%9C%80%E9%A...
creditcards.com.tw/wp-content/uploads/2023/03/ 		78 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creditcards.com.tw/wp-content/uploads/2023/03/%E7%AC%AC%E4%B8%80%E9%8A%80%E8%A1%8C%E7%B6%A0%E6%B4%BB%E5%8D%A1-%E8%87%AA%E5%8B%95%E5%8A%A0%E5%80%BC%E9%AB%98%E9%90%B5%E5%8F%B0%E9%90%B5-5%EF%BC%8C%E7%B6%A0%E8%89%B2%E4%BA%A4%E9%80%9A%E6%9C%80%E9%AB%9810-%E7%8F%BE%E9%87%91%E5%9B%9E%E9%A5%8B-1080x630.jpg?crop=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/xm7nmj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.25 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
6230cd6d0b1c29fe0a19b4154bd067ae878dc4b7a5159577b19bff9a9f45ad7d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/xm7nmj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 00:59:54 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-ac
2.hhn _atomic_ams BYPASS
alt-svc
h3=":443"; ma=86400
content-length
79674
x-nc
HIT bur 1
last-modified
Wed, 29 Nov 2023 01:44:35 GMT
server
nginx
etag
"65e487060d708f72"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
expires
Fri, 28 Nov 2025 13:44:35 GMT
202401040359064.jpg
img.racingcharger.tw/wp-content/uploads/ 		197 KB
198 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.racingcharger.tw/wp-content/uploads/202401040359064.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/xm7nmj
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.216.47.122 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
61-216-47-122.hinet-ip.hinet.net
Software
Apache /
Resource Hash
e29b5ba5c8cfd099c01bbf70aa73fce15d8549c7ecd571719f4d46c1151adf43

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/xm7nmj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 00:59:54 GMT
last-modified
Thu, 04 Jan 2024 03:59:10 GMT
server
Apache
accept-ranges
bytes
content-length
202041
content-type
image/jpeg
Copy_of_Untitled_Design_2.jpg
mma.prnasia.com/media2/2311739/ 		107 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mma.prnasia.com/media2/2311739/Copy_of_Untitled_Design_2.jpg?p=medium600
Requested by
Host: reurl.cc
URL: https://reurl.cc/xm7nmj
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6811:efc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
4740aa443f515a557aaf2d5eb3a738393acd87d4d3f0b4e0d5dfb672a4c953bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/xm7nmj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 00:59:53 GMT
cf-cache-status
HIT
age
50538
x-powered-by
ASP.NET
server-timing
intid;desc=1863e38da39ebae4
content-length
109161
cf-bgj
h2pri
last-modified
Sun, 07 Jan 2024 10:49:34 GMT
server
cloudflare
vary
*, Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
cf-ray
8420801dbc1d1ca9-FRA
access-control-allow-headers
Content-Type
expires
Sun, 07 Jan 2024 10:49:35 GMT
%E3%80%90%E6%97%A5%E6%9C%AC%E7%9C%81%E9%8C%A2%E6%94%BB%E7%95%A5%E3%80%91%E6%97%A5%E6%9C%AC%E6%97%85%E9%81%8A%E5%BF%85%E7%9C%8B%E7%9A%84%E7%BE%8E%E9%A3%9F%E7%9C%81%E9%8C%A2%E7%A7%98%E8%A8%A3%EF%BC%8...
www.rayskyinvest.com/wp-content/uploads/ 		891 KB
892 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rayskyinvest.com/wp-content/uploads/%E3%80%90%E6%97%A5%E6%9C%AC%E7%9C%81%E9%8C%A2%E6%94%BB%E7%95%A5%E3%80%91%E6%97%A5%E6%9C%AC%E6%97%85%E9%81%8A%E5%BF%85%E7%9C%8B%E7%9A%84%E7%BE%8E%E9%A3%9F%E7%9C%81%E9%8C%A2%E7%A7%98%E8%A8%A3%EF%BC%8C%E6%8E%A7%E5%88%B6%E9%A3%B2%E9%A3%9F%E9%A0%90%E7%AE%97%E7%9A%84%E6%96%B9%E5%BC%8F-1140x570.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/xm7nmj
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.160.81.203 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
203.81.160.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
d2a587e19f85806d8281fe0b47e04157c1b16dafef6f872035dddc66dcb661db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/xm7nmj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-proxy-cache
HIT
date
Mon, 08 Jan 2024 00:59:53 GMT
expires
Mon, 06 Jan 2025 16:28:07 GMT
last-modified
Sun, 24 Dec 2023 19:17:05 GMT
server
nginx
etag
"658883b1-decfa"
content-type
image/png
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
912634
x-cdn-c
all
x-sg-cdn
1
file.png
static.wixstatic.com/media/08c74d_85f3d2bc5e0247cd96e1875a34d00d40~mv2.png/v1/fit/w_1000,h_1000,al_c,q_80/ 		248 KB
248 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.wixstatic.com/media/08c74d_85f3d2bc5e0247cd96e1875a34d00d40~mv2.png/v1/fit/w_1000,h_1000,al_c,q_80/file.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/xm7nmj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:8c00:1e:5c56:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
0fab9d8226565c933226a271beae622492261fbed07bbd227add760da1ad9de3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/xm7nmj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-seen-by
image-manipulator-7c76496fbd-mlgdc
date
Fri, 13 Oct 2023 11:19:08 GMT
via
1.1 google, 1.1 a350f357b825293e306b1b0a2cb490c0.cloudfront.net (CloudFront)
server
openresty/1.21.4.1
x-amz-cf-pop
FRA6-C1
age
7479645
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=15552000, immutable
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
QzsgHPY1lLXowkumXUWcjV5q5O-6BJo7870ZMtA1UIWQMXVBi1785Q==
content-length
253615
wix-tracer
2Whs3ebFGWCmylTflCxOx4hE9el
%E6%A8%82%E5%A4%A9%E8%B2%B8-%E4%BF%A1%E7%94%A8%E7%AE%A1%E7%90%86%E6%8C%87%E5%8D%97-1.jpg
blog.alphaloan.co/wp-content/uploads/2021/04/ 		180 KB
181 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.alphaloan.co/wp-content/uploads/2021/04/%E6%A8%82%E5%A4%A9%E8%B2%B8-%E4%BF%A1%E7%94%A8%E7%AE%A1%E7%90%86%E6%8C%87%E5%8D%97-1.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/xm7nmj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.187 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
90102b36c17b8182fcb580b55b917d4807fb037df4dd104a6815ad305e2bea20
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/xm7nmj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 00:59:54 GMT
strict-transport-security
max-age=31536000
x-ac
2.hhn _atomic_ams BYPASS
last-modified
Thu, 27 Apr 2023 05:06:22 GMT
server
nginx
etag
"644a02ce-2d1f7"
access-control-allow-methods
GET, HEAD
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
184823
expires
Mon, 15 Jan 2024 00:59:53 GMT
UXtr_j2Fwe-.png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame 405A 		573 B
713 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Mon, 08 Jan 2024 00:59:54 GMT
x-content-type-options
nosniff
content-md5
07aG/2AEtDHVAZ5LUajMDQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
573
reporting-endpoints
x-fb-debug
sFp45A7w6VTM5AOEYDnwyP75qo56+Jt/kF6imh3xjFhBUiAtcAoTEfKIsHLDkG7TEIa/Z9YMUML/vHr5nu5EWA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
x-fb-optimizer
0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Fri, 03 Jan 2025 05:05:03 GMT
/
www.facebook.com/platform/plugin/tab/renderer/ Frame 405A 		94 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/platform/plugin/tab/renderer/?key=timeline&config_json=%7B%22app_id%22%3A%22776730922422337%22%2C%22href%22%3A%22https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F%22%2C%22width%22%3A340%2C%22height%22%3A500%2C%22has_cta%22%3Atrue%2C%22has_small_header%22%3Afalse%2C%22has_adapt_container_width%22%3Atrue%2C%22has_cover%22%3Atrue%2C%22has_posts%22%3Afalse%2C%22tabs%22%3A%22timeline%22%2C%22can_personalize%22%3Afalse%2C%22is_xfbml%22%3Afalse%2C%22referer_uri%22%3A%22https%3A%2F%2Freurl.cc%2F--redacted--%2F%22%7D&fb_dtsg_ag&__user=0&__a=1&__req=1&__hs=19730.BP%3Aplugin_default_pkg.2.0..0.0&dpr=1&__ccg=EXCELLENT&__rev=1010704144&__s=%3A%3Azw0it3&__hsi=7321525923581345721&__dyn=7xeUmxa13xu1syUbAihwRwqo98nwgU5Gex-ewSwMwNw8OdwJwvE3vx61cw9y0Ko2_CwjE3awbG78b87C1xwEwlU-0nS4o5-0ha2l2Utw78waOfwbK0RE5a1qw8W1uwa-7U1bo6i6811E2ZwrU6C0L836w5Kw&__csr=&__sp=1
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iAxA4/y1/l/de_DE/Gnm9vzFr_bN.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c9d36a7404c88e6076f883969b8e2bdcd51aaea1cdcef8fae21678491ceb2023
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

X-FB-LSD
vJ5nBeMSboEL8XiQ-FtTHe
Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
X-ASBD-ID
129477
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), encrypted-media=(), keyboard-map=()
strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
date
Mon, 08 Jan 2024 00:59:54 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma
no-cache
x-fb-debug
qia6GqozcsLMMUawrPfwf+izKoSne5KZYITxlpPz48evIvov618eBi+uehbwu1yDfgUnwbO5KZ4LX0rK+Tj4Kw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-cache, no-store, must-revalidate
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), display-capture=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/platform/plugin/page/logging/ Frame 405A 		955 B
958 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/platform/plugin/page/logging/
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iAxA4/y1/l/de_DE/Gnm9vzFr_bN.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
fbe1195fcfa4164bc6cac9b2a0a18c998b6a250e73a23c4d677d68a4c3ed3884
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

X-FB-LSD
vJ5nBeMSboEL8XiQ-FtTHe
Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
X-ASBD-ID
129477
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), encrypted-media=(), keyboard-map=()
strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
date
Mon, 08 Jan 2024 00:59:54 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma
no-cache
x-fb-debug
lpX+T2gGsjUaNsON/2m9yy7g306VuY+g5dkBM1a8syJDy1LHxeTysx48+ChczwXsxQVKdoxo6LttSBi9pBv8ag==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-methods
OPTIONS
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
access-control-allow-credentials
true
vary
Origin, Accept-Encoding
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/pages/call_to_action/fetch_dialog_data/ Frame 405A 		955 B
875 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/pages/call_to_action/fetch_dialog_data/?id=136500184423162&surface=pagePlugin&unit_type=VIEWER
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iAxA4/y1/l/de_DE/Gnm9vzFr_bN.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b93933d982ee2e682b7cf10170724195f416d1135478316af91e1b4cc46b2d73
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

X-FB-LSD
vJ5nBeMSboEL8XiQ-FtTHe
Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
X-ASBD-ID
129477
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), encrypted-media=(), keyboard-map=()
strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
date
Mon, 08 Jan 2024 00:59:54 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma
no-cache
x-fb-debug
o591JVZNuhRPj7WQBrOLrVUkG9izbeeaF7z7U69HfTm4WlNaOBJb6WkCKT4ZUFxYmjasr+lRC9QjOIk7RMcBgg==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-methods
OPTIONS
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), display-capture=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
access-control-allow-credentials
true
vary
Origin, Accept-Encoding
expires
Sat, 01 Jan 2000 00:00:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame F3D9 		90 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/xm7nmj
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ab47e489142d1f6f78467ebf7b323e8d5b9ece935e0ee33aefd5ce35827748d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/xm7nmj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 00:59:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29321
x-xss-protection
0
server
cafe
etag
137 / 19730 / m202401020101 / config-hash: 2026918608723226553
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 08 Jan 2024 00:59:54 GMT
fbevents.js
connect.facebook.net/en_US/ Frame 1D1A 		202 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: fcm2.holmesmind.com
URL: https://fcm2.holmesmind.com/cm.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2aa7779577c8f4ff268d5bbd5b13b7d577930c1824b43b4b5442d4c92a695154
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 08 Jan 2024 00:59:54 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54372
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
o4Hww5MRxaczlhAljIJW4f9dhVOwKFqmoUBNnUKy0vnkPuNVm5TzRP1QllCrEGLIjkA/AMDLShEuHq9woT687w==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
t.ssp.hinet.net/ Frame 1D1A 		37 B
409 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
483767d7feafba211de4eaac3ca692d76b0a482970b9df5c479f2693bd919cf3
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 00:59:54 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
/
t.ssp.hinet.net/ Frame 4D34 		37 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
3903f2f77568dde415d9bfa020000b91509b3463d6db7b109ed0ea459b2385a8
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/xm7nmj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 00:59:54 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
kCwDvxe1QsQ.js
static.xx.fbcdn.net/rsrc.php/v3/yo/r/ Frame 405A 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yo/r/kCwDvxe1QsQ.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y_/r/2H4wLdDD9MP.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
264a0a28c23da253d460c72e9b7ff9e297a4e02ea590c5d20a1f0fa77bc9aadd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Mon, 08 Jan 2024 00:59:54 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
8PPs50PtkMAX5E1OU2ogzA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3451
reporting-endpoints
x-fb-debug
r9bxk4BMmwTtN6EMzdnkFR1yqyi1zxnaoWf3h82Cl6VN1slB6jeku7pvIwUY8tjmFUSl/KJB4Jga7nQSQY+lWQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 02 Jan 2025 22:29:37 GMT
VMMGrWYM7Te.js
static.xx.fbcdn.net/rsrc.php/v3/y-/r/ Frame 405A 		341 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y-/r/VMMGrWYM7Te.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y_/r/2H4wLdDD9MP.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d0260a942842dfe2e8de7d78be4aecaa450e9ee0be021d76e6ba13d9f5c92b08
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Mon, 08 Jan 2024 00:59:54 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
WmWr4XDoSnANsz1Uo5Z2tg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
75279
reporting-endpoints
x-fb-debug
MVQWNGGrYB4w7mj2tH5l+WYdVQLiaevllHV60SkDe/Zm8C6B6jFFkhSOWnekaa52hm6IGM9UYRN2qJpafsMz0Q==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Wed, 25 Dec 2024 12:17:54 GMT
1igfs7II_g6.png
static.xx.fbcdn.net/rsrc.php/v3/yd/r/ Frame 405A 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yd/r/1igfs7II_g6.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y9/l/0,cross/V-GL57iHfEB.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e13547eec8879c9b576c2e06837303ad06ea15905d4eb075291ff21686a5b3da
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/y9/l/0,cross/V-GL57iHfEB.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Mon, 08 Jan 2024 00:59:54 GMT
x-content-type-options
nosniff
content-md5
Bsv/k/2TeJemYEeLUt4www==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
12027
reporting-endpoints
x-fb-debug
vb1K2sMCp0PH0Agq5TLXtRnGPo2Zi4yrzBmC9+LOnmkVNuz+H9pdsq50nW7UuFOw1mlyOYKY+Vg8p8yuVb598g==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Tue, 07 Jan 2025 00:40:18 GMT
xgVgalBG80z.png
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ Frame 405A 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/xgVgalBG80z.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Mon, 08 Jan 2024 00:59:54 GMT
x-content-type-options
nosniff
content-md5
rB4cTW8WNZcBsFntToJGtA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1315
reporting-endpoints
x-fb-debug
nLF/dic7rVZ6dkvfe1cqv4celORCRkZrEB778Ue3LR3C6FuiuAsVDJV9vj6/Cw5HR6Xd46sd2NNKgwcQGafqDA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Wed, 25 Dec 2024 01:00:53 GMT
ieeHDjcGsIR.js
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ Frame 405A 		213 B
403 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/ieeHDjcGsIR.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y_/r/2H4wLdDD9MP.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6480d194b98b9fc3e4589a44b7e54b81ad926722e5b6fb7cc236161e2c2e03ac
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Mon, 08 Jan 2024 00:59:54 GMT
x-content-type-options
nosniff
content-md5
oSUZEsOZh+qyGbXjvLFs7Q==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
213
reporting-endpoints
x-fb-debug
roBUgLZ2KTmTn9tAATe9oVgjcWvYDIj0xgQN5A2S2/UhgZ2PNmucA7nfrZoysIw1memBGkvBlomka90PUiSL4g==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 28 Dec 2024 12:42:22 GMT
/
www.facebook.com/login/ Frame 405A 		0
0
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/ Frame F3D9 		436 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8538fa1e11fa1334100b86b0c251b8ffa0b51f5db3e732c23963053686a93dc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/xm7nmj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 19:44:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
18953
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140253
x-xss-protection
0
server
cafe
etag
11435206252018266965
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 06 Jan 2025 19:44:01 GMT
/
www.facebook.com/login/ Frame 405A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FCreditCards.com.tw%252F%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y_/r/2H4wLdDD9MP.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 08 Jan 2024 00:59:54 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
pragma
no-cache
priority
u=0,i
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
CVuKbGv1ht+gvcctBMhSpkbmiLp9YWTmQqOTyInhgyHRoTmNBuxh0/Y7jUli/e1SG+X9V4eVTuns/bKsLuhjoA==
x-frame-options
DENY
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame F3D9 		55 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3002432070623772&correlator=4119023738304599&output=ldjh&gdfp_req=1&vrg=202401020101&ptt=17&impl=fif&iu_parts=128002626%2CGPT_%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8reurl%2C14210%2C14210-2&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&ifi=1&sfv=1-0-40&sc=1&cookie=ID%3D3fbef46dfef71fc0%3AT%3D1704675591%3ART%3D1704675591%3AS%3DALNI_MZA1IY7HP2SunQ3yD2h-_ldqUvIUA&gpic=UID%3D00000d3c399b7f01%3AT%3D1704675591%3ART%3D1704675591%3AS%3DALNI_MY9nDhBU0hOdwYMYETYBDt2k4lmKg&abxe=1&dt=1704675594458&lmt=1704675594&adxs=1030&adys=108&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=s87xr6b6vdmd&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=3&url=https%3A%2F%2Freurl.cc%2Fxm7nmj&ref=https%3A%2F%2Freurl.cc%2Fxm7nmj&top=https%3A%2F%2Freurl.cc%2Fxm7nmj&vis=1&psz=300x250&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=2071837822.1704675591&ga_sid=1704675594&ga_hid=1922416514&ga_fc=true&dlt=1704675594176&idt=248&adks=3360245792&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c2ed33a9509ef64f7441ee7b89833407e8e9a84aea81778929388f4023a9f664
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/xm7nmj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 00:59:54 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13688
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://reurl.cc
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame F3D9 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202401020101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9f261f90c20c8016ddfff81b3bc7d78ca0a920d18a538cfd20d9908e5be9c1b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/xm7nmj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 00:59:54 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12341
x-xss-protection
0
container.html
a8d2c0901941af5f97d782c8302a05fc.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 80AE 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a8d2c0901941af5f97d782c8302a05fc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/xm7nmj
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 08 Jan 2024 00:59:54 GMT
expires
Tue, 07 Jan 2025 00:59:54 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
d1QGUIEOFY_.css
static.xx.fbcdn.net/rsrc.php/v3/yZ/l/0,cross/ Frame 405A 		0
0
truncated
/ Frame 405A 		2 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fb4a1ce6dfcba35211052403191f739a43aafef3ebab7af5e3866d02da0e60fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
text/css;charset=utf-8
uwgVV4_bDB1.js
static.xx.fbcdn.net/rsrc.php/v3/y_/r/ Frame 405A 		0
0
2_UQu_HhTQu.js
static.xx.fbcdn.net/rsrc.php/v3/yG/r/ Frame 405A 		0
0
ie38mp0O07P.js
static.xx.fbcdn.net/rsrc.php/v3/y9/r/ Frame 405A 		0
0
emome2
t.ssp.hinet.net/ Frame 1D1A 		30 B
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=680ec374-4b0c-4248-a119-71fc165573ee
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 00:59:54 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
emome2
t.ssp.hinet.net/ Frame 4D34 		30 B
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=4a8dd590-354a-4afc-861a-b61d23352dfe
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/xm7nmj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 00:59:54 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
bz
www.facebook.com/ajax/ Frame 405A 		0
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame F3D9 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/xm7nmj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 00:59:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 08 Jan 2024 00:59:54 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8BCE 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/xm7nmj
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
18205
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 07 Jan 2024 19:56:29 GMT
expires
Mon, 06 Jan 2025 19:56:29 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 4A75 		829 B
561 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
30522a6475246e16c4eb1e032144c5ca5858100046fa29a27b33e459f3810415
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-TFCVIDX9GeNZL9qelZO4Cg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://reurl.cc/xm7nmj
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-TFCVIDX9GeNZL9qelZO4Cg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 08 Jan 2024 00:59:54 GMT
expires
Mon, 08 Jan 2024 00:59:54 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 8BCE 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 19:56:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
18205
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 06 Jan 2025 19:56:29 GMT
cm
t.ssp.hinet.net/ Frame 1D1A 		0
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=cf&cid=undefined&mp=680ec374-4b0c-4248-a119-71fc165573ee
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 00:59:54 GMT
strict-transport-security
max-age=0
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
pixel
680ec374-4b0c-4248-a119-71fc165573ee.t.ssp.hinet.net/ Frame 1D1A 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://680ec374-4b0c-4248-a119-71fc165573ee.t.ssp.hinet.net/pixel?bd=680ec374-4b0c-4248-a119-71fc165573ee&t=cf&referrer=https%3A%2F%2Freurl.cc
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 00:59:56 GMT
strict-transport-security
max-age=0
server
nginx
content-length
0
content-type
image/png
sodar
pagead2.googlesyndication.com/pagead/ Frame 4A75 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202401020101&jk=3002432070623772&rc=
Requested by
Host: reurl.cc
URL: https://reurl.cc/xm7nmj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
amp4ads-v0.mjs
cdn.ampproject.org/rtv/032312191621000/ Frame 84CB 		196 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/032312191621000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61dbf443c55d4520ece6850161bb3b065eca09965825f3dd3b500273960adfdc
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 04 Jan 2024 19:36:53 GMT
age
278581
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56103
x-xss-protection
0
server
sffe
etag
"532c90e2d4c5e62f"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 03 Jan 2025 19:36:53 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/032312191621000/v0/ Frame 84CB 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/032312191621000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
291ad59350731069a43cb924ae03eba4174c9157dbb1434679298877141e1fbb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 04 Jan 2024 19:22:44 GMT
age
279430
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5228
x-xss-protection
0
server
sffe
etag
"1615cf8c9658662f"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 03 Jan 2025 19:22:44 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/032312191621000/v0/ Frame 84CB 		95 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/032312191621000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c57e30f3e3440754bfd9c14304db0781d0d1226d5a3b093a4ed015f5007d5c62
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 01 Jan 2024 21:42:38 GMT
age
530236
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29030
x-xss-protection
0
server
sffe
etag
"4993b3249a87fa76"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 31 Dec 2024 21:42:38 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/032312191621000/v0/ Frame 84CB 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/032312191621000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca848bb459064d2d0a527bd0840ec4cbdea5545ab07b8dc7ebb61c8d0cb1a954
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 04 Jan 2024 19:22:44 GMT
age
279430
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1930
x-xss-protection
0
server
sffe
etag
"09131eec19261354"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 03 Jan 2025 19:22:44 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/032312191621000/v0/ Frame 84CB 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/032312191621000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
febaf4a1ace567d9e1c2a64b9721eaa47cb418db39c8869b38ecd480bdfde322
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 04 Jan 2024 19:19:42 GMT
age
279612
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12961
x-xss-protection
0
server
sffe
etag
"b1091b2fa725aeb2"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 03 Jan 2025 19:19:42 GMT
css
fonts.googleapis.com/ Frame 84CB 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 08 Jan 2024 00:59:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 08 Jan 2024 00:37:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 08 Jan 2024 00:59:54 GMT
zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 84CB 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:14:23 GMT
x-content-type-options
nosniff
server
cafe
age
27931
etag
7688947696963022458
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3430
x-xss-protection
0
expires
Mon, 08 Jan 2024 17:14:23 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 84CB 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 19:01:23 GMT
x-content-type-options
nosniff
server
cafe
age
21511
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Mon, 08 Jan 2024 19:01:23 GMT
l
www.google.com/ads/measurement/ Frame 84CB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQZ3baLg1kdc8QpkisioGfDq9DenMFNZm6Viqv1PzVEKaxJIALs_N-UjJps82GRdjfme1hIygYhdMvoCtK-a1adRUKBeA
Requested by
Host: reurl.cc
URL: https://reurl.cc/xm7nmj
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
14763004658117789537
tpc.googlesyndication.com/simgad/17435473049612263276/ Frame 84CB 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/17435473049612263276/14763004658117789537?w=600&h=314&tw=1&q=75
Requested by
Host: reurl.cc
URL: https://reurl.cc/xm7nmj
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
319213d8ce98436502101dc340c62ed3047c4d3b53db0c4fcbc6670a8a457e27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons
true
date
Mon, 08 Jan 2024 00:59:54 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15563
x-xss-protection
0
last-modified
Fri, 05 May 2023 14:53:21 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 07 Jan 2025 00:59:54 GMT
7555237140520559535
tpc.googlesyndication.com/simgad/ Frame 84CB 		974 B
1002 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7555237140520559535?w=100&h=100&tw=1&q=75
Requested by
Host: reurl.cc
URL: https://reurl.cc/xm7nmj
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
689b906e6cda19dd2560b87f5545a7375e4a36b30bade2c31fc8d78f9fbf8b9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Mon, 06 Jan 2025 19:58:27 GMT
date
Sun, 07 Jan 2024 19:58:27 GMT
x-content-type-options
nosniff
age
18087
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
974
x-xss-protection
0
last-modified
Tue, 24 May 2022 15:28:43 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
truncated
/ Frame 84CB 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb1c52c7266f930640b42c13b2b8481130cc10518f433f34fb2f461b9eb10405

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 84CB 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://reurl.cc
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 04:01:15 GMT
x-content-type-options
nosniff
age
507519
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Jan 2025 04:01:15 GMT
generate_204
tpc.googlesyndication.com/ Frame 8BCE 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?Dv0C-A
Requested by
Host: reurl.cc
URL: https://reurl.cc/xm7nmj
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 00:59:54 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 84CB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=ClZHhCkmbZa6hH-DS1PIP2OCauATqlrz_c47OsPKqEZCDhZ4LEAEg0syBGmCVqqCCsAegAav43-0CyAEBqQITD9A53FuyPuACAKgDAcgDCqoEuQJP0LqYWJMCOv-rZRTufQ0vVngmukh0CTF_BrCs2H1SzhJXeLcX_xxjO1sqXPgcFDgjVDh8uq_9cSNamBvY9xSWEzHuTVhxdsCicCouU27NQ5Qx_r2-gyK4o4VrnXcItK02xIysoe4Gj-TdB9rK1bgbleQWd0ObzG3zgbM4dBdBok2IcUX9a_1KaqXYTdgSeQDAz4FMHiEo_2lClwqf66hFWW4pjXekdNYf3BIYPt49DV3SfLoBKkhTbk9PN0r-I6gX_nrGDBmlToxJw3zIuduQ-cOkkW7TDdKG1Zl-lRJSfOtq0NAa-DR_wZgh92HHNnD4cdXAc7SFflLwKLsso23M2ugjuSEq357gdVnZQK4y9lTPLaZ_bBydA5aegEiVnO_QCueW2cEFYFy2zrcI094iuaH_gLLn-JOLwASq-5vLqATgBAGIBe7L4OlKkgUECAQYAZIFBAgFGASAB72HoJIBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQ2v0J0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOljxupG6y8yDA5oJtQFodHRwczovL3d3dy5zdGFja2l0LmRlL2RlL3Byb2R1a3Qvc3RhY2tpdC1jbG91ZC1mb3VuZHJ5Lz91dG1fc291cmNlPWdvb2dsZSZ1dG1fbWVkaXVtPWRpc3BsYXkmdXRtX2NhbXBhaWduPVtERV1HRE4tUHJvZHVjdC1MZWFkcyZ1dG1fY29udGVudD1DbG91ZC1Gb3VuZHJ5LUtleXdvcmRzJnV0bV90ZXJtPXJldXJsLmNjgAoDyAsBogwIKgYKBLu7sQLiDRMIv-CRusvMgwMVYClVCB1YsAZH2BMNiBQF0BUBmBYBgBcBshceChwIABIUcHViLTQxMjY1NTQ3NzkzOTM5ODYY4swZ&sigh=en53yQsDE0E&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSOwAvHhf_goy0szoxLCdklc9JWrXUAqAGQaAqt4T-8IpWabhChttPspzXXARENYfPggriSge7_iPIBj7_GAE&template_id=5007&cbvp=2
Requested by
Host: reurl.cc
URL: https://reurl.cc/xm7nmj
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame F3D9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202401020101&jk=3002432070623772&bg=!np2lndLNAAY3kmNgF5I7ADQBe5WfONg5gVaByQmbPiXxqquiQg10y1jk_WTEioIZMrqDHCr5UmWYb3b13akRg2nriQyjAgAAALVSAAAAA2gBB5kC3QXKkLkGfl6wTXE4pErvdwZpM0OFmpVRVdjHNbisPLTgktRfAs-ZQeaVJTI9CNV_TbS4e_nPkE54ppyl7S9XMaO2feq7KoNpqqGJO04RJupZOrEOtE0ufxo3mva0H95xLeGTHHcGkxh0OrnbvbcW9LLnV8CQKjZ0hpBPRaSfjhuhMjhAr25Of6vkjD1F6rXoWnySacgAoEOCnuP7486iskZLnMCXrrtMgdVjm7uyQpfg8mhJu0d6fPDSHfopW-w7HfHYqpU_v4BkRI8i_R78gtu_GADvmiTjulpESpjTawBPaipXZjvhj3pb4Yc_s2oE9CA3pdDsySQ4umiuOtUBq8OQ398kmNOYEA1FiKo-Ap1B4DwGLY9YhQznYRuN_2WEo4KD6VIiA8rZGWNLl_gNNVeKzpRcb-GSwuDU-KTGsNc6sv_Lk2fvu2DXePvPTA-ptTf1_-La7TkSXdWd3oE2wIx0gUIHN9st6-T2cDwgJzyq_HPTO_hM1u_NC0AQfy1tQZfD-INgpvAwq3G9u89yauOikPHJbnykT1OekHnfZ1u0a_BrPZoyfDyH8OhZ-7GagsaPzmDGF558pHg5NNeUtzc9pPO9KQH01U-xLSnh9Urg8JHVktMPgtfegZb64_L8nlD880W3NUwutbxb0F9TWioxQ49701IMyegZxQW-T7E88D4CBj7QRzi17eq8n4PA9XDR7oEPv8KHXL2VdMPwOu-9yAI_hdgEsMFBkHN9WHitrXuvrWbPeNIAw1pkaJXpsHx8JiHVxuqKdwgxiA6X7ahPAwW81TjMxCj5DIObFAWo4k0mxsetv8WrqmV_RdzOL9EoH1Sm--umMMcMNXM9nL_xUbsG0b4pChy_kjdcX5g1ec4DAAoU4IBZqcfILSBaEgYJbynKYEyAxFFRKBc0uftivd7rH8LOjrc9QQDSKQBl3M6VHjIQWx9hDoWN1wB7jjKg1U3WRxOL6CBdLrs
Requested by
Host: reurl.cc
URL: https://reurl.cc/xm7nmj
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/xm7nmj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 84CB 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstXIQmbUJAtHi-W2w0JNbHHVgzCV3KpOBNRzw_AZCtYE5F2kklsXUqsR-cD2KEYhdPEN76hpH--EvAZ4vnh8CCX71wplfNjuF9KII7I3u6AzT4wbzEpYbeIvx7sZY74woiWP6tWVH4GgxEILAMwTxD6says&sai=AMfl-YQVLVf1uATQIahPMfudVdF88tDNBI7AAGvaafFD0PMLV-WzsbLjQknfbVGlGovEKqxalfy-oXA3F4wLntPyDFRDf02WhHMpNHljhTp7bR_305lICo9GUz-mR5A&sig=Cg0ArKJSzHicJo1ZvgIrEAE&cid=CAQSOwAvHhf_goy0szoxLCdklc9JWrXUAqAGQaAqt4T-8IpWabhChttPspzXXARENYfPggriSge7_iPIBj7_GAE&id=ampim&o=1030,108&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=212&tls=1213&g=100&h=100&tt=1213&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: reurl.cc
URL: https://reurl.cc/xm7nmj
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Jan 2024 00:59:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-N394QBRGC0&gtm=45je4130v897965293&_p=1704675591010&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=2071837822.1704675591&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1704675591&sct=1&seg=0&dl=https%3A%2F%2Freurl.cc%2Fxm7nmj&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&_s=3&tfd=7316
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/xm7nmj
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 08 Jan 2024 00:59:56 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 908F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvQUx0_ImrnRxtC0k7ETrzDQvmTN2uMedPGgLNtNiLJWMtRKOGnxxllX8aOV1RV9eNuvZQIJISKb-aMySgF7OD-xxS_J5yjftG55zuYH2df0YaaJrivp3wK3HHeKKwXh4Ky-d7nRp8AQ2Bz8G0r4WbilgoxvIFSEQ8wHbp1SDlr3wAlMIO0HUgr4EKVv6czsNJwsSWonFcP3QdZkQxt1vBppAYmvUAwBBkySvUfq2W0zeTkCtt8eo7s1pRLCf6RQMKDXefwesI6bDpDHUxXvnkUZDz4Qg5tBjs0gzRtCe_XBiccj2IE2oFkCjQpnuYbsXrzsyVJWzSYaFTz7tJa4x2XWN8l_4QpB5gGzdzJ8LvDi7mWSO89EouPKWuiGcfmqS3AqoniMLpjhIQWOQ&sai=AMfl-YRZqaYq-nYCw4lndR2T2SdmuJQxtlcFljJFw1NFjtJJThMLZObiRZPnPH4QqsOB99MpRnw9Qe6I09ifLeLPifHrqusWj00dM8bHVbOAURFBzUdD1sYZrElJSbqMEWmbwFBK_UuQ7ZcIEi9SisRbgMM&sig=Cg0ArKJSzBzoUEUKCiypEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/xm7nmj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 00:59:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 08 Jan 2024 00:59:59 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202401020101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js?cb=31080221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
40f3cefe947754e13ade52dfebb4c6b27c29ff3941f263f8cca391e7a2703b4e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/xm7nmj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 00:59:59 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12226
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js?cb=31080221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/xm7nmj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 00:59:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 08 Jan 2024 00:59:59 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 065B 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/xm7nmj
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
18210
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 07 Jan 2024 19:56:29 GMT
expires
Mon, 06 Jan 2025 19:56:29 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame C96A 		829 B
561 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3782c65dd815c3dc4055a95f166c3ae54e785c23773a2dcef1486200b894e726
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-8M_-Sqj_j07NQeGmfYvEjA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://reurl.cc/xm7nmj
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-8M_-Sqj_j07NQeGmfYvEjA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 08 Jan 2024 00:59:59 GMT
expires
Mon, 08 Jan 2024 00:59:59 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 065B 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 19:56:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
18210
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 06 Jan 2025 19:56:29 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame C96A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202401020101&jk=81169713719398&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 065B 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?Pq5xLQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 01:00:00 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 908F 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssBcrd7o1wSrlpqKmUHBBgrGUpNQ7YUyXMuVcPVEYof0xtkgU9oVUUI3KXmkfAEiXX_KVxrrgIODwlkvbGsIcJmvD-Z-Kgp8NouKn3OBLFxuKv-eT5uijt9A3OBsd1Aim2GKUzLHjP3XYPcsDXgnzmGAw&sig=Cg0ArKJSzHoOZyjJcBdREAE&id=lidar2&mcvt=1000&p=108,1030,362,1330&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20240103&bin=7&avms=nio&bs=1600,1200&mc=0.98&vu=1&app=0&itpl=19&adk=3242553145&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704675591927&rpt=7393&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/xm7nmj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Jan 2024 01:00:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.facebook.com
URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FCreditCards.com.tw%252F%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId
Domain
static.xx.fbcdn.net
URL
https://static.xx.fbcdn.net/rsrc.php/v3/yZ/l/0,cross/d1QGUIEOFY_.css?_nc_x=Ij3Wp8lg5Kz
Domain
static.xx.fbcdn.net
URL
https://static.xx.fbcdn.net/rsrc.php/v3/y_/r/uwgVV4_bDB1.js?_nc_x=Ij3Wp8lg5Kz
Domain
static.xx.fbcdn.net
URL
https://static.xx.fbcdn.net/rsrc.php/v3/yG/r/2_UQu_HhTQu.js?_nc_x=Ij3Wp8lg5Kz
Domain
static.xx.fbcdn.net
URL
https://static.xx.fbcdn.net/rsrc.php/v3/y9/r/ie38mp0O07P.js?_nc_x=Ij3Wp8lg5Kz
Domain
www.facebook.com
URL
https://www.facebook.com/ajax/bz?__a=1&__ccg=EXCELLENT&__dyn=7xeUmxa13xu1syUbAihwRwqo98nwgU5Gex-ewSwMwNw8OdwJwvE3vx61cw9y0Ko2_CwjE3awbG78b87C1xwEwlU-0nS4o5-0ha2l2Utw78waOfwbK0RE5a1qw8W1uwa-7U1bo6i6811E2ZwrU6C0L836w5Kw&__hs=19730.BP%3Aplugin_default_pkg.2.0..0.0&__hsi=7321525923581345721&__req=4&__rev=1010704144&__s=%3A%3Azw0it3&__sp=1&__user=0&dpr=1&jazoest=21854&lsd=vJ5nBeMSboEL8XiQ-FtTHe

Verdicts & Comments Add Verdict or Comment

158 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| documentPictureInPicture function| gtag object| dataLayer object| googletag function| custom_call_MFS object| _ONEAD object| ONEAD_pubs string| labelToken string| category string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| ggeac object| google_js_reporting_queue object| google_tag_manager function| onYouTubeIframeAPIReady undefined| google_measure_js_timing number| google_unique_id object| _33across object| regeneratorRuntime object| ox_esp function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_146 object| Criteo object| Criteo_identitytag_146 object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager boolean| ONEAD_lib_hasBindEventListener function| custom_call_MIR function| Vue object| renews function| getRenewsFeeds

27 Cookies

Domain/Path Name / Value
.reurl.cc/ Name: _gid
Value: GA1.2.1376516903.1704675591
.reurl.cc/ Name: _gat
Value: 1
.reurl.cc/ Name: _ga
Value: GA1.1.2071837822.1704675591
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.criteo.com/ Name: uid
Value: e5c83a4f-7401-4fd9-b9ff-2fffd42cdfc1
.reurl.cc/ Name: __gads
Value: ID=3fbef46dfef71fc0:T=1704675591:RT=1704675591:S=ALNI_MZA1IY7HP2SunQ3yD2h-_ldqUvIUA
.reurl.cc/ Name: __gpi
Value: UID=00000d3c399b7f01:T=1704675591:RT=1704675591:S=ALNI_MY9nDhBU0hOdwYMYETYBDt2k4lmKg
.openx.net/ Name: i
Value: e12d32c1-9d78-4e4b-a702-ddec8dde9526|1704675591
.reurl.cc/ Name: _ga_N394QBRGC0
Value: GS1.1.1704675591.1.0.1704675591.60.0.0
.doubleclick.net/ Name: IDE
Value: AHWqTUn-fWIEQtWxR1_oDcpAfMFLy2xRtAThNsnC3VxJsUq4IYuX4GTfZxPU4KOKzxw
.doubleclick.net/ Name: DSID
Value: NO_DATA
.reurl.cc/ Name: ISMD5VERSION
Value: 1
.reurl.cc/ Name: CFFPCKUUID
Value: 9885-nXXQCf0hrPCXVzflwRZ244RMWNe9iL09
.reurl.cc/ Name: CFFPCKUUIDMAIN
Value: 7448-FXtZgi6a3UUQhrUOZCL0zqE6cu2hCkSA
.reurl.cc/ Name: FPUUID
Value: 7448-1ac7541ce4a0ee84d87aa6bce4891d1a
.reurl.cc/ Name: cto_bundle
Value: 20f_Ml9tM1NEeENKU3FReHpJMW5HQlZtRTElMkZBZ2RNZTR4c1pDUjZjS2x4ODdKJTJGYlEwVkJ1SVk0YTFWJTJGbTVlblpFQ0FCcFNGRk4lMkJoOHdZUzZMTTNQQUZQTnJtRTMzOU5TQXpraFRNVW0xNnJheCUyQjllUGpSWGcwOVFxVTB1M1Y5VjJoczc3dnh0N2R5QjVUUk9HZjY4M1V0dlFRJTNEJTNE
.holmesmind.com/ Name: P
Value: 447025-riBRY0MSPreUqxcxWI6EqBnDA6plXfLP
.holmesmind.com/ Name: Vision
Value: 20240108-23:59,20240108-11,20240108-11,20240108-23:59
.holmesmind.com/ Name: C
Value: null
.holmesmind.com/ Name: RK
Value: null
.prnasia.com/ Name: __cf_bm
Value: zYMj5195iGnonS.DTFH3tSikMdFKmMG0AJiv.2GXz7w-1704675593-1-Ac0GD6wcVyv/3kI7PDyahySDoTNIUIrj72wI5ua6IwYvihqmOfGohNWxIZjqQJW5Hw1yLpS27IsF80s1C6G+oB8=
.holmesmind.com/ Name: fcm
Value: 1
.lndata.com/ Name: admckid
Value: 2401080859531203147
.hinet.net/ Name: uuid
Value: 4a8dd590-354a-4afc-861a-b61d23352dfe
.reurl.cc/ Name: __htid
Value: 4a8dd590-354a-4afc-861a-b61d23352dfe
.reurl.cc/ Name: _ht_em
Value: 1
.c.appier.net/ Name: _auid
Value: nzC5lkHcA3SzwqZDCkmbZQ

4 Console Messages

Source Level URL
Text
other warning URL: https://1299f30642d7b2272c1adc45c0872746.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1299f30642d7b2272c1adc45c0872746.safeframe.googlesyndication.com
680ec374-4b0c-4248-a119-71fc165573ee.t.ssp.hinet.net
a8d2c0901941af5f97d782c8302a05fc.safeframe.googlesyndication.com
ad-specs.guoshipartners.com
ad.holmesmind.com
ad2.apx.appier.net
ads.eu.criteo.com
bcp.crwdcntrl.net
bidder.criteo.com
blog.alphaloan.co
c.holmesmind.com
cat.nl3.eu.criteo.com
cdn-ima.33across.com
cdn.ampproject.org
cdn.holmesmind.com
cdn.jsdelivr.net
cm-dev-poc.holmesmind.com
cm.g.doubleclick.net
cm.lndata.com
connect.facebook.net
creditcards.com.tw
csm.eu.criteo.net
fcm.holmesmind.com
fcm2.holmesmind.com
fonts.googleapis.com
fonts.gstatic.com
gocm.c.appier.net
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
imageproxy.eu.criteo.net
img.gbyhn.com.tw
img.racingcharger.tw
invstatic101.creativecdn.com
m.holmesmind.com
mma.prnasia.com
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
prebid-asia.creativecdn.com
prebid.scupio.com
re-news.tw
region1.analytics.google.com
reurl.cc
rtb.nl3.eu.criteo.com
scontent.xx.fbcdn.net
securepubads.g.doubleclick.net
static.criteo.net
static.wixstatic.com
static.xx.fbcdn.net
stats.g.doubleclick.net
storage.re-news.tw
storage.reurl.cc
t.ssp.hinet.net
tags.crwdcntrl.net
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.rayskyinvest.com
static.xx.fbcdn.net
www.facebook.com
103.132.192.30
104.18.35.167
116.50.36.71
142.250.184.194
172.105.221.29
178.250.1.6
18.177.171.42
192.0.78.187
192.0.78.25
2001:4860:4802:32::36
203.66.35.99
203.75.214.136
210.59.219.34
2600:9000:2057:8c00:1e:5c56:d400:93a1
2600:9000:2250:3a00:0:e06c:e940:93a1
2606:4700::6810:5614
2606:4700::6811:efc2
2a00:1450:4001:806::2002
2a00:1450:4001:806::2003
2a00:1450:4001:809::2001
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::2002
2a00:1450:4001:828::200a
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2003
2a00:1450:4001:830::2008
2a00:1450:400c:c04::9b
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:3::9
2a02:2638:3::c
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a06:98c1:3120::3
34.102.146.192
34.120.107.143
34.149.98.30
34.160.81.203
34.95.67.231
34.96.70.87
35.185.130.121
35.185.136.122
35.190.36.98
35.201.76.93
35.227.249.156
35.244.159.8
35.244.196.223
52.195.28.90
54.64.241.212
54.78.109.25
61.216.47.122
65.9.66.97
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08877dd5d223a866fca13f6c0e069a40cc702fe27d9d2a8fedaaf4a6efe15d83
0912eb76845cca43ec976e9bc886ca3f240697afb98c9ec95ec6c34fa32a8a71
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0ad98b259e194935a16627dcfc8440f91672818f54fed2797cbc767f00299747
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0efa8291235243ad1438d266932112aecf4e7dca1963545a22d118cbe5d5d6e2
0fab9d8226565c933226a271beae622492261fbed07bbd227add760da1ad9de3
13e64e2153618f475e94e0e85fa68c9ce910cfc9b24ca9d44fa546a7d2020a24
16cf673198b29bb08e83f5d8f74182d97d9c6dfa729c60f90f6195e739de9d20
18aa600d58f6f0deccf99a07d38ed8b2a769534a7cdfb64034ad9ddc21ab3946
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
1fc420734cd9d77c0ea51fca3f80845030474cb8e487f7996c16e33c888ce623
216d243d50d12dd0b4f3a5dd759511e5bf113a9996a1fe8fb83273aa6b3c8b59
25289bcfb720b8796e4c231b84d39cb9d58260cfac73cdedf199c2cf7cbcc8d5
264a0a28c23da253d460c72e9b7ff9e297a4e02ea590c5d20a1f0fa77bc9aadd
2650f0bf9347561322354447171981c0a052401f826695fec1281e29fa16c840
284ea43fffc3c4eb779cbdb6deaa37012a4843481c11dc48eeb95621f27adc6f
291ad59350731069a43cb924ae03eba4174c9157dbb1434679298877141e1fbb
2aa7779577c8f4ff268d5bbd5b13b7d577930c1824b43b4b5442d4c92a695154
2d9cc15e91cc9e0c00b43b367a157c107bb21f9b4d1951dd1dd614cd5281b05b
2f764c969a82705ba7838239087f5ff9b33e978b6bae2657e299b6b14c30ad7f
30522a6475246e16c4eb1e032144c5ca5858100046fa29a27b33e459f3810415
30fe2b25061c04e45888d4eccbe63e113ad09715a8ee40d87485f188a526aa2d
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
319213d8ce98436502101dc340c62ed3047c4d3b53db0c4fcbc6670a8a457e27
31b4d2ac4928b0129a5a969594be92783dbbb13112dd350f128de1b8d7215f30
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
369570af203fe832b39be7ff64f94f07b6c97c928b733a9b9e6c8bcf1a98652c
3782c65dd815c3dc4055a95f166c3ae54e785c23773a2dcef1486200b894e726
3903f2f77568dde415d9bfa020000b91509b3463d6db7b109ed0ea459b2385a8
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
3c5ae3fe83f4faf2b19e61636508288d1c0e9ea8139739cde1d1a7a24d5c516b
3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e
3fa726416b13a1cae310c0f4ce0a0d61f78f04fdf8b48e8af17f175e6a2d1c58
40e339b39ab5229aa56624c7df0f88a60ceb6ddce68f0b98b968d8644892af38
40f3cefe947754e13ade52dfebb4c6b27c29ff3941f263f8cca391e7a2703b4e
45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb
4636fb9df5ae103fbad3764c9f98400be1c9384cbe77fdb6951b96adcac788b1
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4740aa443f515a557aaf2d5eb3a738393acd87d4d3f0b4e0d5dfb672a4c953bd
481ae4bd77708e55c79012e6d70d9d1b63e1dc4bad828e936158c9ce841de9df
483767d7feafba211de4eaac3ca692d76b0a482970b9df5c479f2693bd919cf3
4d0fee1349b0d0d7b6394a9a6e82fad7824bded94423ac66d143059dce83ca42
4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
52bb2d07b65ec544edeb2a33f4103397a28f036f0d100090f3e17e4364aea1fb
53aaf3175a9c154b8f2e0230b8754717d40ea4a83c13da70300b74d43ef6ad2e
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
569cde2a2d9c46b8a90a8c4296aa45d9f52a146d7b075f9e5dba7fcc2f03ce2c
5ac28fcad95e83b09be2c4ebdce00606ad75b6583f19b6fa33be830ca0a03d29
5fd058e8362e305341a3ff93766fd9e3863bd93e79ef24e04089564e528c5a1c
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
60e9ef6f562510c79d89371184813093860d273ea3042c2e5d64c6130fdfaeb5
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61dbf443c55d4520ece6850161bb3b065eca09965825f3dd3b500273960adfdc
6230cd6d0b1c29fe0a19b4154bd067ae878dc4b7a5159577b19bff9a9f45ad7d
6480d194b98b9fc3e4589a44b7e54b81ad926722e5b6fb7cc236161e2c2e03ac
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
689b906e6cda19dd2560b87f5545a7375e4a36b30bade2c31fc8d78f9fbf8b9e
69bd2df73c3c16a1a57407663d6598ffe1a349461a214c5e2aa816cb0fbcff44
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
749079c4e18ad34ac381e98d3fa23e070937ae17b73e27bb066eae5350ed667d
7514beac6dab757a70713d1a3836adec7eec50ceff5fd05bb6b497a9b19c2a7d
7b10e94594afa869ebb2862e1f712af7edcb8ebc667c9c43893bde95dfa29e52
806687ad6807f32f3b19b78f5e2e6e071faa8e5c64a990a7a5230e2d61691ddd
80cf89ef55bcd0bb8f2774c1047251f30edf7a6be6289904a65417c39e5b7db6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8538fa1e11fa1334100b86b0c251b8ffa0b51f5db3e732c23963053686a93dc7
87d29ebc03c2c2a2090062efabc2ab6fc5b4407ea5c43763f0a3f717d4b23312
8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f73a10773dae7dadd7ca1e735ae7da6028aca748f9d01cff8aeebb462767c6e
90102b36c17b8182fcb580b55b917d4807fb037df4dd104a6815ad305e2bea20
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
98a2fbbfdf666c4b875ed5d04436b77dc3890b85788f085967b51bb0305bbee8
9ab47e489142d1f6f78467ebf7b323e8d5b9ece935e0ee33aefd5ce35827748d
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
9f261f90c20c8016ddfff81b3bc7d78ca0a920d18a538cfd20d9908e5be9c1b2
9f31d63a7a5020a3bd60efc643ea14564a58a9b23a2640375858f535c67a0db5
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a17a5f5ddc3bed1d2ad069d4b85215268db3cc7e5da15b7df02575791dc9b3a7
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a75a5c50db4d5628dad52eb05139bf0677fb4d19d6915f18d267806dbdd810ea
a7ea7543cc6e96ec9891b500171bc117fa6b108fe85172d63ca34414e988b296
a832c8260e96a46ffafd6a06710480191a06d694224528d44366a77e2fa40cf7
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b085e3451c5c297d21e6911304fbfc045ec67a38adb9fbf05140c2065d4e8a06
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b37fae3522c0c7b93a2dd89992c4874599e5450f3c86f46999cd8f9b93ab1f0f
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
b7a8490d7353f4d29b7a7c0e0da1a610d1067d0bfdbb8d88df5764651b9d25fe
b93933d982ee2e682b7cf10170724195f416d1135478316af91e1b4cc46b2d73
b97b6a79b734e9323aa8c3847d0b2a1bb5db32fc6a7df92ac69653d1c8ba13c5
ba17ede1117181a80c53cd062b8888bccf458b5d39978b5078172431c3325a22
bb1c52c7266f930640b42c13b2b8481130cc10518f433f34fb2f461b9eb10405
bdde166deff306398359be7f27da7e1c08c46ff5c348e642515ad26b5abb93f1
c205c874491530a4288b8f643e5da8fbcf7c54bee71bb787f4444e77de90e821
c2ed33a9509ef64f7441ee7b89833407e8e9a84aea81778929388f4023a9f664
c36a45d686bd609a7bd0240140021ad73effe66c9d62b711a3cebe4641a66309
c57e30f3e3440754bfd9c14304db0781d0d1226d5a3b093a4ed015f5007d5c62
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
c707d5798e40035ef5aa307db04e295703514d654b1e65fa62b04492c687c255
c7d5594f3a599ccd0b1a336bb68a24d59882f394bb0b9c9a29c5200cd2b48468
c9d36a7404c88e6076f883969b8e2bdcd51aaea1cdcef8fae21678491ceb2023
ca848bb459064d2d0a527bd0840ec4cbdea5545ab07b8dc7ebb61c8d0cb1a954
cef005a7925817203365e696b47631a1bb7741d6b22f19399f5b958069a09eda
cf66b1a88c1b59fe8d1068ff7ec392816c6a8a43a1d0647bd940591f09974446
d0260a942842dfe2e8de7d78be4aecaa450e9ee0be021d76e6ba13d9f5c92b08
d1ea19a19ec8d6220550ff2184b4c0b90caae3b46865454cc42f803d52d2562e
d2a587e19f85806d8281fe0b47e04157c1b16dafef6f872035dddc66dcb661db
d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795
da9912d4e908e3788e753fe3583a9063c0b65049f82d366fe871f03368f7ce10
dd012b7693a676120164242ce1246f164e9b4b893abc6c7d8400a9c5b90b638e
de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e13547eec8879c9b576c2e06837303ad06ea15905d4eb075291ff21686a5b3da
e29b5ba5c8cfd099c01bbf70aa73fce15d8549c7ecd571719f4d46c1151adf43
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e607e12f4e8f93359d1b30796fdb1da5637c6df1de8fa770f2af6394dae5d858
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e9b96bc538ceb220fc5caff0d0a67916b74cf07b2bada0b3296a17b1b99c9990
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f32b89ca171d5599478d9b1b297caa391f5fd655ec6c0ea512304a584f17070c
f37389df41d9047cdef076a486ed975ef1fb831750250f48c6368e8325b0d139
f3c5e5a0064eec4419f514718f35b3eb4ff163a77ebf16445041f5498a84638b
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fb4a1ce6dfcba35211052403191f739a43aafef3ebab7af5e3866d02da0e60fe
fbe1195fcfa4164bc6cac9b2a0a18c998b6a250e73a23c4d677d68a4c3ed3884
fc6d46c23ccc1b5a8fbcf050c1e8768973e6b7c5fc0c63094634ee4b7e09e7f3
fd8cd01ccf932584b849e4f349b58841f1d2414be0b913d7147cb415df1d2255
febaf4a1ace567d9e1c2a64b9721eaa47cb418db39c8869b38ecd480bdfde322