reurl.cc Open in urlscan Pro
35.194.141.193 Public Scan

URL:
https://reurl.cc/dVk4GD
Submission: On June 04 via api (June 4th 2021, 9:26:40 am UTC) from IL

Summary HTTP 193 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 45 IPs in 9 countries across 30 domains to perform 193 HTTP transactions. The main IP is 35.194.141.193, located in New Taipei, Taiwan and belongs to GOOGLE, US. The main domain is reurl.cc.
TLS certificate: Issued by R3 on May 12th 2021. Valid for: 3 months.

This is the only time reurl.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	35.194.141.193 35.194.141.193	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:1b:... 2a04:4e42:1b::621	54113 (FASTLY) (FASTLY)
4	35.190.35.45 35.190.35.45	15169 (GOOGLE) (GOOGLE)
11	52.222.149.125 52.222.149.125	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
5	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
42	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:400c:c08::9d	15169 (GOOGLE) (GOOGLE)
1 3	162.210.196.208 162.210.196.208	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
2	2606:4700:20:... 2606:4700:20::681a:567	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1288:80:... 2a00:1288:80:800::7000	203220 (YAHOO-DEB) (YAHOO-DEB)
2	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
3	212.82.100.146 212.82.100.146	34010 (YAHOO-IRD) (YAHOO-IRD)
3	2a00:1288:110... 2a00:1288:110:c204::b000	34010 (YAHOO-IRD) (YAHOO-IRD)
2 5	192.96.200.41 192.96.200.41	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
2 6	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	103.132.192.30 103.132.192.30	138552 (RTBHOUSE-...) (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD.)
1	54.178.71.123 54.178.71.123	16509 (AMAZON-02) (AMAZON-02)
2	210.59.219.181 210.59.219.181	3462 (HINET Dat...) (HINET Data Communication Business Group)
2	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
15	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	210.59.219.180 210.59.219.180	3462 (HINET Dat...) (HINET Data Communication Business Group)
8	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
4	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
12	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
2 7	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
4	210.59.219.175 210.59.219.175	3462 (HINET Dat...) (HINET Data Communication Business Group)
2 2	2.19.35.65 2.19.35.65	16625 (AKAMAI-AS) (AKAMAI-AS)
4	104.111.230.142 104.111.230.142	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
1 3	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	18.193.131.224 18.193.131.224	16509 (AMAZON-02) (AMAZON-02)
1	66.155.71.25 66.155.71.25	13768 (COGECO-PEER1) (COGECO-PEER1)
2 2	213.155.156.169 213.155.156.169	1299 (TELIANET ...) (TELIANET Telia Carrier)
2 2	3.121.70.57 3.121.70.57	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:803::2006	15169 (GOOGLE) (GOOGLE)
1 2	35.201.76.93 35.201.76.93	15169 (GOOGLE) (GOOGLE)
193	45

5 35.194.141.193 (New Taipei, Taiwan)

ASN15169 (GOOGLE, US)
PTR: 193.141.194.35.bc.googleusercontent.com

reurl.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:1b::621 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.190.35.45 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 45.35.190.35.bc.googleusercontent.com

ad.sitemaji.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 52.222.149.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-149-125.cdg52.r.cloudfront.net

img.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
scontent-frx5-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.210.196.208 (Falls Church, United States) 1 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

agent.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hb.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:567 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.aralego.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

scontent-frt3-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1288:80:800::7000 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 212.82.100.146 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
PTR: media-router-flurry71.prod.media.vip.ir2.yahoo.com

ads.yap.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1288:110:c204::b000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)

geo.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 192.96.200.41 (United States) 2 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

ads.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:2638:1::13 (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)

prebid-asia.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.178.71.123 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)

ad.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 210.59.219.181 (Taoyuan District, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)

prebid.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

external-frt3-2.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 210.59.219.180 (Taoyuan District, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)

bw.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 216.58.212.130 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 210.59.219.175 (Taoyuan District, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)

rec.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.19.35.65 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.111.230.142 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.165 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.193.131.224 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.169 (Sweden) 2 redirects

ASN1299 (TELIANET Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.121.70.57 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.76.93 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)

c.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	facebook.com www.facebook.com	834 KB
27	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	358 KB
19	scupio.com img.scupio.com prebid.scupio.com bw.scupio.com rec.scupio.com	225 KB
15	doubleclick.net 2 redirects stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	54 KB
12	criteo.com 2 redirects gum.criteo.com mug.criteo.com bidder.criteo.com	6 KB
9	rubiconproject.com 3 redirects secure-assets.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com pixel.rubiconproject.com	22 KB
9	fbcdn.net scontent-frt3-1.xx.fbcdn.net scontent-frx5-1.xx.fbcdn.net static.xx.fbcdn.net external-frt3-2.xx.fbcdn.net	232 KB
8	gstatic.com www.gstatic.com fonts.gstatic.com	112 KB
8	aralego.com 3 redirects agent.aralego.com ads.aralego.com hb.aralego.com sync.aralego.com	3 KB
7	google.com 2 redirects www.google.com adservice.google.com	2 KB
6	yahoo.com ads.yap.yahoo.com geo.yahoo.com	2 KB
5	reurl.cc reurl.cc	6 KB
4	criteo.net static.criteo.net	107 KB
4	googletagservices.com www.googletagservices.com	129 KB
4	googleapis.com ajax.googleapis.com fonts.googleapis.com	68 KB
4	sitemaji.com ad.sitemaji.com	22 KB
3	holmesmind.com 1 redirects ad.holmesmind.com c.holmesmind.com	983 B
3	yimg.com s.yimg.com	83 KB
3	google.de www.google.de adservice.google.de	1 KB
2	3lift.com 2 redirects eb2.3lift.com	946 B
2	de17a.com 2 redirects d5p.de17a.com	722 B
2	w55c.net 2 redirects pm.w55c.net	2 KB
2	creativecdn.com prebid-asia.creativecdn.com	352 B
2	aralego.net cdn.aralego.net	40 KB
2	facebook.net connect.facebook.net	35 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	jsdelivr.net cdn.jsdelivr.net	54 KB
1	2mdn.net s0.2mdn.net	396 B
1	sitescout.com pixel-sync.sitescout.com	191 B
0	netmng.com Failed google2waycm.netmng.com Failed
193	30

	Domain	Requested by
42	www.facebook.com	reurl.cc www.facebook.com img.scupio.com
15	pagead2.googlesyndication.com	img.scupio.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
12	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
11	img.scupio.com	reurl.cc img.scupio.com
7	cm.g.doubleclick.net	2 redirects googleads.g.doubleclick.net
7	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
6	gum.criteo.com	2 redirects static.criteo.net
5	external-frt3-2.xx.fbcdn.net	reurl.cc
5	www.google.com	2 redirects reurl.cc tpc.googlesyndication.com
5	reurl.cc	reurl.cc
4	fonts.gstatic.com	fonts.googleapis.com
4	sync.aralego.com	2 redirects img.scupio.com
4	eus.rubiconproject.com	reurl.cc eus.rubiconproject.com
4	rec.scupio.com	img.scupio.com
4	www.gstatic.com	googleads.g.doubleclick.net
4	static.criteo.net	img.scupio.com static.criteo.net
4	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	mug.criteo.com
4	ad.sitemaji.com	reurl.cc ad.sitemaji.com
3	geo.yahoo.com	reurl.cc s.yimg.com
3	ads.yap.yahoo.com	s.yimg.com
3	s.yimg.com	ad.sitemaji.com
2	c.holmesmind.com	1 redirects
2	eb2.3lift.com	2 redirects
2	d5p.de17a.com	2 redirects
2	pm.w55c.net	2 redirects
2	token.rubiconproject.com	eus.rubiconproject.com
2	secure-assets.rubiconproject.com	2 redirects
2	fonts.googleapis.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	bw.scupio.com	ajax.googleapis.com
2	bidder.criteo.com	img.scupio.com
2	prebid.scupio.com	img.scupio.com
2	hb.aralego.com	img.scupio.com
2	prebid-asia.creativecdn.com	img.scupio.com
2	ajax.googleapis.com	img.scupio.com
2	scontent-frx5-1.xx.fbcdn.net	www.facebook.com reurl.cc
2	cdn.aralego.net	reurl.cc agent.aralego.com
2	connect.facebook.net	reurl.cc connect.facebook.net
2	www.google-analytics.com	reurl.cc www.google-analytics.com
2	cdn.jsdelivr.net	reurl.cc
1	s0.2mdn.net	googleads.g.doubleclick.net
1	pixel.rubiconproject.com	1 redirects
1	pixel-sync.sitescout.com	googleads.g.doubleclick.net
1	ad.holmesmind.com	img.scupio.com
1	static.xx.fbcdn.net	www.facebook.com
1	ads.aralego.com	agent.aralego.com
1	www.google.de	reurl.cc
1	scontent-frt3-1.xx.fbcdn.net	www.facebook.com
1	agent.aralego.com	1 redirects
1	stats.g.doubleclick.net	www.google-analytics.com
0	google2waycm.netmng.com Failed	googleads.g.doubleclick.net
193	53

This site contains links to these domains. Also see Links.

Domain
youtils.cc
stockinfo.tw

Subject Issuer	Validity	Valid
reurl.cc R3	`2021-05-12` - `2021-08-10`	3 months	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-05-18` - `2022-03-26`	10 months	crt.sh
feebee.com.tw R3	`2021-04-03` - `2021-07-02`	3 months	crt.sh
*.scupio.com Sectigo RSA Organization Validation Secure Server CA	`2019-10-15` - `2021-10-28`	2 years	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-05-26` - `2021-08-24`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-05-10` - `2021-08-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-05-10` - `2021-08-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-19` - `2021-07-19`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
*.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-05-03` - `2021-06-23`	2 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-10` - `2021-08-02`	3 months	crt.sh
*.gw.flurry.com DigiCert SHA2 High Assurance Server CA	`2021-02-02` - `2021-07-27`	6 months	crt.sh
analytics.query.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-08` - `2021-09-01`	6 months	crt.sh
*.aralego.com Sectigo RSA Domain Validation Secure Server CA	`2019-09-23` - `2021-11-21`	2 years	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-04-14` - `2021-07-12`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-30` - `2022-04-12`	a year	crt.sh
*.holmesmind.com Go Daddy Secure Certificate Authority - G2	`2021-05-18` - `2022-06-19`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-04-14` - `2021-07-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-01` - `2022-04-04`	a year	crt.sh
*.sitescout.com RapidSSL RSA CA 2018	`2020-01-15` - `2022-02-02`	2 years	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh

This page contains 29 frames:

Primary Page: https://reurl.cc/dVk4GD
Frame ID: F0A98A850024E0517AE0130FB7D1686F
Requests: 22 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FCreditCards.com.tw%252F%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId
Frame ID: BB21142B2C7ECB4F049FE8133EA2F0FE
Requests: 50 HTTP requests in this frame

Frame: https://img.scupio.com/html/ad.html?v=1.0.56
Frame ID: AA4E48ED7AEC40D9C2FC620B14604DFC
Requests: 16 HTTP requests in this frame

Frame: https://img.scupio.com/html/ad.html?v=1.0.56
Frame ID: EAFCB606F6165FAF39AA7ACAA89C5C14
Requests: 14 HTTP requests in this frame

Frame: https://ad.sitemaji.com/native/reurl_passback.js?s=728x90_pc
Frame ID: D4EF91F2C78286D8BEC901027747FAFE
Requests: 4 HTTP requests in this frame

Frame: https://ad.sitemaji.com/native/reurl_passback.js?s=300x250_mobile
Frame ID: B6FEE8C2E40448D7CC9E71E46CF5ADD0
Requests: 4 HTTP requests in this frame

Frame: https://ad.sitemaji.com/native/reurl_passback.js?s=300x250_mobile
Frame ID: A4FC2AD8D5F8126F1CD73E737DC9B482
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: 169A485A27993CC28E8EC03E79F54161
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210601/r20190131/zrt_lookup.html
Frame ID: 17AD35AAF3944CF9A71480DCDCD2BEB7
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: F8D80D91A47B98D1A5C13C7B1061B36E
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4866695676912380&output=html&h=250&slotname=reurl&adk=865550918&adf=3407277732&pi=t.ma~as.reurl&w=970&psa=0&format=970x250&url=https%3A%2F%2Freurl.cc%2FdVk4GD&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622798782435&bpp=7&bdt=1348&idt=95&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=402749091692&frm=24&ife=1&pv=2&ga_vid=274011366.1622798783&ga_sid=1622798783&ga_hid=909289244&ga_fc=0&nhd=2&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=970&ish=250&ifk=4230864728&scr_x=-12245933&scr_y=-12245933&eid=42530671%2C31060957&oid=3&pvsid=120294165101910&loc=EMPTY&top=https%3A%2F%2Freurl.cc%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.k104k7u72974&fsb=1&dtd=144
Frame ID: 4CDDA0DF6C367411235D75E4D43615B0
Requests: 12 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: 344ECAAEEB37EDA9CB38D489AFDBC4C2
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: F1FCB595B8A49C05DEBA40871EE65839
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: F07DDD35069C37536B1CEED06208E1A6
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4DC37301990C577E6F66744BF5B20DAF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4866695676912380&output=html&h=250&slotname=reurl&adk=2500528001&adf=3407277731&pi=t.ma~as.reurl&w=300&psa=0&format=300x250&url=https%3A%2F%2Freurl.cc%2FdVk4GD&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622798782787&bpp=3&bdt=1858&idt=401&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=6719037076985&frm=24&ife=1&pv=2&ga_vid=960483536.1622798783&ga_sid=1622798783&ga_hid=1788331782&ga_fc=0&nhd=2&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2168095294&scr_x=-12245933&scr_y=-12245933&oid=3&pvsid=1345593370481673&loc=EMPTY&top=https%3A%2F%2Freurl.cc%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.34eemjjfko42&fsb=1&dtd=435
Frame ID: D4329756949A5A353535A9A75B9CA0A2
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 16C5CF43F760AB9BE0E11F30606856C6
Requests: 2 HTTP requests in this frame

Frame: https://img.scupio.com/html/ls.html
Frame ID: 5688B63AA5E29F6AD6FE688D3464355E
Requests: 1 HTTP requests in this frame

Frame: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEPCkqKa2FmnqkL_rD-WS7jQ&google_cver=1&google_ula=3918219,0
Frame ID: 20ECC5F8700B587790796F856E2C69A4
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Frame ID: C0068B1B5CFFBBE31A5DE9FFB3E83D3B
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 4D540B62CD319CADF865B1A8F975FD7D
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 293001A64C8BCC5DBC624747AF1EE0E5
Requests: 1 HTTP requests in this frame

Frame: https://img.scupio.com/html/ls.html
Frame ID: 61156BE5FB6C6AB3813E872D7ADEB21F
Requests: 1 HTTP requests in this frame

Frame: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEPCkqKa2FmnqkL_rD-WS7jQ&google_cver=1&google_ula=3918219,0
Frame ID: AFCAA330DE2D6B650B4BEE7CDCE40800
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Frame ID: 3246DD43A9B14B83CBCB46F99A6A0479
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js
Frame ID: AD4B06244CDDC6046D490FF6051B3409
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: EF9531CB239F8877FD1134FBE4AD8559
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8E8D3AFF9FA8422A956E50E94462AC3D
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js
Frame ID: BE2B0BB0131FBA5CBE3996128D33978B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Ubuntu (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Ubuntu/i

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

script /(?:\/([\d.]+))?\/vue(?:\.min)?\.js/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

193
Requests

99 %
HTTPS

54 %
IPv6

30
Domains

53
Subdomains

45
IPs

9
Countries

2411 kB
Transfer

7309 kB
Size

0
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://youtils.cc/big5gb
Title: Exit

Search URL Search Domain Scan URL

URL: https://youtils.cc/emoji
Title: emoji

Search URL Search Domain Scan URL

URL: https://youtils.cc/geoip
Title: Geo IP

Search URL Search Domain Scan URL

URL: https://youtils.cc/qrcode
Title: QRCode

Search URL Search Domain Scan URL

URL: https://youtils.cc/length
Title: length Calculator

Search URL Search Domain Scan URL

URL: https://stockinfo.tw/
Title: Taiwan Stock

Search URL Search Domain Scan URL

URL: https://youtils.cc/wordcounter/zh-Hants
Title: Word Counter

Search URL Search Domain Scan URL

URL: https://youtils.cc/password/zh-Hants
Title: Password generator

Search URL Search Domain Scan URL

URL: https://youtils.cc/dateCalculator
Title: Date Calculator

Search URL Search Domain Scan URL

URL: https://youtils.cc/lunarCalendar
Title: Lunar Calendar

Search URL Search Domain Scan URL

URL: https://youtils.cc/utm
Title: UTM tool

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20

https://agent.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 80

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1 HTTP 302
https://mug.criteo.com/sid?cpp=rKLCLHwybDBQWE83NXdxeGJ0dk43U3BLZ2RTc3c1dk9GRnlKWGFrRStubXozbFhMMkJDR2EzbFJRS3lmMlcweHJsd0hIN3U0NGNIc3FQMUExeE5rbmI5NG1OT3RObC81OTZpczNMb3BnZEFrZllaenpleDh0VnIvcXYxeFFCbnJWWGhyQmpZL2NpVi9YWUovMXNrREMycHpZS1IwN3orUzByZ200c3RxZTlSMXIyaHVrSGhNcHJZd0RDNFliSS8veWtNaEt4NWkrWjVEYlBVak40b3R5QUNhL1lBUmdYNGV4MVpRWEtmckpjb09lcTZvPXw&cppv=2

Request Chain 89

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1 HTTP 302
https://mug.criteo.com/sid?cpp=z4OfQXxOVjBqbWNmUDVXSVFnSDlPVHkydnRKcTVYeVlZajR0V0sxV05EelByaXR4NjUreVcwZnlHTWx1RTkvU1VoNkN3cEZkajlyR05ZMjYxUXJoOU5CdG9odkhJREhaaEFPVmhYaS9MWFliSE1KWG84UktYcFhwVzB0bHBWYmZFQW1rdXhKSGN6TXdnbzFDTW9abDliT2ZsRDd5K3NxSVpGN2Rha3RCUkZsajdPSTJwa3ZBWVhhSzZVYlBERGhUQ095K1JHM0EzSlNtSVZJRkxCSTdHRkY0NlVvaGtkYlpkelRtQk1mQjRPL1BONk1JPXw&cppv=2

Request Chain 145

https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q0NBMjAyMTA2MDQxNzI2MjMyNzg5MA%3d%3d&layout=js HTTP 302
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEPCkqKa2FmnqkL_rD-WS7jQ&google_cver=1&google_ula=3918219,0

Request Chain 146

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac HTTP 301
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac

Request Chain 148

https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CCA2021060417262327890 HTTP 302
https://rec.scupio.com/recweb/uxid.aspx?id=UCFUID

Request Chain 154

https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q05BMjAyMTA2MDQxNzI2MjM5MTY5NzE%3d&layout=js HTTP 302
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEPCkqKa2FmnqkL_rD-WS7jQ&google_cver=1&google_ula=3918219,0

Request Chain 155

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac HTTP 301
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac

Request Chain 157

https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CNA20210604172623916971 HTTP 302
https://rec.scupio.com/recweb/uxid.aspx?id=UCFUID

Request Chain 168

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 181

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGEqcqQCgjpTmSzZyPWKRnc&google_cver=1&google_push=AQvitUIYrKOJYy00oUS0q9lnHP2kv9hFDunjNhMj0DWALhk-lUbeeihswFf0kFKcf03Couxqrko3BqAH8YPzaRKo6-Oir5GgzN0D HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGEqcqQCgjpTmSzZyPWKRnc&google_cver=1&google_push=AQvitUIYrKOJYy00oUS0q9lnHP2kv9hFDunjNhMj0DWALhk-lUbeeihswFf0kFKcf03Couxqrko3BqAH8YPzaRKo6-Oir5GgzN0D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NDlQamduNGMxTFA2NVc1&google_gid=CAESEGEqcqQCgjpTmSzZyPWKRnc&google_cver=1&google_push=AQvitUIYrKOJYy00oUS0q9lnHP2kv9hFDunjNhMj0DWALhk-lUbeeihswFf0kFKcf03Couxqrko3BqAH8YPzaRKo6-Oir5GgzN0D

Request Chain 183

https://d5p.de17a.com/cookies/google?google_gid=CAESENHmGwbIz8KxMNDMHGd4Mn0&google_cver=1&google_push=AQvitUKkpYc5KV1VATvF8WQ1RIyW6k-cumiylhJcHK5ec3xQLYsU043L0E6XVn6QWfe6PWyNt7bS7E99MHglphCDc_ccg2Ml2Xh4 HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESENHmGwbIz8KxMNDMHGd4Mn0&google_cver=1&google_push=AQvitUKkpYc5KV1VATvF8WQ1RIyW6k-cumiylhJcHK5ec3xQLYsU043L0E6XVn6QWfe6PWyNt7bS7E99MHglphCDc_ccg2Ml2Xh4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AQvitUKkpYc5KV1VATvF8WQ1RIyW6k-cumiylhJcHK5ec3xQLYsU043L0E6XVn6QWfe6PWyNt7bS7E99MHglphCDc_ccg2Ml2Xh4

Request Chain 184

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEonGRDrN1O41H0R5uIF_9U&google_cver=1&google_push=AQvitUL3KssD2s-pc8yBj2SmDEZBcBZRJb9kypmAawj53-5kY0Z5xuKZYwO1Y7pByI1z0Y3pzIRgOcZbAN1jXXH0Jpyqp0YJ0JkB HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BJNEhWWlAtSy1BRTI3&google_push=AQvitUL3KssD2s-pc8yBj2SmDEZBcBZRJb9kypmAawj53-5kY0Z5xuKZYwO1Y7pByI1z0Y3pzIRgOcZbAN1jXXH0Jpyqp0YJ0JkB

Request Chain 185

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEMRqppqDK9JrGoB8kXMscdU&google_cver=1&google_push=AQvitUIQu3IkGxB3SJZzNtAZluyhkdlTFhs2G7yG2cSpCesWXiZdW-JosUOWqDodiV5U1Jm6PGJQFdFuFzKjlEe2owIjtJfyXFpz HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AQvitUIQu3IkGxB3SJZzNtAZluyhkdlTFhs2G7yG2cSpCesWXiZdW-JosUOWqDodiV5U1Jm6PGJQFdFuFzKjlEe2owIjtJfyXFpz&google_gid=CAESEMRqppqDK9JrGoB8kXMscdU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTUwNzc1MDU4ODQ2MDY3NzEyMDY%3D&google_push=AQvitUIQu3IkGxB3SJZzNtAZluyhkdlTFhs2G7yG2cSpCesWXiZdW-JosUOWqDodiV5U1Jm6PGJQFdFuFzKjlEe2owIjtJfyXFpz

Request Chain 188

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 195

https://c.holmesmind.com/cm HTTP 302
https://c.holmesmind.com/cm?tc=getIn&

193 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request dVk4GD Show response
reurl.cc/ 6 KB
2 KB 1102ms
277ms Document
text/html 35.194.141.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://reurl.cc/dVk4GD

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.194.141.193 New Taipei, Taiwan, ASN15169 (GOOGLE, US),

Reverse DNS

193.141.194.35.bc.googleusercontent.com

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

d7c2a1123a318a031d8d2789689dce160809315e81c2729bca8f5846acbab759

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Host: reurl.cc
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx/1.4.6 (Ubuntu)
Date: Fri, 04 Jun 2021 09:26:18 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Target: https://carnival.kim/wp-admin/maint/wp-admin/me/new
X-Frame-Options: DENY
Content-Encoding: gzip

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/ 152 KB
23 KB 8ms
6ms Stylesheet
text/css 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/bootstrap.min.css

Requested by

Host: reurl.cc
URL: https://reurl.cc/dVk4GD

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 2530587
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 23235
etag: W/"2606e-bhA1SChFSJj9qA9V897LNH/Z7SE"
x-served-by: cache-fra19151-FRA, cache-hhn4057-HHN
date: Fri, 04 Jun 2021 09:26:18 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK style.css
reurl.cc/stylesheets/rwd/ 3 KB
1 KB 275ms
273ms Stylesheet
text/css 35.194.141.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://reurl.cc/stylesheets/rwd/style.css?v=1

Requested by

Host: reurl.cc
URL: https://reurl.cc/dVk4GD

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.194.141.193 New Taipei, Taiwan, ASN15169 (GOOGLE, US),

Reverse DNS

193.141.194.35.bc.googleusercontent.com

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

5e2a05c6eea350731529c9f67503f4728eaa971f74f3657faa3e00af27744058

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: reurl.cc
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://reurl.cc/dVk4GD
Connection: keep-alive
Referer: https://reurl.cc/dVk4GD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 04 Jun 2021 09:26:18 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Apr 2021 03:15:11 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Frame-Options: DENY
Content-Type: text/css
Cache-Control: max-age=31536000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 04 Jun 2022 09:26:18 GMT

GET
H/1.1 200
OK ga.js Show response
reurl.cc/javascripts/ 384 B
650 B 548ms
272ms Script
application/x-javascript 35.194.141.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://reurl.cc/javascripts/ga.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/dVk4GD

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.194.141.193 New Taipei, Taiwan, ASN15169 (GOOGLE, US),

Reverse DNS

193.141.194.35.bc.googleusercontent.com

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

0f339cf9e117cb1612e7079c0a02fcc2ef26d9ffc19c93d0370d10bf81bb714f

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: reurl.cc
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://reurl.cc/dVk4GD
Connection: keep-alive
Referer: https://reurl.cc/dVk4GD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 04 Jun 2021 09:26:18 GMT
Content-Encoding: gzip
Last-Modified: Mon, 05 Apr 2021 04:09:29 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Frame-Options: DENY
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 04 Jun 2022 09:26:18 GMT

GET
H/1.1 200
OK pixel.js Show response
reurl.cc/javascripts/ 470 B
709 B 810ms
270ms Script
application/x-javascript 35.194.141.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://reurl.cc/javascripts/pixel.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/dVk4GD

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.194.141.193 New Taipei, Taiwan, ASN15169 (GOOGLE, US),

Reverse DNS

193.141.194.35.bc.googleusercontent.com

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

6e9ab8ab1d57a0695a66577e348ae4343e1a92f70cb4835a52c4863f11114037

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: reurl.cc
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://reurl.cc/dVk4GD
Connection: keep-alive
Referer: https://reurl.cc/dVk4GD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 04 Jun 2021 09:26:19 GMT
Content-Encoding: gzip
Last-Modified: Mon, 05 Apr 2021 04:09:29 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Frame-Options: DENY
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 04 Jun 2022 09:26:19 GMT

GET
H2 200 ysm_reurl.js Show response
ad.sitemaji.com/ 17 KB
6 KB 308ms
54ms Script
application/javascript 35.190.35.45
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/ysm_reurl.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/dVk4GD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.35.45 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 45.35.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 8290d97b04510b940ddca9f2aea802eaafb36fc7a8f52e4466ed2b77db35c632

Request headers

Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Jun 2021 21:30:12 GMT
content-encoding: br
last-modified: Thu, 20 Jun 2019 08:55:05 GMT
age: 42967
etag: W/"5d0b49e9-4488"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: clear
content-length: 5880
via: AmigoCDN 1.0, 1.1 google
expires: Fri, 04 Jun 2021 21:30:12 GMT

GET
H2 200 ad.js Show response
img.scupio.com/js/ 41 KB
15 KB 290ms
35ms Script
application/javascript 52.222.149.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/ad.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/dVk4GD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.149.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-149-125.cdg52.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 7631df25a6c91e5968fe75cd7a4abfde21a1f4e574bfb7e04b659491d4a08e2b

Request headers

Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 09:23:57 GMT
content-encoding: gzip
last-modified: Mon, 24 May 2021 02:27:22 GMT
server: nginx/1.12.1
age: 252
etag: W/"60ab0f0a-a4d5"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=900
x-amz-cf-pop: CDG52-P1
x-amz-cf-id: ZHWpObFBJjvy6eEX59bJDu9L4TqFKDoKZ_AgkATxKwn5e7UxBfnR2Q==
via: 1.1 07cb86faf6a141962da4e2d7c85db039.cloudfront.net (CloudFront)
expires: Fri, 04 Jun 2021 09:37:07 GMT

GET
H2 200 vue.min.js Show response
cdn.jsdelivr.net/npm/vue@2.5.16/dist/ 84 KB
31 KB 8ms
7ms Script
application/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/vue@2.5.16/dist/vue.min.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/dVk4GD

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 4612505
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 31634
etag: W/"151b4-KLsckeN7U/TrtIzkgtzLJAAD4Hg"
x-served-by: cache-fra19180-FRA, cache-hhn4057-HHN
date: Fri, 04 Jun 2021 09:26:18 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK loading.js Show response
reurl.cc/javascripts/ 240 B
519 B 833ms
289ms Script
application/x-javascript 35.194.141.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://reurl.cc/javascripts/loading.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/dVk4GD

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.194.141.193 New Taipei, Taiwan, ASN15169 (GOOGLE, US),

Reverse DNS

193.141.194.35.bc.googleusercontent.com

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

25355805f44af99037c6b951f9afd762f5fd74eb126aba4b2f82cafa563c0f90

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: reurl.cc
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://reurl.cc/dVk4GD
Connection: keep-alive
Referer: https://reurl.cc/dVk4GD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 04 Jun 2021 09:26:19 GMT
Content-Encoding: gzip
Last-Modified: Mon, 05 Apr 2021 04:09:29 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Frame-Options: DENY
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 04 Jun 2022 09:26:19 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 34ms
6ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/javascripts/ga.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 896
date: Fri, 04 Jun 2021 09:11:23 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Fri, 04 Jun 2021 11:11:23 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 92 KB
24 KB 35ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/javascripts/pixel.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3ba5369627fc324f2d2c47f44c8da30769d2a3ccbe8110b9bd5eec9585e42a09

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 24155
x-fb-rlafr: 0
pragma: public
x-fb-debug: U3gJXnkTbm8NX0tLY30oS5oOnHjZppUtxr65Hmin7tKliX5D6xrvCjJnolFuo6h6NSR/ceeAKd2JIOT7HquWBg==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 04 Jun 2021 09:26:19 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 page.php Show response
www.facebook.com/plugins/ Frame BB21 99 KB
27 KB 86ms
84ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId

Requested by

Host: reurl.cc
URL: https://reurl.cc/dVk4GD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d37a6901619ec42190ea9b36e153de71fab7719be09fea13f77d577560d8a789

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://reurl.cc/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://reurl.cc/

Response headers

cache-control: private, no-cache, no-store, must-revalidate
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
x-xss-protection: 0
content-encoding: br
x-content-type-options: nosniff
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}
strict-transport-security: max-age=15552000; preload
expires: Sat, 01 Jan 2000 00:00:00 GMT
vary: Accept-Encoding
pragma: no-cache
x-fb-rlafr: 0
content-type: text/html; charset="utf-8"
x-fb-debug: 7m3dm1aM1q+NTm6GNnn9ldmeA7NKB/yMlQ8bZYgVEJJmuH3KcSVAzAX/hKX3TgJVU7Vwac+q/J9EFXbhLj+kRQ==
date: Fri, 04 Jun 2021 09:26:19 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H3-29 200 1675200226052423 Show response
connect.facebook.net/signals/config/ 40 KB
11 KB 84ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1675200226052423?v=2.9.40&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4402f4de4890a32a86c7ff5aa64e88ef55ef450a757094c6f078a78bb7e85462

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 11579
x-fb-rlafr: 0
pragma: public
x-fb-debug: BUDiiycc5Sq4/uB7qFTBRStWxHJHjcFxCeiArpIfrLAZIBOlF77xbYWl3buhCxIHaK4EcQ5Y3zdf8MAeejs60w==
x-frame-options: DENY
date: Fri, 04 Jun 2021 09:26:19 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 27ms
27ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1599505150&t=pageview&_s=1&dl=https%3A%2F%2Freurl.cc%2FdVk4GD&ul=en-us&de=UTF-8&dt=Regions%20Online%20Banking%20-%20Log%20in%20to%20your%20accounts%20%7C%20Regions&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=892686030&gjid=688863623&cid=569164089.1622798780&tid=UA-102456694-1&_gid=19027583.1622798780&_r=1&_slc=1&z=1599284291

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 09:26:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
124 B 313ms
11ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1675200226052423&ev=PageView&dl=https%3A%2F%2Freurl.cc%2FdVk4GD&rl=&if=false&ts=1622798779678&sw=1600&sh=1200&v=2.9.40&r=stable&ec=0&o=28&fbp=fb.1.1622798779642.1030347341&it=1622798779520&coo=false&exp=l0&rqm=GET

Requested by

Host: reurl.cc
URL: https://reurl.cc/dVk4GD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 09:26:19 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 04 Jun 2021 09:26:19 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
83 B 17ms
17ms XHR
text/plain 2a00:1450:400c:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-102456694-1&cid=569164089.1622798780&jid=892686030&gjid=688863623&_gid=19027583.1622798780&_u=IEBAAEAAAAAAAC~&z=1832347361

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 04 Jun 2021 09:26:19 GMT
content-type: text/plain
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 17229.json Show response
img.scupio.com/js/config/ 451 B
842 B 90ms
34ms XHR
application/json 52.222.149.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/config/17229.json?v=1.0.3812
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.149.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-149-125.cdg52.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 807dbe67096ff3e547c4d0f97508ece342dc775a3c28139330218d45eec16e4b

Request headers

Accept: application/json, text/javascript, */*
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 04 Jun 2021 09:23:41 GMT
via: 1.1 efde5be81ce9c9a89c77d96186504847.cloudfront.net (CloudFront)
last-modified: Tue, 20 Apr 2021 01:11:40 GMT
server: nginx/1.12.1
age: 368
etag: "607e2a4c-1c3"
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=10800
x-amz-cf-pop: CDG52-P1
accept-ranges: bytes
content-length: 451
x-amz-cf-id: e7Hfj5Vgg85eNcgCq1PFdBeYftfVB4XrBbS24kw8jx6Ke3jum5HOFQ==
expires: Fri, 04 Jun 2021 12:20:10 GMT

GET
H2 200 ad.html Show response
img.scupio.com/html/ Frame AA4E 35 KB
14 KB 41ms
41ms Document
text/html 52.222.149.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/html/ad.html?v=1.0.56
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.149.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-149-125.cdg52.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 3dd06f5770208f248296cdb0ed209a423046889337177f4c0394b220f42c5504

Request headers

:method: GET
:authority: img.scupio.com
:scheme: https
:path: /html/ad.html?v=1.0.56
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://reurl.cc/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://reurl.cc/

Response headers

content-type: text/html; charset=utf-8
server: nginx/1.12.1
last-modified: Mon, 03 May 2021 06:16:34 GMT
access-control-allow-origin: *
content-encoding: gzip
date: Fri, 04 Jun 2021 08:58:56 GMT
expires: Fri, 04 Jun 2021 14:58:56 GMT
cache-control: max-age=21600
etag: W/"608f9542-8d2b"
x-cache: Hit from cloudfront
via: 1.1 07cb86faf6a141962da4e2d7c85db039.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG52-P1
x-amz-cf-id: w5EIm4_LlS5TUMTnUD-hsfDwQm3dZMxfmfJFbvznUAtBOTpufVj9Kw==
age: 1644

GET
H2 200 17253.json Show response
img.scupio.com/js/config/ 402 B
793 B 72ms
34ms XHR
application/json 52.222.149.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/config/17253.json?v=1.0.3812
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.149.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-149-125.cdg52.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 1a5ccc70cf48628d26dc3088445f2bef87a16277341aaf2d5aaa3b45f03b5291

Request headers

Accept: application/json, text/javascript, */*
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 04 Jun 2021 09:23:41 GMT
via: 1.1 efde5be81ce9c9a89c77d96186504847.cloudfront.net (CloudFront)
last-modified: Tue, 13 Apr 2021 07:40:54 GMT
server: nginx/1.12.1
age: 242
etag: "60754b06-192"
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=10800
x-amz-cf-pop: CDG52-P1
accept-ranges: bytes
content-length: 402
x-amz-cf-id: P_GXWJqHHPndDZiLSbBmHnXBwbZ_2l_t-n40M4VWO6_lBQdCuMAnXA==
expires: Fri, 04 Jun 2021 12:22:17 GMT

GET
H2 200 ad.html Show response
img.scupio.com/html/ Frame EAFC 35 KB
14 KB 40ms
40ms Document
text/html 52.222.149.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/html/ad.html?v=1.0.56
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.149.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-149-125.cdg52.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 3dd06f5770208f248296cdb0ed209a423046889337177f4c0394b220f42c5504

Request headers

:method: GET
:authority: img.scupio.com
:scheme: https
:path: /html/ad.html?v=1.0.56
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://reurl.cc/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://reurl.cc/

Response headers

content-type: text/html; charset=utf-8
server: nginx/1.12.1
last-modified: Mon, 03 May 2021 06:16:34 GMT
access-control-allow-origin: *
content-encoding: gzip
date: Fri, 04 Jun 2021 08:58:56 GMT
expires: Fri, 04 Jun 2021 14:58:56 GMT
cache-control: max-age=21600
etag: W/"608f9542-8d2b"
x-cache: Hit from cloudfront
via: 1.1 07cb86faf6a141962da4e2d7c85db039.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG52-P1
x-amz-cf-id: kEKuZxgxw7yCcs5FAL87vh5W3tyEWi2wkgC-RLDRqzKxtpaaAUg9CQ==
age: 1644

GET
H2 200 reurl_passback.js Show response
ad.sitemaji.com/native/ Frame D4EF 15 KB
5 KB 21ms
21ms Script
application/javascript 35.190.35.45
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/native/reurl_passback.js?s=728x90_pc
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_reurl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.35.45 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 45.35.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 9106df425157d837db9798b2b26f25f27f9a4e803f2fb0b2851c88492bec14fd

Request headers

Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 07:29:02 GMT
content-encoding: br
last-modified: Thu, 29 Aug 2019 10:21:02 GMT
age: 7037
etag: W/"5d67a70e-3bbe"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: clear
content-length: 5256
via: AmigoCDN 1.0, 1.1 google
expires: Sat, 05 Jun 2021 07:29:02 GMT

GET
H2

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/
Redirect Chain

https://agent.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

81ms
33ms

Script
application/octet-stream

2606:4700:20::681a:567
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: reurl.cc
URL: https://reurl.cc/dVk4GD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a87fd41597436af0e4160d453d7e8e2b4384edb15d2fdf2058de7c29b31e637

Request headers

Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 09:26:20 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3301
content-length: 40120
cf-request-id: 0a77f15fc700001f2133135000000001
last-modified: Fri, 28 May 2021 01:36:32 GMT
server: cloudflare
etag: "60b04920-9cb8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=BWeDQrdFbTGrb%2FRDhVaryHf8wg%2B3XuGI3OuKYP0tQxadUokX0Mp6J%2FzJS4EnGYo%2Fu9H0g%2BBbm9VskegctFenAyfvdL7h5SUvlxx72K2uvQBPmfPsfBW7oWESAMaLCn%2B6O9CIFj0s%2B2g%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 65a01e7939491f21-FRA

Redirect headers

location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
connection: close
content-length: 0

GET
H2 200 reurl_passback.js Show response
ad.sitemaji.com/native/ Frame B6FE 15 KB
5 KB 21ms
20ms Script
application/javascript 35.190.35.45
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/native/reurl_passback.js?s=300x250_mobile
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_reurl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.35.45 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 45.35.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 9106df425157d837db9798b2b26f25f27f9a4e803f2fb0b2851c88492bec14fd

Request headers

Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:52:54 GMT
content-encoding: br
last-modified: Thu, 29 Aug 2019 10:21:10 GMT
age: 9205
etag: W/"5d67a716-3bbe"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: clear
content-length: 5256
via: AmigoCDN 1.0, 1.1 google
expires: Sat, 05 Jun 2021 06:52:54 GMT

GET
H2 200 reurl_passback.js Show response
ad.sitemaji.com/native/ Frame A4FC 15 KB
5 KB 21ms
21ms Script
application/javascript 35.190.35.45
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/native/reurl_passback.js?s=300x250_mobile
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_reurl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.35.45 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 45.35.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 9106df425157d837db9798b2b26f25f27f9a4e803f2fb0b2851c88492bec14fd

Request headers

Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:52:54 GMT
content-encoding: br
last-modified: Thu, 29 Aug 2019 10:21:10 GMT
age: 9205
etag: W/"5d67a716-3bbe"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: clear
content-length: 5256
via: AmigoCDN 1.0, 1.1 google
expires: Sat, 05 Jun 2021 06:52:54 GMT

GET
H3-29 200 ph12ipM0DsW.css
www.facebook.com/rsrc.php/v3/y5/l/0,cross/ Frame BB21 25 KB
6 KB 316ms
45ms Stylesheet
text/css 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/y5/l/0,cross/ph12ipM0DsW.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

60ceacc7a24e51411b9a6f487a4e1da9f4144e270e232b6de52e5b77bca22c12

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Jun 2021 18:30:38 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: p+KET3Q7OBgqyuj4V2fmlA==
cross-origin-resource-policy: cross-origin
content-length: 5684
x-fb-rlafr: 0
x-fb-debug: dwKzFUCFlhR37ZJRz1YOaJ6KaoMiN8nDa6Cfr/RaH1tu84TTi2sqfABUmdpfq0Q4O9LtKXvp6WU4+m78vkB8Mw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 03 Jun 2022 18:30:38 GMT

GET
H3-29 200 5Fsnp3irenq.css
www.facebook.com/rsrc.php/v3/yt/l/0,cross/ Frame BB21 2 KB
868 B 286ms
16ms Stylesheet
text/css 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yt/l/0,cross/5Fsnp3irenq.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ec98f88129d5c3180c878d70ae27ffcdf7907737e4d2e82ec41b6f81fe1cd8ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:53:39 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: J9gtDCcpBAeYh1TcXJ9kqQ==
cross-origin-resource-policy: cross-origin
content-length: 816
x-fb-rlafr: 0
x-fb-debug: rd6VwYdEgSPFkpuqU0XgP9z6aGVJVUfWDiV/xndOVVO/B8nscJ+Ypbhy0zDfRGM3aSI1XVUQBMN8pIvF8scEEg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 27 May 2022 21:53:39 GMT

GET
H3-29 200 UG5hFH3OnGZ.css
www.facebook.com/rsrc.php/v3/yw/l/0,cross/ Frame BB21 36 KB
7 KB 298ms
28ms Stylesheet
text/css 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yw/l/0,cross/UG5hFH3OnGZ.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

83617fdf42c2457abd24c043606c8ad4bacfd7fe6fce42dfa5d16f4fbec523dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 19:27:18 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: EdrE11NR23Bfi5e1q30Fuw==
cross-origin-resource-policy: cross-origin
content-length: 7078
x-fb-rlafr: 0
x-fb-debug: Cs0rt0ejAGSX3NoNg0zarK3A5w97o811OTpmUI+O/BJAlkkCsghiqinREOGhSDkqRbMkSoASmwQ1g5FJahYpQg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 27 May 2022 19:27:18 GMT

GET
H3-29 200 auXEUCWHUDu.js Show response
www.facebook.com/rsrc.php/v3/yg/r/ Frame BB21 293 KB
80 KB 278ms
10ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yg/r/auXEUCWHUDu.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

eb5d31a04ce21340bc2d16eeec4397ad34738a863fc997b2393b618f4bc55d2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:19:03 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 1WpkPRi+O1NY2kHgO9zAUg==
cross-origin-resource-policy: cross-origin
content-length: 81413
x-fb-rlafr: 0
x-fb-debug: dCO7CH0JsjGI5bbih2wKZ2CK9+XSUTsTg4FtU4s6eFiXR8CW0q09cZBZJ4CVPi+W5Lq+TaWBBd0dpaP6MCs0+g==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 02 Jun 2022 22:19:03 GMT

GET
H3-29 200 LDIDWlUlAG9.js Show response
www.facebook.com/rsrc.php/v3/yd/r/ Frame BB21 65 KB
20 KB 310ms
42ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yd/r/LDIDWlUlAG9.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

56766cebd19e526d59965412d4744818753abe2b9030407f0580eeaf029fff33

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Jun 2021 02:19:00 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: zCLO5QjrkLcH6FDlzNjdyg==
cross-origin-resource-policy: cross-origin
content-length: 20222
x-fb-rlafr: 0
x-fb-debug: Hk8BUqASG8cJ0njFK/z51cY/32nhRUx+pydng2Kll4ILEM1lh4W4FjbkwF4VoGcpebvv14GZmE6wnfsilCdC4Q==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 03 Jun 2022 02:19:00 GMT

GET
H3-29 200 0Z7xVUWszo1.js Show response
www.facebook.com/rsrc.php/v3iEpO4/yk/l/en_US/ Frame BB21 126 KB
35 KB 289ms
21ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iEpO4/yk/l/en_US/0Z7xVUWszo1.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

92ce8008dfa52e912fea1f1700570804a13891cfbc24c71cc3a2e51244ff6d78

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 07:15:05 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: MLif0GUUZX/p4PbReI0Ftw==
cross-origin-resource-policy: cross-origin
content-length: 35908
x-fb-rlafr: 0
x-fb-debug: ERw+Fh5GVbdn2OkvlzgBYwRVrSvcBsbXeC/3WnHSMtg2sblITCuy4UvJFHwqiDMMRva0CxItQjDjURBINXTn/Q==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 04 Jun 2022 07:15:05 GMT

GET
H3-29 200 aVoL5z69Opq.js Show response
www.facebook.com/rsrc.php/v3iLl54/yD/l/en_US/ Frame BB21 15 KB
5 KB 310ms
43ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iLl54/yD/l/en_US/aVoL5z69Opq.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

107dedf2466d7c482f36f2b4cd22b1cc9b54904b2aaa9f0dac91be3cdb5b162e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Jun 2021 19:34:22 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: HSJTIQ7R8l61TUXAOctZfQ==
cross-origin-resource-policy: cross-origin
content-length: 4989
x-fb-rlafr: 0
x-fb-debug: 3X2cTGqE06ly+OiMWUOxxafmFHvbtgv8IhcKXwc0r9EjbNTxLWyEwqczUeunGloJdAwqXqnIX8qoRz2KjldaXA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 03 Jun 2022 19:34:22 GMT

GET
H3-29 200 ykbSkxJ8VJE.js Show response
www.facebook.com/rsrc.php/v3/yA/r/ Frame BB21 9 KB
3 KB 287ms
20ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yA/r/ykbSkxJ8VJE.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6b64f5bc28886025d0249793131aab1cf4a02c6b799543e2a74bc8047ead1b41

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 16:59:33 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 8u6hsl3sOAhh3qFnVy4qyw==
cross-origin-resource-policy: cross-origin
content-length: 3219
x-fb-rlafr: 0
x-fb-debug: 5R1w7KqXZTCDsR2aVtFJCpfxEqttohbhRIinX8L5fl4WKP6oGgt6QthA69TnGrvEkaoPPWbpM6H71NStBal9Pw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 02 Jun 2022 16:59:33 GMT

GET
H3-29 200 vVNHHjOWB6t.js Show response
www.facebook.com/rsrc.php/v3/yk/r/ Frame BB21 153 KB
45 KB 284ms
18ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yk/r/vVNHHjOWB6t.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

407844bdddf476cc18f80188a3fb73350b6046fd1eaf47a0b9f7d72bacd2b9e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:48:33 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: Q8sL51xZKYYpd7c+Kk0iYg==
cross-origin-resource-policy: cross-origin
content-length: 46173
x-fb-rlafr: 0
x-fb-debug: /9wIJ+88C209LavXa7gMxT5FFjQReJvFkcaphJpKN/pJUD23juxNsf2sQpwRxO5BFME8DV/X/xBgLA8bhwpUNQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 04 Jun 2022 02:48:33 GMT

GET
H3-29 200 IEOQM8FL8ot.js Show response
www.facebook.com/rsrc.php/v3/yr/r/ Frame BB21 5 KB
2 KB 274ms
9ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yr/r/IEOQM8FL8ot.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

908edfa9f7ec9fd5cb6b2159b5cb305d9c2c88601c8bf00a23bb0e96fcea1e21

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 17:15:47 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: mrvV7Xg6Liq29ANLrbPdkw==
cross-origin-resource-policy: cross-origin
content-length: 1630
x-fb-rlafr: 0
x-fb-debug: pAZj5G8hoUqUU/0QOIfs8LyCmq13xG3EsvXFVt1xsWivtAm3NB9bDxSjTRftYNOAsHeSNw32gglBdnrV/QGvZA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sun, 29 May 2022 17:15:47 GMT

GET
H3-29 200 SohvyHf9bqU.js Show response
www.facebook.com/rsrc.php/v3/yR/r/ Frame BB21 7 KB
2 KB 310ms
43ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yR/r/SohvyHf9bqU.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d175d400e6415cd2d5a76e744971ca96e79124b57fe873d184b93837d9dfe681

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 19:23:08 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: riaa4M39g865Cd4IB5wjSA==
cross-origin-resource-policy: cross-origin
content-length: 2093
x-fb-rlafr: 0
x-fb-debug: eSjmkwqdQgOUDFLnz7Le6CWZ8P+LhiABOufT70KXGPvt2gtSAozkYQNATo9m93oMQJi9McTxy08d7Yd47hoKnA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 24 May 2022 19:23:08 GMT

GET
H3-29 200 K5bccTxKt9H.js Show response
www.facebook.com/rsrc.php/v3/yq/r/ Frame BB21 426 B
316 B 286ms
20ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yq/r/K5bccTxKt9H.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5dad3ee09fe3607e9ddbaed8c69bd848327b5a05e5d36993e751f7a6f89edff4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 07:13:44 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: s3udtiHfvpO+8XR727TCJw==
cross-origin-resource-policy: cross-origin
content-length: 264
x-fb-rlafr: 0
x-fb-debug: OuZg48WMmf8PhH6kewfIY7boTNiLkRJYjyChwVI3COezEL0en+sUoK3DuEiPVH7nbrWNCGxZ/G/exVtjNyLSCQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 04 Jun 2022 07:13:44 GMT

GET
H3-29 200 bsryAwrhWve.js Show response
www.facebook.com/rsrc.php/v3ig8t4/yZ/l/en_US/ Frame BB21 422 KB
101 KB 309ms
43ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3ig8t4/yZ/l/en_US/bsryAwrhWve.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7b38f96f67bd52a3246d0ff5fa5f5278b45451be77e8dd1e4b94b4e6135f2018

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 19:32:38 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: mv+m+3vkxCgU2brIDLJEsQ==
cross-origin-resource-policy: cross-origin
content-length: 102911
x-fb-rlafr: 0
x-fb-debug: BboabZltcADq9E5QWkIZzHuCQZzXOeVViSEsHDFPhA79hWSjsWvBgYn/wOoqU5ekO0tEUce9SccxpKI3jBZbGQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 02 Jun 2022 19:32:38 GMT

GET
H3-29 200 LRo67jlaRgY.js Show response
www.facebook.com/rsrc.php/v3/yl/r/ Frame BB21 18 KB
6 KB 274ms
9ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yl/r/LRo67jlaRgY.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

47b5e303447c7681ce1b2242f23699f94c0709da3aa5016ec1c8f6d7efcad1c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 06:26:01 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: /49V/V76X87agOuBQG4NzA==
cross-origin-resource-policy: cross-origin
content-length: 6073
x-fb-rlafr: 0
x-fb-debug: k/hp8lsZ9ea/J+JT6nRArCF6udz3j+ucL+Qe7/Pu3oGOZrGvALn0ArO1ZZlXDvpUr0SH2X+WKl9xgAnOFEV3mA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 02 Jun 2022 06:26:01 GMT

GET
H3-29 200 d__2zwz9HAa.js Show response
www.facebook.com/rsrc.php/v3/yo/r/ Frame BB21 100 KB
27 KB 284ms
19ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yo/r/d__2zwz9HAa.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

14d050ca7cd307f53e86dfa07664029c4554d13997a250625e59251edaee3618

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 17:49:45 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: rzgGV/sULh4bwV2HO4iWhw==
cross-origin-resource-policy: cross-origin
content-length: 28014
x-fb-rlafr: 0
x-fb-debug: i07AeI9hrCFF68S/LnpoKH0X1ZRRcSz9rOe4HC5r7n77pW+pKsnpx50tn0eMB1fVXRVaANXiLBpXT0tBSghWUQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 02 Jun 2022 17:49:45 GMT

GET
H3-29 200 FtKIi4Lgcq3.js Show response
www.facebook.com/rsrc.php/v3/y7/r/ Frame BB21 359 KB
80 KB 310ms
44ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/y7/r/FtKIi4Lgcq3.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0e506b9395a125059837070b587655f684aced42b25fb2c836b387ed1a621853

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:48:34 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: MQaATTeDu6uzNuA7NPbxug==
cross-origin-resource-policy: cross-origin
content-length: 82361
x-fb-rlafr: 0
x-fb-debug: 4GdX9NS/3M+2fo7PGfTkmaOb9wvnPN2AqWh0eduzNSWW35fIJLM12/ltu3zVuTckfHx/VLQFJGka63+kceHtfw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 04 Jun 2022 02:48:33 GMT

GET
H3-29 200 n2R9YVn6Y87.js Show response
www.facebook.com/rsrc.php/v3/yS/r/ Frame BB21 4 KB
2 KB 309ms
44ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yS/r/n2R9YVn6Y87.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0f783a947b0e1f22b2f0460631e207543de7e70a3652a21d1756debbc982313e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Jun 2021 18:52:48 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 5h28vz/IL0qDPe2C9eTxEw==
cross-origin-resource-policy: cross-origin
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: QizJ6HQK572pw+1Z08VYjCsTxBNgfrdAMX3ptp9Sl28FjR/GlGSSGC4UXKeH9FAnGp1hXyN/T+BCqLijA+wwUg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 03 Jun 2022 18:52:48 GMT

GET
H3-29 200 Uf-73aw922e.js Show response
www.facebook.com/rsrc.php/v3/yl/r/ Frame BB21 15 KB
6 KB 310ms
45ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yl/r/Uf-73aw922e.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4eef62c77a19b7d9fb6f894cfa0e7757e0a3bf2936c1af0d330a9e409914bde0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Jun 2021 18:52:48 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: O1i5c8VfmwReAn1Xg3t6xQ==
cross-origin-resource-policy: cross-origin
content-length: 5738
x-fb-rlafr: 0
x-fb-debug: VtLCii/ce0+4ETHH9yare/+qY6Hpk1zilhfZGzagbUcMieB08KWqZ9ExYZfOuxayL6Nh2IsCShP8slv302iLzQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 03 Jun 2022 18:52:48 GMT

GET
H3-29 200 JNHW1aQLTTB.js Show response
www.facebook.com/rsrc.php/v3/yf/r/ Frame BB21 2 KB
858 B 282ms
19ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yf/r/JNHW1aQLTTB.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

46d2d8aa76374bad68b27aff870970ca15ff5f1ab3389f2327f21f073ddf521a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 10:37:37 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: agNC6E6e+E6Zesw/5kQcYA==
cross-origin-resource-policy: cross-origin
content-length: 806
x-fb-rlafr: 0
x-fb-debug: doPz0rX2/RdhIBF1sgbjPg/7x+vQylvYh9Ni7VkPjBhMDjNrH1WFh0+TQ/IopoaKfSpiWolXr5ghn3h2eadnsQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Mon, 23 May 2022 10:37:37 GMT

GET
H3-29 200 iArlHGPYN4y.js Show response
www.facebook.com/rsrc.php/v3/yC/r/ Frame BB21 9 KB
3 KB 310ms
46ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yC/r/iArlHGPYN4y.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8857d647f96ba04fd5a24e7a547aad036614a57dfa575d850f3fd6fe2694b35f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 19:31:19 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 7FbtrFYBPw0+87XsuihnRA==
cross-origin-resource-policy: cross-origin
content-length: 2516
x-fb-rlafr: 0
x-fb-debug: Cvne3X1m2SK9TC13d0POgaDKMhr8GWpDfTSfWMmLOr8vGsKbv0Mo6t/hcFxBFm59pMEF0gzHgD78aguLPdXyqg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 02 Jun 2022 19:31:19 GMT

GET
H2 200 137281900_456460102427167_5700957177331697552_n.jpg
scontent-frt3-1.xx.fbcdn.net/v/t1.6435-0/s350x350/ Frame BB21 18 KB
18 KB 27ms
7ms Image
image/jpeg 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frt3-1.xx.fbcdn.net/v/t1.6435-0/s350x350/137281900_456460102427167_5700957177331697552_n.jpg?_nc_cat=106&ccb=1-3&_nc_sid=dd9801&_nc_ohc=M37_AkWyZjIAX_Ps12b&_nc_ht=scontent-frt3-1.xx&tp=7&oh=c61b8511fd8c3daeac2c6baee0d3797f&oe=60DFC105
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 74366a8c8cb4b32e1195a4a39f6d5425abaedf34fbda3afd682162ce14741b61

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 2684918117
date: Fri, 04 Jun 2021 09:26:20 GMT
x-fb-trip-id: 686109401
last-modified: Sat, 09 Jan 2021 16:21:28 GMT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 620744837
x-fb-config-version-olb-prod: 1116
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 18463

GET
H2 200 94989982_255673909172455_296878155363254272_n.jpg
scontent-frx5-1.xx.fbcdn.net/v/t1.6435-1/cp0/p50x50/ Frame BB21 1 KB
2 KB 9ms
7ms Image
image/jpeg 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frx5-1.xx.fbcdn.net/v/t1.6435-1/cp0/p50x50/94989982_255673909172455_296878155363254272_n.jpg?_nc_cat=109&ccb=1-3&_nc_sid=dbb9e7&_nc_ohc=ATVzmMBLp0MAX-MdLBJ&_nc_ht=scontent-frx5-1.xx&tp=27&oh=395d21e42ea9a73b6517b152c03caa5b&oe=60DF35F5
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 4636fb9df5ae103fbad3764c9f98400be1c9384cbe77fdb6951b96adcac788b1

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 1667465380
date: Fri, 04 Jun 2021 09:26:20 GMT
x-fb-trip-id: 917726464
last-modified: Thu, 30 Apr 2020 14:31:11 GMT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 88386505
x-fb-config-version-olb-prod: 1118
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1345

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 34ms
33ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-102456694-1&cid=569164089.1622798780&jid=892686030&_u=IEBAAEAAAAAAAC~&z=1990800996

Requested by

Host: reurl.cc
URL: https://reurl.cc/dVk4GD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 09:26:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 37ms
37ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-102456694-1&cid=569164089.1622798780&jid=892686030&_u=IEBAAEAAAAAAAC~&z=1990800996

Requested by

Host: reurl.cc
URL: https://reurl.cc/dVk4GD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 09:26:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 native.js Show response
s.yimg.com/dy/ads/ Frame D4EF 75 KB
28 KB 117ms
11ms Script
application/javascript 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/dy/ads/native.js

Requested by

Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/native/reurl_passback.js?s=728x90_pc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

136606928f66c3a25fa3176ddfb65bb8c4aaa63b11a386f320e5d0c6f1cae858

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Fri, 04 Jun 2021 09:15:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 677
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 28248
x-amz-id-2: X5X7yzz75r7/BvquqzToQzXLyUn5thxVXWJhSd7clpG4zlocrc5Dsx29wkVAYTQaCHlQ1Ud6dEc=
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 17 Mar 2021 21:21:21 GMT
server: ATS
etag: "a0ca719a83f21a792c0b10708c948074-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: 741P3GGRW88N7DAB
x-xss-protection: 1; mode=block
cache-control: max-age=900
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 native.js Show response
s.yimg.com/dy/ads/ Frame B6FE 75 KB
28 KB 126ms
20ms Script
application/javascript 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/dy/ads/native.js

Requested by

Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/native/reurl_passback.js?s=300x250_mobile

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

136606928f66c3a25fa3176ddfb65bb8c4aaa63b11a386f320e5d0c6f1cae858

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Fri, 04 Jun 2021 09:15:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 677
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 28248
x-amz-id-2: X5X7yzz75r7/BvquqzToQzXLyUn5thxVXWJhSd7clpG4zlocrc5Dsx29wkVAYTQaCHlQ1Ud6dEc=
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 17 Mar 2021 21:21:21 GMT
server: ATS
etag: "a0ca719a83f21a792c0b10708c948074-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: 741P3GGRW88N7DAB
x-xss-protection: 1; mode=block
cache-control: max-age=900
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 native.js Show response
s.yimg.com/dy/ads/ Frame A4FC 75 KB
28 KB 121ms
26ms Script
application/javascript 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/dy/ads/native.js

Requested by

Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/native/reurl_passback.js?s=300x250_mobile

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

136606928f66c3a25fa3176ddfb65bb8c4aaa63b11a386f320e5d0c6f1cae858

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Fri, 04 Jun 2021 09:15:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 677
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 28248
x-amz-id-2: X5X7yzz75r7/BvquqzToQzXLyUn5thxVXWJhSd7clpG4zlocrc5Dsx29wkVAYTQaCHlQ1Ud6dEc=
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 17 Mar 2021 21:21:21 GMT
server: ATS
etag: "a0ca719a83f21a792c0b10708c948074-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: 741P3GGRW88N7DAB
x-xss-protection: 1; mode=block
cache-control: max-age=900
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame AA4E 95 KB
33 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.56

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Jun 2021 10:21:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83109
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Jun 2022 10:21:11 GMT

GET
H2 200 prebid.js Show response
img.scupio.com/js/ Frame AA4E 235 KB
85 KB 49ms
49ms Script
application/javascript 52.222.149.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.56
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.149.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-149-125.cdg52.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: cba9280619d59a2b02d40030a3f4dc5a320e0692b09d5a4e38fef67a4923d6fe

Request headers

Referer: https://img.scupio.com/html/ad.html?v=1.0.56
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 09:21:45 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 07:57:27 GMT
server: nginx/1.12.1
age: 275
etag: W/"60af50e7-3ac4b"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=21600
x-amz-cf-pop: CDG52-P1
x-amz-cf-id: UZxvVNWbs_gmcUMIMyAnKUrR3DevmZtuG4qFnTXn7WveOCn1_vNM2w==
via: 1.1 07cb86faf6a141962da4e2d7c85db039.cloudfront.net (CloudFront)
expires: Fri, 04 Jun 2021 15:21:45 GMT

GET
H3-29 200 ApcBOUT5FoS.png
www.facebook.com/rsrc.php/v3/y_/r/ Frame BB21 573 B
627 B 23ms
6ms Image
image/png 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v3/y_/r/ApcBOUT5FoS.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/y5/l/0,cross/ph12ipM0DsW.css?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

641e03dfeee60c05e0794bace5fc58d2fba409fee529a114459e44cee0d9d069

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/rsrc.php/v3/y5/l/0,cross/ph12ipM0DsW.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: zHXZqDCIbZWuLgeI1XMP4yspbsvVzTMwVO7Xp0MzbQ8lQaOZoUm9Z4B/EHtyyG1yLxpcXiuYBh0yRqmQuhHCTg==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: Y/eW3MWFNJnkcpEqoXzG3Q==
date: Sat, 29 May 2021 00:13:04 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
content-length: 573
timing-allow-origin: *
priority: u=3,i
x-fb-rlafr: 0
expires: Sun, 29 May 2022 00:13:04 GMT

GET
H3-29 200 / Show response
www.facebook.com/platform/plugin/tab/renderer/ Frame BB21 92 KB
20 KB 211ms
210ms XHR
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/platform/plugin/tab/renderer/?key=timeline&config_json=%7B%22app_id%22%3A%22776730922422337%22%2C%22href%22%3A%22https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F%22%2C%22width%22%3A340%2C%22height%22%3A500%2C%22has_cta%22%3Atrue%2C%22has_small_header%22%3Afalse%2C%22has_adapt_container_width%22%3Atrue%2C%22has_cover%22%3Atrue%2C%22has_posts%22%3Afalse%2C%22tabs%22%3A%22timeline%22%2C%22can_personalize%22%3Afalse%2C%22is_xfbml%22%3Afalse%2C%22referer_uri%22%3A%22https%3A%2F%2Freurl.cc%2F%22%7D&fb_dtsg_ag&__user=0&__a=1&__dyn=7xeUmxa13xu1syUbAihwLBwqo98nwgU5Gex-ewSwMwNw8OdwJwvHwdK4o4O0C82Vwb-q1ewcG0KEswaq1xwEwlU-0nSUS1vwqUcE7e2l2Utw6awZwaOfxW0D83mwkE5G0zE5W0HU1jo6iazo&__csr=&__req=1&__hs=18782.PHASED%3Aplugin_default_pkg.2.0.0.0&dpr=1&__ccg=EXCELLENT&__rev=1003907643&__s=%3A%3A5fnh75&__hsi=6969867684140993396&__comet_req=0&__sp=1

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3iEpO4/yk/l/en_US/0Z7xVUWszo1.js?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dbde7ec353223db1942bd8d3311dc22170385545793c142ad2fd75723fdf2ec9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-FB-LSD: asZ3qhAjXMc4ujN5mcEA1o
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: Jm6fwblWAaywuo9rLeH9TGKUUlEoAIol9Bdl8mRfgPJK6O1tyAeb+SDvs/ysLMs9u05qzi7ZXzds1d6Rccg1FA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 04 Jun 2021 09:26:20 GMT
vary: Accept-Encoding
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3-29 200 / Show response
www.facebook.com/platform/plugin/page/logging/ Frame BB21 996 B
600 B 40ms
40ms XHR
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/platform/plugin/page/logging/

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3iEpO4/yk/l/en_US/0Z7xVUWszo1.js?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

23af0beb38a4c0a0b12de8e85c5b196e01f9c434bd74503fa2a399ade84f4e2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-FB-LSD: asZ3qhAjXMc4ujN5mcEA1o
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: KFsn6YeltTOJXNaz+4rfeyKP2UaNN6/f7vtV26bisyJ9iiF0l3Gks9PFR2Ph3/qMbZaGomvS6hrcHcpsWj7hNQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 04 Jun 2021 09:26:20 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
vary: Origin, Accept-Encoding
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

POST
H3-29 200 / Show response
www.facebook.com/pages/call_to_action/fetch_dialog_data/ Frame BB21 996 B
598 B 49ms
48ms XHR
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/pages/call_to_action/fetch_dialog_data/?id=136500184423162&surface=pagePlugin&unit_type=VIEWER

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3iEpO4/yk/l/en_US/0Z7xVUWszo1.js?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1334a2f1eb9d5c5bdf072a5fd9eef06d1a227c7089059a0b8b2573e942e5c7f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-FB-LSD: asZ3qhAjXMc4ujN5mcEA1o
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: jLZP63vpijtxOP4GkQx80LretugUGnwT6PppBBiL1OQUHZvSgRT7I9p/CqTJ4uvjNd7G/akJpJjZlk0PmvuiOA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 04 Jun 2021 09:26:20 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
vary: Origin, Accept-Encoding
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

GET
H3-29 200 a1iO7p7K-4S.js Show response
www.facebook.com/rsrc.php/v3/yf/r/ Frame BB21 276 KB
58 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yf/r/a1iO7p7K-4S.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yg/r/auXEUCWHUDu.js?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

da7d345dcfcc4cee313130c409b3d07f8103f60c37dfbfe268a34d1701aece06

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Jun 2021 20:54:53 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: AyGjVjJ+pNIixfQpK61adQ==
cross-origin-resource-policy: cross-origin
content-length: 58967
x-fb-rlafr: 0
x-fb-debug: J7RhA1Hjs864LPO4QJj9U27cv6nzrkZJDV7bs5kr04z6Y9SHEVSVEilTVKaGqhEF1QJUH67XlhmfgOldMaDwIw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 03 Jun 2022 20:54:53 GMT

GET
H3-29 200 cAEvN19HjM2.js Show response
www.facebook.com/rsrc.php/v3/yB/r/ Frame BB21 885 B
436 B 10ms
9ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yB/r/cAEvN19HjM2.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yg/r/auXEUCWHUDu.js?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e913d0c8195023fea768aa63161cfe870b077cd360806e3905002e74acc7423e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 16:01:34 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: lRXvpxxdUT7QUnYyGQ+l6g==
cross-origin-resource-policy: cross-origin
content-length: 378
x-fb-rlafr: 0
x-fb-debug: XzfQmUICM8iRvZxzgJX0/S/rcp0swrDnIeiz+r0WWL095Ffg2sXsGenEbORgXzw0PZkUHxtORWtYdyjX+5nVpw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Mon, 30 May 2022 16:01:34 GMT

GET
H3-29 200 nuSZvOPs-lg.png
www.facebook.com/rsrc.php/v3/yv/r/ Frame BB21 12 KB
12 KB 9ms
9ms Image
image/png 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v3/yv/r/nuSZvOPs-lg.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yw/l/0,cross/UG5hFH3OnGZ.css?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e51e7c1f2f3bd86cc3e9dcd1ad5403db927f32533f0a8b29bc15f11b40c6376

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/rsrc.php/v3/yw/l/0,cross/UG5hFH3OnGZ.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: VTvlHMcR+jlyLrXsJpoq+xyKGYvvsam0X7b/ZC5jw8WN+e8vWSa9fXiaWg/zCL5b0KbkNZWUtQJEuKVXvC8LFw==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: +tH9SoPO1ugg3HR9LK4liQ==
date: Sat, 29 May 2021 20:07:37 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
priority: u=3,i
timing-allow-origin: *
content-length: 11870
x-fb-rlafr: 0
expires: Sun, 29 May 2022 20:07:37 GMT

GET
H3-29 200 onuUJj0tCqE.png
www.facebook.com/rsrc.php/v3/y2/r/ Frame BB21 4 KB
4 KB 10ms
9ms Image
image/png 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v3/y2/r/onuUJj0tCqE.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/y5/l/0,cross/ph12ipM0DsW.css?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5f71fcc2d00d22ffd4d9a07b64c435f88de80893f838fa64a45c386cbba0c601

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/rsrc.php/v3/y5/l/0,cross/ph12ipM0DsW.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: m7vYYviZ6qE9MRaTV/FQnVHEj1aufPDs9gm2nxLpc0nLrtc3GzN713mn42C4cTJN7jkCpVAT3tXyXyOkEvruCg==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: OK0dmVpVmdoMRpKMP9eDcg==
date: Sat, 29 May 2021 20:05:52 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
priority: u=3,i
timing-allow-origin: *
content-length: 3944
x-fb-rlafr: 0
expires: Sun, 29 May 2022 20:05:52 GMT

GET
H3-29 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame EAFC 95 KB
33 KB 46ms
7ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.56

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Jun 2021 10:21:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83109
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Jun 2022 10:21:11 GMT

GET
H2 200 prebid.js Show response
img.scupio.com/js/ Frame EAFC 235 KB
85 KB 38ms
37ms Script
application/javascript 52.222.149.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.56
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.149.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-149-125.cdg52.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: cba9280619d59a2b02d40030a3f4dc5a320e0692b09d5a4e38fef67a4923d6fe

Request headers

Referer: https://img.scupio.com/html/ad.html?v=1.0.56
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 09:21:45 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 07:57:27 GMT
server: nginx/1.12.1
age: 275
etag: W/"60af50e7-3ac4b"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=21600
x-amz-cf-pop: CDG52-P1
x-amz-cf-id: 6xEi9U01L-SEAgOxBVPYjZigptKqo1AHL6Oi73Sd5_VWhxxFuGQGtA==
via: 1.1 07cb86faf6a141962da4e2d7c85db039.cloudfront.net (CloudFront)
expires: Fri, 04 Jun 2021 15:21:45 GMT

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ Frame D4EF 290 B
299 B 176ms
61ms Script
application/javascript 212.82.100.146
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?locale=en_US&agentVersion=205&adTrackingEnabled=true&adUnitCode=64d289b9-de9a-443b-a2c0-d45680807e46&apiKey=M2G62KV2NBNXKBPVHWQN&usp=&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Freurl.cc%2FdVk4GD&caps=16&cb=jsonpCallback0

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

212.82.100.146 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

media-router-flurry71.prod.media.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

f7a8e9ba173126956cea416f7d8039002d47e39abd29f782ac164884ed216c5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 09:26:20 GMT
content-encoding: gzip
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
strict-transport-security: max-age=31536000

GET
H2 200 b
geo.yahoo.com/ Frame D4EF 43 B
157 B 132ms
54ms Image
image/gif 2a00:1288:110:c204::b000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://geo.yahoo.com/b?t=xhkd7&9sdk8454

Requested by

Host: reurl.cc
URL: https://reurl.cc/dVk4GD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 09:26:20 GMT
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 1
content-type: image/gif
content-length: 43

GET
H2 200 b
geo.yahoo.com/ Frame B6FE 43 B
530 B 125ms
54ms Image
image/gif 2a00:1288:110:c204::b000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://geo.yahoo.com/b?t=xhkd7&9sdk8454

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 09:26:20 GMT
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 1
content-type: image/gif
content-length: 43

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ Frame B6FE 298 B
316 B 163ms
57ms Script
application/javascript 212.82.100.146
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?locale=en_US&agentVersion=205&adTrackingEnabled=true&adUnitCode=1fffcdb4-48e0-4bda-b4bd-835f894c1a14&apiKey=M2G62KV2NBNXKBPVHWQN&usp=&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Freurl.cc%2FdVk4GD&caps=16&cb=jsonpCallback0

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

212.82.100.146 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

media-router-flurry71.prod.media.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

e1bf03d4218f9d45f25ffaa10571bb9a8513954bf8cf18f29516b96549158405

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 09:26:20 GMT
content-encoding: gzip
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
strict-transport-security: max-age=31536000

GET
H3-29 200 0PBAeqI9Rhg.js Show response
www.facebook.com/rsrc.php/v3iwUw4/yx/l/en_US/ Frame BB21 1 MB
234 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iwUw4/yx/l/en_US/0PBAeqI9Rhg.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yg/r/auXEUCWHUDu.js?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d59912fcad926b847aa253d75a11fb06fcdad5dec272527873b5b9e9083e4e2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 19:38:31 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: rznkvVLICbhTF9wZPoodrA==
cross-origin-resource-policy: cross-origin
content-length: 239800
x-fb-rlafr: 0
x-fb-debug: IZJVqTbFlRjOtVyoF2CiymkKicq+dyO3xjZ7+odaxlZvdvfninJohlzgcb6OrYP4p9NV5Xc0w8OrpSaZguxPgw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 02 Jun 2022 19:38:31 GMT

GET
H2 200 b
geo.yahoo.com/ Frame A4FC 43 B
159 B 61ms
60ms Image
image/gif 2a00:1288:110:c204::b000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://geo.yahoo.com/b?t=xhkd7&9sdk8454

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 09:26:20 GMT
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 5
content-type: image/gif
content-length: 43

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ Frame A4FC 298 B
494 B 87ms
52ms Script
application/javascript 212.82.100.146
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

212.82.100.146 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

media-router-flurry71.prod.media.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

e1bf03d4218f9d45f25ffaa10571bb9a8513954bf8cf18f29516b96549158405

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 09:26:20 GMT
content-encoding: gzip
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
strict-transport-security: max-age=31536000

GET
H2 200 ucfad-formats.css
cdn.aralego.net/css/dev/ 975 B
634 B 18ms
17ms Stylesheet
text/css 2606:4700:20::681a:567
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 09:26:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4801
cf-polished: origSize=1191
cf-request-id: 0a77f161b400001f2161234000000001
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=dq8cAYTSnIQehjF3wSBVUgf8K%2BIDVJDMx%2BgS8uB8XFaMY3p%2FmGT4KlRJUpFENhqDzjZE678DoJM5rnG%2BYPn4dVTZfxuiCUGAbJpqKRhppbGjONBFb%2B7fqVxOGVHJ57RClHfcWtyvMcg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 65a01e7c5f101f21-FRA
cf-bgj: minify

GET
H/1.1 204
No Content ad_request Show response
ads.aralego.com/ 0
839 B 775ms
188ms XHR
text/plain 192.96.200.41
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=reurl.cc&u=https%3A%2F%2Freurl.cc%2FdVk4GD&xr=0&adid=ad-BE7EA7D3B2339BD4077327D9D4B2DA62&w=970&h=90&ver=UCX_WEB-20200113&pos=1&seq=undefined&cb=0.7754947802279666
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.200.41 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 04 Jun 2021 09:26:21 GMT
Campaign-Id: 10
Sourceapp: 123456789
nonce: 473b1a16-b4ef-43ad-9591-fcf3aefa82a7
Skadnetwork-Id: testad.skadnetwork
X-Height: 90
X-AdStyle: banner
Signature: MEQCIEQlmZRNfYzKBSE8QnhLTIHZZZWCFgZpRqRxHss65KoFAiAJgJKjdrWdkLUOCCjuEx2RmFS7daRzSVZRVZ8RyMyUXg==
Connection: close
X-Width: 970
Itunesitem: 880047117
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: https://reurl.cc
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Timestamp: 1594406341
Link_Type: app
X-Adtype: html
Access-Control-Allow-Credentials: true
Version: 2.0

GET
H3-29 200 trH3Te47Jv4.css
www.facebook.com/rsrc.php/v3/ye/l/0,cross/ Frame BB21 21 KB
5 KB 20ms
12ms Stylesheet
text/css 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/ye/l/0,cross/trH3Te47Jv4.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yg/r/auXEUCWHUDu.js?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8e9eed57a396170f31d7050a1270005f50b3546ca94bec5a39598cc5da32a994

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Jun 2021 18:30:39 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 27V8qIwPX745yYZMsvWVwQ==
cross-origin-resource-policy: cross-origin
content-length: 5316
x-fb-rlafr: 0
x-fb-debug: Vj+gXKjz8cICInLRKnwki4G3qEnfW9Kfk2jx+6+3NZwdgG8m3lIXpiBoom/fJhqF+AlrCOoPu+ayyX5pztPtOw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 03 Jun 2022 18:30:39 GMT

GET
DATA 200
OK truncated
/ Frame BB21 2 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f25aebef7c5b576071a6f97559078c0a17f5d3130f2cdb8d74f04872ec8fb333

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/css;charset=utf-8

GET
H3-29 200 jndVCEjtwZt.css
www.facebook.com/rsrc.php/v3/y3/l/0,cross/ Frame BB21 2 KB
753 B 20ms
11ms Stylesheet
text/css 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/y3/l/0,cross/jndVCEjtwZt.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yg/r/auXEUCWHUDu.js?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0496a160f4acf2038b8d7dc42cea0eac9d3419609bbaabc3849ea00c15b4a9c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Jun 2021 19:11:03 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: kDp/QwZjBQEsXz/hLDP0Ow==
cross-origin-resource-policy: cross-origin
content-length: 695
x-fb-rlafr: 0
x-fb-debug: NDDFmSAa33/2yZL/eBsavksGsTsNEB4xLiJkPGnRHy6G7TF4jlIJ/9H/mnB3CdAyEFoZ8EvycKGET4x9PQTaZQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 03 Jun 2022 19:11:03 GMT

GET
H3-29 200 a8M9WxanOSx.css
www.facebook.com/rsrc.php/v3/yo/l/0,cross/ Frame BB21 18 KB
4 KB 20ms
12ms Stylesheet
text/css 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yo/l/0,cross/a8M9WxanOSx.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yg/r/auXEUCWHUDu.js?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9b370cabd0a1eb2a84f141e430743bc9721d08dd92c9a4a53b245b48a6147d44

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 21:43:01 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: iTbTuASadQUuj0Bk4NO9TQ==
cross-origin-resource-policy: cross-origin
content-length: 4293
x-fb-rlafr: 0
x-fb-debug: gCDuAPgYaGEsxSNBxUwFmpWRPFwucoj/I2aJklmxMBbteZhmpa2t7OlBHn+ON6MSX4H5610nPiy5O2yesfwGwA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 02 Jun 2022 21:43:01 GMT

GET
H3-29 200 8zxpfB5cm1Q.js Show response
www.facebook.com/rsrc.php/v3/yA/r/ Frame BB21 62 KB
16 KB 14ms
12ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yA/r/8zxpfB5cm1Q.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yg/r/auXEUCWHUDu.js?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fa50447f38e14580ea8bd2047698d6bace11f5631ea3e5980e8a96e5ff3bef38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 16:30:09 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: RnSo9vT9RQfuWvmy4Ln0OA==
cross-origin-resource-policy: cross-origin
content-length: 16150
x-fb-rlafr: 0
x-fb-debug: xwmAfL2Ju/YxPx2BtbOgNV9zdLaNbdl8EsCoZ9wd0HU6cIhCqEchPj+pqJG1bjdGf++VLJ+NPRi8gs+b8957aA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 02 Jun 2022 16:30:09 GMT

GET
H3-29 200 NifK3RmDZV7.js Show response
www.facebook.com/rsrc.php/v3/yj/r/ Frame BB21 18 KB
6 KB 14ms
13ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yj/r/NifK3RmDZV7.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yg/r/auXEUCWHUDu.js?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

676b08b58a83b85d935259990e459dbb39d53b7709eecb0fa42c8c3b60d17e96

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 20:12:07 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: KsVcQfrhYUofIivVjpaMrQ==
cross-origin-resource-policy: cross-origin
content-length: 5954
x-fb-rlafr: 0
x-fb-debug: ckd96u4dz8GW6C+OoVwfaZIatd74D+tCZ4Vx081vi6diTcBrHcewBGkh3zDQ8z/IRFUyu1q7OA2YoUmH3+KxJg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 25 May 2022 20:12:07 GMT

GET
H3-29 200 QAtzoDVsrCZ.js Show response
www.facebook.com/rsrc.php/v3iEBX4/y3/l/en_US/ Frame BB21 28 KB
8 KB 17ms
16ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iEBX4/y3/l/en_US/QAtzoDVsrCZ.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yg/r/auXEUCWHUDu.js?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

04bb1699b5fb03957a5a790ba42f967b739ce65d8e353f229c6889685f720dfd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 18:33:24 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: EgX3jJIhou2BbaXTPrQ2VA==
cross-origin-resource-policy: cross-origin
content-length: 8256
x-fb-rlafr: 0
x-fb-debug: QgbtVCDiRK9uXMEqtI1K76Z4mJaqlpkNz9NN/oEQ3uPatMKdM7bPGnOc603y9zYzmSQzywkrOTUDHBcO8qvuLA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 02 Jun 2022 18:33:24 GMT

GET
H2 200 Ek10ELLuAdl.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ Frame BB21 2 KB
1 KB 34ms
11ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/Ek10ELLuAdl.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yg/r/auXEUCWHUDu.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e6a27c83c2b60d3173b7e82d9d84b1902033c6155fa7173a59561bf489857777

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 09:26:20 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: v+bJyc2OFfx/TIXUEl30hg==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 906
x-fb-rlafr: 0
x-fb-debug: 3kpqX8ZYB4sn68lGW3iiQI9tEltkpti0LlT+bOfEE84BaIMohC0RhkClUTg02S8o0aYcjgoE99fkbD8/Cx0niw==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 27 May 2022 11:57:29 GMT

GET
H2 200 currency.json Show response
img.scupio.com/js/config/ Frame AA4E 108 B
489 B 30ms
29ms XHR
application/json 52.222.149.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/config/currency.json
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.149.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-149-125.cdg52.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 419334094b5a8ead2d743bc8e533067b554288faebc143645ca7d8c89f130533

Request headers

Referer: https://img.scupio.com/html/ad.html?v=1.0.56
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 04 Jun 2021 09:24:51 GMT
via: 1.1 07cb86faf6a141962da4e2d7c85db039.cloudfront.net (CloudFront)
last-modified: Thu, 03 Jun 2021 19:16:05 GMT
server: nginx/1.12.1
age: 292
etag: "60b92a75-6c"
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=10800
x-amz-cf-pop: CDG52-P1
accept-ranges: bytes
content-length: 108
x-amz-cf-id: i1S4q6p3LV7LpoheoeRqxLm-2pkYkhgA2DZvPKYkAenLCiWMxlVLfQ==
expires: Fri, 04 Jun 2021 12:21:28 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame AA4E
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1
https://mug.criteo.com/sid?cpp=rKLCLHwybDBQWE83NXdxeGJ0dk43U3BLZ2RTc3c1dk9GRnlKWGFrRStubXozbFhMMkJDR2EzbFJRS3lmMlcweHJsd0hIN3U0NGNIc3FQMUExeE5rbmI5NG1OT3RObC81OTZpczNMb3BnZEFrZllaenpleDh0VnIvcXYxeF...

347 B
630 B

122ms
62ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=rKLCLHwybDBQWE83NXdxeGJ0dk43U3BLZ2RTc3c1dk9GRnlKWGFrRStubXozbFhMMkJDR2EzbFJRS3lmMlcweHJsd0hIN3U0NGNIc3FQMUExeE5rbmI5NG1OT3RObC81OTZpczNMb3BnZEFrZllaenpleDh0VnIvcXYxeFFCbnJWWGhyQmpZL2NpVi9YWUovMXNrREMycHpZS1IwN3orUzByZ200c3RxZTlSMXIyaHVrSGhNcHJZd0RDNFliSS8veWtNaEt4NWkrWjVEYlBVak40b3R5QUNhL1lBUmdYNGV4MVpRWEtmckpjb09lcTZvPXw&cppv=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

0b644ab453a03ae40738155b876e8f965980cdd687873809574e654a6322ad3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Fri, 04 Jun 2021 09:26:20 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2145
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Fri, 04 Jun 2021 09:26:20 GMT
location: https://mug.criteo.com/sid?cpp=rKLCLHwybDBQWE83NXdxeGJ0dk43U3BLZ2RTc3c1dk9GRnlKWGFrRStubXozbFhMMkJDR2EzbFJRS3lmMlcweHJsd0hIN3U0NGNIc3FQMUExeE5rbmI5NG1OT3RObC81OTZpczNMb3BnZEFrZllaenpleDh0VnIvcXYxeFFCbnJWWGhyQmpZL2NpVi9YWUovMXNrREMycHpZS1IwN3orUzByZ200c3RxZTlSMXIyaHVrSGhNcHJZd0RDNFliSS8veWtNaEt4NWkrWjVEYlBVak40b3R5QUNhL1lBUmdYNGV4MVpRWEtmckpjb09lcTZvPXw&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://img.scupio.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1651
content-length: 482
expires: 0

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame AA4E 0
176 B 524ms
170ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Fri, 04 Jun 2021 09:26:21 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 200 prebid.json Show response
ad.holmesmind.com/adserver/ Frame AA4E 0
219 B 796ms
281ms XHR
text/html 54.178.71.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/prebid.json?cb=1622798780813&hb=1&ver=1.21
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.178.71.123 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Fri, 04 Jun 2021 09:26:21 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H/1.1 204
No Content header Show response
hb.aralego.com/ Frame AA4E 0
323 B 632ms
171ms XHR
text/plain 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-6272B749823AD3B6FE98336EBDD2A34A&tdid=&schain=1.0%2C1!scupio.com%2C4808%2C1%2C%2C%2C&fp=undefined&eids=&host=img.scupio.com&u=https%3A%2F%2Fimg.scupio.com&xr=1&ao=https%3A%2F%2Freurl.cc&ucfUid=6166f70d-502c-4c60-a251-5f0f13d6f0fe&w=300&h=250
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Falls Church, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Fri, 04 Jun 2021 09:26:21 GMT
access-control-allow-credentials: true
connection: close

POST
H/1.1 204
No Content prebid.aspx Show response
prebid.scupio.com/recweb/ Frame AA4E 0
285 B 1424ms
512ms XHR
text/html 210.59.219.181
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.scupio.com/recweb/prebid.aspx?cb=0.7540248478623601
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.59.219.181 Taoyuan District, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 04 Jun 2021 09:26:21 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: text/html
Access-Control-Allow-Origin: https://img.scupio.com
Cache-Control: private
Access-Control-Allow-Credentials: true

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame AA4E 0
187 B 374ms
38ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.40.0-pre&cb=32737298759
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Fri, 04 Jun 2021 09:26:20 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

GET /
www.facebook.com/login/ Frame BB21 0
0

GET
H3-29 200 /
www.facebook.com/login/ Frame BB21 0
0 112ms
112ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FCreditCards.com.tw%252F%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yg/r/auXEUCWHUDu.js?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com data: blob: 'self';script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com: attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FCreditCards.com.tw%252F%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId

Response headers

content-security-policy: default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
cache-control: private, no-cache, no-store, must-revalidate
x-frame-options: DENY
content-encoding: br
x-xss-protection: 0
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
vary: Accept-Encoding
pragma: no-cache
x-fb-rlafr: 0
cross-origin-opener-policy: unsafe-none
content-type: text/html; charset="utf-8"
x-fb-debug: 9agt4X+l854dgGAE474m3NZWHguKJPqqdP2nEP/vcJjQ0Ldkw4dN2Zi524u603ALSabg0vQaNVTj7Hd0jw4LhQ==
date: Fri, 04 Jun 2021 09:26:21 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H2 200 currency.json Show response
img.scupio.com/js/config/ Frame EAFC 108 B
490 B 30ms
29ms XHR
application/json 52.222.149.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/config/currency.json
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.149.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-149-125.cdg52.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 419334094b5a8ead2d743bc8e533067b554288faebc143645ca7d8c89f130533

Request headers

Referer: https://img.scupio.com/html/ad.html?v=1.0.56
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 04 Jun 2021 09:24:51 GMT
via: 1.1 07cb86faf6a141962da4e2d7c85db039.cloudfront.net (CloudFront)
last-modified: Thu, 03 Jun 2021 19:16:05 GMT
server: nginx/1.12.1
age: 293
etag: "60b92a75-6c"
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=10800
x-amz-cf-pop: CDG52-P1
accept-ranges: bytes
content-length: 108
x-amz-cf-id: -APHcJUjhl71FYxJDSjlsnq9fcx4bapTXLxqckR4KrnOxbm9ukkJIw==
expires: Fri, 04 Jun 2021 12:21:28 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame EAFC
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1
https://mug.criteo.com/sid?cpp=z4OfQXxOVjBqbWNmUDVXSVFnSDlPVHkydnRKcTVYeVlZajR0V0sxV05EelByaXR4NjUreVcwZnlHTWx1RTkvU1VoNkN3cEZkajlyR05ZMjYxUXJoOU5CdG9odkhJREhaaEFPVmhYaS9MWFliSE1KWG84UktYcFhwVzB0bH...

353 B
633 B

121ms
62ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=z4OfQXxOVjBqbWNmUDVXSVFnSDlPVHkydnRKcTVYeVlZajR0V0sxV05EelByaXR4NjUreVcwZnlHTWx1RTkvU1VoNkN3cEZkajlyR05ZMjYxUXJoOU5CdG9odkhJREhaaEFPVmhYaS9MWFliSE1KWG84UktYcFhwVzB0bHBWYmZFQW1rdXhKSGN6TXdnbzFDTW9abDliT2ZsRDd5K3NxSVpGN2Rha3RCUkZsajdPSTJwa3ZBWVhhSzZVYlBERGhUQ095K1JHM0EzSlNtSVZJRkxCSTdHRkY0NlVvaGtkYlpkelRtQk1mQjRPL1BONk1JPXw&cppv=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

351b107c8d7d896a7ee4918745828df5193947588f3402501c95b61b20fb07a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Fri, 04 Jun 2021 09:26:21 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2376
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Fri, 04 Jun 2021 09:26:21 GMT
location: https://mug.criteo.com/sid?cpp=z4OfQXxOVjBqbWNmUDVXSVFnSDlPVHkydnRKcTVYeVlZajR0V0sxV05EelByaXR4NjUreVcwZnlHTWx1RTkvU1VoNkN3cEZkajlyR05ZMjYxUXJoOU5CdG9odkhJREhaaEFPVmhYaS9MWFliSE1KWG84UktYcFhwVzB0bHBWYmZFQW1rdXhKSGN6TXdnbzFDTW9abDliT2ZsRDd5K3NxSVpGN2Rha3RCUkZsajdPSTJwa3ZBWVhhSzZVYlBERGhUQ095K1JHM0EzSlNtSVZJRkxCSTdHRkY0NlVvaGtkYlpkelRtQk1mQjRPL1BONk1JPXw&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://img.scupio.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1968
content-length: 482
expires: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame EAFC 0
187 B 342ms
111ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.40.0-pre&cb=16408559033
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Fri, 04 Jun 2021 09:26:20 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H/1.1 204
No Content prebid.aspx Show response
prebid.scupio.com/recweb/ Frame EAFC 0
285 B 1183ms
294ms XHR
text/html 210.59.219.181
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.scupio.com/recweb/prebid.aspx?cb=0.3191476923800294
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.59.219.181 Taoyuan District, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 04 Jun 2021 09:26:21 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: text/html
Access-Control-Allow-Origin: https://img.scupio.com
Cache-Control: private
Access-Control-Allow-Credentials: true

GET
H/1.1 204
No Content header Show response
hb.aralego.com/ Frame EAFC 0
323 B 774ms
391ms XHR
text/plain 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-9A2A7263E9EB6DA9F4EB86E487B8648A&tdid=&schain=1.0%2C1!scupio.com%2C4808%2C1%2C%2C%2C&fp=undefined&eids=&host=img.scupio.com&u=https%3A%2F%2Fimg.scupio.com&xr=1&ao=https%3A%2F%2Freurl.cc&ucfUid=fdda292f-cde2-45bc-9ed7-96ddfe3aa399&w=970&h=250
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Falls Church, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Fri, 04 Jun 2021 09:26:21 GMT
access-control-allow-credentials: true
connection: close

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame EAFC 0
176 B 393ms
170ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Fri, 04 Jun 2021 09:26:21 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

GET
H3-29 200 94989982_255673909172455_296878155363254272_n.jpg
scontent-frx5-1.xx.fbcdn.net/v/t1.6435-1/cp0/p50x50/ Frame BB21 1 KB
1 KB 12ms
11ms Image
image/jpeg 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frx5-1.xx.fbcdn.net/v/t1.6435-1/cp0/p50x50/94989982_255673909172455_296878155363254272_n.jpg?_nc_cat=109&ccb=1-3&_nc_sid=dbb9e7&_nc_ohc=ATVzmMBLp0MAX9oz5bj&_nc_ht=scontent-frx5-1.xx&tp=27&oh=ceb373f74dd6d8f5e54a7e5453231b8a&oe=60DF35F5
Requested by: Host: reurl.cc
URL: https://reurl.cc/dVk4GD
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 4636fb9df5ae103fbad3764c9f98400be1c9384cbe77fdb6951b96adcac788b1

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 1667465380
date: Fri, 04 Jun 2021 09:26:21 GMT
last-modified: Thu, 30 Apr 2020 14:31:11 GMT
content-length: 1345
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 88386505
x-fb-config-version-olb-prod: 1118
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H2 200 safe_image.php
external-frt3-2.xx.fbcdn.net/ Frame BB21 36 KB
37 KB 153ms
28ms Image
image/jpeg 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://external-frt3-2.xx.fbcdn.net/safe_image.php?d=AQHCqMcYmZcRwIlN&w=476&h=249&url=http%3A%2F%2Fcreditcards.com.tw%2Fwp-content%2Fuploads%2F2021%2F06%2F2021-Flygo-%E5%9C%8B%E5%A4%96%E6%B6%88%E8%B2%BB%E6%9C%80%E9%AB%98-3-%E7%8F%BE%E9%87%91%E5%9B%9E%E9%A5%8B.jpg&cfs=1&upscale=1&fallback=news_d_placeholder_publisher&ccb=3-5&_nc_hash=AQGwMMczJ4YeA-KJ

Requested by

Host: reurl.cc
URL: https://reurl.cc/dVk4GD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6917fdd9f56a9efd711d531cafe83a0c907bdb77ceb712bbcc0778d3b25cd4da

Security Headers

Name	Value
Content-Security-Policy	default-src fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.xx.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-type-options: nosniff
x-fb-rlafr: 0
cross-origin-resource-policy: cross-origin
x-fb-config-version-olb-prod: 1118
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 37142
x-xss-protection: 0
x-fb-debug: 7uLtnSqH4urf6AnRa2CMt1MjpaEdQF5g7JoKFg7305CsvWL+TQnExepk8RyyxqsdCyr8RE9/4UCvWE1oWp40sw==
x-fb-trip-id: 686109401
expires: Wed, 09 Jun 2021 01:56:58 GMT
last-modified: Mon, 31 May 2021 18:07:22 GMT
x-fb-config-version-slb-prod_regional: 1118
date: Fri, 04 Jun 2021 09:26:21 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
vary: Origin
cache-control: public, max-age=86400
access-control-allow-credentials: true
etag: "8cea4878ca2b400f1f753812bfd9012b"
content-security-policy: default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.xx.facebook.com/csp/reporting/?m=c;
timing-allow-origin: *
access-control-expose-headers: X-FB-Debug, X-Loader-Length

GET
H2 200 safe_image.php
external-frt3-2.xx.fbcdn.net/ Frame BB21 31 KB
32 KB 159ms
35ms Image
image/jpeg 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://external-frt3-2.xx.fbcdn.net/safe_image.php?d=AQG6oNBgbKYBdc1j&w=476&h=249&url=http%3A%2F%2Fcreditcards.com.tw%2Fwp-content%2Fuploads%2F2020%2F07%2F%E5%8F%B0%E6%96%B0GOGO%E9%BB%91%E7%8B%97%E5%8D%A1-%E6%8C%87%E5%AE%9A%E7%B6%B2%E8%B3%BC-6.jpg&cfs=1&upscale=1&fallback=news_d_placeholder_publisher&ccb=3-5&_nc_hash=AQHhicTW5mK5m_pd

Requested by

Host: reurl.cc
URL: https://reurl.cc/dVk4GD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ed363ffaf32a62cf0b6216e113f90b906cf3396498cc97c1136a3a3610599f00

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-type-options: nosniff
x-fb-rlafr: 0
cross-origin-resource-policy: cross-origin
x-fb-config-version-olb-prod: 1116
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 32145
x-xss-protection: 0
x-fb-debug: ahPKw0xhX26p1zssl5ZPTzzXkWzezv9ubEWnMOjPlKtKeGsdLhNGahYyUx7OJQVhUA6n/Eh2rLWdj+sfML/FwQ==
x-fb-trip-id: 686109401
expires: Mon, 07 Jun 2021 13:16:20 GMT
last-modified: Tue, 30 Jun 2020 16:45:48 GMT
date: Fri, 04 Jun 2021 09:26:21 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
vary: Origin
cache-control: public, max-age=86400
access-control-allow-credentials: true
etag: "4e83cc0a8ddfe1a2214cd05c966fca27"
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
timing-allow-origin: *
access-control-expose-headers: X-FB-Debug, X-Loader-Length

GET
H2 200 safe_image.php
external-frt3-2.xx.fbcdn.net/ Frame BB21 49 KB
50 KB 156ms
36ms Image
image/jpeg 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://external-frt3-2.xx.fbcdn.net/safe_image.php?d=AQGWyN7H3y6yLU-1&w=476&h=249&url=http%3A%2F%2Fcreditcards.com.tw%2Fwp-content%2Fuploads%2F2020%2F12%2F%E8%8B%B1%E9%9B%84%E8%81%AF%E7%9B%9F%E8%81%AF%E5%90%8D%E4%BF%A1%E7%94%A8%E5%8D%A1%EF%BC%8C%E5%A8%9B%E6%A8%82%E3%80%81%E5%A4%96%E9%80%81%E3%80%81%E5%BD%B1%E9%9F%B3%E3%80%81%E5%8F%AB%E8%BB%8A10%E7%8F%BE%E9%87%91%E5%9B%9E%E9%A5%8B.jpg&cfs=1&upscale=1&fallback=news_d_placeholder_publisher&ccb=3-5&_nc_hash=AQGJrdWMZUaXgHQm

Requested by

Host: reurl.cc
URL: https://reurl.cc/dVk4GD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

57bc7f6f10d35d472b0f7d2295e374ad21206182b6287f3bc65d2d165cd226dc

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-type-options: nosniff
x-fb-rlafr: 0
cross-origin-resource-policy: cross-origin
x-fb-config-version-olb-prod: 1116
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 50547
x-xss-protection: 0
x-fb-debug: Croz66RbAzCCJaRKtUMJSDGfUn/2IZupbcznsPqaxX0Evcr2OjWHIjmvpWuT3cq4m9swIeMoIgVMEQrif21Raw==
x-fb-trip-id: 686109401
expires: Sun, 06 Jun 2021 06:16:10 GMT
last-modified: Thu, 17 Dec 2020 17:16:41 GMT
cross-origin-opener-policy: same-origin-allow-popups
x-fb-config-version-slb-prod_regional: 1116
date: Fri, 04 Jun 2021 09:26:21 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
vary: Origin
cache-control: public, max-age=86400
access-control-allow-credentials: true
etag: "dade04e521fab1834a464ddd2185432f"
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
timing-allow-origin: *
access-control-expose-headers: X-FB-Debug, X-Loader-Length

GET
H2 200 safe_image.php
external-frt3-2.xx.fbcdn.net/ Frame BB21 39 KB
39 KB 163ms
43ms Image
image/jpeg 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://external-frt3-2.xx.fbcdn.net/safe_image.php?d=AQG63uX2OZlWVxOA&w=476&h=249&url=http%3A%2F%2Fcreditcards.com.tw%2Fwp-content%2Fuploads%2F2021%2F01%2F2021-%E8%A1%8C%E5%8B%95%E6%94%AF%E4%BB%98%E4%BF%A1%E7%94%A8%E5%8D%A1%E6%8E%A8%E8%96%A6.jpg&cfs=1&upscale=1&fallback=news_d_placeholder_publisher&ccb=3-5&_nc_hash=AQFPTK17H4-waBRP

Requested by

Host: reurl.cc
URL: https://reurl.cc/dVk4GD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e81e7b7654b1765c05988edeac521085a6190289bea00ddb3c9117122e54132a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-type-options: nosniff
x-fb-rlafr: 0
cross-origin-resource-policy: cross-origin
x-fb-config-version-olb-prod: 1112
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 39932
x-xss-protection: 0
x-fb-debug: gAy9E52DZU0DYvs66ra9h4n1ceO1ahyMHdEiM1ptbtCqWFnLs5GFPEYbIksV4ddE7/xu0tzUfz65MnTog2ot5Q==
x-fb-trip-id: 686109401
expires: Tue, 01 Jun 2021 02:09:32 GMT
last-modified: Sun, 03 Jan 2021 03:50:00 GMT
date: Fri, 04 Jun 2021 09:26:21 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
vary: Origin
cache-control: public, max-age=86400
access-control-allow-credentials: true
etag: "e694b75f103d52c0de89f63531d2cd87"
timing-allow-origin: *
access-control-expose-headers: X-FB-Debug, X-Loader-Length

GET
H2 200 safe_image.php
external-frt3-2.xx.fbcdn.net/ Frame BB21 51 KB
51 KB 163ms
43ms Image
image/jpeg 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://external-frt3-2.xx.fbcdn.net/safe_image.php?d=AQGJGsOuCDlqKQfD&w=476&h=249&url=http%3A%2F%2Fcreditcards.com.tw%2Fwp-content%2Fuploads%2F2021%2F01%2F2021-%E5%AE%B6%E6%A8%82%E7%A6%8F%E5%84%AA%E6%83%A0%E5%8C%AF%E6%95%B4-%E6%9C%80%E9%AB%98-20-%E5%9B%9E%E9%A5%8B.jpg&cfs=1&upscale=1&fallback=news_d_placeholder_publisher&ccb=3-5&_nc_hash=AQGqdVIDV_F7jKDk

Requested by

Host: reurl.cc
URL: https://reurl.cc/dVk4GD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4d1eafa1b94840894935f7028573d0c76366686c3b684b688b89473327f41519

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-type-options: nosniff
x-fb-rlafr: 0
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
cross-origin-resource-policy: cross-origin
x-fb-config-version-olb-prod: 1116
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 52122
x-xss-protection: 0
x-fb-debug: dzsaFlkrhLluCLZVYRF2vZyej5RZwpm7jvstUzeWfI9InuweL2QooAwYe7BCT3CylM5COo6mgfNPOKZjnhtbjQ==
x-fb-trip-id: 686109401
expires: Mon, 07 Jun 2021 15:24:21 GMT
last-modified: Sun, 17 Jan 2021 21:34:52 GMT
cross-origin-opener-policy: same-origin-allow-popups
x-fb-config-version-slb-prod_regional: 1116
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 04 Jun 2021 09:26:21 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
vary: Origin
cache-control: public, max-age=86400
access-control-allow-credentials: true
etag: "01cec90b8811389ab3de2d202e90a284"
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
timing-allow-origin: *
access-control-expose-headers: X-FB-Debug, X-Loader-Length

GET
H3-29 200 _0FMPEc0nGG.png
www.facebook.com/rsrc.php/v3/y8/r/ Frame BB21 3 KB
3 KB 13ms
7ms Image
image/png 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v3/y8/r/_0FMPEc0nGG.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/ye/l/0,cross/trH3Te47Jv4.css?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

413df42b0bc720e5a3ebde9068fb24d838f9920d120386c7cf86b254f9f0aff1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/rsrc.php/v3/ye/l/0,cross/trH3Te47Jv4.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: D7dEDHoOjQ4RRs7oxVwtiiLxFa4Elhh9faFR9gHmtegxx+EMoH6A2HBbkHznSwTzbBqTKBk8dB1c+zVGRzzCyA==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: 07Y+WidR60hZ1F1QEiIIWA==
date: Wed, 02 Jun 2021 18:04:50 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
content-length: 3241
timing-allow-origin: *
priority: u=3,i
x-fb-rlafr: 0
expires: Thu, 02 Jun 2022 18:04:50 GMT

GET
H3-29 200 n-uOOobFC9i.png
www.facebook.com/rsrc.php/v3/y3/r/ Frame BB21 3 KB
3 KB 9ms
6ms Image
image/png 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v3/y3/r/n-uOOobFC9i.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/y5/l/0,cross/ph12ipM0DsW.css?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

33c09ad5541630ddd97336563ab0c8c13396dce0075375a15a370bb90b29e6e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/rsrc.php/v3/y5/l/0,cross/ph12ipM0DsW.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: 5R8HJLWP1tWM1LkvCpNSg8PCRn56O3aF6J+u4WsOVPEs2nKcgS7Be3dT5zRcWDZKFinokRGCfPv5e6vtXNpWvw==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: FxoGPHP5kucUksTSZgXu4w==
date: Sat, 29 May 2021 20:06:05 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
content-length: 3249
timing-allow-origin: *
priority: u=3,i
x-fb-rlafr: 0
expires: Sun, 29 May 2022 20:06:05 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 363ms
16ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1

Protocol

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://img.scupio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: https://img.scupio.com
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1395
date: Fri, 04 Jun 2021 09:26:20 GMT
content-encoding: gzip
vary: Accept-Encoding

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 243ms
17ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1

Protocol

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://img.scupio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: https://img.scupio.com
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1419
date: Fri, 04 Jun 2021 09:26:20 GMT
content-encoding: gzip
vary: Accept-Encoding

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 81ms
22ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1179
date: Fri, 04 Jun 2021 09:26:20 GMT
content-encoding: gzip
vary: Accept-Encoding

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 80ms
23ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 962
date: Fri, 04 Jun 2021 09:26:20 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 169A 134 KB
48 KB 70ms
38ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.56

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bca58cb91d0442fbc4394a6675603165ecaa067a92f4f6e115e34dfa2833a37a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 09:26:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48419
x-xss-protection: 0
server: cafe
etag: 13744972075384101287
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 04 Jun 2021 09:26:22 GMT

POST
H/1.1 200
OK bidinfo.aspx Show response
bw.scupio.com/adpinline/ Frame EAFC 2 KB
2 KB 1196ms
299ms XHR
application/javascript 210.59.219.180
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://bw.scupio.com/adpinline/bidinfo.aspx?cb=0.08797317364001667
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 210.59.219.180 Taoyuan District, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 765a7b3641e1f61ff0a8c2ad0f5aa22443711728f66e5f4e6a41ed7a0bc14c8e

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Fri, 04 Jun 2021 09:26:23 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin: https://img.scupio.com
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Type: application/javascript; charset=utf-8
Content-Length: 1473

GET
DATA 200
OK truncated
/ Frame EAFC 762 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ce81ecccefb27ce0f347ef564114da2ba450a9e1d9a7260b4597e62b1f71a72

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210601/r20190131/ Frame 169A 232 KB
86 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210601/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4866695676912380&plah=img.scupio.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0d5f76008f1784b20b99d51741b2f8b8bbee28d5f2950ca2cf4226b6d61b1344

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 09:26:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87637
x-xss-protection: 0
server: cafe
etag: 15632250250964762239
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 04 Jun 2021 09:26:22 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210601/r20190131/ Frame 17AD 10 KB
5 KB 46ms
6ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210601/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1dad6cb9a0903898a8f82f89c0d10ee6e94f8459228530fa5df3078100c9f650

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210601/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://img.scupio.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://img.scupio.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 03 Jun 2021 23:11:58 GMT
expires: Thu, 17 Jun 2021 23:11:58 GMT
content-type: text/html; charset=UTF-8
etag: 15349191498103243965
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4506
x-xss-protection: 0
age: 36864
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame F8D8 134 KB
47 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.56

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bca58cb91d0442fbc4394a6675603165ecaa067a92f4f6e115e34dfa2833a37a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 09:26:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48419
x-xss-protection: 0
server: cafe
etag: 13744972075384101287
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 04 Jun 2021 09:26:22 GMT

POST
H/1.1 200
OK bidinfo.aspx Show response
bw.scupio.com/adpinline/ Frame AA4E 2 KB
2 KB 1176ms
294ms XHR
application/javascript 210.59.219.180
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://bw.scupio.com/adpinline/bidinfo.aspx?cb=0.9481810445519727
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 210.59.219.180 Taoyuan District, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 12750d607b370ed81e9938a69036aab63b69a0324b068fc424fac87468561cf1

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Fri, 04 Jun 2021 09:26:23 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin: https://img.scupio.com
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Type: application/javascript; charset=utf-8
Content-Length: 1479

GET
DATA 200
OK truncated
/ Frame AA4E 762 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ce81ecccefb27ce0f347ef564114da2ba450a9e1d9a7260b4597e62b1f71a72

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 169A 107 B
799 B 67ms
31ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=img.scupio.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210601/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4866695676912380&plah=img.scupio.com&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 09:26:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 169A 107 B
553 B 65ms
30ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=img.scupio.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 09:26:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4CDD 66 KB
22 KB 379ms
355ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4866695676912380&output=html&h=250&slotname=reurl&adk=865550918&adf=3407277732&pi=t.ma~as.reurl&w=970&psa=0&format=970x250&url=https%3A%2F%2Freurl.cc%2FdVk4GD&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622798782435&bpp=7&bdt=1348&idt=95&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=402749091692&frm=24&ife=1&pv=2&ga_vid=274011366.1622798783&ga_sid=1622798783&ga_hid=909289244&ga_fc=0&nhd=2&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=970&ish=250&ifk=4230864728&scr_x=-12245933&scr_y=-12245933&eid=42530671%2C31060957&oid=3&pvsid=120294165101910&loc=EMPTY&top=https%3A%2F%2Freurl.cc%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.k104k7u72974&fsb=1&dtd=144

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4397ccd5bd5e56d3ac5c96d476a27fe3f369c82c4e6108c590f672a128f2a202

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4866695676912380&output=html&h=250&slotname=reurl&adk=865550918&adf=3407277732&pi=t.ma~as.reurl&w=970&psa=0&format=970x250&url=https%3A%2F%2Freurl.cc%2FdVk4GD&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622798782435&bpp=7&bdt=1348&idt=95&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=402749091692&frm=24&ife=1&pv=2&ga_vid=274011366.1622798783&ga_sid=1622798783&ga_hid=909289244&ga_fc=0&nhd=2&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=970&ish=250&ifk=4230864728&scr_x=-12245933&scr_y=-12245933&eid=42530671%2C31060957&oid=3&pvsid=120294165101910&loc=EMPTY&top=https%3A%2F%2Freurl.cc%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.k104k7u72974&fsb=1&dtd=144
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://img.scupio.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://img.scupio.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 04 Jun 2021 09:26:23 GMT
server: cafe
content-length: 22662
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 04-Jun-2021 09:41:22 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 04 Jun 2021 09:26:23 GMT
cache-control: private

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 169A 11 KB
8 KB 120ms
68ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210601&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8da96f910329466c4baa9d2c711598cdb66e3be5d5d2eb3ec77ba8be3e5344f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 09:26:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8227
x-xss-protection: 0

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 169A 73 KB
28 KB 124ms
28ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11d71fc112df3977b9562151e6c75ce860c42779dddcc79af1d0a07366cd44d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 09:26:22 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1622656037121142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28114
x-xss-protection: 0
expires: Fri, 04 Jun 2021 09:26:22 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame AA4E 83 KB
27 KB 61ms
13ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 982d34951038f20a2cfd09cb3fb85a55ccecd7016b73a10f5bac83cdc5d55fee

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 09:26:22 GMT
content-encoding: gzip
last-modified: Thu, 20 May 2021 06:12:34 GMT
server: nginx
etag: W/"60a5fdd2-14a5d"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 05 Jun 2021 09:26:22 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame EAFC 83 KB
27 KB 74ms
27ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 982d34951038f20a2cfd09cb3fb85a55ccecd7016b73a10f5bac83cdc5d55fee

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 09:26:22 GMT
content-encoding: gzip
last-modified: Thu, 20 May 2021 06:12:34 GMT
server: nginx
etag: W/"60a5fdd2-14a5d"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 05 Jun 2021 09:26:22 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210601/r20190131/ Frame F8D8 232 KB
86 KB 72ms
71ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210601/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4866695676912380&plah=img.scupio.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0d5f76008f1784b20b99d51741b2f8b8bbee28d5f2950ca2cf4226b6d61b1344

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 09:26:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87637
x-xss-protection: 0
server: cafe
etag: 15632250250964762239
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 04 Jun 2021 09:26:22 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 169A 17 KB
7 KB 65ms
32ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 09:26:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Fri, 04 Jun 2021 09:26:22 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 344E 2 KB
1 KB 15ms
14ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

7512ae62108af074eaa90622e9df04625f120ecf4a909443fa6dc1a2b071c7a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?origin=publishertag&topUrl=reurl.cc
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://img.scupio.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://img.scupio.com/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2173
set-cookie: uid=f1e71277-9f9c-41ad-8b29-69ccd4b2a885; expires=Sat, 04 Jun 2022 09:26:22 GMT; domain=.criteo.com; path=/; secure; samesite=none
date: Fri, 04 Jun 2021 09:26:22 GMT
content-length: 1129

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame AA4E 83 KB
27 KB 75ms
33ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 982d34951038f20a2cfd09cb3fb85a55ccecd7016b73a10f5bac83cdc5d55fee

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 09:26:23 GMT
content-encoding: gzip
last-modified: Thu, 20 May 2021 06:12:34 GMT
server: nginx
etag: W/"60a5fdd2-14a5d"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 05 Jun 2021 09:26:23 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame F1FC 2 KB
1 KB 18ms
15ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

7512ae62108af074eaa90622e9df04625f120ecf4a909443fa6dc1a2b071c7a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?origin=publishertag&topUrl=reurl.cc
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://img.scupio.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: uid=f1e71277-9f9c-41ad-8b29-69ccd4b2a885
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://img.scupio.com/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3572
set-cookie: uid=f1e71277-9f9c-41ad-8b29-69ccd4b2a885; expires=Sat, 04 Jun 2022 09:26:22 GMT; domain=.criteo.com; path=/; secure; samesite=none
date: Fri, 04 Jun 2021 09:26:22 GMT
content-length: 1129

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame EAFC 83 KB
27 KB 46ms
42ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 982d34951038f20a2cfd09cb3fb85a55ccecd7016b73a10f5bac83cdc5d55fee

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 09:26:23 GMT
content-encoding: gzip
last-modified: Thu, 20 May 2021 06:12:34 GMT
server: nginx
etag: W/"60a5fdd2-14a5d"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 05 Jun 2021 09:26:23 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame F07D 12 KB
5 KB 52ms
32ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://img.scupio.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://img.scupio.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Fri, 04 Jun 2021 09:25:00 GMT
expires: Sat, 04 Jun 2022 09:25:00 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 83
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4DC3 783 B
828 B 50ms
30ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

40c69601e757a4c74ab42f91ed532b4ced185572637b85f08216b91483e0b686

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-+aVZfB+Dg4XgAOtggE4hYg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://img.scupio.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://img.scupio.com/

Response headers

expires: Fri, 04 Jun 2021 09:26:23 GMT
date: Fri, 04 Jun 2021 09:26:23 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-+aVZfB+Dg4XgAOtggE4hYg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame F8D8 107 B
122 B 52ms
50ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=img.scupio.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 09:26:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame F8D8 107 B
122 B 51ms
50ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=img.scupio.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 09:26:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D432 75 KB
25 KB 359ms
350ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4866695676912380&output=html&h=250&slotname=reurl&adk=2500528001&adf=3407277731&pi=t.ma~as.reurl&w=300&psa=0&format=300x250&url=https%3A%2F%2Freurl.cc%2FdVk4GD&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622798782787&bpp=3&bdt=1858&idt=401&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=6719037076985&frm=24&ife=1&pv=2&ga_vid=960483536.1622798783&ga_sid=1622798783&ga_hid=1788331782&ga_fc=0&nhd=2&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2168095294&scr_x=-12245933&scr_y=-12245933&oid=3&pvsid=1345593370481673&loc=EMPTY&top=https%3A%2F%2Freurl.cc%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.34eemjjfko42&fsb=1&dtd=435

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf2811a5f53f5a1b131d4ac59e06e27ab7ff8f2045409442b2434a33ed150f83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4866695676912380&output=html&h=250&slotname=reurl&adk=2500528001&adf=3407277731&pi=t.ma~as.reurl&w=300&psa=0&format=300x250&url=https%3A%2F%2Freurl.cc%2FdVk4GD&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622798782787&bpp=3&bdt=1858&idt=401&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=6719037076985&frm=24&ife=1&pv=2&ga_vid=960483536.1622798783&ga_sid=1622798783&ga_hid=1788331782&ga_fc=0&nhd=2&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2168095294&scr_x=-12245933&scr_y=-12245933&oid=3&pvsid=1345593370481673&loc=EMPTY&top=https%3A%2F%2Freurl.cc%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.34eemjjfko42&fsb=1&dtd=435
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://img.scupio.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://img.scupio.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 04 Jun 2021 09:26:23 GMT
server: cafe
content-length: 25943
x-xss-protection: 0
set-cookie: IDE=AHWqTUkj1ZpMZzc0S32KGTh8y29aaQMMO4wa_9PdRIr0AtF61HlHfbmDwF3WABjoP-Q; expires=Wed, 29-Jun-2022 09:26:23 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 04 Jun 2021 09:26:23 GMT
cache-control: private

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame F8D8 10 KB
8 KB 48ms
41ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210601&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ea8aa21c390ea2d1e88cac584757b7943c36e6af9834635cbbba3bf007eba6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 09:26:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8094
x-xss-protection: 0

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame F8D8 73 KB
27 KB 98ms
90ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11d71fc112df3977b9562151e6c75ce860c42779dddcc79af1d0a07366cd44d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 09:26:23 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1622656037121142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28114
x-xss-protection: 0
expires: Fri, 04 Jun 2021 09:26:23 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 4CDD 3 KB
674 B 30ms
29ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4866695676912380&output=html&h=250&slotname=reurl&adk=865550918&adf=3407277732&pi=t.ma~as.reurl&w=970&psa=0&format=970x250&url=https%3A%2F%2Freurl.cc%2FdVk4GD&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622798782435&bpp=7&bdt=1348&idt=95&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=402749091692&frm=24&ife=1&pv=2&ga_vid=274011366.1622798783&ga_sid=1622798783&ga_hid=909289244&ga_fc=0&nhd=2&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=970&ish=250&ifk=4230864728&scr_x=-12245933&scr_y=-12245933&eid=42530671%2C31060957&oid=3&pvsid=120294165101910&loc=EMPTY&top=https%3A%2F%2Freurl.cc%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.k104k7u72974&fsb=1&dtd=144

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 04 Jun 2021 08:57:39 GMT
server: ESF
date: Fri, 04 Jun 2021 09:26:23 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 04 Jun 2021 09:26:23 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/ Frame 4CDD 1 KB
909 B 13ms
11ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 09:23:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 172
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Jun 2021 09:23:31 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210601/r20110914/ Frame 4CDD 17 KB
7 KB 13ms
11ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9de83c923a234e8b164d2351ed47b456ec3417785b5fc33b4827f071f51f05f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 09:25:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7001
x-xss-protection: 0
server: cafe
etag: 17954294202796946299
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Jun 2021 09:25:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/ Frame 4CDD 2 KB
1 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 09:23:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 154
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Jun 2021 09:23:49 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4CDD 121 KB
37 KB 62ms
60ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85e1be533dbdd83a22910cbee29a4d1f49d3e8d201f5f480517ecfd6bd282965

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 09:26:23 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1622656031336809"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37735
x-xss-protection: 0
expires: Fri, 04 Jun 2021 09:26:23 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/ Frame 4CDD 13 KB
6 KB 31ms
29ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

27466895d3e9250f3d0ae0e726f72b8a5c23e2aa83f9caaaf99dcb9f18fcac4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 09:24:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 107
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5635
x-xss-protection: 0
server: cafe
etag: 1091097466425408374
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Jun 2021 09:24:36 GMT

GET
H2 200 3b821d177d35ff0343c5a517c12ac1c9.js Show response
www.gstatic.com/mysidia/ Frame 4CDD 25 KB
11 KB 61ms
8ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3b821d177d35ff0343c5a517c12ac1c9.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d7bc2e5c2959435469986ff3eb98d158edf428ed8eeccb0e8ffe31d3336c9ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 16:25:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 02 Jun 2021 00:10:36 GMT
server: sffe
age: 147654
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10549
x-xss-protection: 0
expires: Tue, 31 Aug 2021 16:25:29 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame F8D8 17 KB
6 KB 29ms
27ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 09:26:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Fri, 04 Jun 2021 09:26:23 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 16C5 143 B
163 B 13ms
9ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4866695676912380&output=html&h=250&slotname=reurl&adk=865550918&adf=3407277732&pi=t.ma~as.reurl&w=970&psa=0&format=970x250&url=https%3A%2F%2Freurl.cc%2FdVk4GD&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622798782435&bpp=7&bdt=1348&idt=95&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=402749091692&frm=24&ife=1&pv=2&ga_vid=274011366.1622798783&ga_sid=1622798783&ga_hid=909289244&ga_fc=0&nhd=2&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=970&ish=250&ifk=4230864728&scr_x=-12245933&scr_y=-12245933&eid=42530671%2C31060957&oid=3&pvsid=120294165101910&loc=EMPTY&top=https%3A%2F%2Freurl.cc%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.k104k7u72974&fsb=1&dtd=144
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4866695676912380&output=html&h=250&slotname=reurl&adk=865550918&adf=3407277732&pi=t.ma~as.reurl&w=970&psa=0&format=970x250&url=https%3A%2F%2Freurl.cc%2FdVk4GD&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622798782435&bpp=7&bdt=1348&idt=95&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=402749091692&frm=24&ife=1&pv=2&ga_vid=274011366.1622798783&ga_sid=1622798783&ga_hid=909289244&ga_fc=0&nhd=2&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=970&ish=250&ifk=4230864728&scr_x=-12245933&scr_y=-12245933&eid=42530671%2C31060957&oid=3&pvsid=120294165101910&loc=EMPTY&top=https%3A%2F%2Freurl.cc%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.k104k7u72974&fsb=1&dtd=144

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 04 Jun 2021 08:36:58 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2965
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 4CDD 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99b610031ecb212fba707a840442a8b88beb4b189c8a9854c41ee33599b42fd8

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ls.html Show response
img.scupio.com/html/ Frame 5688 1 KB
1 KB 31ms
29ms Document
text/html 52.222.149.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/html/ls.html
Requested by: Host: reurl.cc
URL: https://reurl.cc/dVk4GD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.149.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-149-125.cdg52.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce

Request headers

:method: GET
:authority: img.scupio.com
:scheme: https
:path: /html/ls.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://img.scupio.com/html/ad.html?v=1.0.56
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: OrgKeyValue=CCA2021060417262327890; gx=H4sIAD9iumAA%2fxNmYGDg4ubY9mnX4tkXL1sKsAqxcNgLMAEAbCT6FxcAAAA%3d
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://img.scupio.com/html/ad.html?v=1.0.56

Response headers

content-type: text/html; charset=utf-8
server: nginx/1.12.1
last-modified: Mon, 21 Nov 2016 06:35:53 GMT
access-control-allow-origin: *
content-encoding: gzip
date: Fri, 04 Jun 2021 09:17:27 GMT
expires: Fri, 11 Jun 2021 09:17:27 GMT
cache-control: max-age=604800
etag: W/"583295c9-4dc"
x-cache: Hit from cloudfront
via: 1.1 07cb86faf6a141962da4e2d7c85db039.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG52-P1
x-amz-cf-id: 5L2mvUW8UEXjKAN8kKrqEKs-je4W8JYyRcOlfYU9ihgGbFAxckitMA==
age: 536

GET
H/1.1

200
OK

ggid.aspx Show response
rec.scupio.com/recweb/ Frame 20EC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q0NBMjAyMTA2MDQxNzI2MjMyNzg5MA%3d%3d&layout=js
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEPCkqKa2FmnqkL_rD-WS7jQ&google_cver=1&google_ula=3918219,0

0
551 B

1188ms
292ms

Script
text/javascript

210.59.219.175
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEPCkqKa2FmnqkL_rD-WS7jQ&google_cver=1&google_ula=3918219,0
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.56
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 210.59.219.175 Taoyuan District, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 04 Jun 2021 09:26:24 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control: private
Content-Type: text/javascript
Content-Length: 0

Redirect headers

pragma: no-cache
date: Fri, 04 Jun 2021 09:26:23 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEPCkqKa2FmnqkL_rD-WS7jQ&google_cver=1&google_ula=3918219,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 332
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame C006
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac

281 B
554 B

107ms
28ms

Document
text/html

104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Requested by: Host: reurl.cc
URL: https://reurl.cc/dVk4GD
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://img.scupio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://img.scupio.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 04 Jun 2021 09:26:23 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Date: Fri, 04 Jun 2021 09:26:23 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2 200 /
www.facebook.com/tr/ Frame 20EC 44 B
147 B 7ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1588263144793165&ev=ViewContent&dl=https%3A%2F%2Fimg.scupio.com%2Fhtml%2Fad.html%3Fv%3D1.0.56&rl=&if=true&ts=1622798783592&cd[SBST]=17&cd[PuID]=reurl

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.56

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 09:26:23 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 04 Jun 2021 09:26:23 GMT

GET
H/1.1

200
OK

uxid.aspx
rec.scupio.com/recweb/ Frame 20EC
Redirect Chain

https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CCA2021060417262327890
https://rec.scupio.com/recweb/uxid.aspx?id=UCFUID

35 B
581 B

1005ms
293ms

Image
image/gif

210.59.219.175
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rec.scupio.com/recweb/uxid.aspx?id=UCFUID
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.56
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 210.59.219.175 Taoyuan District, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 04 Jun 2021 09:26:24 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control: private
Content-Type: image/gif
Content-Length: 35

Redirect headers

Location: https://rec.scupio.com/recweb/uxid.aspx?id=UCFUID
Date: Fri, 04 Jun 2021 09:26:24 GMT
Connection: close
Content-Length: 71
Vary: Accept, Accept-Encoding
Content-Type: text/plain; charset=utf-8

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 4CDD 21 KB
21 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Jun 2021 06:30:43 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
age: 269740
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21716
x-xss-protection: 0
expires: Wed, 01 Jun 2022 06:30:43 GMT

GET
H3-29 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 4CDD 21 KB
21 KB 33ms
26ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Jun 2021 22:10:26 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
age: 213357
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
expires: Wed, 01 Jun 2022 22:10:26 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 4D54 12 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://img.scupio.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://img.scupio.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Fri, 04 Jun 2021 09:25:00 GMT
expires: Sat, 04 Jun 2022 09:25:00 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 83
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2930 783 B
536 B 33ms
32ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

29793c0023ead6016bcc273ef4cac6b2f8be3649d53c85e5990795aab7a84757

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GkF/KN0S0WjBHlhnbEA91w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://img.scupio.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://img.scupio.com/

Response headers

expires: Fri, 04 Jun 2021 09:26:23 GMT
date: Fri, 04 Jun 2021 09:26:23 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-GkF/KN0S0WjBHlhnbEA91w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ls.html Show response
img.scupio.com/html/ Frame 6115 1 KB
1 KB 37ms
37ms Document
text/html 52.222.149.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/html/ls.html
Requested by: Host: reurl.cc
URL: https://reurl.cc/dVk4GD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.149.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-149-125.cdg52.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce

Request headers

:method: GET
:authority: img.scupio.com
:scheme: https
:path: /html/ls.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://img.scupio.com/html/ad.html?v=1.0.56
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: OrgKeyValue=CNA20210604172623916971; gx=H4sIAD9iumAA%2fxNmYGDg4uY4MXvnktkXL1sKsAqxcNgLMAEA0RBA3RcAAAA%3d
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://img.scupio.com/html/ad.html?v=1.0.56

Response headers

content-type: text/html; charset=utf-8
server: nginx/1.12.1
last-modified: Mon, 21 Nov 2016 06:35:53 GMT
access-control-allow-origin: *
content-encoding: gzip
date: Fri, 04 Jun 2021 09:17:27 GMT
expires: Fri, 11 Jun 2021 09:17:27 GMT
cache-control: max-age=604800
etag: W/"583295c9-4dc"
x-cache: Hit from cloudfront
via: 1.1 07cb86faf6a141962da4e2d7c85db039.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG52-P1
x-amz-cf-id: 7LZb8eMxRxn8FpowFEkGlxBITBVbbsEqtEN3587s7_V6FMs9uqsRvw==
age: 536

GET
H/1.1

200
OK

ggid.aspx Show response
rec.scupio.com/recweb/ Frame AFCA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q05BMjAyMTA2MDQxNzI2MjM5MTY5NzE%3d&layout=js
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEPCkqKa2FmnqkL_rD-WS7jQ&google_cver=1&google_ula=3918219,0

0
551 B

1175ms
290ms

Script
text/javascript

210.59.219.175
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEPCkqKa2FmnqkL_rD-WS7jQ&google_cver=1&google_ula=3918219,0
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.56
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 210.59.219.175 Taoyuan District, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 04 Jun 2021 09:26:24 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control: private
Content-Type: text/javascript
Content-Length: 0

Redirect headers

pragma: no-cache
date: Fri, 04 Jun 2021 09:26:23 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEPCkqKa2FmnqkL_rD-WS7jQ&google_cver=1&google_ula=3918219,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 332
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 3246
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac

281 B
554 B

61ms
31ms

Document
text/html

104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Requested by: Host: reurl.cc
URL: https://reurl.cc/dVk4GD
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://img.scupio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://img.scupio.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 04 Jun 2021 09:26:23 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Date: Fri, 04 Jun 2021 09:26:23 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H3-29 200 /
www.facebook.com/tr/ Frame AFCA 44 B
90 B 11ms
10ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1588263144793165&ev=ViewContent&dl=https%3A%2F%2Fimg.scupio.com%2Fhtml%2Fad.html%3Fv%3D1.0.56&rl=&if=true&ts=1622798783713&cd[SBST]=17&cd[PuID]=reurl

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.56

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 09:26:23 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Fri, 04 Jun 2021 09:26:23 GMT

GET
H/1.1

200
OK

uxid.aspx
rec.scupio.com/recweb/ Frame AFCA
Redirect Chain

https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CNA20210604172623916971
https://rec.scupio.com/recweb/uxid.aspx?id=UCFUID

35 B
581 B

976ms
293ms

Image
image/gif

210.59.219.175
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rec.scupio.com/recweb/uxid.aspx?id=UCFUID
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.56
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 210.59.219.175 Taoyuan District, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 04 Jun 2021 09:26:24 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control: private
Content-Type: image/gif
Content-Length: 35

Redirect headers

Location: https://rec.scupio.com/recweb/uxid.aspx?id=UCFUID
Date: Fri, 04 Jun 2021 09:26:24 GMT
Connection: close
Content-Length: 71
Vary: Accept, Accept-Encoding
Content-Type: text/plain; charset=utf-8

GET
H3-29 200 7da1cfc87e9de3403a645020146a5422.js Show response
www.gstatic.com/mysidia/ Frame D432 7 KB
3 KB 32ms
27ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/7da1cfc87e9de3403a645020146a5422.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4866695676912380&output=html&h=250&slotname=reurl&adk=2500528001&adf=3407277731&pi=t.ma~as.reurl&w=300&psa=0&format=300x250&url=https%3A%2F%2Freurl.cc%2FdVk4GD&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622798782787&bpp=3&bdt=1858&idt=401&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=6719037076985&frm=24&ife=1&pv=2&ga_vid=960483536.1622798783&ga_sid=1622798783&ga_hid=1788331782&ga_fc=0&nhd=2&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2168095294&scr_x=-12245933&scr_y=-12245933&oid=3&pvsid=1345593370481673&loc=EMPTY&top=https%3A%2F%2Freurl.cc%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.34eemjjfko42&fsb=1&dtd=435

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf1248f78e9ad948b18a84ed85d2f8299b63b5257e7bb3f76b97bd9baa6becad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 16:25:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 02 Jun 2021 00:10:36 GMT
server: sffe
age: 147655
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3114
x-xss-protection: 0
expires: Tue, 31 Aug 2021 16:25:28 GMT

GET
H3-29 200 4a4a52212b1e07d0c716af620cc0742e.js Show response
www.gstatic.com/mysidia/ Frame D432 8 KB
3 KB 32ms
28ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4a4a52212b1e07d0c716af620cc0742e.js?tag=text/vanilla_rda_animated_cta

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4866695676912380&output=html&h=250&slotname=reurl&adk=2500528001&adf=3407277731&pi=t.ma~as.reurl&w=300&psa=0&format=300x250&url=https%3A%2F%2Freurl.cc%2FdVk4GD&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622798782787&bpp=3&bdt=1858&idt=401&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=6719037076985&frm=24&ife=1&pv=2&ga_vid=960483536.1622798783&ga_sid=1622798783&ga_hid=1788331782&ga_fc=0&nhd=2&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2168095294&scr_x=-12245933&scr_y=-12245933&oid=3&pvsid=1345593370481673&loc=EMPTY&top=https%3A%2F%2Freurl.cc%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.34eemjjfko42&fsb=1&dtd=435

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8960c86d19e8f6c8fcd5ecb7f3e6b2b38b5f06ac7e0c92dba047cd3f98dc0ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 31 May 2021 23:50:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 293771
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3442
x-xss-protection: 0
last-modified: Thu, 27 May 2021 01:51:11 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 29 Aug 2021 23:50:12 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame D432 3 KB
578 B 52ms
49ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4866695676912380&output=html&h=250&slotname=reurl&adk=2500528001&adf=3407277731&pi=t.ma~as.reurl&w=300&psa=0&format=300x250&url=https%3A%2F%2Freurl.cc%2FdVk4GD&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622798782787&bpp=3&bdt=1858&idt=401&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=6719037076985&frm=24&ife=1&pv=2&ga_vid=960483536.1622798783&ga_sid=1622798783&ga_hid=1788331782&ga_fc=0&nhd=2&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2168095294&scr_x=-12245933&scr_y=-12245933&oid=3&pvsid=1345593370481673&loc=EMPTY&top=https%3A%2F%2Freurl.cc%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.34eemjjfko42&fsb=1&dtd=435

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 04 Jun 2021 09:00:44 GMT
server: ESF
date: Fri, 04 Jun 2021 09:26:23 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 04 Jun 2021 09:26:23 GMT

GET
H3-29 200 wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js Show response
pagead2.googlesyndication.com/bg/ Frame F07D 14 KB
6 KB 11ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:41:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2701
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5768
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Jun 2022 08:41:22 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/ Frame D432 1 KB
909 B 11ms
11ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4866695676912380&output=html&h=250&slotname=reurl&adk=2500528001&adf=3407277731&pi=t.ma~as.reurl&w=300&psa=0&format=300x250&url=https%3A%2F%2Freurl.cc%2FdVk4GD&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622798782787&bpp=3&bdt=1858&idt=401&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=6719037076985&frm=24&ife=1&pv=2&ga_vid=960483536.1622798783&ga_sid=1622798783&ga_hid=1788331782&ga_fc=0&nhd=2&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2168095294&scr_x=-12245933&scr_y=-12245933&oid=3&pvsid=1345593370481673&loc=EMPTY&top=https%3A%2F%2Freurl.cc%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.34eemjjfko42&fsb=1&dtd=435

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 09:23:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 172
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Jun 2021 09:23:31 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210601/r20110914/ Frame D432 17 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4866695676912380&output=html&h=250&slotname=reurl&adk=2500528001&adf=3407277731&pi=t.ma~as.reurl&w=300&psa=0&format=300x250&url=https%3A%2F%2Freurl.cc%2FdVk4GD&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622798782787&bpp=3&bdt=1858&idt=401&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=6719037076985&frm=24&ife=1&pv=2&ga_vid=960483536.1622798783&ga_sid=1622798783&ga_hid=1788331782&ga_fc=0&nhd=2&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2168095294&scr_x=-12245933&scr_y=-12245933&oid=3&pvsid=1345593370481673&loc=EMPTY&top=https%3A%2F%2Freurl.cc%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.34eemjjfko42&fsb=1&dtd=435

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9de83c923a234e8b164d2351ed47b456ec3417785b5fc33b4827f071f51f05f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 09:25:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7001
x-xss-protection: 0
server: cafe
etag: 17954294202796946299
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Jun 2021 09:25:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/ Frame D432 2 KB
1 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4866695676912380&output=html&h=250&slotname=reurl&adk=2500528001&adf=3407277731&pi=t.ma~as.reurl&w=300&psa=0&format=300x250&url=https%3A%2F%2Freurl.cc%2FdVk4GD&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622798782787&bpp=3&bdt=1858&idt=401&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=6719037076985&frm=24&ife=1&pv=2&ga_vid=960483536.1622798783&ga_sid=1622798783&ga_hid=1788331782&ga_fc=0&nhd=2&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2168095294&scr_x=-12245933&scr_y=-12245933&oid=3&pvsid=1345593370481673&loc=EMPTY&top=https%3A%2F%2Freurl.cc%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.34eemjjfko42&fsb=1&dtd=435

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 09:23:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 154
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Jun 2021 09:23:49 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D432 121 KB
37 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4866695676912380&output=html&h=250&slotname=reurl&adk=2500528001&adf=3407277731&pi=t.ma~as.reurl&w=300&psa=0&format=300x250&url=https%3A%2F%2Freurl.cc%2FdVk4GD&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622798782787&bpp=3&bdt=1858&idt=401&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=6719037076985&frm=24&ife=1&pv=2&ga_vid=960483536.1622798783&ga_sid=1622798783&ga_hid=1788331782&ga_fc=0&nhd=2&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2168095294&scr_x=-12245933&scr_y=-12245933&oid=3&pvsid=1345593370481673&loc=EMPTY&top=https%3A%2F%2Freurl.cc%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.34eemjjfko42&fsb=1&dtd=435

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85e1be533dbdd83a22910cbee29a4d1f49d3e8d201f5f480517ecfd6bd282965

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 09:26:23 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1622656031336809"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37735
x-xss-protection: 0
expires: Fri, 04 Jun 2021 09:26:23 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/ Frame D432 13 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4866695676912380&output=html&h=250&slotname=reurl&adk=2500528001&adf=3407277731&pi=t.ma~as.reurl&w=300&psa=0&format=300x250&url=https%3A%2F%2Freurl.cc%2FdVk4GD&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622798782787&bpp=3&bdt=1858&idt=401&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=6719037076985&frm=24&ife=1&pv=2&ga_vid=960483536.1622798783&ga_sid=1622798783&ga_hid=1788331782&ga_fc=0&nhd=2&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2168095294&scr_x=-12245933&scr_y=-12245933&oid=3&pvsid=1345593370481673&loc=EMPTY&top=https%3A%2F%2Freurl.cc%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.34eemjjfko42&fsb=1&dtd=435

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

27466895d3e9250f3d0ae0e726f72b8a5c23e2aa83f9caaaf99dcb9f18fcac4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 09:24:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 107
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5635
x-xss-protection: 0
server: cafe
etag: 1091097466425408374
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Jun 2021 09:24:36 GMT

GET
H3-29 200 3b821d177d35ff0343c5a517c12ac1c9.js Show response
www.gstatic.com/mysidia/ Frame D432 25 KB
10 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3b821d177d35ff0343c5a517c12ac1c9.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4866695676912380&output=html&h=250&slotname=reurl&adk=2500528001&adf=3407277731&pi=t.ma~as.reurl&w=300&psa=0&format=300x250&url=https%3A%2F%2Freurl.cc%2FdVk4GD&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622798782787&bpp=3&bdt=1858&idt=401&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=6719037076985&frm=24&ife=1&pv=2&ga_vid=960483536.1622798783&ga_sid=1622798783&ga_hid=1788331782&ga_fc=0&nhd=2&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2168095294&scr_x=-12245933&scr_y=-12245933&oid=3&pvsid=1345593370481673&loc=EMPTY&top=https%3A%2F%2Freurl.cc%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.34eemjjfko42&fsb=1&dtd=435

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d7bc2e5c2959435469986ff3eb98d158edf428ed8eeccb0e8ffe31d3336c9ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 16:25:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 02 Jun 2021 00:10:36 GMT
server: sffe
age: 147654
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10549
x-xss-protection: 0
expires: Tue, 31 Aug 2021 16:25:29 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 16C5
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

23ms
23ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkj1ZpMZzc0S32KGTh8y29aaQMMO4wa_9PdRIr0AtF61HlHfbmDwF3WABjoP-Q
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 04 Jun 2021 09:26:23 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Fri, 04-Jun-2021 10:26:23 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 04 Jun 2021 09:26:23 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 04 Jun 2021 09:26:23 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js Show response
pagead2.googlesyndication.com/bg/ Frame AD4B 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:41:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2701
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5768
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Jun 2022 08:41:22 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame EF95 143 B
163 B 9ms
8ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4866695676912380&output=html&h=250&slotname=reurl&adk=2500528001&adf=3407277731&pi=t.ma~as.reurl&w=300&psa=0&format=300x250&url=https%3A%2F%2Freurl.cc%2FdVk4GD&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622798782787&bpp=3&bdt=1858&idt=401&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=6719037076985&frm=24&ife=1&pv=2&ga_vid=960483536.1622798783&ga_sid=1622798783&ga_hid=1788331782&ga_fc=0&nhd=2&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2168095294&scr_x=-12245933&scr_y=-12245933&oid=3&pvsid=1345593370481673&loc=EMPTY&top=https%3A%2F%2Freurl.cc%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.34eemjjfko42&fsb=1&dtd=435

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4866695676912380&output=html&h=250&slotname=reurl&adk=2500528001&adf=3407277731&pi=t.ma~as.reurl&w=300&psa=0&format=300x250&url=https%3A%2F%2Freurl.cc%2FdVk4GD&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622798782787&bpp=3&bdt=1858&idt=401&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=6719037076985&frm=24&ife=1&pv=2&ga_vid=960483536.1622798783&ga_sid=1622798783&ga_hid=1788331782&ga_fc=0&nhd=2&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2168095294&scr_x=-12245933&scr_y=-12245933&oid=3&pvsid=1345593370481673&loc=EMPTY&top=https%3A%2F%2Freurl.cc%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.34eemjjfko42&fsb=1&dtd=435
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkj1ZpMZzc0S32KGTh8y29aaQMMO4wa_9PdRIr0AtF61HlHfbmDwF3WABjoP-Q; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4866695676912380&output=html&h=250&slotname=reurl&adk=2500528001&adf=3407277731&pi=t.ma~as.reurl&w=300&psa=0&format=300x250&url=https%3A%2F%2Freurl.cc%2FdVk4GD&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622798782787&bpp=3&bdt=1858&idt=401&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=6719037076985&frm=24&ife=1&pv=2&ga_vid=960483536.1622798783&ga_sid=1622798783&ga_hid=1788331782&ga_fc=0&nhd=2&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2168095294&scr_x=-12245933&scr_y=-12245933&oid=3&pvsid=1345593370481673&loc=EMPTY&top=https%3A%2F%2Freurl.cc%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.34eemjjfko42&fsb=1&dtd=435

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 04 Jun 2021 08:36:58 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2966
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8E8D 1 KB
749 B 7ms
6ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4866695676912380&output=html&h=250&slotname=reurl&adk=2500528001&adf=3407277731&pi=t.ma~as.reurl&w=300&psa=0&format=300x250&url=https%3A%2F%2Freurl.cc%2FdVk4GD&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622798782787&bpp=3&bdt=1858&idt=401&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=6719037076985&frm=24&ife=1&pv=2&ga_vid=960483536.1622798783&ga_sid=1622798783&ga_hid=1788331782&ga_fc=0&nhd=2&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2168095294&scr_x=-12245933&scr_y=-12245933&oid=3&pvsid=1345593370481673&loc=EMPTY&top=https%3A%2F%2Freurl.cc%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.34eemjjfko42&fsb=1&dtd=435

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 04 Jun 2021 03:04:19 GMT
expires: Sat, 05 Jun 2021 03:04:19 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 22925
cache-control: public, max-age=86400
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame C006 31 KB
10 KB 48ms
31ms Script
text/html 104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 225d0e79a8d4f08b5f1bf4778096cb8ff8db1f5a08b6c2b2322d90f8bd0e63d2

Request headers

Referer: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 04 Jun 2021 09:26:24 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Jun 2021 21:11:51 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=60855
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9301
Expires: Sat, 05 Jun 2021 02:20:39 GMT

GET
DATA 200
OK truncated
/ Frame D432 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 96a69f40340d87a8924a337182cc838c1990fff481a1559e905e0b4fa1153658

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 3246 31 KB
10 KB 39ms
37ms Script
text/html 104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 225d0e79a8d4f08b5f1bf4778096cb8ff8db1f5a08b6c2b2322d90f8bd0e63d2

Request headers

Referer: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 04 Jun 2021 09:26:24 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Jun 2021 21:11:51 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=60855
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9301
Expires: Sat, 05 Jun 2021 02:20:39 GMT

GET
H3-29 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame D432 21 KB
21 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Jun 2021 06:30:43 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
age: 269741
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21716
x-xss-protection: 0
expires: Wed, 01 Jun 2022 06:30:43 GMT

GET
H3-29 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame D432 21 KB
21 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Jun 2021 22:10:26 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
age: 213358
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
expires: Wed, 01 Jun 2022 22:10:26 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame C006 284 B
536 B 135ms
31ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/jpg

GET
H3-29 200 wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js Show response
pagead2.googlesyndication.com/bg/ Frame 4D54 14 KB
6 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:41:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2702
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5768
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Jun 2022 08:41:22 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 3246 284 B
536 B 123ms
33ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/jpg

GET /
google2waycm.netmng.com/cm/ Frame 8E8D 0
0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 8E8D
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGEqcqQCgjpTmSzZyPWKRnc&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGEqcqQCgjpTmSzZyPWKRnc&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NDlQamduNGMxTFA2NVc1&google_gid=CAESEGEqcqQCgjpTmSzZyPWKRnc&google_cver=1&google_push=AQvitUIYrKOJYy00oUS0q9lnHP2kv9hFDunjNhMj0DWALhk...

170 B
188 B

46ms
45ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NDlQamduNGMxTFA2NVc1&google_gid=CAESEGEqcqQCgjpTmSzZyPWKRnc&google_cver=1&google_push=AQvitUIYrKOJYy00oUS0q9lnHP2kv9hFDunjNhMj0DWALhk-lUbeeihswFf0kFKcf03Couxqrko3BqAH8YPzaRKo6-Oir5GgzN0D

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 09:26:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 09:26:23 GMT
Server: PingMatch/v2.0.30-649-g03fe1b8#rel-ec2-master i-04527eea692282deb@eu-central-1b@dxedge-app-eu-central-1-prod-asg
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NDlQamduNGMxTFA2NVc1&google_gid=CAESEGEqcqQCgjpTmSzZyPWKRnc&google_cver=1&google_push=AQvitUIYrKOJYy00oUS0q9lnHP2kv9hFDunjNhMj0DWALhk-lUbeeihswFf0kFKcf03Couxqrko3BqAH8YPzaRKo6-Oir5GgzN0D
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 8E8D 0
191 B 111ms
31ms Image
text/plain 66.155.71.25
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEDtsItXxCbD37zcSqlzYBmA&google_cver=1&google_push=AQvitUI0MTz3B-uZMjV40plbmSKkR8DTKIedMR6DmHodrFlrFdLCokYaopyUWCbtPPOyDq_vZBCpj0_ydXhFoo0PAEoFD8gcPtWz
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4866695676912380&output=html&h=250&slotname=reurl&adk=2500528001&adf=3407277731&pi=t.ma~as.reurl&w=300&psa=0&format=300x250&url=https%3A%2F%2Freurl.cc%2FdVk4GD&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622798782787&bpp=3&bdt=1858&idt=401&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=6719037076985&frm=24&ife=1&pv=2&ga_vid=960483536.1622798783&ga_sid=1622798783&ga_hid=1788331782&ga_fc=0&nhd=2&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2168095294&scr_x=-12245933&scr_y=-12245933&oid=3&pvsid=1345593370481673&loc=EMPTY&top=https%3A%2F%2Freurl.cc%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.34eemjjfko42&fsb=1&dtd=435
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 09:26:24 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 8E8D
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESENHmGwbIz8KxMNDMHGd4Mn0&google_cver=1&google_push=AQvitUKkpYc5KV1VATvF8WQ1RIyW6k-cumiylhJcHK5ec3xQLYsU043L0E6XVn6QWfe6PWyNt7bS7E99MHglphCDc_ccg2M...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESENHmGwbIz8KxMNDMHGd4Mn0&google_cver=1&google_push=AQvitUKkpYc5KV1VATvF8WQ1RIyW6k-cumiylhJcHK5ec3xQLYsU043L0E6XVn6QWfe6PWyNt7bS7E99MHglphCDc_ccg...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AQvitUKkpYc5KV1VATvF8WQ1RIyW6k-cumiylhJcHK5ec3xQLYsU043L0E6XVn6QWfe6PWyNt7bS7E99MHglphCDc_ccg2Ml2Xh4

170 B
188 B

45ms
45ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AQvitUKkpYc5KV1VATvF8WQ1RIyW6k-cumiylhJcHK5ec3xQLYsU043L0E6XVn6QWfe6PWyNt7bS7E99MHglphCDc_ccg2Ml2Xh4

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 09:26:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AQvitUKkpYc5KV1VATvF8WQ1RIyW6k-cumiylhJcHK5ec3xQLYsU043L0E6XVn6QWfe6PWyNt7bS7E99MHglphCDc_ccg2Ml2Xh4
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 8E8D
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEonGRDrN1O41H0R5uIF_9U&google_cver=1&google_push=AQvitUL3KssD2s-pc8yBj2SmDEZBcBZRJb9kypmAawj53-5kY0Z5xuKZYwO1Y7pByI1z0Y3pzIR...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BJNEhWWlAtSy1BRTI3&google_push=AQvitUL3KssD2s-pc8yBj2SmDEZBcBZRJb9kypmAawj53-5kY0Z5xuKZYwO1Y7pByI1z0Y3pzIRgOcZbAN1jXXH0Jpyqp0YJ0JkB

170 B
188 B

47ms
46ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BJNEhWWlAtSy1BRTI3&google_push=AQvitUL3KssD2s-pc8yBj2SmDEZBcBZRJb9kypmAawj53-5kY0Z5xuKZYwO1Y7pByI1z0Y3pzIRgOcZbAN1jXXH0Jpyqp0YJ0JkB

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 09:26:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BJNEhWWlAtSy1BRTI3&google_push=AQvitUL3KssD2s-pc8yBj2SmDEZBcBZRJb9kypmAawj53-5kY0Z5xuKZYwO1Y7pByI1z0Y3pzIRgOcZbAN1jXXH0Jpyqp0YJ0JkB
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Expires: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 8E8D
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEMRqppqDK9JrGoB8kXMscdU&google_cver=1&google_push=AQvitUIQu3IkGxB3SJZzNtAZluyhkdlTFhs2G7yG2cSpCesWXiZdW-JosUOWqDodiV5U1Jm6PGJQFdFuFzKjlEe2owIjtJfyXFpz
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AQvitUIQu3IkGxB3SJZzNtAZluyhkdlTFhs2G7yG2cSpCesWXiZdW-JosUOWqDodiV5U1Jm6PGJQFdFuFzKjlEe2owIjtJfyXFpz&goog...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTUwNzc1MDU4ODQ2MDY3NzEyMDY%3D&google_push=AQvitUIQu3IkGxB3SJZzNtAZluyhkdlTFhs2G7yG2cSpCesWXiZdW-JosUOWqD...

170 B
188 B

46ms
46ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTUwNzc1MDU4ODQ2MDY3NzEyMDY%3D&google_push=AQvitUIQu3IkGxB3SJZzNtAZluyhkdlTFhs2G7yG2cSpCesWXiZdW-JosUOWqDodiV5U1Jm6PGJQFdFuFzKjlEe2owIjtJfyXFpz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 09:26:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTUwNzc1MDU4ODQ2MDY3NzEyMDY%3D&google_push=AQvitUIQu3IkGxB3SJZzNtAZluyhkdlTFhs2G7yG2cSpCesWXiZdW-JosUOWqDodiV5U1Jm6PGJQFdFuFzKjlEe2owIjtJfyXFpz
date: Fri, 04 Jun 2021 09:26:24 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 dot.gif
s0.2mdn.net/ Frame 8E8D 43 B
396 B 64ms
28ms Image
image/gif 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESEJuWx7WhbQMGgQUpGDRUrAA&google_cver=1&google_push=AQvitUIQ0AYQVHidUPflyzYZ8ViYQeAsDkrOj_q_HFqQbO7wvTT-MQu99Pocr6v_2yBquwS7-2LiunBUmLfAgUiAoW69VpiWRYztJw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4866695676912380&output=html&h=250&slotname=reurl&adk=2500528001&adf=3407277731&pi=t.ma~as.reurl&w=300&psa=0&format=300x250&url=https%3A%2F%2Freurl.cc%2FdVk4GD&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622798782787&bpp=3&bdt=1858&idt=401&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=6719037076985&frm=24&ife=1&pv=2&ga_vid=960483536.1622798783&ga_sid=1622798783&ga_hid=1788331782&ga_fc=0&nhd=2&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2168095294&scr_x=-12245933&scr_y=-12245933&oid=3&pvsid=1345593370481673&loc=EMPTY&top=https%3A%2F%2Freurl.cc%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.34eemjjfko42&fsb=1&dtd=435

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 09:26:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Sat, 05 Jun 2021 09:26:24 GMT

GET
H3-29 204 attr
cm.g.doubleclick.net/pixel/ Frame 8E8D 0
12 B 68ms
66ms Image
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I2TToQt2fj7lxn5Ye5BlnyG-ifv2TlMgUXq7o-cOOQafRBAOdVNKWZow9klCMUFh49t4TDIw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4866695676912380&output=html&h=250&slotname=reurl&adk=2500528001&adf=3407277731&pi=t.ma~as.reurl&w=300&psa=0&format=300x250&url=https%3A%2F%2Freurl.cc%2FdVk4GD&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622798782787&bpp=3&bdt=1858&idt=401&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=6719037076985&frm=24&ife=1&pv=2&ga_vid=960483536.1622798783&ga_sid=1622798783&ga_hid=1788331782&ga_fc=0&nhd=2&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2168095294&scr_x=-12245933&scr_y=-12245933&oid=3&pvsid=1345593370481673&loc=EMPTY&top=https%3A%2F%2Freurl.cc%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.34eemjjfko42&fsb=1&dtd=435

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 09:26:24 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame EF95
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

31ms
21ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4866695676912380&output=html&h=250&slotname=reurl&adk=2500528001&adf=3407277731&pi=t.ma~as.reurl&w=300&psa=0&format=300x250&url=https%3A%2F%2Freurl.cc%2FdVk4GD&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622798782787&bpp=3&bdt=1858&idt=401&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=6719037076985&frm=24&ife=1&pv=2&ga_vid=960483536.1622798783&ga_sid=1622798783&ga_hid=1788331782&ga_fc=0&nhd=2&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2168095294&scr_x=-12245933&scr_y=-12245933&oid=3&pvsid=1345593370481673&loc=EMPTY&top=https%3A%2F%2Freurl.cc%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.34eemjjfko42&fsb=1&dtd=435

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkj1ZpMZzc0S32KGTh8y29aaQMMO4wa_9PdRIr0AtF61HlHfbmDwF3WABjoP-Q; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 04 Jun 2021 09:26:24 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Fri, 04-Jun-2021 10:26:24 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 04 Jun 2021 09:26:24 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 04 Jun 2021 09:26:24 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js Show response
pagead2.googlesyndication.com/bg/ Frame BE2B 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4866695676912380&output=html&h=250&slotname=reurl&adk=2500528001&adf=3407277731&pi=t.ma~as.reurl&w=300&psa=0&format=300x250&url=https%3A%2F%2Freurl.cc%2FdVk4GD&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622798782787&bpp=3&bdt=1858&idt=401&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=6719037076985&frm=24&ife=1&pv=2&ga_vid=960483536.1622798783&ga_sid=1622798783&ga_hid=1788331782&ga_fc=0&nhd=2&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2168095294&scr_x=-12245933&scr_y=-12245933&oid=3&pvsid=1345593370481673&loc=EMPTY&top=https%3A%2F%2Freurl.cc%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.34eemjjfko42&fsb=1&dtd=435

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:41:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2702
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5768
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Jun 2022 08:41:22 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4CDD 42 B
64 B 24ms
22ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu0bhVnFHTM0In09RQ9dKcYh9zuRUorDJSuYHF5PrjzzIE1npjWO3DvYXQkwOuXXf1UJXc95NtoxyMbfPRa0J0blwxZhY1PS4O_1BELKd4lUqUmV_9Kv5Fez6o5MQ&sai=AMfl-YSe711lbGNu3Lt-LAiclepiFvuHKB7k6Xm0Lxp0aeSjzm-LSxMrrHFyOLeePMtwcUXl_72-WC8ayeph&sig=Cg0ArKJSzJF59BPrkB_KEAE&id=lidar2&mcvt=1023&p=0,0,250,970&mtos=1023,1023,1023,1023,1023&tos=1023,0,0,0,0&v=20210602&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=865550918&rs=2&met=mue&la=1&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&rst=1622798782671&dlt=498&rpt=258&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 09:26:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 169A 0
20 B 22ms
22ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210601&jk=120294165101910&bg=!S0ilSAzNAAY6sG-_OrA7ACkAdvg8Wp6fEe4GOqB5Qnn2obarkmnjFUfQMgeCRcap1S7E1ec2ii0fSwIAAAN_UgAAACloAQcKAIy68Ti4FxeBDhIPwRhZU1UuA518mGOEGoNtvojGt1GkfB-eXaBvFJDBaGIK5J5G6yGjr1pRyXUaXZPYAzWin8UKDS1aofXQkkC-2oap_ikqytYOD4HdGUnECGGV76LE8VTnO36mDWCaha3xmbCUykpM6CslwXk1KBZJEQ-ODzEavhGMlKLoIl7GM_S12ZkCbJ5W8guDkJDgPAJIsX1FMJzvjIaRzY6IZDO67ZBkgDQ_rfgneFhZxnJBzeFksu6lGltX8GOfySi7n3WnWjkUE7gOOJxdWFx6lCUensHhpBZEO3O3KusNM35c0GUp1i8K6S1yPWbf3xXAJbIoNprxYZfTM3SyZjt67xoD9R4AHlPwODpfcN1fSB9J4yCPlgHGZ9Acm5f5ORhF3YLwmE7o0uRh1SmX2hfdyRnIQ0YvVxVIzNbcQlwb923ajNvy8T33bRosxZ4K67bVajFcsZ6vvhejioVUuyr3O_05B6NB8yMzsFJKN32bDgIWL3ewz-vm_I4VezzPgOYedK7u8hRuP2N81LR_kwWSClxMJ2csd9kxq9_pFFwmhyH2ywzEXr-ji_hJSq88NSaPnAlx9WKdASCD9X8DKIrDcFuzKK-mHQ4PaG4cVmdNPjlsMCpAyXRzx_-Ac1UlTFUa6FnfB1C7INo9VVrLs_NfX4RHNztCCEcfXz81KQr-b8q-TTvWpQ4VWQUBnSh-Egfg12U7p9STgiQANJXsoPLfD1gcE2BH4SPA03C5WgduLy76BpPgKtUMfBOQum9-gLyLhmNYsmtfgsRgT65do1iWZH3_QVk9WkBVwy32N-aX6g5ScNFtu8bvrLw86nCwQwZJuKSR266HZ9jEzWZsqHZDVyafzOIJ_5xfDm7jNV5eVyYzr3bpV4nTbLk7WYeIFTOsHy5-pzcZj4OYlJlxLVTHe0a-fiyu7DMmpYbfdWfgvvGRfidhwnq_SktfVPWuSJzEoeHqIYzfqxYd0kx3lway9khkmtMvehUJx9nDCFQ51sUKU2Tb

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 09:26:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F8D8 0
20 B 24ms
23ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210601&jk=1345593370481673&bg=!vr2lvfnNAAY6sG-_OrA7ACkAdvg8WlyZY6EgtRBq7724iVX-JLh3Ay6VcNhoiXVeULzWiWkcEQyEmwIAAAI6UgAAABJoAQcKAOzXOA4hNY6wJdCDLu9FnPzyPBt8hUD8eNjVuezKCKqsRsdYulB_BwsHZTzXs-K-Id4l6AmUW1oDxwRIqWhtfLMj8jLYBxo-TAL7n4093D1x26faG8QvfRdnyhDXm34EW9t52VVmgummwUotN1CErgXr2b94znVpJKG38LTy2bBLeOR5xF5ZZvTeWHNJ8E5nJ3KnpUUnGh0-rtoDl0UNsmvSIKQqG-e8nyjlt2ipeRHcT7_b8SO5hBEG2AloMiDTafOoIux9TnpPnZYfX5FMq-4F-4vXvD7NiEp4f9_IiZ8RLq98thNg8Sh5tUx7ZJkCcOCLKakfFLQQmSOi34wTy0ANFBWilasbaV4EZ2evchMVDk-PwtZKHvohyTLbGEpf5uyVRmtUstuuNGDZskw_j4dUmLnzGuqLcQ8SCmZE0kylQUQlCsjzgBvZ3A51Jn1QJsmlqPlGRkRQODoESgOqv6XRPUXwCat6fGL_rQR02Qu1G_oAFiB_EgB8YWzNsSatvrX22ed_q7jmsKgEsSTlWLK3P0Fhuv6i8zeU5duHx7SUj08U7NtrYV5VhkCB-JygkADVUxolpwoWfD3aKXSQVPCxjqSctYXsgTl-qmKXQB0tk_ZmCLloVdghFQvWVxjoLOJBTca54J5fP2OflzYyH7ichb2D4yBvWg-QdemUt61ARNHmU9oJuf5HcS1LaQUvBB87lMRNP4b-qYirJu_RqOBrNjY_8VJTn9THc4StaFGcKYYzCfdhrPWinh3GbudJT3TH1NouuTSoVp2aAj8uCLDoYEqOfSCfaNo_bTSAVUE29bI86Pp9bpZhmUgWT4G1WuTUJeYglt5nY_lWmOS7T8JAsdUTrdOjctIi05UJgZ9ejDeTy8xvyAECMknA0-SY-cwZ5CJHxRKVzREIrJLq7XiV_EAq30Dd7fQWHampceG52tDVrGZ42Xpg3qnGbhedYsDrLmO-mcTkDEFACEnDaHlmL5BA3dpTKtinRoGespo4Dbg64gVFFIz9i5rMteqmGhGT_F77-yTgLkNJb5jmOjXLxcrhu-_9wdtanmkEPSah8HYIKv3YoSRQ4xhPhzKN1jN9pgwcw0eP6FASTT4vG8mHRz0M5z4_ZAFs2bGwcB7d_egYfrVYneENJwnK5OrK_g

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 09:26:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK idSync
sync.aralego.com/ Frame EAFC 35 B
266 B 327ms
110ms Image
image/gif 192.96.200.41
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idSync
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.200.41 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 04 Jun 2021 09:26:25 GMT
Connection: close
Content-Length: 35
Content-Type: image/gif

GET
H/1.1 200
OK idSync
sync.aralego.com/ Frame AA4E 35 B
266 B 323ms
110ms Image
image/gif 192.96.200.41
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idSync
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.200.41 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 04 Jun 2021 09:26:25 GMT
Connection: close
Content-Length: 35
Content-Type: image/gif

GET
H2

200

cm
c.holmesmind.com/ Frame AA4E
Redirect Chain

https://c.holmesmind.com/cm
https://c.holmesmind.com/cm?tc=getIn&

0
508 B

123ms
121ms

Image
text/html

35.201.76.93
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm?tc=getIn&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 09:26:25 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: clear
content-type: text/html; charset=UTF-8

Redirect headers

location: https://c.holmesmind.com/cm?tc=getIn&
date: Fri, 04 Jun 2021 09:26:25 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: clear
content-type: text/html; charset=UTF-8

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D432 42 B
64 B 28ms
27ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst9N86pc-x9xqiJtyXwKbl-ihescCfr2X88t8_H6lWkiw4JUf3OD3Ab94h9ZJ7DlfrzfylbAeKF1NxJuZWEZA_n3hKFF3MYxJMPWIuTAwHQxeACZM4Jy_ndE92Icw&sai=AMfl-YRE0JLAdQmGh2oYQo_c65ZUhPCaNy1LJ067FZYelQI-XAtQKEVI5ol8--ot_fYiEcW5-S0Xm_JZlzqduXjC5l4CZMKj7zstAqE&sig=Cg0ArKJSzPdDNyJm64SkEAE&cid=CAASF-RodPniNDc-kPg7kVwZe1qMIXqgfYTr&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210602&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=2500528001&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&rst=1622798783225&dlt=446&rpt=330&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 09:26:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.facebook.com
URL: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FCreditCards.com.tw%252F%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId

Domain: google2waycm.netmng.com
URL: https://google2waycm.netmng.com/cm/?google_gid=CAESENdnGFaLiI2hZOANKilDdCA&google_cver=1&google_push=AQvitUI9E6c_UQ1UWfPMVyDjl_5BxJUflPeNoJHonKS-pfHtH4vE0L07sUtSvTx5iEOmNqcqINSj9Qr9DmhvNcW568VTkxE6Hso

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://www.facebook.com/rsrc.php/v3/yg/r/auXEUCWHUDu.js?_nc_x=Ij3Wp8lg5Kz(Line 56) Message: ErrorUtils caught an error: Minified invariant #11797; Params: 113 [Caught in: Module "VisibilityListener"] Subsequent non-fatal errors won't be logged; see https://fburl.com/debugjs.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.holmesmind.com
ad.sitemaji.com
ads.aralego.com
ads.yap.yahoo.com
adservice.google.com
adservice.google.de
agent.aralego.com
ajax.googleapis.com
bidder.criteo.com
bw.scupio.com
c.holmesmind.com
cdn.aralego.net
cdn.jsdelivr.net
cm.g.doubleclick.net
connect.facebook.net
d5p.de17a.com
eb2.3lift.com
eus.rubiconproject.com
external-frt3-2.xx.fbcdn.net
fonts.googleapis.com
fonts.gstatic.com
geo.yahoo.com
google2waycm.netmng.com
googleads.g.doubleclick.net
gum.criteo.com
hb.aralego.com
img.scupio.com
mug.criteo.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.rubiconproject.com
pm.w55c.net
prebid-asia.creativecdn.com
prebid.scupio.com
rec.scupio.com
reurl.cc
s.yimg.com
s0.2mdn.net
scontent-frt3-1.xx.fbcdn.net
scontent-frx5-1.xx.fbcdn.net
secure-assets.rubiconproject.com
static.criteo.net
static.xx.fbcdn.net
stats.g.doubleclick.net
sync.aralego.com
token.rubiconproject.com
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.gstatic.com
google2waycm.netmng.com
www.facebook.com
103.132.192.30
104.111.230.142
162.210.196.208
178.250.2.131
178.250.2.146
18.193.131.224
192.96.200.41
2.19.35.65
210.59.219.175
210.59.219.180
210.59.219.181
212.82.100.146
213.155.156.169
216.58.212.130
2606:4700:20::681a:567
2a00:1288:110:c204::b000
2a00:1288:80:800::7000
2a00:1450:4001:800::2001
2a00:1450:4001:803::2006
2a00:1450:4001:809::2003
2a00:1450:4001:809::2004
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::2003
2a00:1450:4001:827::2003
2a00:1450:4001:827::2004
2a00:1450:4001:829::2002
2a00:1450:4001:829::200a
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:4001:831::200a
2a00:1450:4001:831::200e
2a00:1450:400c:c08::9d
2a02:2638:1::13
2a02:2638:1::3
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:1b::621
3.121.70.57
35.190.35.45
35.194.141.193
35.201.76.93
52.222.149.125
54.178.71.123
66.155.71.25
69.173.144.165
0496a160f4acf2038b8d7dc42cea0eac9d3419609bbaabc3849ea00c15b4a9c3
04bb1699b5fb03957a5a790ba42f967b739ce65d8e353f229c6889685f720dfd
0b644ab453a03ae40738155b876e8f965980cdd687873809574e654a6322ad3d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d5f76008f1784b20b99d51741b2f8b8bbee28d5f2950ca2cf4226b6d61b1344
0e506b9395a125059837070b587655f684aced42b25fb2c836b387ed1a621853
0f339cf9e117cb1612e7079c0a02fcc2ef26d9ffc19c93d0370d10bf81bb714f
0f783a947b0e1f22b2f0460631e207543de7e70a3652a21d1756debbc982313e
107dedf2466d7c482f36f2b4cd22b1cc9b54904b2aaa9f0dac91be3cdb5b162e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11d71fc112df3977b9562151e6c75ce860c42779dddcc79af1d0a07366cd44d3
12750d607b370ed81e9938a69036aab63b69a0324b068fc424fac87468561cf1
1334a2f1eb9d5c5bdf072a5fd9eef06d1a227c7089059a0b8b2573e942e5c7f9
136606928f66c3a25fa3176ddfb65bb8c4aaa63b11a386f320e5d0c6f1cae858
14d050ca7cd307f53e86dfa07664029c4554d13997a250625e59251edaee3618
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a5ccc70cf48628d26dc3088445f2bef87a16277341aaf2d5aaa3b45f03b5291
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
1dad6cb9a0903898a8f82f89c0d10ee6e94f8459228530fa5df3078100c9f650
204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce
225d0e79a8d4f08b5f1bf4778096cb8ff8db1f5a08b6c2b2322d90f8bd0e63d2
23af0beb38a4c0a0b12de8e85c5b196e01f9c434bd74503fa2a399ade84f4e2e
25355805f44af99037c6b951f9afd762f5fd74eb126aba4b2f82cafa563c0f90
27466895d3e9250f3d0ae0e726f72b8a5c23e2aa83f9caaaf99dcb9f18fcac4c
29793c0023ead6016bcc273ef4cac6b2f8be3649d53c85e5990795aab7a84757
2a87fd41597436af0e4160d453d7e8e2b4384edb15d2fdf2058de7c29b31e637
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
33c09ad5541630ddd97336563ab0c8c13396dce0075375a15a370bb90b29e6e7
351b107c8d7d896a7ee4918745828df5193947588f3402501c95b61b20fb07a5
3ba5369627fc324f2d2c47f44c8da30769d2a3ccbe8110b9bd5eec9585e42a09
3dd06f5770208f248296cdb0ed209a423046889337177f4c0394b220f42c5504
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
407844bdddf476cc18f80188a3fb73350b6046fd1eaf47a0b9f7d72bacd2b9e5
40c69601e757a4c74ab42f91ed532b4ced185572637b85f08216b91483e0b686
413df42b0bc720e5a3ebde9068fb24d838f9920d120386c7cf86b254f9f0aff1
419334094b5a8ead2d743bc8e533067b554288faebc143645ca7d8c89f130533
4397ccd5bd5e56d3ac5c96d476a27fe3f369c82c4e6108c590f672a128f2a202
4402f4de4890a32a86c7ff5aa64e88ef55ef450a757094c6f078a78bb7e85462
4636fb9df5ae103fbad3764c9f98400be1c9384cbe77fdb6951b96adcac788b1
46d2d8aa76374bad68b27aff870970ca15ff5f1ab3389f2327f21f073ddf521a
47b5e303447c7681ce1b2242f23699f94c0709da3aa5016ec1c8f6d7efcad1c5
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
4ce81ecccefb27ce0f347ef564114da2ba450a9e1d9a7260b4597e62b1f71a72
4d1eafa1b94840894935f7028573d0c76366686c3b684b688b89473327f41519
4d7bc2e5c2959435469986ff3eb98d158edf428ed8eeccb0e8ffe31d3336c9ac
4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55
4eef62c77a19b7d9fb6f894cfa0e7757e0a3bf2936c1af0d330a9e409914bde0
56766cebd19e526d59965412d4744818753abe2b9030407f0580eeaf029fff33
57bc7f6f10d35d472b0f7d2295e374ad21206182b6287f3bc65d2d165cd226dc
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
5dad3ee09fe3607e9ddbaed8c69bd848327b5a05e5d36993e751f7a6f89edff4
5e2a05c6eea350731529c9f67503f4728eaa971f74f3657faa3e00af27744058
5ea8aa21c390ea2d1e88cac584757b7943c36e6af9834635cbbba3bf007eba6e
5f71fcc2d00d22ffd4d9a07b64c435f88de80893f838fa64a45c386cbba0c601
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
60ceacc7a24e51411b9a6f487a4e1da9f4144e270e232b6de52e5b77bca22c12
641e03dfeee60c05e0794bace5fc58d2fba409fee529a114459e44cee0d9d069
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
676b08b58a83b85d935259990e459dbb39d53b7709eecb0fa42c8c3b60d17e96
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6917fdd9f56a9efd711d531cafe83a0c907bdb77ceb712bbcc0778d3b25cd4da
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b64f5bc28886025d0249793131aab1cf4a02c6b799543e2a74bc8047ead1b41
6e9ab8ab1d57a0695a66577e348ae4343e1a92f70cb4835a52c4863f11114037
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
74366a8c8cb4b32e1195a4a39f6d5425abaedf34fbda3afd682162ce14741b61
7512ae62108af074eaa90622e9df04625f120ecf4a909443fa6dc1a2b071c7a1
7631df25a6c91e5968fe75cd7a4abfde21a1f4e574bfb7e04b659491d4a08e2b
765a7b3641e1f61ff0a8c2ad0f5aa22443711728f66e5f4e6a41ed7a0bc14c8e
7b38f96f67bd52a3246d0ff5fa5f5278b45451be77e8dd1e4b94b4e6135f2018
807dbe67096ff3e547c4d0f97508ece342dc775a3c28139330218d45eec16e4b
8290d97b04510b940ddca9f2aea802eaafb36fc7a8f52e4466ed2b77db35c632
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83617fdf42c2457abd24c043606c8ad4bacfd7fe6fce42dfa5d16f4fbec523dc
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85e1be533dbdd83a22910cbee29a4d1f49d3e8d201f5f480517ecfd6bd282965
8857d647f96ba04fd5a24e7a547aad036614a57dfa575d850f3fd6fe2694b35f
8da96f910329466c4baa9d2c711598cdb66e3be5d5d2eb3ec77ba8be3e5344f7
8e9eed57a396170f31d7050a1270005f50b3546ca94bec5a39598cc5da32a994
908edfa9f7ec9fd5cb6b2159b5cb305d9c2c88601c8bf00a23bb0e96fcea1e21
9106df425157d837db9798b2b26f25f27f9a4e803f2fb0b2851c88492bec14fd
92ce8008dfa52e912fea1f1700570804a13891cfbc24c71cc3a2e51244ff6d78
96a69f40340d87a8924a337182cc838c1990fff481a1559e905e0b4fa1153658
982d34951038f20a2cfd09cb3fb85a55ccecd7016b73a10f5bac83cdc5d55fee
99b610031ecb212fba707a840442a8b88beb4b189c8a9854c41ee33599b42fd8
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b370cabd0a1eb2a84f141e430743bc9721d08dd92c9a4a53b245b48a6147d44
9e51e7c1f2f3bd86cc3e9dcd1ad5403db927f32533f0a8b29bc15f11b40c6376
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a8960c86d19e8f6c8fcd5ecb7f3e6b2b38b5f06ac7e0c92dba047cd3f98dc0ed
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bca58cb91d0442fbc4394a6675603165ecaa067a92f4f6e115e34dfa2833a37a
bf2811a5f53f5a1b131d4ac59e06e27ab7ff8f2045409442b2434a33ed150f83
c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
cba9280619d59a2b02d40030a3f4dc5a320e0692b09d5a4e38fef67a4923d6fe
cf1248f78e9ad948b18a84ed85d2f8299b63b5257e7bb3f76b97bd9baa6becad
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d175d400e6415cd2d5a76e744971ca96e79124b57fe873d184b93837d9dfe681
d37a6901619ec42190ea9b36e153de71fab7719be09fea13f77d577560d8a789
d59912fcad926b847aa253d75a11fb06fcdad5dec272527873b5b9e9083e4e2a
d7c2a1123a318a031d8d2789689dce160809315e81c2729bca8f5846acbab759
d9de83c923a234e8b164d2351ed47b456ec3417785b5fc33b4827f071f51f05f
da7d345dcfcc4cee313130c409b3d07f8103f60c37dfbfe268a34d1701aece06
dbde7ec353223db1942bd8d3311dc22170385545793c142ad2fd75723fdf2ec9
e1bf03d4218f9d45f25ffaa10571bb9a8513954bf8cf18f29516b96549158405
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6a27c83c2b60d3173b7e82d9d84b1902033c6155fa7173a59561bf489857777
e81e7b7654b1765c05988edeac521085a6190289bea00ddb3c9117122e54132a
e913d0c8195023fea768aa63161cfe870b077cd360806e3905002e74acc7423e
eb5d31a04ce21340bc2d16eeec4397ad34738a863fc997b2393b618f4bc55d2d
ec98f88129d5c3180c878d70ae27ffcdf7907737e4d2e82ec41b6f81fe1cd8ea
ed363ffaf32a62cf0b6216e113f90b906cf3396498cc97c1136a3a3610599f00
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f25aebef7c5b576071a6f97559078c0a17f5d3130f2cdb8d74f04872ec8fb333
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
f7a8e9ba173126956cea416f7d8039002d47e39abd29f782ac164884ed216c5e
fa50447f38e14580ea8bd2047698d6bace11f5631ea3e5980e8a96e5ff3bef38

reurl.cc Open in urlscan Pro 35.194.141.193 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

193 Requests

99 %HTTPS

54 %IPv6

30 Domains

53 Subdomains

45 IPs

9 Countries

2411 kBTransfer

7309 kBSize

0 Cookies

11 Outgoing links

Redirected requests

193 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

reurl.cc Open in urlscan Pro
35.194.141.193 Public Scan

Screenshot
Live screenshot

Full Image

193
Requests

99 %
HTTPS

54 %
IPv6

30
Domains

53
Subdomains

45
IPs

9
Countries

2411 kB
Transfer

7309 kB
Size

0
Cookies

193 HTTP transactions
5 data transactions