urlscan.io logo urlscan.io
SecurityTrails logo

henrys-financial-notes.odoo.com Open in urlscan Pro
104.199.209.126  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://reurl.cc/eDo2oR
Effective URL: https://henrys-financial-notes.odoo.com/blog/xin-yong-qia-4
Submission: On October 11 via automatic, source links-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 8 domains to perform 28 HTTP transactions. The main IP is 104.199.209.126, located in Taipei, Taiwan and belongs to GOOGLE, US. The main domain is henrys-financial-notes.odoo.com.
TLS certificate: Issued by R3 on August 13th 2023. Valid for: 3 months.
This is the only time henrys-financial-notes.odoo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    35.185.130.121 (Taipei, Taiwan)

ASN15169 (GOOGLE, US)
PTR: 121.130.185.35.bc.googleusercontent.com
reurl.cc
4    34.149.98.30 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 30.98.149.34.bc.googleusercontent.com
storage.reurl.cc
1    2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    13.32.99.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-118.fra60.r.cloudfront.net
openfpcdn.io
2    35.194.205.218 (Taipei, Taiwan)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.205.194.35.bc.googleusercontent.com
f.reurl.cc
1    2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
13    104.199.209.126 (Taipei, Taiwan)

ASN15169 (GOOGLE, US)
PTR: 126.209.199.104.bc.googleusercontent.com
henrys-financial-notes.odoo.com
1    2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
13 odoo.com
henrys-financial-notes.odoo.com
1 MB
7 reurl.cc
reurl.cc — Cisco Umbrella Rank: 278473
storage.reurl.cc — Cisco Umbrella Rank: 426555
f.reurl.cc — Cisco Umbrella Rank: 478492
3 KB
2 gstatic.com
fonts.gstatic.com
31 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 187
86 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 49
1 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 116
185 B
1 openfpcdn.io
openfpcdn.io — Cisco Umbrella Rank: 17861
14 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
21 KB
28 8
Domain Requested by
13 henrys-financial-notes.odoo.com storage.reurl.cc
henrys-financial-notes.odoo.com
4 storage.reurl.cc reurl.cc
2 fonts.gstatic.com fonts.googleapis.com
2 f.reurl.cc storage.reurl.cc
2 connect.facebook.net storage.reurl.cc
connect.facebook.net
1 fonts.googleapis.com henrys-financial-notes.odoo.com
1 www.facebook.com reurl.cc
1 openfpcdn.io storage.reurl.cc
1 www.google-analytics.com storage.reurl.cc
1 reurl.cc
28 10

This site contains links to these domains. Also see Links.

Domain
reurl.cc
www.odoo.com
Subject Issuer Validity Valid
reurl.cc
R3		 2023-09-19 -
2023-12-18		 3 months crt.sh
storage.reurl.cc
GTS CA 1D4		 2023-08-18 -
2023-11-16		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-07-20 -
2023-10-18		 3 months crt.sh
openfpcdn.io
Amazon RSA 2048 M01		 2023-01-25 -
2024-02-24		 a year crt.sh
f.reurl.cc
R3		 2023-09-26 -
2023-12-25		 3 months crt.sh
*.odoo.com
R3		 2023-08-13 -
2023-11-11		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://henrys-financial-notes.odoo.com/blog/xin-yong-qia-4
Frame ID: 009B25BE5460F147FE960EA49F0C8FA2
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

​信用卡 | Henry's Financial Notes

Page URL History Show full URLs

  1. https://reurl.cc/eDo2oR Page URL
  2. https://henrys-financial-notes.odoo.com/blog/xin-yong-qia-4 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

28
Requests

100 %
HTTPS

50 %
IPv6

8
Domains

10
Subdomains

10
IPs

3
Countries

1536 kB
Transfer

4430 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://reurl.cc/eDo2oR Page URL
  2. https://henrys-financial-notes.odoo.com/blog/xin-yong-qia-4 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
eDo2oR
reurl.cc/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/eDo2oR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
b88f7b92b96214ec0e70933a1e7f1a30022a6f2c704f9e2277f2218aecbad06f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
*, Authorization, X-Authorization
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 11 Oct 2023 15:33:48 GMT
referrer-policy
no-referrer-when-downgrade
server
nginx/1.18.0 (Ubuntu)
target
https://henrys-financial-notes.odoo.com/blog/xin-yong-qia-4
vary
Accept-Encoding Origin
x-request-id
0ae63bc1-e686-441b-ab3e-b0572a6e9a36
ga2.js
storage.reurl.cc/javascripts/ 		536 B
875 B 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.reurl.cc/javascripts/ga2.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/eDo2oR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.98.30 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
30.98.149.34.bc.googleusercontent.com
Software
/
Resource Hash
16cf673198b29bb08e83f5d8f74182d97d9c6dfa729c60f90f6195e739de9d20

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/eDo2oR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 08:20:19 GMT
via
1.1 google
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
age
26009
vary
Origin
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*, Authorization, X-Authorization
cache-control
public,max-age=28800
access-control-allow-credentials
true
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
536
x-request-id
3b01250c-3ee2-431b-9779-f33e3f80f36f
pixel.js
storage.reurl.cc/javascripts/ 		429 B
524 B 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.reurl.cc/javascripts/pixel.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/eDo2oR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.98.30 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
30.98.149.34.bc.googleusercontent.com
Software
/
Resource Hash
3050a5556edc5876cd83e63f15e56fe19cb428129345a58d1f57687414504698

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/eDo2oR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 11:19:43 GMT
via
1.1 google
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
age
15245
vary
Origin
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*, Authorization, X-Authorization
cache-control
public,max-age=28800
access-control-allow-credentials
true
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
429
x-request-id
8d58a520-17ce-4b85-af50-db63a4f35f6f
redirect.js
storage.reurl.cc/javascripts/ 		112 B
206 B 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.reurl.cc/javascripts/redirect.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/eDo2oR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.98.30 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
30.98.149.34.bc.googleusercontent.com
Software
/
Resource Hash
0a01cd2c51200f878b658e08c0f37b095cb3ed34e61133f377632b29df9abdaa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/eDo2oR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 10:21:49 GMT
via
1.1 google
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
age
18719
vary
Origin
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*, Authorization, X-Authorization
cache-control
public,max-age=28800
access-control-allow-credentials
true
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112
x-request-id
8ea6c0c8-3d47-45a9-9807-9e58194c233a
view.js
storage.reurl.cc/javascripts/ 		355 B
473 B 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.reurl.cc/javascripts/view.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/eDo2oR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.98.30 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
30.98.149.34.bc.googleusercontent.com
Software
/
Resource Hash
fad41bf43b95675bd3f74f2194dcd5efc947245f44f7cf2437b22724fd41159f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/eDo2oR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 08:43:51 GMT
via
1.1 google
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 28 Sep 2023 09:16:51 GMT
age
24597
vary
Origin
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*, Authorization, X-Authorization
cache-control
public,max-age=28800
access-control-allow-credentials
true
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
355
x-request-id
9359e0e6-8ae6-407f-b8c4-8a92f97f6e1d
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: storage.reurl.cc
URL: https://storage.reurl.cc/javascripts/ga2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/eDo2oR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 11 Oct 2023 13:51:33 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
6135
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 11 Oct 2023 15:51:33 GMT
fbevents.js
connect.facebook.net/en_US/ 		198 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: storage.reurl.cc
URL: https://storage.reurl.cc/javascripts/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
325fab5a06017764ab5ff18c3e5d6c1625d3524cb2a077e58b902fb8f26d1c9a
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/eDo2oR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 11 Oct 2023 15:33:48 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
53364
x-xss-protection
0
pragma
public
x-fb-debug
fmu17D5v4YhWY/6EX3XgQOnGk5nw2kttisq5bVeZ2TnzFdvtrtwdbuJ9nJBFQgxEtII58E+OigZtGMSKGjWOkQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
v3
openfpcdn.io/fingerprintjs/ 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://openfpcdn.io/fingerprintjs/v3
Requested by
Host: storage.reurl.cc
URL: https://storage.reurl.cc/javascripts/view.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-118.fra60.r.cloudfront.net
Software
CloudFront /
Resource Hash
57281521094dd6fe0d1997e31eab51a203b0f338d39e730d260fdfecce621905
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://reurl.cc
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 11 Oct 2023 13:45:55 GMT
via
1.1 6fc439c8bc0a64a7ab978ce699795274.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
6473
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
server
CloudFront
etag
W/"hurxpFJ1hzJm8rhSSUCMgpelT2E"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=634503, s-maxage=10880
x-amz-cf-id
E95KEv1mntpC2thcdDjuaT9aZCqCJqwlabYWvb24eBi8Uc69mSNuCw==
1675200226052423
connect.facebook.net/signals/config/ 		124 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1675200226052423?v=2.9.133&r=stable&domain=reurl.cc
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2287034fc37ea62ea5ac85409f0d5704a928af2f446434d8b08b6899cfd25f41
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/eDo2oR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 11 Oct 2023 15:33:48 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
33571
x-xss-protection
0
pragma
public
x-fb-debug
bd1ENn3jTNIdYrqRrl9b4s/cLRlFzc/H6FLTTLY7F6KL2ZJMlVb/I925vRpJnFIKLSu+QNQSg2fROPWhCz8jwQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
count
f.reurl.cc/v1/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://f.reurl.cc/v1/count
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.194.205.218 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.205.194.35.bc.googleusercontent.com
Software
nginx/1.25.2 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://reurl.cc
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-headers
Content-Type, User-Agent
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
https://reurl.cc
content-length
0
date
Wed, 11 Oct 2023 15:33:49 GMT
server
nginx/1.25.2
count
f.reurl.cc/v1/ 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://f.reurl.cc/v1/count
Requested by
Host: storage.reurl.cc
URL: https://storage.reurl.cc/javascripts/view.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.194.205.218 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.205.194.35.bc.googleusercontent.com
Software
nginx/1.25.2 /
Resource Hash

Request headers

Referer
https://reurl.cc/eDo2oR
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://reurl.cc
date
Wed, 11 Oct 2023 15:33:49 GMT
server
nginx/1.25.2
access-control-allow-headers
Content-Type, User-Agent
content-length
0
access-control-allow-methods
POST, OPTIONS
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1675200226052423&ev=PageView&dl=https%3A%2F%2Freurl.cc&rl=&if=false&ts=1697038429081&sw=1600&sh=1200&v=2.9.133&r=stable&ec=0&o=28&fbp=fb.1.1697038429077.639883537&cs_est=true&pm=1&hrl=4dafc4&ler=empty&it=1697038428946&coo=false&cs_cc=1&rqm=GET
Requested by
Host: reurl.cc
URL: https://reurl.cc/eDo2oR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 11 Oct 2023 15:33:49 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
Primary Request xin-yong-qia-4
henrys-financial-notes.odoo.com/blog/ 		17 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://henrys-financial-notes.odoo.com/blog/xin-yong-qia-4
Requested by
Host: storage.reurl.cc
URL: https://storage.reurl.cc/javascripts/redirect.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.199.209.126 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
126.209.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
ac84fd928144c882de2a2955ca061773a7bf3ad65294d6b7a58f128a4d22a196
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff nosniff

Request headers

Referer
https://reurl.cc/eDo2oR
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 11 Oct 2023 15:33:49 GMT
referrer-policy
strict-origin-when-cross-origin
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff nosniff
fontawesome-webfont.woff2
henrys-financial-notes.odoo.com/web/static/src/libs/fontawesome/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://henrys-financial-notes.odoo.com/web/static/src/libs/fontawesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: henrys-financial-notes.odoo.com
URL: https://henrys-financial-notes.odoo.com/blog/xin-yong-qia-4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.199.209.126 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
126.209.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://henrys-financial-notes.odoo.com/blog/xin-yong-qia-4
Origin
https://henrys-financial-notes.odoo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 15:33:50 GMT
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 30 May 2023 13:09:32 GMT
server
nginx
etag
"6475f58c-12d68"
vary
Origin
content-type
font/woff2
access-control-allow-origin
https://henrys-financial-notes.odoo.com
cache-control
max-age=86400
accept-ranges
bytes
content-length
77160
expires
Thu, 12 Oct 2023 15:33:50 GMT
web.assets_frontend.min.css
henrys-financial-notes.odoo.com/web/assets/477-7104720/1/ 		755 KB
133 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://henrys-financial-notes.odoo.com/web/assets/477-7104720/1/web.assets_frontend.min.css
Requested by
Host: henrys-financial-notes.odoo.com
URL: https://henrys-financial-notes.odoo.com/blog/xin-yong-qia-4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.199.209.126 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
126.209.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
afda7cef2f076f87d109b72fa1ec3d843a2767257814c827fdc492cecf8d689d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://henrys-financial-notes.odoo.com/blog/xin-yong-qia-4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 15:33:50 GMT
content-encoding
gzip
last-modified
Wed, 11 Oct 2023 15:23:03 GMT
server
nginx
etag
W/"6526bdd7-bcb09"
content-type
text/css; charset=utf-8
cache-control
public, max-age=31536000, immutable
content-disposition
inline; filename=web.assets_frontend.min.css
expires
Thu, 10 Oct 2024 15:33:50 GMT
web.assets_frontend_minimal.min.js
henrys-financial-notes.odoo.com/web/assets/424-c8adffe/1/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://henrys-financial-notes.odoo.com/web/assets/424-c8adffe/1/web.assets_frontend_minimal.min.js
Requested by
Host: henrys-financial-notes.odoo.com
URL: https://henrys-financial-notes.odoo.com/blog/xin-yong-qia-4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.199.209.126 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
126.209.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
3929dbdc3d11a19bc06aa6e6c86d16eed7315db164de93fd23c99ab065337793

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://henrys-financial-notes.odoo.com/blog/xin-yong-qia-4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 15:33:51 GMT
content-encoding
gzip
last-modified
Wed, 23 Aug 2023 13:10:39 GMT
server
nginx
etag
W/"64e6054f-5c13"
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000, immutable
content-disposition
inline; filename=web.assets_frontend_minimal.min.js
expires
Thu, 10 Oct 2024 15:33:51 GMT
css
fonts.googleapis.com/ 		13 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,700,700i&display=swap
Requested by
Host: henrys-financial-notes.odoo.com
URL: https://henrys-financial-notes.odoo.com/web/assets/477-7104720/1/web.assets_frontend.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
25a2b2883e101f8092e78fba2f4fcc40cac3339957cb1bf95011895ae7db0fc6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://henrys-financial-notes.odoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 11 Oct 2023 15:33:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 11 Oct 2023 15:31:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 11 Oct 2023 15:33:51 GMT
20230730072426-4c7495.png
henrys-financial-notes.odoo.com/web/image/389-d39ff418/ 		287 KB
288 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://henrys-financial-notes.odoo.com/web/image/389-d39ff418/20230730072426-4c7495.png
Requested by
Host: henrys-financial-notes.odoo.com
URL: https://henrys-financial-notes.odoo.com/blog/xin-yong-qia-4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.199.209.126 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
126.209.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
048d6b500160e64ea78f1fa957bb24e112d749444955d214c8bddbdd07f2b626

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://henrys-financial-notes.odoo.com/blog/xin-yong-qia-4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 15:33:51 GMT
last-modified
Sun, 30 Jul 2023 07:24:26 GMT
server
nginx
etag
"64c6102a-47dd8"
content-type
image/png
cache-control
public, max-age=31536000, immutable
content-disposition
inline; filename=20230730072426-4c7495.png
accept-ranges
bytes
content-length
294360
expires
Thu, 10 Oct 2024 15:33:51 GMT
ubot_banner.png
henrys-financial-notes.odoo.com/web/image/380-194f0e1b/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://henrys-financial-notes.odoo.com/web/image/380-194f0e1b/ubot_banner.png
Requested by
Host: henrys-financial-notes.odoo.com
URL: https://henrys-financial-notes.odoo.com/blog/xin-yong-qia-4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.199.209.126 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
126.209.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
e8c6664048458529987d6359761c24b21840bd07ae41c1bddf3ea815faf93b09

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://henrys-financial-notes.odoo.com/blog/xin-yong-qia-4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 15:33:51 GMT
last-modified
Sat, 29 Jul 2023 08:46:48 GMT
server
nginx
etag
"64c4d1f8-10b2"
content-type
image/png
cache-control
public, max-age=31536000, immutable
content-disposition
inline; filename=ubot_banner.png
accept-ranges
bytes
content-length
4274
expires
Thu, 10 Oct 2024 15:33:51 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,700,700i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://henrys-financial-notes.odoo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 04:06:52 GMT
x-content-type-options
nosniff
age
473219
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 05 Oct 2024 04:06:52 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,700,700i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://henrys-financial-notes.odoo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sat, 07 Oct 2023 13:37:19 GMT
x-content-type-options
nosniff
age
352592
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 06 Oct 2024 13:37:19 GMT
odoo_ui_icons.woff2
henrys-financial-notes.odoo.com/web/static/lib/odoo_ui_icons/fonts/ 		5 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://henrys-financial-notes.odoo.com/web/static/lib/odoo_ui_icons/fonts/odoo_ui_icons.woff2
Requested by
Host: henrys-financial-notes.odoo.com
URL: https://henrys-financial-notes.odoo.com/web/assets/477-7104720/1/web.assets_frontend.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.199.209.126 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
126.209.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
5eb42487e8c1c734fe28132067e4ca6bd3a8616b8b0f9898a415bfedee320f50
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://henrys-financial-notes.odoo.com/web/assets/477-7104720/1/web.assets_frontend.min.css
Origin
https://henrys-financial-notes.odoo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 15:33:51 GMT
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 09 Jun 2023 11:03:13 GMT
server
nginx
etag
"648306f1-1574"
vary
Origin
content-type
font/woff2
access-control-allow-origin
https://henrys-financial-notes.odoo.com
cache-control
max-age=86400
accept-ranges
bytes
content-length
5492
expires
Thu, 12 Oct 2023 15:33:51 GMT
Henry%27s%20Financial%20Notes
henrys-financial-notes.odoo.com/web/image/website/1/logo/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://henrys-financial-notes.odoo.com/web/image/website/1/logo/Henry%27s%20Financial%20Notes?unique=9ff1e04
Requested by
Host: henrys-financial-notes.odoo.com
URL: https://henrys-financial-notes.odoo.com/blog/xin-yong-qia-4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.199.209.126 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
126.209.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
8075515f64447fffeb4965e64d59b4c3ae8a60bb9b56867db77684c16a929d53

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://henrys-financial-notes.odoo.com/blog/xin-yong-qia-4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 15:33:51 GMT
last-modified
Mon, 17 Jul 2023 12:38:35 GMT
server
nginx
etag
"64b5364b-7219"
content-type
image/png
cache-control
public, max-age=31536000, immutable
content-disposition
inline; filename="Henry's Financial Notes.png"
accept-ranges
bytes
content-length
29209
expires
Thu, 10 Oct 2024 15:33:51 GMT
odoo_logo_tiny.png
henrys-financial-notes.odoo.com/web/static/img/ 		627 B
872 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://henrys-financial-notes.odoo.com/web/static/img/odoo_logo_tiny.png
Requested by
Host: henrys-financial-notes.odoo.com
URL: https://henrys-financial-notes.odoo.com/blog/xin-yong-qia-4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.199.209.126 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
126.209.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
903e91e5f75e5e5e5ea6ea0f82293b520de80ece1ed6c0521908e3d390c330eb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://henrys-financial-notes.odoo.com/blog/xin-yong-qia-4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 15:33:51 GMT
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 28 Aug 2023 09:56:31 GMT
server
nginx
etag
"64ec6f4f-273"
vary
Origin
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
content-length
627
expires
Thu, 12 Oct 2023 15:33:51 GMT
web.assets_frontend_lazy.min.js
henrys-financial-notes.odoo.com/web/assets/455-84cda4a/1/ 		2 MB
749 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://henrys-financial-notes.odoo.com/web/assets/455-84cda4a/1/web.assets_frontend_lazy.min.js
Requested by
Host: henrys-financial-notes.odoo.com
URL: https://henrys-financial-notes.odoo.com/web/assets/424-c8adffe/1/web.assets_frontend_minimal.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.199.209.126 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
126.209.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
369c8b8341a069bc39342ccdf2fe4b2e12b289de7a143b254882be2fbca832f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://henrys-financial-notes.odoo.com/blog/xin-yong-qia-4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 15:33:51 GMT
content-encoding
gzip
last-modified
Tue, 10 Oct 2023 04:37:11 GMT
server
nginx
etag
W/"6524d4f7-275f81"
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000, immutable
content-disposition
inline; filename=web.assets_frontend_lazy.min.js
expires
Thu, 10 Oct 2024 15:33:51 GMT
e65d64d3c7f52c50b65896a5b4fd3108b63bda05
henrys-financial-notes.odoo.com/website/translations/ 		129 KB
39 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://henrys-financial-notes.odoo.com/website/translations/e65d64d3c7f52c50b65896a5b4fd3108b63bda05?lang=zh_TW
Requested by
Host: henrys-financial-notes.odoo.com
URL: https://henrys-financial-notes.odoo.com/web/assets/455-84cda4a/1/web.assets_frontend_lazy.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.199.209.126 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
126.209.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
ed6580060ee5e08e9e19c694ed731c815af47692b6bf18f7b09ac5f291b04224
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff

Request headers

Accept
*/*
Referer
https://henrys-financial-notes.odoo.com/blog/xin-yong-qia-4
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 15:33:52 GMT
content-encoding
gzip
x-content-type-options
nosniff, nosniff
referrer-policy
strict-origin-when-cross-origin
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
cache-control
public, max-age=31536000
zh_TW
henrys-financial-notes.odoo.com/web/webclient/locale/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://henrys-financial-notes.odoo.com/web/webclient/locale/zh_TW
Requested by
Host: henrys-financial-notes.odoo.com
URL: https://henrys-financial-notes.odoo.com/web/assets/455-84cda4a/1/web.assets_frontend_lazy.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.199.209.126 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
126.209.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
f346585584a049f8da9b7fa010c1e2136bec8b3837bfc85823ff0af6355b3dcc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://henrys-financial-notes.odoo.com/blog/xin-yong-qia-4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 15:33:52 GMT
content-encoding
gzip
x-content-type-options
nosniff, nosniff
referrer-policy
strict-origin-when-cross-origin
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=utf-8
cache-control
max-age=604800
e65d64d3c7f52c50b65896a5b4fd3108b63bda05
henrys-financial-notes.odoo.com/website/translations/ 		129 KB
39 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://henrys-financial-notes.odoo.com/website/translations/e65d64d3c7f52c50b65896a5b4fd3108b63bda05
Requested by
Host: henrys-financial-notes.odoo.com
URL: https://henrys-financial-notes.odoo.com/web/assets/455-84cda4a/1/web.assets_frontend_lazy.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.199.209.126 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
126.209.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
be380ca800592532576899b01fb783cb33c9865117d79d89303638b88029a0f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://henrys-financial-notes.odoo.com/blog/xin-yong-qia-4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 15:33:52 GMT
content-encoding
gzip
x-content-type-options
nosniff, nosniff
referrer-policy
strict-origin-when-cross-origin
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
cache-control
public, max-age=31536000

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| odoo object| luxon object| version object| QWeb2 function| _renderImageOnCanvas function| _ function| moment object| owl object| __OWL_DEVTOOLS__ function| $ function| jQuery object| Popper object| Data object| EventHandler object| Manipulator object| SelectorEngine function| Base function| Alert function| Button number| uidEvent function| Carousel function| Collapse function| Dropdown function| Modal function| Offcanvas function| Tooltip function| Popover function| ScrollSpy function| Tab function| Toast object| Select2 function| ClipboardJS number| ix object| vkbeautify object| owl_ver function| _Markup function| _escape

5 Cookies

Domain/Path Name / Value
.reurl.cc/ Name: _fbp
Value: fb.1.1697038429077.639883537
henrys-financial-notes.odoo.com/ Name: frontend_lang
Value: zh_TW
henrys-financial-notes.odoo.com/ Name: session_id
Value: aad4ad923361157e8a5f628a41eaf9b396688add
henrys-financial-notes.odoo.com/ Name: tz
Value: Europe/Berlin
henrys-financial-notes.odoo.com/ Name: im_livechat_history
Value: ["/blog/xin-yong-qia-4"]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
f.reurl.cc
fonts.googleapis.com
fonts.gstatic.com
henrys-financial-notes.odoo.com
openfpcdn.io
reurl.cc
storage.reurl.cc
www.facebook.com
www.google-analytics.com
104.199.209.126
13.32.99.118
2001:4860:4802:38::178
2a00:1450:4001:81c::2003
2a00:1450:4001:81c::200a
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
34.149.98.30
35.185.130.121
35.194.205.218
048d6b500160e64ea78f1fa957bb24e112d749444955d214c8bddbdd07f2b626
0a01cd2c51200f878b658e08c0f37b095cb3ed34e61133f377632b29df9abdaa
16cf673198b29bb08e83f5d8f74182d97d9c6dfa729c60f90f6195e739de9d20
2287034fc37ea62ea5ac85409f0d5704a928af2f446434d8b08b6899cfd25f41
25a2b2883e101f8092e78fba2f4fcc40cac3339957cb1bf95011895ae7db0fc6
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3050a5556edc5876cd83e63f15e56fe19cb428129345a58d1f57687414504698
325fab5a06017764ab5ff18c3e5d6c1625d3524cb2a077e58b902fb8f26d1c9a
369c8b8341a069bc39342ccdf2fe4b2e12b289de7a143b254882be2fbca832f6
3929dbdc3d11a19bc06aa6e6c86d16eed7315db164de93fd23c99ab065337793
57281521094dd6fe0d1997e31eab51a203b0f338d39e730d260fdfecce621905
5eb42487e8c1c734fe28132067e4ca6bd3a8616b8b0f9898a415bfedee320f50
8075515f64447fffeb4965e64d59b4c3ae8a60bb9b56867db77684c16a929d53
903e91e5f75e5e5e5ea6ea0f82293b520de80ece1ed6c0521908e3d390c330eb
ac84fd928144c882de2a2955ca061773a7bf3ad65294d6b7a58f128a4d22a196
afda7cef2f076f87d109b72fa1ec3d843a2767257814c827fdc492cecf8d689d
b88f7b92b96214ec0e70933a1e7f1a30022a6f2c704f9e2277f2218aecbad06f
be380ca800592532576899b01fb783cb33c9865117d79d89303638b88029a0f0
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e8c6664048458529987d6359761c24b21840bd07ae41c1bddf3ea815faf93b09
ed6580060ee5e08e9e19c694ed731c815af47692b6bf18f7b09ac5f291b04224
f346585584a049f8da9b7fa010c1e2136bec8b3837bfc85823ff0af6355b3dcc
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fad41bf43b95675bd3f74f2194dcd5efc947245f44f7cf2437b22724fd41159f