urlscan.io logo urlscan.io
SecurityTrails logo

reurl.cc Open in urlscan Pro
35.185.130.121  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://reurl.cc/
Effective URL: https://reurl.cc/main/tw
Submission: On November 14 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 65 IPs in 7 countries across 49 domains to perform 230 HTTP transactions. The main IP is 35.185.130.121, located in Taipei, Taiwan and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is reurl.cc. The Cisco Umbrella rank of the primary domain is 301289.
TLS certificate: Issued by R3 on September 19th 2023. Valid for: 3 months.
This is the only time reurl.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 6 35.185.130.121 396982 (GOOGLE-CL...)
6 2606:4700::68... 13335 (CLOUDFLAR...)
4 34.149.98.30 396982 (GOOGLE-CL...)
1 151.101.1.55 54113 (FASTLY)
15 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 2400:52e0:1e0... 200325 (BUNNYCDN)
1 2606:4700::68... 13335 (CLOUDFLAR...)
12 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
1 35.244.196.223 15169 (GOOGLE)
6 2a03:2880:f17... 32934 (FACEBOOK)
27 2a03:2880:f08... 32934 (FACEBOOK)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
7 2a02:2638:3::3 44788 (ASN-CRITE...)
1 172.64.152.89 13335 (CLOUDFLAR...)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 65.9.66.122 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 2 34.120.135.53 396982 (GOOGLE-CL...)
1 54.73.167.29 16509 (AMAZON-02)
3 9 2a02:2638:3::c 44788 (ASN-CRITE...)
15 2600:9000:225... 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 65.9.66.66 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
1 143.204.98.125 16509 (AMAZON-02)
2 116.50.36.71 18046 (DONGFONG-...)
3 13.113.25.197 16509 (AMAZON-02)
1 34.95.67.231 396982 (GOOGLE-CL...)
1 52.192.254.229 16509 (AMAZON-02)
9 203.75.214.136 3462 (HINET Dat...)
1 3 35.201.76.93 396982 (GOOGLE-CL...)
2 3 142.250.181.226 15169 (GOOGLE)
2 35.227.249.156 396982 (GOOGLE-CL...)
1 143.204.215.16 16509 (AMAZON-02)
1 34.117.23.234 396982 (GOOGLE-CL...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 192.0.78.25 2635 (AUTOMATTIC)
1 61.216.47.122 3462 (HINET Dat...)
1 34.149.36.179 15169 (GOOGLE)
1 2600:9000:205... 16509 (AMAZON-02)
1 192.0.77.2 2635 (AUTOMATTIC)
1 192.0.78.187 2635 (AUTOMATTIC)
1 34.98.64.218 396982 (GOOGLE-CL...)
1 13.32.99.3 16509 (AMAZON-02)
4 13.113.7.192 16509 (AMAZON-02)
1 35.208.216.174 15169 (GOOGLE)
2 162.210.196.208 30633 (LEASEWEB-...)
4 2a02:2638:3::7 44788 (ASN-CRITE...)
9 2a00:1450:400... 15169 (GOOGLE)
1 210.59.219.34 3462 (HINET Dat...)
1 103.132.192.30 ()
1 2600:9000:225... ()
1 2600:9000:206... ()
1 154.58.197.185 ()
1 2620:116:800d... ()
1 52.50.150.248 ()
230 65
6    35.185.130.121 (Taipei, Taiwan)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 121.130.185.35.bc.googleusercontent.com
reurl.cc
6    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
4    34.149.98.30 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 30.98.149.34.bc.googleusercontent.com
storage.reurl.cc
1    151.101.1.55 (United States)

ASN54113 (FASTLY, US)
anymind360.com
15    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2400:52e0:1e00::1080:1 (Germany)

ASN200325 (BUNNYCDN, SI)
cdn.rawgit.com
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
12    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
10    2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
9    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    35.244.196.223 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 223.196.244.35.bc.googleusercontent.com
storage.re-news.tw
6    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
27    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
static.xx.fbcdn.net
scontent.xx.fbcdn.net
3    2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
3    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
2    2a00:1450:400c:c0b::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
7    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    172.64.152.89 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
1    65.9.66.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-122.fra56.r.cloudfront.net
tags.crwdcntrl.net
3    2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
712cbcb39354d81d29ccd65183f99df2.safeframe.googlesyndication.com
c14431c93fa191d9c973c3e3d47a20c1.safeframe.googlesyndication.com
2    34.120.135.53 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com
oajs.openx.net
1    54.73.167.29 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-73-167-29.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
9    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
mug.criteo.com
15    2600:9000:2250:4600:0:e06c:e940:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.holmesmind.com
3    2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    65.9.66.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-66.fra56.r.cloudfront.net
cnt.trvdp.com
5    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    143.204.98.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-125.fra50.r.cloudfront.net
go.trvdp.com
2    116.50.36.71 (Taiwan)

ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW)
cm.lndata.com
3    13.113.25.197 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-113-25-197.ap-northeast-1.compute.amazonaws.com
cm-dev-poc.holmesmind.com
1    34.95.67.231 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 231.67.95.34.bc.googleusercontent.com
fcm.holmesmind.com
1    52.192.254.229 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-192-254-229.ap-northeast-1.compute.amazonaws.com
fcm2.holmesmind.com
9    203.75.214.136 (Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-75-214-136.hinet-ip.hinet.net
t.ssp.hinet.net
1d776f8f-e3c9-43dc-9957-cdfd8d0ca66d.t.ssp.hinet.net
3    35.201.76.93 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 93.76.201.35.bc.googleusercontent.com
c.holmesmind.com
3    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
cm.g.doubleclick.net
2    35.227.249.156 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 156.249.227.35.bc.googleusercontent.com
m.holmesmind.com
1    143.204.215.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-16.fra53.r.cloudfront.net
stg.truvidplayer.com
1    34.117.23.234 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 234.23.117.34.bc.googleusercontent.com
asset.re-news.tw
1    2606:4700::6811:eec2 (United States)

ASN13335 (CLOUDFLARENET, US)
mma.prnasia.com
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
img.gbyhn.com.tw
1    192.0.78.25 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
creditcards.com.tw
1    61.216.47.122 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 61-216-47-122.hinet-ip.hinet.net
img.racingcharger.tw
1    34.149.36.179 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 179.36.149.34.bc.googleusercontent.com
www.rayskyinvest.com
1    2600:9000:2057:2800:1e:5c56:d400:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.wixstatic.com
1    192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i2.wp.com
i0.wp.com
1    192.0.78.187 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
blog.alphaloan.co
1    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
google-bidout-d.openx.net
1    13.32.99.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-3.fra60.r.cloudfront.net
s.trvdp.com
4    13.113.7.192 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-113-7-192.ap-northeast-1.compute.amazonaws.com
ad.holmesmind.com
1    35.208.216.174 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 174.216.208.35.bc.googleusercontent.com
rt.ad-score.com
2    162.210.196.208 (Lanham, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
hb.aralego.com
4    2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
9    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    210.59.219.34 (Taichung, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 210-59-219-34.hinet-ip.hinet.net
prebid.scupio.com
1    103.132.192.30 (None, )

ASN- ()
prebid-asia.creativecdn.com
1    2600:9000:2251:3e00:3:4706:a6c0:93a1 (None, )

ASN- ()
cti.w55c.net
1    2600:9000:206f:b600:1b:f040:3600:93a1 (None, )

ASN- ()
ads.w55c.net
1    154.58.197.185 (None, )

ASN- ()
t.hspvst.com
1    2620:116:800d:21:7eb1:3826:be7e:d981 (None, )

ASN- ()
cms.quantserve.com
1    52.50.150.248 (None, )

ASN- ()
match.360yield.com
Apex Domain
Subdomains		 Transfer
29 holmesmind.com
cdn.holmesmind.com — Cisco Umbrella Rank: 99095
cm-dev-poc.holmesmind.com — Cisco Umbrella Rank: 140223
fcm.holmesmind.com — Cisco Umbrella Rank: 171076
fcm2.holmesmind.com — Cisco Umbrella Rank: 131344
c.holmesmind.com — Cisco Umbrella Rank: 98234
m.holmesmind.com — Cisco Umbrella Rank: 148053
ad.holmesmind.com — Cisco Umbrella Rank: 93797
123 KB
27 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
712cbcb39354d81d29ccd65183f99df2.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
c14431c93fa191d9c973c3e3d47a20c1.safeframe.googlesyndication.com
342 KB
24 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 933
scontent.xx.fbcdn.net — Cisco Umbrella Rank: 449
568 KB
19 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
cm.g.doubleclick.net — Cisco Umbrella Rank: 245
378 KB
14 gstatic.com
www.gstatic.com
fonts.gstatic.com
693 KB
13 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 454
mug.criteo.com — Cisco Umbrella Rank: 2926
bidder.criteo.com — Cisco Umbrella Rank: 757
22 KB
13 google.com
www.google.com — Cisco Umbrella Rank: 2
region1.analytics.google.com — Cisco Umbrella Rank: 3040
110 KB
10 reurl.cc
reurl.cc — Cisco Umbrella Rank: 301289
storage.reurl.cc — Cisco Umbrella Rank: 427468
19 KB
9 hinet.net
t.ssp.hinet.net — Cisco Umbrella Rank: 74825
1d776f8f-e3c9-43dc-9957-cdfd8d0ca66d.t.ssp.hinet.net
9 KB
7 criteo.net
static.criteo.net — Cisco Umbrella Rank: 668
98 KB
6 facebook.com
www.facebook.com — Cisco Umbrella Rank: 110
48 KB
6 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 335
127 KB
3 trvdp.com
cnt.trvdp.com — Cisco Umbrella Rank: 36870
go.trvdp.com — Cisco Umbrella Rank: 33275
s.trvdp.com — Cisco Umbrella Rank: 30783
136 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 212
182 KB
3 openx.net
oajs.openx.net — Cisco Umbrella Rank: 1656
google-bidout-d.openx.net — Cisco Umbrella Rank: 1665
670 B
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
141 KB
2 w55c.net
cti.w55c.net
ads.w55c.net
i.w55c.net Failed
67 KB
2 aralego.com
hb.aralego.com — Cisco Umbrella Rank: 28573
340 B
2 lndata.com
cm.lndata.com — Cisco Umbrella Rank: 132817
940 B
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 976
bcp.crwdcntrl.net — Cisco Umbrella Rank: 887
12 KB
2 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 2139
prebid-asia.creativecdn.com
2 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 6862
515 B
2 re-news.tw
storage.re-news.tw
asset.re-news.tw
435 KB
1 360yield.com
match.360yield.com
199 B
1 quantserve.com
cms.quantserve.com
463 B
1 hspvst.com
t.hspvst.com
928 B
1 scupio.com
prebid.scupio.com — Cisco Umbrella Rank: 85892
168 B
1 ad-score.com
rt.ad-score.com — Cisco Umbrella Rank: 20712
595 B
1 alphaloan.co
blog.alphaloan.co
181 KB
1 wp.com
i0.wp.com — Cisco Umbrella Rank: 3823
107 KB
1 wixstatic.com
static.wixstatic.com — Cisco Umbrella Rank: 5548
248 KB
1 rayskyinvest.com
www.rayskyinvest.com
82 KB
1 racingcharger.tw
img.racingcharger.tw
195 KB
1 creditcards.com.tw
creditcards.com.tw
53 KB
1 gbyhn.com.tw
img.gbyhn.com.tw
82 KB
1 prnasia.com
mma.prnasia.com — Cisco Umbrella Rank: 604140
189 KB
1 truvidplayer.com
stg.truvidplayer.com — Cisco Umbrella Rank: 26906
2 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1762
8 KB
1 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1383
5 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 223
5 KB
1 rawgit.com
cdn.rawgit.com — Cisco Umbrella Rank: 12123
727 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
92 KB
1 anymind360.com
anymind360.com — Cisco Umbrella Rank: 20281
40 KB
0 3lift.com Failed
eb2.3lift.com Failed
0 lijit.com Failed
ap.lijit.com Failed
0 de17a.com Failed
d5p.de17a.com Failed
0 turn.com Failed
ad.turn.com Failed
0 appier.net Failed
ad2.apx.appier.net Failed
230 49
Domain Requested by
22 static.xx.fbcdn.net www.facebook.com
static.xx.fbcdn.net
15 cdn.holmesmind.com securepubads.g.doubleclick.net
cdn.holmesmind.com
ad.holmesmind.com
reurl.cc
15 pagead2.googlesyndication.com reurl.cc
pagead2.googlesyndication.com
www.googletagservices.com
tpc.googlesyndication.com
securepubads.g.doubleclick.net
c14431c93fa191d9c973c3e3d47a20c1.safeframe.googlesyndication.com
12 securepubads.g.doubleclick.net reurl.cc
securepubads.g.doubleclick.net
www.googletagservices.com
c14431c93fa191d9c973c3e3d47a20c1.safeframe.googlesyndication.com
10 www.google.com reurl.cc
www.gstatic.com
www.google.com
tpc.googlesyndication.com
c14431c93fa191d9c973c3e3d47a20c1.safeframe.googlesyndication.com
9 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
securepubads.g.doubleclick.net
c14431c93fa191d9c973c3e3d47a20c1.safeframe.googlesyndication.com
9 www.gstatic.com www.google.com
www.gstatic.com
8 t.ssp.hinet.net cdn.holmesmind.com
t.ssp.hinet.net
7 static.criteo.net securepubads.g.doubleclick.net
cdn.holmesmind.com
reurl.cc
6 gum.criteo.com 3 redirects static.criteo.net
6 www.facebook.com reurl.cc
static.xx.fbcdn.net
6 cdn.jsdelivr.net reurl.cc
6 reurl.cc 2 redirects reurl.cc
5 fonts.gstatic.com www.google.com
reurl.cc
4 bidder.criteo.com static.criteo.net
4 ad.holmesmind.com cdn.holmesmind.com
4 storage.reurl.cc reurl.cc
3 mug.criteo.com reurl.cc
3 cm.g.doubleclick.net 2 redirects c14431c93fa191d9c973c3e3d47a20c1.safeframe.googlesyndication.com
3 c.holmesmind.com 1 redirects cdn.holmesmind.com
3 cm-dev-poc.holmesmind.com cdn.holmesmind.com
3 www.googletagservices.com securepubads.g.doubleclick.net
c14431c93fa191d9c973c3e3d47a20c1.safeframe.googlesyndication.com
3 region1.analytics.google.com www.googletagmanager.com
3 www.google-analytics.com storage.reurl.cc
www.google-analytics.com
reurl.cc
3 connect.facebook.net storage.reurl.cc
connect.facebook.net
fcm2.holmesmind.com
2 c14431c93fa191d9c973c3e3d47a20c1.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 hb.aralego.com cdn.holmesmind.com
2 m.holmesmind.com cdn.holmesmind.com
2 cm.lndata.com cdn.holmesmind.com
2 oajs.openx.net 1 redirects reurl.cc
2 scontent.xx.fbcdn.net www.facebook.com
2 www.google.de reurl.cc
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 match.360yield.com c14431c93fa191d9c973c3e3d47a20c1.safeframe.googlesyndication.com
1 cms.quantserve.com c14431c93fa191d9c973c3e3d47a20c1.safeframe.googlesyndication.com
1 t.hspvst.com c14431c93fa191d9c973c3e3d47a20c1.safeframe.googlesyndication.com
1 ads.w55c.net c14431c93fa191d9c973c3e3d47a20c1.safeframe.googlesyndication.com
1 cti.w55c.net c14431c93fa191d9c973c3e3d47a20c1.safeframe.googlesyndication.com
1 prebid-asia.creativecdn.com cdn.holmesmind.com
1 prebid.scupio.com cdn.holmesmind.com
1 1d776f8f-e3c9-43dc-9957-cdfd8d0ca66d.t.ssp.hinet.net reurl.cc
1 rt.ad-score.com s.trvdp.com
1 s.trvdp.com go.trvdp.com
1 google-bidout-d.openx.net oa.openxcdn.net
1 blog.alphaloan.co reurl.cc
1 i0.wp.com reurl.cc
1 static.wixstatic.com reurl.cc
1 www.rayskyinvest.com reurl.cc
1 img.racingcharger.tw reurl.cc
1 creditcards.com.tw reurl.cc
1 img.gbyhn.com.tw reurl.cc
1 mma.prnasia.com reurl.cc
1 asset.re-news.tw reurl.cc
1 stg.truvidplayer.com go.trvdp.com
1 fcm2.holmesmind.com cdn.holmesmind.com
1 fcm.holmesmind.com cdn.holmesmind.com
1 go.trvdp.com cnt.trvdp.com
1 cnt.trvdp.com securepubads.g.doubleclick.net
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 712cbcb39354d81d29ccd65183f99df2.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn-ima.33across.com securepubads.g.doubleclick.net
1 storage.re-news.tw storage.reurl.cc
1 cdnjs.cloudflare.com reurl.cc
1 cdn.rawgit.com 1 redirects
1 www.googletagmanager.com reurl.cc
1 anymind360.com reurl.cc
0 eb2.3lift.com Failed c14431c93fa191d9c973c3e3d47a20c1.safeframe.googlesyndication.com
0 ap.lijit.com Failed c14431c93fa191d9c973c3e3d47a20c1.safeframe.googlesyndication.com
0 d5p.de17a.com Failed c14431c93fa191d9c973c3e3d47a20c1.safeframe.googlesyndication.com
0 ad.turn.com Failed c14431c93fa191d9c973c3e3d47a20c1.safeframe.googlesyndication.com
0 i.w55c.net Failed c14431c93fa191d9c973c3e3d47a20c1.safeframe.googlesyndication.com
0 ad2.apx.appier.net Failed
230 76

This site contains links to these domains. Also see Links.

Domain
imgus.cc
youtils.cc
re-news.tw
www.comptw.com
stockinfo.tw
Subject Issuer Validity Valid
reurl.cc
R3		 2023-09-19 -
2023-12-18		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
storage.reurl.cc
GTS CA 1D4		 2023-10-14 -
2024-01-12		 3 months crt.sh
anymind360.com
R3		 2023-10-25 -
2024-01-23		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
storage.re-news.tw
GTS CA 1D4		 2023-10-08 -
2024-01-06		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-08-23 -
2023-11-21		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-01-06		 3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-09-25 -
2023-12-24		 3 months crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-10-24 -
2024-01-22		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
*.holmesmind.com
Go Daddy Secure Certificate Authority - G2		 2023-05-19 -
2024-06-19		 a year crt.sh
*.trvdp.com
Amazon RSA 2048 M01		 2023-07-26 -
2024-08-23		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.lndata.com
GeoTrust RSA CA 2018		 2022-11-23 -
2023-12-24		 a year crt.sh
*.t.ssp.hinet.net
 2023-04-06 -
2024-04-06		 a year crt.sh
*.truvidplayer.com
Amazon RSA 2048 M02		 2023-01-22 -
2024-02-20		 a year crt.sh
asset.re-news.tw
GTS CA 1D4		 2023-10-24 -
2024-01-22		 3 months crt.sh
*.prnasia.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-25 -
2024-11-24		 a year crt.sh
gbyhn.com.tw
GTS CA 1P5		 2023-09-22 -
2023-12-21		 3 months crt.sh
tls.automattic.com
R3		 2023-10-07 -
2024-01-05		 3 months crt.sh
img.racingcharger.tw
cPanel, Inc. Certification Authority		 2023-10-22 -
2024-01-20		 3 months crt.sh
*.rayskyinvest.com
R3		 2023-11-04 -
2024-02-02		 3 months crt.sh
*.wixstatic.com
Sectigo RSA Domain Validation Secure Server CA		 2023-08-03 -
2024-01-30		 6 months crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA		 2022-11-14 -
2023-12-15		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.ad-score.com
Go Daddy Secure Certificate Authority - G2		 2023-09-02 -
2024-10-03		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2023-11-09 -
2024-12-09		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.scupio.com
Sectigo RSA Organization Validation Secure Server CA		 2023-09-27 -
2024-10-27		 a year crt.sh
*.creativecdn.com
RapidSSL TLS RSA CA G1		 2023-03-29 -
2024-04-28		 a year crt.sh
*.w55c.net
Amazon RSA 2048 M02		 2023-05-29 -
2024-06-25		 a year crt.sh
ads.w55c.net
Amazon RSA 2048 M02		 2023-07-19 -
2024-08-16		 a year crt.sh
*.hspvst.com
Gandi Standard SSL CA 2		 2022-12-12 -
2023-12-09		 a year crt.sh
quantserve.com
R3		 2023-10-28 -
2024-01-26		 3 months crt.sh
*.360yield.com
Amazon RSA 2048 M01		 2023-05-29 -
2024-06-26		 a year crt.sh

This page contains 28 frames:

Primary Page: https://reurl.cc/main/tw
Frame ID: 448BBA13178A0558A3E45EF001080C61
Requests: 65 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FCreditCards.com.tw%252F%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId
Frame ID: E7A0F2724853051884C0FDC3745CFCC5
Requests: 37 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20190131/zrt_lookup_fy2021.html
Frame ID: D26480B3E6411F909357537AC959A967
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9999486404371312&output=html&adk=1812271804&adf=3025194257&lmt=1699921811&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x810_l%7C212x810_r&format=0x0&url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699921810744&bpp=3&bdt=575&idt=256&shv=r20231108&mjsv=m202311060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7235746648988&frm=20&pv=2&ga_vid=1007361067.1699921811&ga_sid=1699921811&ga_hid=785448938&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795922%2C44807464%2C31078301%2C44807406%2C44807753%2C44806141%2C44807763%2C44808148%2C44808285%2C21065725&oid=2&pvsid=1948896639116033&tmod=2067395196&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=275
Frame ID: C91192A908F555120CAE86FCD5C56832
Requests: 1 HTTP requests in this frame

Frame: https://712cbcb39354d81d29ccd65183f99df2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: CC6DBDE6459890E86765D40EBDCCF76B
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldi8TIUAAAAAJun3UxUGrHA2YVhQjVZ7URvPSc9&co=aHR0cHM6Ly9yZXVybC5jYzo0NDM.&hl=de&v=fGZmEzpfeSeqDJiApS_XZ4Y2&size=invisible&cb=5g2gollgv6v4
Frame ID: AD187874812797D75A9196B708D7DDBC
Requests: 7 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=reurl.cc
Frame ID: 158934BB26084F5C7F05AAE95F2AC185
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuCJL6W24VOKzWG64eZrV651yBYvzkDeoyY4nxcUDyYL2BJ9JxWR82FpHFfEG34AddqGPYz4ffngGIsco7yhk-q6j5Ta2rOXoCQMhwRA2tMyAOZ4wTZA1M31EAVlbJpsSS8oapIkxS8vC3KJWSl-NHU3UndmEmDP7In3k3ZQkZ8adHdXvoGw15EUUscBCZMhm5QGcf02hwrUDO6RKPqbc8CAiNSNKG64_OJyRwLFgzjqTOoIc_SS6VxLfdt8mpD7n5NpAbeTT9d_9GfttNeyrBX5Vd3PRU400tqBBjQsTgD1JBUR4XDJwR2ji_OZlfKIGOu2cxBVOYMenEZEsgBL43vV9eD9Yn4CWq5c8dvJ1TBR9RsUCLRGkw9sLmDOPUbNtI&sai=AMfl-YTEJ7pL1JPcYyIYknnrT_egNtITnUAJfR8UIVxtlUU9RYes53EyTRC3I46X7dsFVXnXtV2i5fRd9wQ-07MrVBmd7se2jPz4ldt4_FpL_LWN-NB1ptFeMZ_S3XEXKYVOgKJ40u-_nAKVwHxcmWpLcTc&sig=Cg0ArKJSzDKK37RW512aEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: D592B51FD1627B520601E12253E50CE6
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvpW8JFSqGvQ9uwVSlswDgfUf07JGP1Vu97NStXqIB722CGsNB50sd3vMLn5gcwC_42fLnVru-UmRgGSDQEwze7yrveDr7Fp3Di85tlU2BUf1aPpblUnXMx-XtJ6GALCnm312OXHxjTrieTzK43HsSybtChvUszIFApsfORUfs0nUtobvi7n3_QwQjx2DszblLdpDcTKTu0Nk6meLvjCdbeSa9uwcKfyIGeoQjzItvkFzSsfNfq1buzH_NMyT4cQ_JM7ux2jiGiuWr_L8piyC_U83ngiLPMe3ScPQDUU4PfsJT0jLdRq_lBUkH26A3OXeuZIBg2RKvuayws-d8umFla4L79GoHp1ErQBSToq9jRzNZo2kGSN02ru7TvHw&sai=AMfl-YTPe-1rhWit50509BuJj6B7nOGv8W9jwembhyY6C-APyXBzrfHcT4D8F5yoOkaD1qcSP1NmvWCwbZnvgjKRzO9NRz4rLh8Y4k9d6_riA58s7rwx2Tg2VIIZD-ZOCqOeJVObgMeDjxYfMZ3_T4kLCwI&sig=Cg0ArKJSzKrfa99b9HEHEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 34F6F1F125B8610D863E1233F8598E2A
Requests: 6 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: B89605E0449D5C7894B2BA33A9181C70
Requests: 11 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js?20230627
Frame ID: 690F918DDAFF735DBEC573E873F2FA5B
Requests: 15 HTTP requests in this frame

Frame: https://cm-dev-poc.holmesmind.com/fp
Frame ID: 593DAA8408754ED24A124A455CFC8457
Requests: 1 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: C078B695419233CB10E35F473A6F589C
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=fGZmEzpfeSeqDJiApS_XZ4Y2&k=6Ldi8TIUAAAAAJun3UxUGrHA2YVhQjVZ7URvPSc9
Frame ID: 47FA34A742D4DAC8C70CE2E910C4B6FC
Requests: 11 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 2FF1FE25B6AA9AA0B3B4268F88957F4A
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: 5B2979CD5E5FAE860F021EA711788BC4
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 867235B3AFC957A980A86B2888EC7585
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 79C2327C99D77DE33B97853207191F8C
Requests: 2 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/init.js
Frame ID: A03E62CADA70A9E4689A8686969FCFF4
Requests: 1 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=8500-7607fb2b932e0f71ebc845f7bb52b8b5ac9f4444e047f35ed68cf2c9d93cfa2a
Frame ID: CE2944D67177544A6E4095F5ED3ADFC9
Requests: 5 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js?20230627
Frame ID: 41D4857D2EE5579F13A8C7BAE6199927
Requests: 20 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: 8B8FEFD756C17B4E2FCDE3BA2B15D0C4
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: D3D06F66AFB099DE085943507F80C896
Requests: 6 HTTP requests in this frame

Frame: https://c14431c93fa191d9c973c3e3d47a20c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5
Frame ID: 7B4EA54D82226F0F6503DF9C4664300E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0431873E20840C922B8895262B810929
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 92A5BE419ADDB1A5FEE73D5FE7D04141
Requests: 2 HTTP requests in this frame

Frame: https://c14431c93fa191d9c973c3e3d47a20c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5
Frame ID: 929E94CF13B3F43A99DE445320EBF83F
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9DE8BA1772C5C682877180F80B6AC53D
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

縮短網址產生器 - reurl

Page URL History Show full URLs

  1. http://reurl.cc/ HTTP 301
    https://reurl.cc/ HTTP 302
    https://reurl.cc/main/tw Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/vue(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • /axios(@|/)([\d.]+)(?:/[a-z]+)?/axios(?:.min)?\.js
Overall confidence: 100%
Detected patterns
  • clipboard(?:-([\d.]+))?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • sweetalert2(?:\.all)?(?:\.min)?\.js
  • /npm/sweetalert2@([\d.]+)
  • sweetalert2@([\d.]+)/dist/sweetalert2(?:\.all)(?:\.min)\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

230
Requests

90 %
HTTPS

45 %
IPv6

49
Domains

76
Subdomains

65
IPs

7
Countries

4824 kB
Transfer

10985 kB
Size

33
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://reurl.cc/ HTTP 301
    https://reurl.cc/ HTTP 302
    https://reurl.cc/main/tw Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://cdn.rawgit.com/zenorocha/clipboard.js/v1.7.1/dist/clipboard.min.js HTTP 301
  • https://cdn.jsdelivr.net/gh/zenorocha/clipboard.js@v1.7.1/dist/clipboard.min.js
Request Chain 69
  • https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&rid=esp&cc=1
Request Chain 103
  • https://c.holmesmind.com/cm HTTP 302
  • https://c.holmesmind.com/cm?tc=getIn&
Request Chain 104
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=undefined&uu_m=undefined HTTP 302
  • https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESELpb7JO05wcuflV_fu8vspA&google_cver=1
Request Chain 105
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=reurl.cc&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=jZRbYXx6MDlkRTIwV1RJcmdKQXdvem93ejJiRVY1RC9hZFNSUVE2by9LWCtZWDFwRENuNlVBQVZQSjJEaEx0WW9VMUhFMFUydmFSUTBJcTloOUx1MnY5OSs2THVHTzFEcG53ZHJ5MUFqM2I3S2JQNjlqUG5neHNnVjZYaXVHcDQ1ODVkSXA1NDRKRDdHbmZRTXJoUzR6VS9yVk91bWUzQTF4UnlyNGJIeVA4QUJGTU1sZG9NY2JIbFM1Y2ZkWWRUVTB3U2U1bnZMK3Zvb3ZmWHk2bFkzdmxqYmVNRVhyaVI2T0JGakxaaytMbS9sVVNGVTlzcTJWMW9oMFUwb2hrTzhNUzlnTkgzODFCT0g1aGxDcWd5VHNtclNaUT09fA&cppv=2
Request Chain 164
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=-jAINF9WMFJVZnpaUU9ZVFdzZGpoQXQyYkZDYlhVVktJRzEzNGxwUUFTTUg3SjlURWxya2Mwd2RDblJ1dzdmejdCOW9JZE04b2lZMjZaNkExUTl0Yzc5VVVITW9jRnpJbzBCVyUyRmtGTHNDMUxiVXVRR3YwdEI0Vmk3SE9rNXBDZFF1UzhvWGZGcVFsbHZnYW5kRWpjbnhCb2paQSUzRCUzRA&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=QpLPr3wvaUNFK2NtVlNNcGVMMUw3WWpHZWN4VVlvWThDSXVFaTdpK3NETDBid09xdkYvdWZCRjc5M3RyN3F2L3RGNnY1WGdDYzBxZ0dVZE1Ea2pqSHVwVW11eXVUbVNDUmMwMVc3RmVCMWlRd1BUQzFkRlN1SGh5RXIzT0hEZnptZVU1WmhKVXVHOTNYZ0V2NitJa2R6UXh4YmllYkRpc0xzazNXL1JjYTVvQnJ6a3ZOZnBCTTlja29NYVJrQnNVWFhYVUpmZUpUWVNiTm1Rbms3NGpIVnh5TGdCNzNyOFpKTjBQSUNCYjZGS013U1Y2SlhrYWV0NHM0SElzWXY1ZFJaNDlTVXdUNFhEdDlYQThsRkFVa2Nrb1EvZz09fA&cppv=2
Request Chain 175
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=719184-dEEu0w4oz86A0r7qWGnEQdosbMO5GSRu&uu_m=undefined HTTP 302
  • https://m.holmesmind.com/ml/google?cf_uid=719184-dEEu0w4oz86A0r7qWGnEQdosbMO5GSRu&uu_m=undefined&google_gid=CAESELpb7JO05wcuflV_fu8vspA&google_cver=1
Request Chain 194
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=EBSkx19WMFJVZnpaUU9ZVFdzZGpoQXQyYkZGNkVXTVlPJTJCMjF3Y21rTGNqJTJCWFR2NyUyRmxpUUJ4SFFnRDk1aHFpaERoUmJGNFNlYzZzVnBKOTBvWEJXdWFPcWtTOHk3MUhNSiUyRmpRVG9kTWdiZnBlNFBLTm9lSHZWYlVwJTJCQUdYdGJzTVhxb1dhZUh5aWh0UjVHRWczVnVVSkR1UTlRJTNEJTNE&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=rLAkbHxaNXJPYktrdDlPRDZOT0w3SVhRN3VRWGpKeDNOK0pub3JIZjZuSVljcnlLRUU2MWRxZGVNYkhXQWlIeGVXdWtwbEh1ZGpVNDQ1NGt0UkxocExTV1E4WTQ3OHNiMkM4bzhZT1ZHTGJaU0owZHZNSCswdHFrU09WNXMxZmQ0cjdRdk1lTEVLNEJ2OVhzazlmQ2VZTVV1MDdhSTZDNzc3Y3A5OTNFWHg5Mjg5NllDTGdSVkUrcTllaGFXeFBtUk9yaFFhRFN5WEhqVUoyL2NBenpqRUtCbmQ2OWV4ejNmZ3hiUkVhNUozTEhjY1NRcE92RmoxT0UzNTFBS3NVTXlJdGwyUE9lWk5mZkwvNi9qOW94eXBvaHMxQT09fA&cppv=2
Request Chain 199
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=EkVFZ37gAMCJtDMzn79SZQ
Request Chain 227
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEDbHQtdLCQyxKf_iN3Mn5pI&google_cver=1&google_push=AXcoOmTIl96j6qQicu5PneDN9z_IX0afJlwOIbjXUw0Bp5GYUKoMGkXNf0GqIhZ4DVwOHpP_7XB4QD-a0hTucG6Y2qPy6V1Ln28C HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=YxYcFYhWS_8qOtRqEPSNjA&google_push=AXcoOmTIl96j6qQicu5PneDN9z_IX0afJlwOIbjXUw0Bp5GYUKoMGkXNf0GqIhZ4DVwOHpP_7XB4QD-a0hTucG6Y2qPy6V1Ln28C
Request Chain 228
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEGlF2-WRDIqQNi3wlUcp_r4&google_cver=1&google_push=AXcoOmTQuEvYtstzYU517MkGZWwiAtrAj5f5OYJX5mj06E6q789bm6RXiATOm-EDTkUc8v61T43xmBXj19teXRKmvY-MP5IGhMDp HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEGlF2-WRDIqQNi3wlUcp_r4&google_cver=1&google_push=AXcoOmTQuEvYtstzYU517MkGZWwiAtrAj5f5OYJX5mj06E6q789bm6RXiATOm-EDTkUc8v61T43xmBXj19teXRKmvY-MP5IGhMDp
Request Chain 229
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEGkmCPmorEOQWLKjJEuFZDQ&google_cver=1&google_push=AXcoOmSKFAD1VtNXq6bPylvydlbYESaXLXyqXwCFXWcH36do4Yp2OL1gRX3kszvvtrbhGEPGPC76a7VMkEEG7nyoMimdxRHq7Y7T HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEGkmCPmorEOQWLKjJEuFZDQ&google_cver=1&google_push=AXcoOmSKFAD1VtNXq6bPylvydlbYESaXLXyqXwCFXWcH36do4Yp2OL1gRX3kszvvtrbhGEPGPC76a7VMkEEG7nyoMimdxRHq7Y7T&sovrn_retry=true
Request Chain 231
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEFhgbpNBB7dZs38fjQWH6rU&google_cver=1&google_push=AXcoOmROzzAI3TeOAObdtpGDpNrTvSwb6kHrIH0OCtZAEUSmdWPi3BHGuQlAXtXRY4NBvGKJAGxmmHyIc4wiZ7AwTl5CZ4IPmjXJ HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmROzzAI3TeOAObdtpGDpNrTvSwb6kHrIH0OCtZAEUSmdWPi3BHGuQlAXtXRY4NBvGKJAGxmmHyIc4wiZ7AwTl5CZ4IPmjXJ&google_gid=CAESEFhgbpNBB7dZs38fjQWH6rU

230 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request tw
reurl.cc/main/
Redirect Chain
  • http://reurl.cc/
  • https://reurl.cc/
  • https://reurl.cc/main/tw
14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/main/tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c6d70e06fe41214ac2b19a2f783cdb9394036867ea87ee39c48e7ed8f370c9cf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
*, Authorization, X-Authorization
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 14 Nov 2023 00:30:09 GMT
referrer-policy
no-referrer-when-downgrade
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding Origin
x-request-id
4905cf1d-eecf-4036-b565-73df3404da34

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
*, Authorization, X-Authorization
content-length
31
content-type
text/html; charset=utf-8
date
Tue, 14 Nov 2023 00:30:09 GMT
location
/main/tw
referrer-policy
no-referrer-when-downgrade
server
nginx/1.18.0 (Ubuntu)
vary
Origin
x-request-id
3a5a5ffd-0015-4750-8302-3af3cef8df37
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/ 		152 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/bootstrap.min.css
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
244886
x-jsd-version
4.3.1
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230064-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"2606e-bhA1SChFSJj9qA9V897LNH/Z7SE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t7GCevNazWpMtZSvII81booGZlwBT0OPqrevu2xKIKilBZ46Kp6EzBWK0R8FYOnQDJE2lAuDqfXC%2Fuq0zKI%2Fl8DOYw7xV5yUfuWsVAtDhQl6tWqlOepmXQbcLf6Tu%2BZPeqG%2B1XGJl9w7F3XsZJk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
825b24f339e990e8-FRA
style.css
storage.reurl.cc/stylesheets/rwd/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://storage.reurl.cc/stylesheets/rwd/style.css
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.98.30 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
30.98.149.34.bc.googleusercontent.com
Software
/
Resource Hash
749079c4e18ad34ac381e98d3fa23e070937ae17b73e27bb066eae5350ed667d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 18:27:36 GMT
content-encoding
gzip
via
1.1 google
age
21754
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
904
x-request-id
c6312f63-0d38-4f92-8a91-a72db060fa8d
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*, Authorization, X-Authorization
cache-control
public,max-age=28800
access-control-allow-credentials
true
accept-ranges
bytes
ats.js
anymind360.com/js/9479/ 		171 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://anymind360.com/js/9479/ats.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.55 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
e9685c588da94d0c4b0ee88b43cf80da52fd32761ceb79851d4f802acc1ddfd2
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires
Sun, 12 Nov 2023 06:35:28 GMT
date
Tue, 14 Nov 2023 00:30:10 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=31557600
age
150882
x-guploader-uploadid
ABPtcPrBMWRoKusgyEdBk76IeQB0J0Ei-km9Ms8BmweaohrTNkGq8z6wi6y_aRJ9MbEudNu5H_tqJZenTg
x-cache
HIT, HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
40696
x-served-by
cache-tyo11954-TYO, cache-fra-etou8220034-FRA
last-modified
Wed, 08 Nov 2023 03:49:39 GMT
server
UploadServer
x-timer
S1699921811.536708,VS0,VE1
etag
"b0baf597d1ff3e89290c0e2df038dbe8"
vary
Accept-Encoding
x-goog-generation
1699415379444263
x-goog-hash
crc32c=7lGlNg==, md5=sLr1l9H/PokpDA4t8Djb6A==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
max-age=1200
x-goog-stored-content-length
40696
content-type
application/javascript; charset=UTF-8
accept-ranges
bytes
x-cache-hits
1546, 1
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		150 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9999486404371312
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
29e111f5157f6db8aa56f9949e8389ad3aaac0ff9b40d144041839e39d7edbc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/main/tw
Origin
https://reurl.cc
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:10 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52736
x-xss-protection
0
server
cafe
etag
15475326962719528326
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 14 Nov 2023 00:30:10 GMT
pixel.js
storage.reurl.cc/javascripts/ 		429 B
529 B 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.reurl.cc/javascripts/pixel.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.98.30 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
30.98.149.34.bc.googleusercontent.com
Software
/
Resource Hash
3050a5556edc5876cd83e63f15e56fe19cb428129345a58d1f57687414504698

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 22:46:09 GMT
via
1.1 google
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
age
6241
vary
Origin
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*, Authorization, X-Authorization
cache-control
public,max-age=28800
access-control-allow-credentials
true
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
429
x-request-id
6f8505e8-e993-45c4-a3a3-ddab22c4f515
ga2.js
storage.reurl.cc/javascripts/ 		536 B
631 B 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.reurl.cc/javascripts/ga2.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.98.30 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
30.98.149.34.bc.googleusercontent.com
Software
/
Resource Hash
16cf673198b29bb08e83f5d8f74182d97d9c6dfa729c60f90f6195e739de9d20

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 19:03:14 GMT
via
1.1 google
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
age
19616
vary
Origin
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*, Authorization, X-Authorization
cache-control
public,max-age=28800
access-control-allow-credentials
true
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
536
x-request-id
aa4d58aa-ffaf-4947-be68-913b556aa775
js
www.googletagmanager.com/gtag/ 		277 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
73c7b835eb22fe56030c51e53a6d60ffcc31e6d7321d2c8283fd4450502bd46a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:10 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93645
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 14 Nov 2023 00:30:10 GMT
clipboard.min.js
cdn.jsdelivr.net/gh/zenorocha/clipboard.js@v1.7.1/dist/
Redirect Chain
  • https://cdn.rawgit.com/zenorocha/clipboard.js/v1.7.1/dist/clipboard.min.js
  • https://cdn.jsdelivr.net/gh/zenorocha/clipboard.js@v1.7.1/dist/clipboard.min.js
11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/zenorocha/clipboard.js@v1.7.1/dist/clipboard.min.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol
H3
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0da7fc1ae23678b2872653962d147fcd1cbd0a5a9c8f84d44ae99bc581fd9062
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
320592
x-jsd-version
1.7.1
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230055-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"2aa5-qeaI8MJlRinRJjDbMhGpT3WiLLY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zh76we6QlaRyZjVNSRPkeg21RFyedFvRsIoaGLpBZknZIibxoFYaIUegW2id5RH06nYFNMjr%2FpXi%2F7OO66jgphTGtsdn5lEYScDCND5HYiezhoIJKlLLHGKHvI%2BD352FhWh031sij28l%2FZ5R2Hk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
825b24f61d921c79-FRA

Redirect headers

date
Tue, 14 Nov 2023 00:30:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cdn-edgestorageid
1080
age
63254
x-cache
MISS, HIT
cdn-cachedat
11/14/2023 00:30:10
cdn-pullzone
201235
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443", h3-29=":443", h3-27=":443"
content-length
113
x-served-by
cache-fra-etou8220021-FRA, cache-chi-kigq8000069-CHI
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
301
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
location
https://cdn.jsdelivr.net/gh/zenorocha/clipboard.js@v1.7.1/dist/clipboard.min.js
access-control-allow-origin
*
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
access-control-expose-headers
*
cache-control
public, max-age=2592000
cdn-cache
EXPIRED
cdn-requestid
40aa17e2ac5bb91e0c47bfcf0ea0f95a
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
301
cdn-requestpullsuccess
True
axios.min.js
cdnjs.cloudflare.com/ajax/libs/axios/0.19.0/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/axios/0.19.0/axios.min.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b52781951c70cc8a2ae2afdaac5d673c656c3be0f1c769fa6c1e9e4f5ed8d3b
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
413280
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4224
last-modified
Mon, 04 May 2020 16:06:02 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d6a-3580"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rZDiSZTCsCSIYsLGcjJBDJt1KkFPyZpor7psFakLJrloBoMzy%2FVIODauM28vyAhn460JVM27D1Pas6lBHWxxPDxltoSlD6aX1pNdfQhiG2mckx%2BkLf5qmSkU4NPI6Xb9C7it%2F9CNfuduPyL39qKPU%2FOZ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
825b24f4e8875c02-FRA
expires
Sun, 03 Nov 2024 00:30:10 GMT
sweetalert2.all.min.js
cdn.jsdelivr.net/npm/sweetalert2@9/dist/ 		66 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/sweetalert2@9/dist/sweetalert2.all.min.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cea8f5e200fcfc0e1d1b0797151f138faa548d850f9dde66a43424eb93f9450
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-jsd-version
9.17.4
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230123-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"1080d-uB5K/9b4efMtYCfkBM9HcldmPDk"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6TJ%2BvzzvDV1wT7OTam6ZuoI1r0UZkuULxM%2FkY38u8du94tKJnzVSf3RVKJvhzohVd0k%2B5Gqj%2FvWCOBh%2ByZlcC8wc%2BXWgnR8Sz6TnkJnUdcn6gUN%2FAEV%2BrDDbHYs3%2BZ5VHcGCegnpzLVkPzg2ivk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
825b24f46a3690e8-FRA
FileSaver.js
reurl.cc/javascripts/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/javascripts/FileSaver.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
5ad88988f5871797f8a6ae266d8cf7449aaaa85007064bf7fcc256abb80b39d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:10 GMT
content-encoding
gzip
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"63356adf-efa"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
expires
Wed, 13 Nov 2024 00:30:10 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		150 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
084b66d058a7471423c598dd8095baa9df556bc68ca17911fa181360c0c5148e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:10 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52757
x-xss-protection
0
server
cafe
etag
6259068926557981319
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 14 Nov 2023 00:30:10 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		102 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
72e78ede6ea1410d9a9f9ddb2fd655c9ac5283853118e72ba8dfe7f695c4e8f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:10 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31826
x-xss-protection
0
server
cafe
etag
319 / 19675 / m202311090101 / config-hash: 2459397958677358047
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 14 Nov 2023 00:30:10 GMT
jquery.min.js
cdn.jsdelivr.net/npm/jquery@3.4.1/dist/ 		86 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/jquery@3.4.1/dist/jquery.min.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
501653
x-jsd-version
3.4.1
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230100-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"15851-iFI5JDUbrAtdVg/gxXgeJVbnaT0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Fj5j3VuWwtIDzzj0FsD8PrzyKyz1m5bIEypNIU16BN36kMvs5Cq5hlvA4Iu%2B%2BvvqtucXZuHts2BfCwRq5MD3QoCec1qzh2hpoXNMY5BcJ7j85M7AYpZ%2Br0L%2BBEgcHEVHzUl3ZHOQmSyCfkvuLM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
825b24f339eb90e8-FRA
bootstrap.min.js
cdn.jsdelivr.net/npm/bootstrap@4.4.1/dist/js/ 		59 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@4.4.1/dist/js/bootstrap.min.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1201372
x-jsd-version
4.4.1
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230065-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"ea6a-s8EWxl5vBTqqtF5WGaeOwAJxpQ8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ZsCllVcqtWPM6rE%2BFee6dLYSiiLr%2B8w%2FIAcHT3AasrKw4nnpHmifSQ%2FEmoYl0285BeZ5wUWwii4AEBHLOKuG6Jq59mTe9FbEVLdbmoctRvA4K9cXayVn2zFwlKArGf6lzVfUVLiaKKZdLfb6gU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
825b24f339ea90e8-FRA
vue.min.js
cdn.jsdelivr.net/npm/vue@2.5.16/dist/ 		84 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/vue@2.5.16/dist/vue.min.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
161535
x-jsd-version
2.5.16
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230106-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"151b4-KLsckeN7U/TrtIzkgtzLJAAD4Hg"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g%2Frj9WX%2B0ZtCdEXuH5vXyxT%2BsOHLvdhOhuAfb1w2F97WOQdFm%2Bu6lsCBPt2LxQtnyDtODwAze3o82tYO7Ovm7eRsgJXk4TZ6i07OByA6TivrxubASJ6wL5iACBL9raThBpDfO6eq57RiVcmrrSo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
825b24f339ec90e8-FRA
vue-qrcode.min.js
reurl.cc/javascripts/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/javascripts/vue-qrcode.min.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
0165c15a2bedf362f02f1dd1835b5c625faa48d7c0807de80cc4dd3ca40de809

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:10 GMT
content-encoding
gzip
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"63356adf-46e9"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
expires
Wed, 13 Nov 2024 00:30:10 GMT
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=explicit
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
2ef51c9964d695f70064527941258a28c78c6e74ead2898ed97fab9c2f0b1cca
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Tue, 14 Nov 2023 00:30:10 GMT
main.js
reurl.cc/javascripts/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/javascripts/main.js?v=16
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
7ad443ebb19fd107858ac4944e5cba2defd6e71f60e105d517a6f02ce2b50ba7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:10 GMT
content-encoding
gzip
last-modified
Tue, 18 Jul 2023 14:36:00 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"64b6a350-bf4"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
expires
Wed, 13 Nov 2024 00:30:10 GMT
renews.js
storage.reurl.cc/javascripts/ 		412 B
404 B 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.reurl.cc/javascripts/renews.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.98.30 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
30.98.149.34.bc.googleusercontent.com
Software
/
Resource Hash
52bb2d07b65ec544edeb2a33f4103397a28f036f0d100090f3e17e4364aea1fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 21:57:12 GMT
content-encoding
gzip
via
1.1 google
age
9178
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
286
x-request-id
ced3de94-d3fb-43b2-b102-cf80e0a39f28
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*, Authorization, X-Authorization
cache-control
public,max-age=28800
access-control-allow-credentials
true
accept-ranges
bytes
recaptcha__de.js
www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/ 		470 KB
189 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7da2c78aebbd6e2db645e5b97424ed43196e116ef824980565996bdc513550a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/main/tw
Origin
https://reurl.cc
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 22:30:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7173
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
192495
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 03:03:27 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 12 Nov 2024 22:30:37 GMT
feeds
storage.re-news.tw/ 		7 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://storage.re-news.tw/feeds
Requested by
Host: storage.reurl.cc
URL: https://storage.reurl.cc/javascripts/renews.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.196.223 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
223.196.244.35.bc.googleusercontent.com
Software
/ Express
Resource Hash
3f352d99570c28d81e952f0ee25c39dafab4e3922a2580fe044cfe01db38ab26

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:11 GMT
via
1.1 google
x-powered-by
Express
etag
W/"1b27-t4rrcmRWXdnSUZP0ayZVBZZwJdU"
vary
Origin
content-type
text/html; charset=utf-8
access-control-allow-origin
https://reurl.cc
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6951
page.php
www.facebook.com/plugins/ Frame E7A0 		89 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f09be930447af6bbff6ea23dce23ee0dc302ce038770481d2674e9247c5c7710
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/main/tw
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Tue, 14 Nov 2023 00:30:10 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
dbVcVNAz+yhHP5e62efKcChPfvcNt9Wvyy+NXlcc92BBwGlS7s2gU/drfE4TYms68DVjlsOW1wXP2byeerAQKw==
x-xss-protection
0
fbevents.js
connect.facebook.net/en_US/ 		202 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: storage.reurl.cc
URL: https://storage.reurl.cc/javascripts/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 14 Nov 2023 00:30:10 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
46Tm98Ml16ddORbtX6/DlZzlYNATVNlkxv35VtrNMR5evhmQJJbKHU3al+ppDfA0hwoS3F50HPM6puIvWm5xVA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: storage.reurl.cc
URL: https://storage.reurl.cc/javascripts/ga2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 13 Nov 2023 23:51:30 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
2320
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 14 Nov 2023 01:51:30 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311060101/ 		400 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9999486404371312&plah=reurl.cc
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9999486404371312
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fd545b920599d2b5b2ec1dccca5a4b3f384e3a8d33fe2d898b3a0e84f7e4515a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:10 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138693
x-xss-protection
0
server
cafe
etag
7764183935864681430
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 14 Nov 2023 00:30:10 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231108/r20190131/ Frame D264 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231108/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9999486404371312
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/main/tw
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
37324
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4118
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 13 Nov 2023 14:08:06 GMT
etag
16674218716276178799
expires
Mon, 27 Nov 2023 14:08:06 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/ 		429 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 23:17:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
4354
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137535
x-xss-protection
0
server
cafe
etag
18342593356503948095
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 12 Nov 2024 23:17:36 GMT
collect
region1.analytics.google.com/g/ 		0
249 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-N394QBRGC0&gtm=45je3b81v897965293&_p=1699921810606&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1007361067.1699921811&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1699921810&sct=1&seg=0&dl=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2380
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 00:30:11 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
47 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-N394QBRGC0&cid=1007361067.1699921811&gtm=45je3b81v897965293&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 00:30:11 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-N394QBRGC0&cid=1007361067.1699921811&gtm=45je3b81v897965293&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1968412131
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 00:30:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=785448938&t=pageview&_s=1&dl=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&ul=en-us&de=UTF-8&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IADAAEABAAAAACAAI~&jid=1474455214&gjid=148219364&cid=1007361067.1699921811&tid=UA-102456694-1&_gid=540399222.1699921811&_r=1&_slc=1&z=1529439773
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://reurl.cc/main/tw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 00:30:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=785448938&t=event&_s=2&dl=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&ul=en-us&de=UTF-8&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=pause&ea=0&el=ODAuMjU1LjcuMTAz&ev=1&_u=IADAAEABAAAAACAAI~&jid=&gjid=&cid=1007361067.1699921811&tid=UA-102456694-1&_gid=540399222.1699921811&z=181866065
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Nov 2023 04:04:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
73532
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
GSwcapvLrEq.css
static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/ Frame E7A0 		20 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
13e64e2153618f475e94e0e85fa68c9ce910cfc9b24ca9d44fa546a7d2020a24
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:11 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
xXCq6/qryia0kWXvm23HIA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5237
reporting-endpoints
x-fb-debug
6RDj41HhdM/gkvFxnIai/qbpb5ibUOOxbqE+6Lso65xGtFQKaudTds8HWsAjc2OFgbaitBbbaKL9Q41d+ElIlw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Fri, 08 Nov 2024 03:44:30 GMT
bTO-cfqG5Ff.css
static.xx.fbcdn.net/rsrc.php/v3/yH/l/0,cross/ Frame E7A0 		33 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yH/l/0,cross/bTO-cfqG5Ff.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a1f14dbba4a024c805fd35a6b7c26a2c588a573e016823d0145607a742015ee6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:11 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
QYhvFc0da/sHoy5YvJWcdQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6381
reporting-endpoints
x-fb-debug
dNmmqtfbti9HG+s9WBg0ZEc3fwOUh1/JZVvCXpw9D4G0WxOyRtKAt5YuzKE9vvR1nj29zQRJsC3RFWuiqsC02w==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Thu, 07 Nov 2024 19:03:20 GMT
HeMvjWnWHgx.css
static.xx.fbcdn.net/rsrc.php/v3/y-/l/0,cross/ Frame E7A0 		21 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y-/l/0,cross/HeMvjWnWHgx.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a0ca3dda62ca775febb7bb6dfc425136e86934e149e63ef82df5263eb886e4a6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:11 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
me5sXNyoIZ1Xxlwpdfy9LA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4937
reporting-endpoints
x-fb-debug
rbZjNX0QPP9U3F9xRzmg80uINuoL8Zo2eYYhiNZM5ghYLM1A+R2B4CMBPEdwEZIGUIggiFrMebFpWRJWZnhPPQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Thu, 31 Oct 2024 17:26:33 GMT
OWR-hjvxarf.js
static.xx.fbcdn.net/rsrc.php/v3/yk/r/ Frame E7A0 		351 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yk/r/OWR-hjvxarf.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9bf7a78aee25831462944d12274fa09185d53bb0dae8de5a6cd67e67cad9c8ee
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:11 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
m78wWUEJs1wZw2zS4xrmTg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
93021
reporting-endpoints
x-fb-debug
kLqOCtQ/90l8KXhyTCCdCeyza669eOyVtu0Em1TQQjSPxzjgKWQJCCu135Fq5oqNZOztKRPOQSZ0Ydm7x01tSA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Fri, 08 Nov 2024 16:44:31 GMT
SfyIUC2I9Aj.js
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame E7A0 		94 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/SfyIUC2I9Aj.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
39d446fc3fb117c98b8f8a3b71487ff7f11be7ac8833dee8d8e5f8d86d73e6a4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:11 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
nHLblE/U7xLq+FAl9ULeuw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27429
reporting-endpoints
x-fb-debug
dmx9ZahKBytmk8/M25vh1T5ZOlxuzS9ovpavHlWFbGndL2TE4zegnuhuQfd3+Z7Mj9TpBn2ciX2qNgWfOKz+wA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Fri, 01 Nov 2024 23:52:18 GMT
tbb6w30TkDN.js
static.xx.fbcdn.net/rsrc.php/v3/yz/r/ Frame E7A0 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/tbb6w30TkDN.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
baa47cb028f5878356baacb8c2760dbc85b3695c4fe1c346e26b4b978eb0100f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:11 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
HCL+u+2LMSrM7ELnarU2bQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2226
reporting-endpoints
x-fb-debug
8rAJ0MfEZmKayTDQ+CCZJiJXqIKk2liS/I5AtGPaDe3eh0zn/K9MjjfvDVtJHiinVmd7T4kk4+yAR8wg2dRiTw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Thu, 31 Oct 2024 18:44:31 GMT
HnHQr2HkQaG.js
static.xx.fbcdn.net/rsrc.php/v3/yr/r/ Frame E7A0 		52 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yr/r/HnHQr2HkQaG.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5226f0c1cb4086dbf80f23302f95c797ac20de1d386df35475fdad398487de5b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:11 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
Tg8Xo/JsB0m0irfihJp3/w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
14758
reporting-endpoints
x-fb-debug
f8nXnjRrCTT7NZJy0E4Le4AKyNL6ApaFbdOvbP7d8VfPyOUcLCPbNMFbIYn1yWZALpFziGChK+IxKOjolBs61g==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Tue, 12 Nov 2024 14:15:15 GMT
JJoNW1IZ7Cg.js
static.xx.fbcdn.net/rsrc.php/v3iAxA4/yg/l/de_DE/ Frame E7A0 		102 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iAxA4/yg/l/de_DE/JJoNW1IZ7Cg.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
80b37dddaa8871f85ffc188bd3afce855b66aa4ce23e7cb07c4eee6e0c31d77f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:11 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
/UKLuO0CGbUFRborFP/1tw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
30020
reporting-endpoints
x-fb-debug
hnPyAUBfu18hTJlyh6SGarTT4P/jfDBYLzbN9pJTS4RwZXFIrLVEGto8cs6Y1fAyqA8RkwNrRI1tPFW/21fLnQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Tue, 12 Nov 2024 20:03:39 GMT
p55HfXW__mM.js
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame E7A0 		507 B
691 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:11 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
L5E9gSgR735vyjAzTFly4g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
293
reporting-endpoints
x-fb-debug
4S3AVfYm0ZkyJNYraZxHnzJh/F8nstjdJyP7RCKzXYf29IRXw/Slw0FtdfbC8dQq3m7m8QeoAM+zq9YEPNpg/Q==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Wed, 30 Oct 2024 00:54:30 GMT
kPHy2i2LgY-.js
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame E7A0 		208 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/kPHy2i2LgY-.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d53564927a9df8cb75782a1d760ea4465adbe62a6e5cce8d85774ee3311a21f3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:11 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
K3UAHvVXxB9AKyMl5+bXXA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
61016
reporting-endpoints
x-fb-debug
tLEtDKDtNI6dPK4J+TnCeaxDtahdDQeeXy6mO3eSNCfQ5BhzaI83u6l/oWggW/E8g9bvaSBvoki9D1SrsJmfbQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 09 Nov 2024 21:52:27 GMT
fTu1JKT1-Jm.js
static.xx.fbcdn.net/rsrc.php/v3iLNf4/y6/l/de_DE/ Frame E7A0 		28 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iLNf4/y6/l/de_DE/fTu1JKT1-Jm.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
67082e98d79aa4792e6599bed6131d0510af19d36b0f95c48f9396801de9a428
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:11 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
yhxs5Ax00bryOrII60WqRg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
7699
reporting-endpoints
x-fb-debug
xGXyYzn32SLnb1liTfg9DU8c+EiDAZL2K5coyvlEL8yBsT+yLiki1E3zEGL+1AH7bq92h8ATSaL9ACyEcCGxBA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Thu, 31 Oct 2024 17:55:50 GMT
TVm1Syeaa9m.js
static.xx.fbcdn.net/rsrc.php/v3izqU4/yL/l/de_DE/ Frame E7A0 		340 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3izqU4/yL/l/de_DE/TVm1Syeaa9m.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f82a282830621fb7fdc3d1f8793e016dbdedb75da94c52eabbf33036ff69de16
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:11 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
coBhcYsVkMA7pwE3i85MIw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
82538
reporting-endpoints
x-fb-debug
4wd2XizB4PYB8k8KDjK1pKcoYPf3paDZsBs+ZlwUNjBB8pQzTozqMsFvwDNR8JneBfqgCA3ULfij+PvFjP+irQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 09 Nov 2024 03:59:37 GMT
nwhpch9xejL.js
static.xx.fbcdn.net/rsrc.php/v3iUWb4/yQ/l/de_DE/ Frame E7A0 		395 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iUWb4/yQ/l/de_DE/nwhpch9xejL.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b23ac362567cca60783ea53b670e4c1b89b7681ca3bc412aa1a627b59bd7bb1a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:11 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
wZ/pt34wLkRkhU9ahdYEGw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
95392
reporting-endpoints
x-fb-debug
QLSloIMqjk0lm7KpjYGaJbQuSlI6S6Y/yaFHwEDO5QxEtCJYHbE8Oc5tjEGG34aRDIgqmqmERZ9z/5Qavcc7yQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sun, 10 Nov 2024 06:20:52 GMT
q16gD0J0RNR.js
static.xx.fbcdn.net/rsrc.php/v3/yJ/r/ Frame E7A0 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yJ/r/q16gD0J0RNR.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
29153c60b594167ed55c3d2c1bb3e430b98d14f38216694703feaeda56a797ca
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:11 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
gSJnBGvNmBINvpOPpzdGOw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4807
reporting-endpoints
x-fb-debug
ao8jDlyvyKB5xfgtre327wDWqtGaa3tJRmgrl1WaJNGwdnTHlYPeQCQKyHFue4HNoo9aAV7g/I/v1xeSnjdkMQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 09 Nov 2024 18:35:28 GMT
-WekVUQX5lU.js
static.xx.fbcdn.net/rsrc.php/v3iUY_4/y7/l/de_DE/ Frame E7A0 		45 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iUY_4/y7/l/de_DE/-WekVUQX5lU.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
bb9297a72403105c23970666e8496459900c88d46145f542b2dec778833d4f03
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:11 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
kTBZssL+fZJmTObtIf0kkA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
14235
reporting-endpoints
x-fb-debug
pjWuQTC+TCDBUubaj8zGRTivgJK+yi4e90sPX8cDXd+uorZeyzRFE1eVHoAPXK+ajQ5eKLeViv/9fH0a8qHl8g==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Tue, 12 Nov 2024 16:44:12 GMT
HzxD9aAXSyD.js
static.xx.fbcdn.net/rsrc.php/v3/yV/r/ Frame E7A0 		55 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yV/r/HzxD9aAXSyD.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c7d5594f3a599ccd0b1a336bb68a24d59882f394bb0b9c9a29c5200cd2b48468
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:11 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
oRcNmPqvdkv3ysBSBC5rSQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
15157
reporting-endpoints
x-fb-debug
MBvhnsZDSeQq1TZ7Bql26AJc1cgIPmpJXtC/fnhtQuoEHUhFCcFPv3s3/o5SVM2DorHYzYFWAT4hFvbSUPWE6A==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Fri, 01 Nov 2024 22:36:05 GMT
325141786_6140032619364934_7377705774471631398_n.jpg
scontent.xx.fbcdn.net/v/t39.30808-6/ Frame E7A0 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent.xx.fbcdn.net/v/t39.30808-6/325141786_6140032619364934_7377705774471631398_n.jpg?stp=dst-jpg_s350x350&_nc_cat=104&ccb=1-7&_nc_sid=5f2048&_nc_ohc=WuaC0d7w-RwAX8d9ngW&_nc_ht=scontent.xx&edm=ADwHzz8EAAAA&oh=00_AfC5tIhCc7kO9474NDPnoWLBciAKN-XUZy8sBZtymMfAlw&oe=6557E745
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0912eb76845cca43ec976e9bc886ca3f240697afb98c9ec95ec6c34fa32a8a71

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:11 GMT
x-storage-error-category
dfs:none;sc_p:200:WSE_NOT_SET
last-modified
Fri, 13 Jan 2023 04:15:10 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=1433450679
thrift_fmhk
GBAf8Y7W1uwXDeZGbqsbHpGMFfDr4Z0EAA==
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
2910780274
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
16853
305964663_450890893727816_1742559653774706626_n.jpg
scontent.xx.fbcdn.net/v/t39.30808-1/ Frame E7A0 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent.xx.fbcdn.net/v/t39.30808-1/305964663_450890893727816_1742559653774706626_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=110&ccb=1-7&_nc_sid=5f2048&_nc_ohc=c4_q1LwrwUAAX9dWqU-&_nc_ht=scontent.xx&edm=ADwHzz8EAAAA&oh=00_AfASYUue2lAn7mzoq_zP8PtHsc3pnapiswRmqMciqd-OQA&oe=6558A115
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4636fb9df5ae103fbad3764c9f98400be1c9384cbe77fdb6951b96adcac788b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:11 GMT
x-storage-error-category
dfs:none;sc_p:200:WSE_NOT_SET
last-modified
Thu, 08 Sep 2022 19:16:03 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=2540016234
thrift_fmhk
GBBMtGstfQNOB8to32eGDixSFfDr4Z0EAA==
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
88386505
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
1345
priority
u=3,i
ads
googleads.g.doubleclick.net/pagead/ Frame C911 		603 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9999486404371312&output=html&adk=1812271804&adf=3025194257&lmt=1699921811&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x810_l%7C212x810_r&format=0x0&url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699921810744&bpp=3&bdt=575&idt=256&shv=r20231108&mjsv=m202311060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7235746648988&frm=20&pv=2&ga_vid=1007361067.1699921811&ga_sid=1699921811&ga_hid=785448938&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795922%2C44807464%2C31078301%2C44807406%2C44807753%2C44806141%2C44807763%2C44808148%2C44808285%2C21065725&oid=2&pvsid=1948896639116033&tmod=2067395196&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=275
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9999486404371312&plah=reurl.cc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/main/tw
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 14 Nov 2023 00:30:11 GMT
expires
Tue, 14 Nov 2023 00:30:11 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=NAV&cls=navbar%20navbar-expand-lg%20navbar-dark%20bg-reurl%20fixed-top%20nav-no-padding&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 00:30:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1675200226052423
connect.facebook.net/signals/config/ 		126 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1675200226052423?v=2.9.138&r=stable&domain=reurl.cc
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d3870b8eb9c163df41da9404ff99806a385c846d10ecd6bb404beda59470adc8
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 14 Nov 2023 00:30:11 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
k5PsO9gazi21dHGT0fpEaPk9tlWWOIjmrR8IpYPthiDSqgq4zp3McHa6NAyZO/MP0b/AC16SihPDdkLCIjSBWw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-102456694-1&cid=1007361067.1699921811&jid=1474455214&gjid=148219364&_gid=540399222.1699921811&_u=IADAAEAAAAAAACAAI~&z=121003696
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://reurl.cc/main/tw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 14 Nov 2023 00:30:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.ids.js
static.criteo.net/js/ld/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:11 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
etag
W/"653b5c0e-a9a7"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 15 Nov 2023 00:30:11 GMT
ob.js
cdn-ima.33across.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ob.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:11 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 30 Oct 2023 20:31:13 GMT
server
cloudflare
age
256701
etag
W/"65401291-2b7d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
825b24f82fd619b3-FRA
expires
Fri, 17 Nov 2023 00:30:11 GMT
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 17:40:12 GMT
content-encoding
gzip
age
24599
x-guploader-uploadid
ABPtcPrYakBZZUaYUT2Aa4NoJoJQZRP6-ODG4Mlhh8MKCLApMvJzlaEJN2z8T9SAscKxSRsWb_zHAvxtH2n8WvZ8c-eAXA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Tue, 12 Nov 2024 17:40:12 GMT
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:11 GMT
via
1.1 google, 1.1 google
last-modified
Thu, 03 Aug 2023 03:28:51 GMT
server
Google Frontend
etag
fc4e6bfe266081c4873c6f08c8298e5c
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
1ec6e32bab69ab31f54b020ec97ba35b
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1207
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-122.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 16:25:56 GMT
content-encoding
gzip
via
1.1 547a50460a0cda7ae3dafb1c0b6d0e1a.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
29056
x-amz-server-side-encryption
AES256
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
h6G8ekV-j7FwRv49xsEYGL4uti_SP0mMsGadoP4NiFyv-vrInr49ew==
ads
securepubads.g.doubleclick.net/gampad/ 		29 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1948896639116033&correlator=4007357413943225&eid=31078017%2C31079527%2C21065725&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fifs&iu_parts=128002626%2CGPT_%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8reurl%2C13858%2C13860&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3&prev_iu_szs=300x250%2C300x250&ifi=2&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1699921811095&lmt=1699921811&adxs=245%2C815&adys=320%2C320&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&vis=1&psz=570x250%7C570x250&msz=540x250%7C540x250&fws=0%2C0&ohw=0%2C0&ga_vid=1007361067.1699921811&ga_sid=1699921811&ga_hid=785448938&ga_fc=true&dlt=1699921810169&idt=889&cust_params=url%3D%252Fmain%252Ftw%26ref%3Dnull&adks=2988576075%2C3475397127&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1bee388c13b47b1eb689659a0069a14e157753398b86a1b11933e3ace8deb92a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:11 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12552
x-xss-protection
0
google-lineitem-id
6298577756,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138432370208,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
712cbcb39354d81d29ccd65183f99df2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CC6D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://712cbcb39354d81d29ccd65183f99df2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/main/tw
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 14 Nov 2023 00:30:11 GMT
expires
Wed, 13 Nov 2024 00:30:11 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
anchor
www.google.com/recaptcha/api2/ Frame AD18 		60 KB
34 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldi8TIUAAAAAJun3UxUGrHA2YVhQjVZ7URvPSc9&co=aHR0cHM6Ly9yZXVybC5jYzo0NDM.&hl=de&v=fGZmEzpfeSeqDJiApS_XZ4Y2&size=invisible&cb=5g2gollgv6v4
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/recaptcha__de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
503a774bf20bd3971bbd7fc68f61f36d22ec220c0e76740634ea69e598de8d6d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-MdtbEdUk04n6MugV7yseCw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://reurl.cc/main/tw
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-MdtbEdUk04n6MugV7yseCw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 14 Nov 2023 00:30:11 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1948896639116033&correlator=4007357413943225&eid=31078017%2C31079527%2C21065725&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fifs&iu_parts=21787810958%2CTW_reurl.cc_res_all_truvid_1x1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280%7C1x1&ifi=4&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1699921811194&lmt=1699921811&adxs=1353&adys=1197&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&vis=1&psz=195x-1&msz=195x-1&fws=512&ohw=0&ga_vid=1007361067.1699921811&ga_sid=1699921811&ga_hid=785448938&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYk63x2bwxSABSAghkEhsKDDMzYWNyb3NzLmNvbRiTrfHZvDFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Yk63x2bwxSABSAghkEhcKCHJ0YmhvdXNlGJOt8dm8MUgAUgIIZBIUCgVvcGVueBiTrfHZvDFIAFICCGQ.&dlt=1699921810169&idt=889&cust_params=url%3D%252Fmain%252Ftw%26ref%3Dnull&adks=3261691140&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e1d1649412fe22c67266784bef13ad9d6658505a83a1a1cc81f555807bd403b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:11 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12363
x-xss-protection
0
google-lineitem-id
6263003938
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138428653768
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1675200226052423&ev=PageView&dl=https%3A%2F%2Freurl.cc&rl=&if=false&ts=1699921811222&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4124&fbp=fb.1.1699921811218.162351090&cs_est=true&pm=1&hrl=a85079&ler=empty&it=1699921811033&coo=false&cs_cc=1&rqm=GET
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 14 Nov 2023 00:30:11 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
ga-audiences
www.google.com/ads/ 		42 B
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-102456694-1&cid=1007361067.1699921811&jid=1474455214&_u=IADAAEAAAAAAACAAI~&z=1833192900
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 00:30:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-102456694-1&cid=1007361067.1699921811&jid=1474455214&_u=IADAAEAAAAAAACAAI~&z=1833192900
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 00:30:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/ Frame AD18 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldi8TIUAAAAAJun3UxUGrHA2YVhQjVZ7URvPSc9&co=aHR0cHM6Ly9yZXVybC5jYzo0NDM.&hl=de&v=fGZmEzpfeSeqDJiApS_XZ4Y2&size=invisible&cb=5g2gollgv6v4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 21:52:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9449
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 03:03:27 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 12 Nov 2024 21:52:42 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/ Frame AD18 		470 KB
188 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldi8TIUAAAAAJun3UxUGrHA2YVhQjVZ7URvPSc9&co=aHR0cHM6Ly9yZXVybC5jYzo0NDM.&hl=de&v=fGZmEzpfeSeqDJiApS_XZ4Y2&size=invisible&cb=5g2gollgv6v4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7da2c78aebbd6e2db645e5b97424ed43196e116ef824980565996bdc513550a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 22:30:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7174
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
192495
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 03:03:27 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 12 Nov 2024 22:30:37 GMT
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&rid=esp&cc=1
85 B
203 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&rid=esp&cc=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol
H2
Server
34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
53.135.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
80056dd737175ce31fe366e66e4d6ed6d0cf38425fc8fc478791b894c2091480

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:12 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-i54hmJDIuUJ3+pvzmCgd9B/bWu4"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Tue, 14 Nov 2023 00:30:11 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://reurl.cc
location
/esp?url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
map
bcp.crwdcntrl.net/6/ 		60 B
329 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.167.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-167-29.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
ca01e71d19cac479f63dbe05af40eccbb1876a181144f20b379b2b3a0f28cf18

Request headers

Referer
https://reurl.cc/main/tw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 00:30:11 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://reurl.cc
cache-control
no-cache
x-server
10.45.0.173
access-control-allow-credentials
true
content-length
60
expires
0
syncframe
gum.criteo.com/ Frame 1589 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=reurl.cc
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/main/tw
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 14 Nov 2023 00:30:11 GMT
server
Kestrel
server-processing-duration-in-ticks
288847
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
view
securepubads.g.doubleclick.net/pcs/ Frame D592 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuCJL6W24VOKzWG64eZrV651yBYvzkDeoyY4nxcUDyYL2BJ9JxWR82FpHFfEG34AddqGPYz4ffngGIsco7yhk-q6j5Ta2rOXoCQMhwRA2tMyAOZ4wTZA1M31EAVlbJpsSS8oapIkxS8vC3KJWSl-NHU3UndmEmDP7In3k3ZQkZ8adHdXvoGw15EUUscBCZMhm5QGcf02hwrUDO6RKPqbc8CAiNSNKG64_OJyRwLFgzjqTOoIc_SS6VxLfdt8mpD7n5NpAbeTT9d_9GfttNeyrBX5Vd3PRU400tqBBjQsTgD1JBUR4XDJwR2ji_OZlfKIGOu2cxBVOYMenEZEsgBL43vV9eD9Yn4CWq5c8dvJ1TBR9RsUCLRGkw9sLmDOPUbNtI&sai=AMfl-YTEJ7pL1JPcYyIYknnrT_egNtITnUAJfR8UIVxtlUU9RYes53EyTRC3I46X7dsFVXnXtV2i5fRd9wQ-07MrVBmd7se2jPz4ldt4_FpL_LWN-NB1ptFeMZ_S3XEXKYVOgKJ40u-_nAKVwHxcmWpLcTc&sig=Cg0ArKJSzDKK37RW512aEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 14 Nov 2023 00:30:11 GMT
init.js
cdn.holmesmind.com/js/ Frame D592 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:4600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d66d050c1353eca80d839d1a923cc17dfa16e8c6269071a616913e6c48d527cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id
VshDKnuHeNiMt59J2StfAXgq2H_4k9s3
date
Tue, 14 Nov 2023 00:30:11 GMT
via
1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
last-modified
Thu, 26 Oct 2023 07:42:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
30
x-amz-server-side-encryption
AES256
etag
"12ca9b8d762245204824a3562038d0e1"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
9645
x-amz-cf-id
K2ZjN4oOS3mooGUES1IUtQTgVZGV3ImezLRrSQeJIKp2o-ekYczBjA==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D592 		192 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
679387c2f15182819b17e9f3aec3cb611bbf474b3797f72a96a4f9bb439508ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61843
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699570296391874"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 14 Nov 2023 00:30:11 GMT
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-N394QBRGC0&gtm=45je3b81v897965293&_p=1699921810606&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1007361067.1699921811&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1699921810&sct=1&seg=0&dl=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&en=scroll&epn.percent_scrolled=90&_et=51&tfd=2956
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 00:30:11 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
UXtr_j2Fwe-.png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame E7A0 		573 B
708 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:11 GMT
x-content-type-options
nosniff
content-md5
07aG/2AEtDHVAZ5LUajMDQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
573
reporting-endpoints
x-fb-debug
VzmT9O6or1upMd7K2TlLC2M1Y2syxroPwsFpP7RiRxjJjbwmzgWQAsGCn6cNXn348OaCDQXWdc0BzVX5JXjVlA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Wed, 30 Oct 2024 00:49:49 GMT
/
www.facebook.com/platform/plugin/tab/renderer/ Frame E7A0 		90 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/platform/plugin/tab/renderer/?key=timeline&config_json=%7B%22app_id%22%3A%22776730922422337%22%2C%22href%22%3A%22https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F%22%2C%22width%22%3A340%2C%22height%22%3A500%2C%22has_cta%22%3Atrue%2C%22has_small_header%22%3Afalse%2C%22has_adapt_container_width%22%3Atrue%2C%22has_cover%22%3Atrue%2C%22has_posts%22%3Afalse%2C%22tabs%22%3A%22timeline%22%2C%22can_personalize%22%3Afalse%2C%22is_xfbml%22%3Afalse%2C%22referer_uri%22%3A%22https%3A%2F%2Freurl.cc%2F--redacted--%2F%22%7D&fb_dtsg_ag&__user=0&__a=1&__req=1&__hs=19675.BP%3Aplugin_default_pkg.2.0..0.0&dpr=1&__ccg=EXCELLENT&__rev=1009868551&__s=%3A%3Aja7uoa&__hsi=7301108581444530173&__dyn=7xeUmxa13xu1syUbAihwRwqo98nwgU5Gex-ewSwMwNw8OdwJwvE3vx61cw9y0Ko2_CwjE3awbG78b87C1xwEwlU-0nS4o5-0ha2l2Utw78waOfwbK0RE5a1qw8W1uwa-7U1bo6i6811E2ZwrU6C0L836w5Kw&__csr=&__sp=1
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iAxA4/yg/l/de_DE/JJoNW1IZ7Cg.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6a9063ae02774e12a558214f2693e25c1b114826ca1875ab4a5ebbc6c37b6b92
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

X-FB-LSD
ZXqJGEbVeLPb30KKRvYs-y
Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
X-ASBD-ID
129477
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 14 Nov 2023 00:30:11 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma
no-cache
x-fb-debug
gn9OuHFzEkXmz9Kprk/WEqEa+Vfu10KM2bIuhCdVriml02tM03mbnXSjvCxAW/zH0ViLDbZNti+oRtZ2hpWGbA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-cache, no-store, must-revalidate
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
priority
u=1,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/platform/plugin/page/logging/ Frame E7A0 		873 B
611 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/platform/plugin/page/logging/
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iAxA4/yg/l/de_DE/JJoNW1IZ7Cg.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d0965efaf89d450c3a7fe584903fe8b87dcbf1e7a9a32028d4c77513d8e871be
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

X-FB-LSD
ZXqJGEbVeLPb30KKRvYs-y
Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
X-ASBD-ID
129477
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 14 Nov 2023 00:30:11 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma
no-cache
x-fb-debug
4vKcQ83ilyEAg6j7voyCAITpBkNNaMWHRH8bUrMNgLII7BceNC+W/lxpGOPXc/f+18W1DLNL3ajUeuyfwFkBhA==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-methods
OPTIONS
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
access-control-allow-credentials
true
vary
Origin, Accept-Encoding
priority
u=1,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/pages/call_to_action/fetch_dialog_data/ Frame E7A0 		873 B
599 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/pages/call_to_action/fetch_dialog_data/?id=136500184423162&surface=pagePlugin&unit_type=VIEWER
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iAxA4/yg/l/de_DE/JJoNW1IZ7Cg.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
61eb289cae69868d1c355989f903cfdb129b2407595b7051dbe54cfc1dbd3c42
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

X-FB-LSD
ZXqJGEbVeLPb30KKRvYs-y
Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
X-ASBD-ID
129477
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 14 Nov 2023 00:30:11 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma
no-cache
x-fb-debug
yac80NCsdg55VP9k3QHC007Aaj4fo4CJ/OCl/b5OvRc9i2nJ90QoxEmi9/k67UOJ2UJ4HmfloCbwXVmoJsmpYQ==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-methods
OPTIONS
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
access-control-allow-credentials
true
vary
Origin, Accept-Encoding
priority
u=1,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
1igfs7II_g6.png
static.xx.fbcdn.net/rsrc.php/v3/yd/r/ Frame E7A0 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yd/r/1igfs7II_g6.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yH/l/0,cross/bTO-cfqG5Ff.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e13547eec8879c9b576c2e06837303ad06ea15905d4eb075291ff21686a5b3da
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yH/l/0,cross/bTO-cfqG5Ff.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:11 GMT
x-content-type-options
nosniff
content-md5
Bsv/k/2TeJemYEeLUt4www==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
12027
reporting-endpoints
x-fb-debug
qvMwv5F0kTzaCzH5i+TNE1NZUqnoPeW4NACAF8YUQYVFkfU2UEcMEK6eD8p15+cl8Mo+7nca/XZ1GkTIcM4PGQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Thu, 07 Nov 2024 05:21:59 GMT
xgVgalBG80z.png
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ Frame E7A0 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/xgVgalBG80z.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:11 GMT
x-content-type-options
nosniff
content-md5
rB4cTW8WNZcBsFntToJGtA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1315
reporting-endpoints
x-fb-debug
ZL4/sHXcV43Cxlr+PhRTG/g/0Yq9oeiyCLXimQJvmGZgBznFLK1puQed3Bqy9VmsTetv8O9HLbUOMX76iET3bA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Fri, 08 Nov 2024 04:59:21 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 34F6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvpW8JFSqGvQ9uwVSlswDgfUf07JGP1Vu97NStXqIB722CGsNB50sd3vMLn5gcwC_42fLnVru-UmRgGSDQEwze7yrveDr7Fp3Di85tlU2BUf1aPpblUnXMx-XtJ6GALCnm312OXHxjTrieTzK43HsSybtChvUszIFApsfORUfs0nUtobvi7n3_QwQjx2DszblLdpDcTKTu0Nk6meLvjCdbeSa9uwcKfyIGeoQjzItvkFzSsfNfq1buzH_NMyT4cQ_JM7ux2jiGiuWr_L8piyC_U83ngiLPMe3ScPQDUU4PfsJT0jLdRq_lBUkH26A3OXeuZIBg2RKvuayws-d8umFla4L79GoHp1ErQBSToq9jRzNZo2kGSN02ru7TvHw&sai=AMfl-YTPe-1rhWit50509BuJj6B7nOGv8W9jwembhyY6C-APyXBzrfHcT4D8F5yoOkaD1qcSP1NmvWCwbZnvgjKRzO9NRz4rLh8Y4k9d6_riA58s7rwx2Tg2VIIZD-ZOCqOeJVObgMeDjxYfMZ3_T4kLCwI&sig=Cg0ArKJSzKrfa99b9HEHEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
7942.js
cnt.trvdp.com/js/1250/ Frame 34F6 		535 B
899 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cnt.trvdp.com/js/1250/7942.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-66.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7170dfc1482453f027cd78abc4d1a6f05f2dd7cfcb897b770aea8e1362a63507

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 24 Sep 2023 09:15:02 GMT
via
1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
last-modified
Tue, 18 Apr 2023 15:54:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
4374910
etag
"f229c3a6991d60be41be6d40e220701e"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
535
x-amz-cf-id
xfjNz9Voc4qm_XfsKcwQ-MQo39LmxXxwRh4EbMql2vBzg4jF9vpevw==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 34F6 		192 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
679387c2f15182819b17e9f3aec3cb611bbf474b3797f72a96a4f9bb439508ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61843
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699570296391874"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 14 Nov 2023 00:30:11 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame AD18 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 06:30:11 GMT
x-content-type-options
nosniff
age
151200
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Sun, 19 Nov 2023 06:30:11 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame AD18 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldi8TIUAAAAAJun3UxUGrHA2YVhQjVZ7URvPSc9&co=aHR0cHM6Ly9yZXVybC5jYzo0NDM.&hl=de&v=fGZmEzpfeSeqDJiApS_XZ4Y2&size=invisible&cb=5g2gollgv6v4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 02:58:03 GMT
x-content-type-options
nosniff
age
250328
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 10 Nov 2024 02:58:03 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame AD18 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldi8TIUAAAAAJun3UxUGrHA2YVhQjVZ7URvPSc9&co=aHR0cHM6Ly9yZXVybC5jYzo0NDM.&hl=de&v=fGZmEzpfeSeqDJiApS_XZ4Y2&size=invisible&cb=5g2gollgv6v4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 18:52:48 GMT
x-content-type-options
nosniff
age
279443
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Nov 2024 18:52:48 GMT
Zj4GuFghQl4.js
static.xx.fbcdn.net/rsrc.php/v3/yS/r/ Frame E7A0 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yS/r/Zj4GuFghQl4.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yk/r/OWR-hjvxarf.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d8c52fe5bb662564ab7edf0abe01a2202dcc36eaa71ce6a465cd64210c4eb2c0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:11 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
dBSAisRg2e2k/EbKxbTt7g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3450
reporting-endpoints
x-fb-debug
dja5ZKrB6eNxWaXzLKkdp9Ctic4shvxUf3XxAIWbDXH67rtdbJhC1SSMpdVlsnCxov4k6+am23bQ5u57Uazm4w==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Thu, 31 Oct 2024 00:25:01 GMT
1VjB4kbpON2.js
static.xx.fbcdn.net/rsrc.php/v3/y2/r/ Frame E7A0 		340 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y2/r/1VjB4kbpON2.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yk/r/OWR-hjvxarf.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
440b431e1cb78883e1afbeb37de130406aef2c1cbd16b399a7f4b3f7b097475d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:11 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
F0VVEyjQa0MmeHJwekxcUQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
74952
reporting-endpoints
x-fb-debug
KOjelu1vaE9hksbBIHTtxFqzY84n5iHx0VDpKoPttqPJkr/O8xzMbrLrcW/1U8jg+PUDPzwAC+3qtDpqHaxP0g==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Fri, 08 Nov 2024 17:35:35 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame AD18 		102 B
135 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=fGZmEzpfeSeqDJiApS_XZ4Y2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldi8TIUAAAAAJun3UxUGrHA2YVhQjVZ7URvPSc9&co=aHR0cHM6Ly9yZXVybC5jYzo0NDM.&hl=de&v=fGZmEzpfeSeqDJiApS_XZ4Y2&size=invisible&cb=5g2gollgv6v4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3772767ff67487697ff10935d55de63df2c7ee53435326b45577f86819e84c71
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldi8TIUAAAAAJun3UxUGrHA2YVhQjVZ7URvPSc9&co=aHR0cHM6Ly9yZXVybC5jYzo0NDM.&hl=de&v=fGZmEzpfeSeqDJiApS_XZ4Y2&size=invisible&cb=5g2gollgv6v4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Tue, 14 Nov 2023 00:30:11 GMT
ieeHDjcGsIR.js
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ Frame E7A0 		213 B
352 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/ieeHDjcGsIR.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yk/r/OWR-hjvxarf.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6480d194b98b9fc3e4589a44b7e54b81ad926722e5b6fb7cc236161e2c2e03ac
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:11 GMT
x-content-type-options
nosniff
content-md5
oSUZEsOZh+qyGbXjvLFs7Q==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
213
reporting-endpoints
x-fb-debug
DkM8wYberV9694Ue9rE40QHWcYmKC0bXUnLTtdGvfMd/D5G2dUdlJOTVK6SQA+o6On8Bm9F6LuZ8XSpETD63tQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=1
expires
Wed, 30 Oct 2024 04:03:39 GMT
7942.js
go.trvdp.com/init/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.trvdp.com/init/7942.js
Requested by
Host: cnt.trvdp.com
URL: https://cnt.trvdp.com/js/1250/7942.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-125.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
12eb9631172126e161c7840bcabe4b1cce3126f2d5f1ac3b164981eaf25dc8b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 12:44:06 GMT
via
1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
last-modified
Sat, 25 Mar 2023 08:02:02 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
age
9632767
etag
"cec9f63f120ca9bc6868582a79e6b514"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
binary/octet-stream
accept-ranges
bytes
content-length
5845
x-amz-cf-id
il_w8P_rpPF4A5AfVjjRNTcsc4KR945cXguXFkZReKcUphtf8Y6W1g==
/
www.facebook.com/login/ Frame E7A0 		0
0
/
www.facebook.com/login/ Frame E7A0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FCreditCards.com.tw%252F%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yk/r/OWR-hjvxarf.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 14 Nov 2023 00:30:11 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
pragma
no-cache
priority
u=0,i
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
ZD9h3MBrDAXVii91yqfs5zZsZgo2k86nyRlqPkKbQuQO7kb08THm8TSUj005ABFXJoF9HGuNgPDZUoB6PKzXeg==
x-frame-options
DENY
x-xss-protection
0
capmapping.htm
cdn.holmesmind.com/js/ Frame B896 		10 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:4600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
569cde2a2d9c46b8a90a8c4296aa45d9f52a146d7b075f9e5dba7fcc2f03ce2c

Request headers

Referer
https://reurl.cc/main/tw
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
5
content-length
9921
content-type
text/html
date
Tue, 14 Nov 2023 00:30:07 GMT
etag
"d9100a146ee339f43d0752ef9c998a0d"
last-modified
Tue, 17 Oct 2023 03:41:19 GMT
server
AmazonS3
via
1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
x-amz-cf-id
hIAy5mQfcXZFZ-vDrViO4CcfGZ_OUBRZOzL1bCljTxj4bwIJyqYqSw==
x-amz-cf-pop
FRA60-P2
x-amz-server-side-encryption
AES256
x-amz-version-id
TarNhskOd4wxrR7dgXgmC4vTJkUNVmiW
x-cache
Hit from cloudfront
presetfn.js
cdn.holmesmind.com/js/ Frame 690F 		12 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js?20230627
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:4600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5e5ccb934b7fb2d827c2eff1da9e850fa47f110cef1064c9bae41469ada55873

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id
CQNrIqVBPqnnI6BhOVwGt1RB0UHwohqJ
date
Tue, 14 Nov 2023 00:30:13 GMT
via
1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
last-modified
Tue, 07 Nov 2023 01:04:24 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
x-amz-server-side-encryption
AES256
etag
"0488690f87032d1d90b0072cd44d017d"
x-cache
RefreshHit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
12113
x-amz-cf-id
V88-ahpYi5Ci12nH631iAcBP_60zwrUaT22ZAEIxlYRYY4Qpa_Bfcg==
/
cm.lndata.com/ Frame B896 		35 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.lndata.com/?tid=4084&uid=media_cookie_id
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
116.50.36.71 , Taiwan, ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW),
Reverse DNS
Software
TornadoServer/1.2.1 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/gif
Date
Tue, 14 Nov 2023 00:30:18 GMT
Server
TornadoServer/1.2.1
Connection
keep-alive
Etag
"0f4e929dd5bb2564f7ab9c76338e04e292a42ace"
Content-Length
35
P3P
CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
fp
cm-dev-poc.holmesmind.com/ Frame 593D 		0
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm-dev-poc.holmesmind.com/fp
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.113.25.197 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-113-25-197.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 14 Nov 2023 00:30:15 GMT
server
nginx/1.18.0 (Ubuntu)
cm.php
fcm.holmesmind.com/ Frame C078 		332 B
482 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fcm.holmesmind.com/cm.php
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.67.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
231.67.95.34.bc.googleusercontent.com
Software
/
Resource Hash
8128514a9917b6dcdf20f7ee24d6b00a27b2a6aa0f971acb988f358f25ac4005

Request headers

Referer
https://cdn.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
content-type
text/html; charset=UTF-8
date
Tue, 14 Nov 2023 00:30:18 GMT
referrer-policy
no-referrer
cm.js
fcm2.holmesmind.com/ Frame B896 		409 B
632 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fcm2.holmesmind.com/cm.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.192.254.229 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-192-254-229.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c205c874491530a4288b8f643e5da8fbcf7c54bee71bb787f4444e77de90e821

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 14 Nov 2023 00:30:17 GMT
server
nginx/1.18.0 (Ubuntu)
content-type
application/javascript; charset=utf-8
utag.js
t.ssp.hinet.net/ Frame B896 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:17 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 03:58:03 GMT
server
nginx
etag
W/"63745fcb-142e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Tue, 14 Nov 2023 00:40:17 GMT
fp
cm-dev-poc.holmesmind.com/ Frame B896 		0
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm-dev-poc.holmesmind.com/fp
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.113.25.197 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-113-25-197.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:15 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
content-type
text/html; charset=UTF-8
cm
c.holmesmind.com/ Frame B896
Redirect Chain
  • https://c.holmesmind.com/cm
  • https://c.holmesmind.com/cm?tc=getIn&
0
507 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm?tc=getIn&
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Server
35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:15 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8

Redirect headers

location
https://c.holmesmind.com/cm?tc=getIn&
date
Tue, 14 Nov 2023 00:30:12 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
google
m.holmesmind.com/ml/ Frame B896
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=undefined&uu_m=undefined
  • https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESELpb7JO05wcuflV_fu8vspA&google_cver=1
0
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESELpb7JO05wcuflV_fu8vspA&google_cver=1
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Server
35.227.249.156 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
156.249.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:13 GMT
x-guploader-uploadid
ABPtcPpwJN09KokvmaySTwlrXgvwuoqs2c053BdFksMM7_5oCVFkBK7zpFZ2A8uH7G13uGsPHw6d_fWjmGS8WlDxvYyNrJ5PivT7
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
last-modified
Wed, 21 Feb 2018 07:36:41 GMT
server
UploadServer
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-goog-generation
1519198601160228
content-type
image/png
x-goog-hash
crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
cache-control
public, max-age=3600
x-goog-stored-content-length
0
accept-ranges
bytes
expires
Tue, 14 Nov 2023 01:30:13 GMT

Redirect headers

pragma
no-cache
date
Tue, 14 Nov 2023 00:30:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESELpb7JO05wcuflV_fu8vspA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
328
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sid
mug.criteo.com/ Frame 1589
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=reurl.cc&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=jZRbYXx6MDlkRTIwV1RJcmdKQXdvem93ejJiRVY1RC9hZFNSUVE2by9LWCtZWDFwRENuNlVBQVZQSjJEaEx0WW9VMUhFMFUydmFSUTBJcTloOUx1MnY5OSs2THVHTzFEcG53ZHJ5MUFqM2I3S2JQNjlqUG5neHNnVjZYaX...
417 B
649 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=jZRbYXx6MDlkRTIwV1RJcmdKQXdvem93ejJiRVY1RC9hZFNSUVE2by9LWCtZWDFwRENuNlVBQVZQSjJEaEx0WW9VMUhFMFUydmFSUTBJcTloOUx1MnY5OSs2THVHTzFEcG53ZHJ5MUFqM2I3S2JQNjlqUG5neHNnVjZYaXVHcDQ1ODVkSXA1NDRKRDdHbmZRTXJoUzR6VS9yVk91bWUzQTF4UnlyNGJIeVA4QUJGTU1sZG9NY2JIbFM1Y2ZkWWRUVTB3U2U1bnZMK3Zvb3ZmWHk2bFkzdmxqYmVNRVhyaVI2T0JGakxaaytMbS9sVVNGVTlzcTJWMW9oMFUwb2hrTzhNUzlnTkgzODFCT0g1aGxDcWd5VHNtclNaUT09fA&cppv=2
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
89580acfeb91e447cf2baf895923452c9468724331bfe2c40db3a843731fc654
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 00:30:11 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1310848
expires
0

Redirect headers

pragma
no-cache
date
Tue, 14 Nov 2023 00:30:11 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=jZRbYXx6MDlkRTIwV1RJcmdKQXdvem93ejJiRVY1RC9hZFNSUVE2by9LWCtZWDFwRENuNlVBQVZQSjJEaEx0WW9VMUhFMFUydmFSUTBJcTloOUx1MnY5OSs2THVHTzFEcG53ZHJ5MUFqM2I3S2JQNjlqUG5neHNnVjZYaXVHcDQ1ODVkSXA1NDRKRDdHbmZRTXJoUzR6VS9yVk91bWUzQTF4UnlyNGJIeVA4QUJGTU1sZG9NY2JIbFM1Y2ZkWWRUVTB3U2U1bnZMK3Zvb3ZmWHk2bFkzdmxqYmVNRVhyaVI2T0JGakxaaytMbS9sVVNGVTlzcTJWMW9oMFUwb2hrTzhNUzlnTkgzODFCT0g1aGxDcWd5VHNtclNaUT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
263606
content-length
0
expires
0
truncated
/ Frame D592 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
612d42439895e1c36809be63be5f032e857507cba763ba7daebd9d4a827c6a99

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
sWQ2_2ddXFW.css
static.xx.fbcdn.net/rsrc.php/v3/yU/l/0,cross/ Frame E7A0 		0
0
truncated
/ Frame E7A0 		2 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fb4a1ce6dfcba35211052403191f739a43aafef3ebab7af5e3866d02da0e60fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
text/css;charset=utf-8
JpAL-DGp_eM.css
static.xx.fbcdn.net/rsrc.php/v3/y_/l/0,cross/ Frame E7A0 		0
0
znkvXUm4wFF.js
static.xx.fbcdn.net/rsrc.php/v3/y7/r/ Frame E7A0 		0
0
7mVAm5TtRCZ.js
static.xx.fbcdn.net/rsrc.php/v3/yz/r/ Frame E7A0 		0
0
ie38mp0O07P.js
static.xx.fbcdn.net/rsrc.php/v3/y9/r/ Frame E7A0 		0
0
bz
www.facebook.com/ajax/ Frame E7A0 		0
0
truncated
/ Frame 34F6 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3c32d8ad2e6d94bacd6e3ed17ba214c88bebdb2202956af91b5e2a54473ea248

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 34F6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst-tLTCA-Hc1q8kzJTzsVPgxBO6XVaNmV3IEvq9G-HCaR16obmc2Ofb9J0A7s05Ck5LUdsG30okod3rn-7gW0zBbdSp7uzNezdBpqEDKoSev16nIFAWoDdkQaRCxBd5W-VUJXh1YvBFJZDZ-TwA9Kf4SZFBtU-_7p-kTjAsJQx1kcdcN6dDd9RN_D3mDgyjev8-5HIaKFtQ7thPuEbxtoLAjpi0AyHtDR7Kkt6oF0WEEeFZ8TgCkAWx7FIIw1E22k03N2tgmPLHQ5hMpEpq_pyXWRHDp_r2UWR3VITise7tSIYDFZ_iXTw5oZr2UfBm9W6_gVJDgu2dmuVAxTwZalRXVkvqeoFocnhL11s0k41i7JiSCapTg0HFvrfcnbWF&sai=AMfl-YRSHKENu70VzRs8NdTUC74Xcu9IMDEneaZRwgrv12eA9OPYU1kiS6of_IPVMHj9aBQ87-QRgPcTeOtSNR_HZMHeIPZjLNlKT8QVW1axhN_QIL9k8cyqjGgC7--_lcSRUfpbP_04GU6prj3VltRAc8w&sig=Cg0ArKJSzM8heJvPH-spEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:12 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 14 Nov 2023 00:30:12 GMT
bframe
www.google.com/recaptcha/api2/ Frame 47FA 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=fGZmEzpfeSeqDJiApS_XZ4Y2&k=6Ldi8TIUAAAAAJun3UxUGrHA2YVhQjVZ7URvPSc9
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3db39c0096778fa0380e297c95dd892a4fc92f0c924fec2e6f2dc9960352e851
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-nO8dZkHuYOc8ybiMpr2_nQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://reurl.cc/main/tw
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-nO8dZkHuYOc8ybiMpr2_nQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 14 Nov 2023 00:30:12 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
p.php
stg.truvidplayer.com/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stg.truvidplayer.com/p.php?sid=1250&wid=7942&cb=3406.5592553558054&pid=5434&url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw
Requested by
Host: go.trvdp.com
URL: https://go.trvdp.com/init/7942.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-16.fra53.r.cloudfront.net
Software
nginx /
Resource Hash
692f4a9505b8282e944f8f0a97b240a9326231159ad1cd337ea2569da4587920

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:12 GMT
content-encoding
gzip
via
1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA53-C1
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
x-amz-cf-id
IeoNGWjA4Yq2C53biXVTqvIX8iyWkGRwdHrmPA1CQNEp7M1NFUgNbQ==
mocpogo_01.jpg
asset.re-news.tw/images/ 		427 KB
428 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asset.re-news.tw/images/mocpogo_01.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.23.234 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.23.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
675c68ec272e15adac541942a16ddfa45419f6f959147e4728a4e26c512520ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 23:36:23 GMT
via
1.1 google
age
3229
x-guploader-uploadid
ABPtcPrhYbHLU2ERAXYxVGmWjhRvyOA4QkfFKBK37ig55zRApwgTi0UHdmY4kLru8s7qNBNLPKWvLHeAq8ubqcRexcj9
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
437364
last-modified
Wed, 18 Oct 2023 12:58:27 GMT
server
UploadServer
etag
"2336bdf757022c5d87b79cbbbcd1b477"
x-goog-generation
1697633907721269
x-goog-hash
crc32c=dvOsJw==, md5=Iza991cCLF2Ht5y7vNG0dw==
content-type
image/jpeg
cache-control
public,max-age=3600
x-goog-stored-content-length
437364
accept-ranges
bytes
image_5030111_25280581.jpg
mma.prnasia.com/media2/2274655/ 		188 KB
189 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mma.prnasia.com/media2/2274655/image_5030111_25280581.jpg?p=medium600
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6811:eec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
c89a1c6ef9d590bf73b12d90868ac887d79994c954822f9f0ea451c5aeebe92b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:12 GMT
cf-cache-status
HIT
age
29569
x-powered-by
ASP.NET
server-timing
intid;desc=e56d084b2bff62e4
content-length
192805
cf-bgj
h2pri
last-modified
Mon, 13 Nov 2023 16:12:30 GMT
server
cloudflare
vary
*, Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
cf-ray
825b24fecf24363d-FRA
access-control-allow-headers
Content-Type
expires
Mon, 13 Nov 2023 16:12:31 GMT
1699199927-f025a1ab07b12e6d532ca0a16289ab2b-840x525.jpg
img.gbyhn.com.tw/2023/11/ 		82 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.gbyhn.com.tw/2023/11/1699199927-f025a1ab07b12e6d532ca0a16289ab2b-840x525.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51f74ec3793708addfe58f063a36bbce4850757bc7249fab7c370bf683ef206f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:15 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
143156
alt-svc
h3=":443"; ma=86400
content-length
83834
last-modified
Sun, 05 Nov 2023 15:58:47 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DsnSFV3yZRvlEMx3C01RBe5yixuj95p%2B7VP%2F%2FsMYRxuuIYfgh9ZtLHm3MuEP5RYCrM9KtpMKuoSPH7Bsi1coP1mGk0EtHfPzIHCMKq9MtshAScekI6JdxXahnalhgLxpFksdt4HRFSuJgzn7IBHN"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
825b25116bb26955-FRA
expires
Wed, 15 Nov 2023 23:16:09 GMT
%E5%87%B1%E5%9F%BA%E9%AD%94BUY%E6%82%A0%E9%81%8A%E9%88%A6%E9%87%91%E5%8D%A1%EF%BC%8C%E6%8C%87%E5%AE%9A%E8%A1%8C%E5%8B%95%E6%94%AF%E4%BB%98%E6%9C%80%E9%AB%98-4-%E5%9B%9E%E9%A5%8B-1080x630.jpg
creditcards.com.tw/wp-content/uploads/2023/01/ 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creditcards.com.tw/wp-content/uploads/2023/01/%E5%87%B1%E5%9F%BA%E9%AD%94BUY%E6%82%A0%E9%81%8A%E9%88%A6%E9%87%91%E5%8D%A1%EF%BC%8C%E6%8C%87%E5%AE%9A%E8%A1%8C%E5%8B%95%E6%94%AF%E4%BB%98%E6%9C%80%E9%AB%98-4-%E5%9B%9E%E9%A5%8B-1080x630.jpg?crop=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.25 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
9906749d3d93f871771cafb03841b7c7d6e223448af4201dfba6bc3d7f3e0555
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:15 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-ac
2.hhn _atomic_ams BYPASS
alt-svc
h3=":443"; ma=86400
content-length
54060
x-nc
HIT bur 2
last-modified
Tue, 07 Nov 2023 02:33:28 GMT
server
nginx
etag
"f860f4f03d013e53"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
expires
Thu, 06 Nov 2025 14:33:28 GMT
2023111001105554.jpg
img.racingcharger.tw/wp-content/uploads/ 		195 KB
195 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.racingcharger.tw/wp-content/uploads/2023111001105554.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.216.47.122 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
61-216-47-122.hinet-ip.hinet.net
Software
Apache /
Resource Hash
a3c359c57252a61f72e4f11709d76a4ce815012984a4558f4eb46609ec30314b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:17 GMT
last-modified
Fri, 10 Nov 2023 01:10:59 GMT
server
Apache
accept-ranges
bytes
content-length
199972
content-type
image/jpeg
2023-%E5%8A%A0%E6%8B%BF%E5%A4%A7%E7%8F%AD%E5%A4%AB-Banff-%E6%97%85%E9%81%8A%EF%BC%9A%E9%A8%8E%E9%A6%AC%E9%AB%94%E9%A9%97%E5%88%86%E4%BA%AB-1140x570.jpg
www.rayskyinvest.com/wp-content/uploads/ 		81 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rayskyinvest.com/wp-content/uploads/2023-%E5%8A%A0%E6%8B%BF%E5%A4%A7%E7%8F%AD%E5%A4%AB-Banff-%E6%97%85%E9%81%8A%EF%BC%9A%E9%A8%8E%E9%A6%AC%E9%AB%94%E9%A9%97%E5%88%86%E4%BA%AB-1140x570.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.149.36.179 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
179.36.149.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
151dfaf662d4bceaea9790312beaf06e644cf1efed72a51ac2f0c75c10aa2e8c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-proxy-cache
HIT
date
Tue, 14 Nov 2023 00:30:15 GMT
expires
Tue, 12 Nov 2024 16:22:59 GMT
last-modified
Thu, 26 Oct 2023 14:01:12 GMT
server
nginx
etag
"653a7128-1457a"
content-type
image/webp
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
83322
x-cdn-c
all
x-sg-cdn
1
file.png
static.wixstatic.com/media/08c74d_85f3d2bc5e0247cd96e1875a34d00d40~mv2.png/v1/fit/w_1000,h_1000,al_c,q_80/ 		248 KB
248 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.wixstatic.com/media/08c74d_85f3d2bc5e0247cd96e1875a34d00d40~mv2.png/v1/fit/w_1000,h_1000,al_c,q_80/file.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:2800:1e:5c56:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
0fab9d8226565c933226a271beae622492261fbed07bbd227add760da1ad9de3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-seen-by
image-manipulator-7c76496fbd-mlgdc
date
Fri, 13 Oct 2023 11:19:08 GMT
via
1.1 google, 1.1 baa5702f7bd64fcbae1e3bd950d9a244.cloudfront.net (CloudFront)
server
openresty/1.21.4.1
x-amz-cf-pop
FRA6-C1
age
2725864
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=15552000, immutable
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
J9AGO7-3N4RaImzrY-StJ6d1xvajwojrxhRh-g0r0KxZFPRxuBwjUQ==
content-length
253615
wix-tracer
2Whs3ebFGWCmylTflCxOx4hE9el
2023101023413094.jpg
i0.wp.com/golike.tw/wp-content/uploads/2023/10/ 		107 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/golike.tw/wp-content/uploads/2023/10/2023101023413094.jpg?resize=1024%2C535&ssl=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
9c95792b14cad4642ea9bbcb71cd49f6d2d57bd3a53bc1bc8630e26bbd6fd5a7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:12 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
109448
x-nc
HIT hhn 2
last-modified
Fri, 13 Oct 2023 09:13:55 GMT
server
nginx
etag
"1682dec9dcf20555"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://golike.tw/wp-content/uploads/2023/10/2023101023413094.jpg>; rel="canonical"
expires
Sun, 12 Oct 2025 21:13:55 GMT
%E6%A8%82%E5%A4%A9%E8%B2%B8-%E4%BF%A1%E7%94%A8%E7%AE%A1%E7%90%86%E6%8C%87%E5%8D%97-1.jpg
blog.alphaloan.co/wp-content/uploads/2021/04/ 		180 KB
181 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.alphaloan.co/wp-content/uploads/2021/04/%E6%A8%82%E5%A4%A9%E8%B2%B8-%E4%BF%A1%E7%94%A8%E7%AE%A1%E7%90%86%E6%8C%87%E5%8D%97-1.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.187 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
90102b36c17b8182fcb580b55b917d4807fb037df4dd104a6815ad305e2bea20
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:12 GMT
strict-transport-security
max-age=31536000
x-ac
2.hhn _atomic_ams BYPASS
last-modified
Thu, 27 Apr 2023 05:06:22 GMT
server
nginx
etag
"644a02ce-2d1f7"
access-control-allow-methods
GET, HEAD
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
184823
expires
Tue, 21 Nov 2023 00:30:12 GMT
pd
google-bidout-d.openx.net/w/1.0/ Frame 2FF1 		0
176 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/main/tw
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Tue, 14 Nov 2023 00:30:15 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
activeview
pagead2.googlesyndication.com/pcs/ Frame 34F6 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuIUWOi1f2HI_cKt1CQexnZiV40XX59p9QJ_8gvV9BDpomF9Ku6NWCpWko04oyompBBxaapAgAEfbMeErEEla0keJ7UI8ukH-OoZXnkZ8aiWImgJlU5HCOMYcAue5ecqFxXanXCZ-k-NA&sig=Cg0ArKJSzOXuzykh_6qgEAE&id=lidar2&mcvt=1001&p=1180,1599,1181,1600&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20231109&bin=7&avms=nio&bs=1600,1200&mc=1.06&vu=1&app=0&itpl=19&adk=3261691140&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699921811644&rpt=416&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 00:30:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
float.js
s.trvdp.com/scripts/v5.832/ 		469 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.trvdp.com/scripts/v5.832/float.js
Requested by
Host: go.trvdp.com
URL: https://go.trvdp.com/init/7942.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-3.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7132e1816c1855a2c04c25b9a7f709b650c145369e4341b7c1b86d4093c6290b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 09:23:42 GMT
content-encoding
br
via
1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront)
last-modified
Sun, 15 Oct 2023 15:13:28 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
2387194
etag
W/"ae8e71eddcd185d49d5b9a8ef8a2ef6a"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
A0xTfF2Jg0LxOaNMUuVpL_FPq-XRuinj2WiQO46UBEquX_0EHs4Ecw==
Preset.js
ad.holmesmind.com/adserver/ Frame 690F 		824 B
585 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/Preset.js?z=13858
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.113.7.192 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-113-7-192.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
96328a3dbc2eab604776a954e29863f9660c74029e277d82fc524b7e5aaaef5b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 14 Nov 2023 00:30:18 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
styles__ltr.css
www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/ Frame 47FA 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=fGZmEzpfeSeqDJiApS_XZ4Y2&k=6Ldi8TIUAAAAAJun3UxUGrHA2YVhQjVZ7URvPSc9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 21:52:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9453
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 03:03:27 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 12 Nov 2024 21:52:42 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/ Frame 47FA 		470 KB
188 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=fGZmEzpfeSeqDJiApS_XZ4Y2&k=6Ldi8TIUAAAAAJun3UxUGrHA2YVhQjVZ7URvPSc9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7da2c78aebbd6e2db645e5b97424ed43196e116ef824980565996bdc513550a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 22:30:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7178
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
192495
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 03:03:27 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 12 Nov 2024 22:30:37 GMT
reload
www.google.com/recaptcha/api2/ Frame 47FA 		42 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/reload?k=6Ldi8TIUAAAAAJun3UxUGrHA2YVhQjVZ7URvPSc9
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
33c70491ffd630eea528e50d58f77b7fbd062c11d9455314b323ecb30ea19eb6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/bframe?hl=de&v=fGZmEzpfeSeqDJiApS_XZ4Y2&k=6Ldi8TIUAAAAAJun3UxUGrHA2YVhQjVZ7URvPSc9
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Tue, 14 Nov 2023 00:30:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Tue, 14 Nov 2023 00:30:17 GMT
collect
region1.analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-N394QBRGC0&gtm=45je3b81v897965293&_p=1699921810606&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1007361067.1699921811&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1699921810&sct=1&seg=0&dl=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&_s=3&tfd=7957
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/main/tw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 00:30:17 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame 47FA 		600 B
624 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/refresh_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 09:41:47 GMT
x-content-type-options
nosniff
age
226110
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
600
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Sat, 18 Nov 2023 09:41:47 GMT
audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame 47FA 		530 B
554 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/audio_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 15:22:46 GMT
x-content-type-options
nosniff
age
292051
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
530
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Fri, 17 Nov 2023 15:22:46 GMT
info_2x.png
www.gstatic.com/recaptcha/api2/ Frame 47FA 		665 B
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/info_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 03:43:50 GMT
x-content-type-options
nosniff
age
333987
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
665
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Fri, 17 Nov 2023 03:43:50 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 47FA 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 02:58:03 GMT
x-content-type-options
nosniff
age
250334
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 10 Nov 2024 02:58:03 GMT
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 47FA 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 04:11:16 GMT
x-content-type-options
nosniff
age
332341
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15340
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Nov 2024 04:11:16 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 47FA 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 18:52:48 GMT
x-content-type-options
nosniff
age
279449
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Nov 2024 18:52:48 GMT
payload
www.google.com/recaptcha/api2/ Frame 47FA 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/recaptcha/api2/payload?p=06AFcWeA63LrCir_qqYmNMT1dVxANFy7UGweYvUq2c3cBqRZ221hT6Gu3tUWMt0Lz4udI-ejW7kioNgsw8NKNu6i-biOfh_MeC5Nh3Y77WrePV7oi4LoedFODwKauM6yaj5JRJbtM07kY5hJnjyoWW0x0xltjSL26QPW_swRnaDkuDIKiulX50kc8y6oX7FEHr9wbtprMpTP3EIRdrVQaUYw98YOZbUe8x7A&k=6Ldi8TIUAAAAAJun3UxUGrHA2YVhQjVZ7URvPSc9
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ab11d6135fa97ed25f1d587b1bc32e1ac64e45774b44443b0e7d864e13861051
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/bframe?hl=de&v=fGZmEzpfeSeqDJiApS_XZ4Y2&k=6Ldi8TIUAAAAAJun3UxUGrHA2YVhQjVZ7URvPSc9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:17 GMT
content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
private, max-age=30
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Tue, 14 Nov 2023 00:30:17 GMT
cors
rt.ad-score.com/score/ 		52 B
595 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rt.ad-score.com/score/cors?s=1&pid=1000032&tid=truvidTraffic&pub_domain=reurl.cc&l1=7942&l2=reurl.cc&l3=DE&l4=desktop&l5=5.832&cb=0.6227717749200925
Requested by
Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.832/float.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
35.208.216.174 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
174.216.208.35.bc.googleusercontent.com
Software
/
Resource Hash
a3fb12e0586cb7710bc4ff3f906aa390cd18576b4d2a086389454e72c7f0b8df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Nov 2023 00:30:18 GMT
Age
0
Access-Control-Allow-Methods
GET,POST
P3p
CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin
https://reurl.cc
Content-Type
text/plain; charset=utf-8
Cache-Control
post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
52
fbevents.js
connect.facebook.net/en_US/ Frame B896 		202 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: fcm2.holmesmind.com
URL: https://fcm2.holmesmind.com/cm.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 14 Nov 2023 00:30:17 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
YxZo4CMXpwQwN6ngTRuJrUoNU36yLgB8j2dKRNJZqEwIgNcW/mXl7u2q22nKdMwcKqVzfWh7zLCvTYkHfvJlIQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
t.ssp.hinet.net/ Frame B896 		37 B
409 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
42055f6bbd7821b5b9744720802a476d3129e79e538b69f738b308e87d31b34c
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:17 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
ads.js
ad.holmesmind.com/adserver/ Frame 690F 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=13858&rf=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&n=16&o=1&fc=undefined&d=1&b=2&ts=1&ii=2&FPCK=8500-6i6tdgStIr7EImht94YfqKBHUcggab2Q&fp_uuid=8500-7607fb2b932e0f71ebc845f7bb52b8b5ac9f4444e047f35ed68cf2c9d93cfa2a&initver=230627P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.113.7.192 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-113-7-192.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
23b0d7aef7db2588fa552a9a15339b1580f8eb7d6793c51ee8ab1b277ddc5983

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 14 Nov 2023 00:30:18 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
publishertag.js
static.criteo.net/js/ld/ Frame 690F 		129 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
d6c5ee567fc259b1e6a5aaf4e1de177ebfec611be8dd32ec933ba6b0cf2b9e74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:18 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
etag
W/"653b5c0e-20336"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 15 Nov 2023 00:30:18 GMT
criteoV2.js
cdn.holmesmind.com/js/ Frame 690F 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:4600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cef005a7925817203365e696b47631a1bb7741d6b22f19399f5b958069a09eda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id
ScZOn53LDZH9EqQBQtTybn_n.yFFnixh
date
Tue, 14 Nov 2023 00:29:29 GMT
via
1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
last-modified
Thu, 27 Jul 2023 02:29:01 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
58
x-amz-server-side-encryption
AES256
etag
"13519f9e63c9828d93a698c47992e115"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3197
x-amz-cf-id
NFjtHAVq4uDoX7oLszUNp3m7H6-vNL94jrjd_smOin9Z7KnjJj5wTw==
ucfunnel.js
cdn.holmesmind.com/js/ Frame 690F 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/ucfunnel.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:4600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6215cea030001547475bd19ec624e50c85af367309e115d7813ae4eaff664d32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id
7FnOHKe__pwg0dVwIyTfAcdImUIZ6pwv
date
Tue, 14 Nov 2023 00:30:11 GMT
via
1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
last-modified
Fri, 21 Jul 2023 03:54:43 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
8
x-amz-server-side-encryption
AES256
etag
"8ebabc4e0b1d40fe52514166c7db7048"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2166
x-amz-cf-id
ZlggdIdYnfSpb-v-ukJF4ZqOs6sZ7qUQyIfDkGCDWR30rXXbBECQ_w==
cm
t.ssp.hinet.net/ Frame B896 		0
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=cf&cid=undefined&mp=1d776f8f-e3c9-43dc-9957-cdfd8d0ca66d
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:18 GMT
strict-transport-security
max-age=0
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
pixel
1d776f8f-e3c9-43dc-9957-cdfd8d0ca66d.t.ssp.hinet.net/ Frame B896 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1d776f8f-e3c9-43dc-9957-cdfd8d0ca66d.t.ssp.hinet.net/pixel?bd=1d776f8f-e3c9-43dc-9957-cdfd8d0ca66d&t=cf&referrer=https%3A%2F%2Freurl.cc
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:19 GMT
strict-transport-security
max-age=0
server
nginx
content-length
0
content-type
image/png
header
hb.aralego.com/ Frame 690F 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=zh-TW&je=1&dnt=0&adid=ad-E2B6A4DA7838884AF9E83E64D69E36D&u=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&host=reurl.cc&w=300&h=250
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/ucfunnel.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Lanham, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 14 Nov 2023 00:30:18 GMT
access-control-allow-credentials
true
connection
close
cdb
bidder.criteo.com/ Frame 690F 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=144&profileId=184&bundle=-jAINF9WMFJVZnpaUU9ZVFdzZGpoQXQyYkZDYlhVVktJRzEzNGxwUUFTTUg3SjlURWxya2Mwd2RDblJ1dzdmejdCOW9JZE04b2lZMjZaNkExUTl0Yzc5VVVITW9jRnpJbzBCVyUyRmtGTHNDMUxiVXVRR3YwdEI0Vmk3SE9rNXBDZFF1UzhvWGZGcVFsbHZnYW5kRWpjbnhCb2paQSUzRCUzRA&cb=29347313916
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/main/tw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 14 Nov 2023 00:30:18 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
utag.js
t.ssp.hinet.net/ Frame 690F 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:18 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 03:58:03 GMT
server
nginx
etag
W/"63745fcb-142e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Tue, 14 Nov 2023 00:40:18 GMT
events
bidder.criteo.com/csm/ Frame 690F 		0
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/main/tw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 14 Nov 2023 00:30:17 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
pixel.gif
static.criteo.net/images/ Frame 690F 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:18 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Fri, 08 Nov 2024 00:30:18 GMT
pixel.gif
static.criteo.net/images/ Frame 690F 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:18 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Fri, 08 Nov 2024 00:30:18 GMT
/
t.ssp.hinet.net/ Frame 690F 		36 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
6f2027af7f0229d775c7133148333e1c003acef6732c99a12da1e6c683a4da4e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:18 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
emome2
t.ssp.hinet.net/ Frame 690F 		30 B
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=1d776f8f-e3c9-43dc-9957-cdfd8d0ca66d
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:19 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
drawV2.js
cdn.holmesmind.com/js/ Frame 690F 		13 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13858&rf=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&n=16&o=1&fc=undefined&d=1&b=2&ts=1&ii=2&FPCK=8500-6i6tdgStIr7EImht94YfqKBHUcggab2Q&fp_uuid=8500-7607fb2b932e0f71ebc845f7bb52b8b5ac9f4444e047f35ed68cf2c9d93cfa2a&initver=230627P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:4600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
31b4d2ac4928b0129a5a969594be92783dbbb13112dd350f128de1b8d7215f30

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id
sfdFHmFdC8YPCZiGqqMtE7USitFZTlzr
date
Tue, 14 Nov 2023 00:30:19 GMT
via
1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
last-modified
Mon, 02 Oct 2023 08:54:55 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
21
x-amz-server-side-encryption
AES256
etag
"dcf480340ca4b65dc9aa76bd9e677036"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
13033
x-amz-cf-id
i_EKlt_hlzltuDXXSVm_5P2sUb9bKaIXpPZFkuKURGmzR0Qm-uCVeQ==
view
securepubads.g.doubleclick.net/pcs/ Frame D592 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssElSKSESlkCjIGaqcnMpns6dXT9HhBWpNC50dw8D98Co2C2V_PVyxayptmKXnSAfNWfcaXdIb0_IYJuqBGV9K5o1ajXnA-8pG6GsNMLCWxL1Nvz5_m9MsZj2r36yOB7o4hSWeu2SmZ3YbnxHtGV3PTurhuOdSHI9tLx8imrMvVr22Cc7R3jze_6CHv-gIM662f42zSkMtG4_3gFtqoAaH6adu04OpuGmI-JWrlUMh-nCyZDWeotW72LyIH3FDQEVL3WhCOR8xmYH6AES4zxsUe6L_JrH6XYnyXvR7__do8h5nNE0GyctDI7-TCFdamo2njwKGqINm9urLptbvnqwIECJroUV0o9OwMDhD4qQwR2RRCceLLHromKP3V0bI-aDcjLQ&sai=AMfl-YQBErjPt7ARbPLOWzTDqH_HqWJ00OSxsftX4QwTPZrf5aMpI8RsIdI0agHRf4aKbVmfXX1VjIwQWUci2UY1uQfqYctVp5BKNae_JvaIhL1-VTy48lj2tVZDlPVQfSywIftIQSs6GrbXAeA2TPNPwRM&sig=Cg0ArKJSzKIs0mGubnw3EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:19 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 14 Nov 2023 00:30:19 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231108&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9999486404371312&plah=reurl.cc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4cb99c9b67e4b722de05ac7b3cdca346387e52344c20aaddd4561d67c99deb37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:19 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12394
x-xss-protection
0
syncframe
gum.criteo.com/ Frame 5B29 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/main/tw
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 14 Nov 2023 00:30:19 GMT
server
Kestrel
server-processing-duration-in-ticks
847307
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9999486404371312&plah=reurl.cc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 14 Nov 2023 00:30:19 GMT
sid
mug.criteo.com/ Frame 5B29
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=-jAINF9WMFJVZnpaUU9ZVFdzZGpoQXQyYkZDYlhVVktJRzEzNGxwUUFTTUg3SjlURWxya2Mwd2RDblJ1dz...
  • https://mug.criteo.com/sid?cpp=QpLPr3wvaUNFK2NtVlNNcGVMMUw3WWpHZWN4VVlvWThDSXVFaTdpK3NETDBid09xdkYvdWZCRjc5M3RyN3F2L3RGNnY1WGdDYzBxZ0dVZE1Ea2pqSHVwVW11eXVUbVNDUmMwMVc3RmVCMWlRd1BUQzFkRlN1SGh5RXIzT0...
433 B
650 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=QpLPr3wvaUNFK2NtVlNNcGVMMUw3WWpHZWN4VVlvWThDSXVFaTdpK3NETDBid09xdkYvdWZCRjc5M3RyN3F2L3RGNnY1WGdDYzBxZ0dVZE1Ea2pqSHVwVW11eXVUbVNDUmMwMVc3RmVCMWlRd1BUQzFkRlN1SGh5RXIzT0hEZnptZVU1WmhKVXVHOTNYZ0V2NitJa2R6UXh4YmllYkRpc0xzazNXL1JjYTVvQnJ6a3ZOZnBCTTlja29NYVJrQnNVWFhYVUpmZUpUWVNiTm1Rbms3NGpIVnh5TGdCNzNyOFpKTjBQSUNCYjZGS013U1Y2SlhrYWV0NHM0SElzWXY1ZFJaNDlTVXdUNFhEdDlYQThsRkFVa2Nrb1EvZz09fA&cppv=2
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
534ee289bd1c92715ce8be648d22d9c3ee2c5383e4f49e0d554ffce7cf269289
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 00:30:19 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
920097
expires
0

Redirect headers

pragma
no-cache
date
Tue, 14 Nov 2023 00:30:19 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=QpLPr3wvaUNFK2NtVlNNcGVMMUw3WWpHZWN4VVlvWThDSXVFaTdpK3NETDBid09xdkYvdWZCRjc5M3RyN3F2L3RGNnY1WGdDYzBxZ0dVZE1Ea2pqSHVwVW11eXVUbVNDUmMwMVc3RmVCMWlRd1BUQzFkRlN1SGh5RXIzT0hEZnptZVU1WmhKVXVHOTNYZ0V2NitJa2R6UXh4YmllYkRpc0xzazNXL1JjYTVvQnJ6a3ZOZnBCTTlja29NYVJrQnNVWFhYVUpmZUpUWVNiTm1Rbms3NGpIVnh5TGdCNzNyOFpKTjBQSUNCYjZGS013U1Y2SlhrYWV0NHM0SElzWXY1ZFJaNDlTVXdUNFhEdDlYQThsRkFVa2Nrb1EvZz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
240432
content-length
0
expires
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8672 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/main/tw
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2792
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 13 Nov 2023 23:43:48 GMT
expires
Tue, 12 Nov 2024 23:43:48 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 79C2 		829 B
560 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4f258b5559b789e95a73c6318c79f8e2a37f58d713f2dadd40ebb60d81ed8935
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-wuzAB89CJJP1DPb544tdjw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://reurl.cc/main/tw
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-wuzAB89CJJP1DPb544tdjw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 14 Nov 2023 00:30:20 GMT
expires
Tue, 14 Nov 2023 00:30:20 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 8672 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 17:50:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
23968
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 12 Nov 2024 17:50:52 GMT
init.js
cdn.holmesmind.com/js/ Frame A03E 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:4600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d66d050c1353eca80d839d1a923cc17dfa16e8c6269071a616913e6c48d527cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id
VshDKnuHeNiMt59J2StfAXgq2H_4k9s3
date
Tue, 14 Nov 2023 00:30:11 GMT
via
1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
last-modified
Thu, 26 Oct 2023 07:42:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
39
x-amz-server-side-encryption
AES256
etag
"12ca9b8d762245204824a3562038d0e1"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
9645
x-amz-cf-id
bLdWAoElb3NiOhngxKmTxkvS7E7iKS4ojm02xfypThui9PcnWno3xw==
sodar
pagead2.googlesyndication.com/pagead/ Frame 79C2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231108&jk=1948896639116033&rc=05AKFjXw5mCj8Hb3zD408lCPghcSs76Bpthd9-wigtowp2JjgNOZl07VHrax3z-AOSVOBaO_4HhwUcluO5-l6OG36q07AP07pxL8xd94H1plDXbZ1MNxyI62m15wwKSbB5V2tNb-FKSJyPf67iK2_oFvTXC-uZpVo26e_r0tSQLkGuSG-bR6TBYx-gRA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers
capmapping.htm
cdn.holmesmind.com/js/ Frame CE29 		10 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=8500-7607fb2b932e0f71ebc845f7bb52b8b5ac9f4444e047f35ed68cf2c9d93cfa2a
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:4600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
569cde2a2d9c46b8a90a8c4296aa45d9f52a146d7b075f9e5dba7fcc2f03ce2c

Request headers

Referer
https://reurl.cc/main/tw
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
14
content-length
9921
content-type
text/html
date
Tue, 14 Nov 2023 00:30:07 GMT
etag
"d9100a146ee339f43d0752ef9c998a0d"
last-modified
Tue, 17 Oct 2023 03:41:19 GMT
server
AmazonS3
via
1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
x-amz-cf-id
7q2PIAGId8MS2q80T-pXh7DDoUMWpmCLRqKfhKdfKl_yM5ymy00FjQ==
x-amz-cf-pop
FRA60-P2
x-amz-server-side-encryption
AES256
x-amz-version-id
TarNhskOd4wxrR7dgXgmC4vTJkUNVmiW
x-cache
Hit from cloudfront
presetfn.js
cdn.holmesmind.com/js/ Frame 41D4 		12 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js?20230627
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:4600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5e5ccb934b7fb2d827c2eff1da9e850fa47f110cef1064c9bae41469ada55873

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id
CQNrIqVBPqnnI6BhOVwGt1RB0UHwohqJ
date
Tue, 14 Nov 2023 00:30:13 GMT
via
1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
last-modified
Tue, 07 Nov 2023 01:04:24 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
8
x-amz-server-side-encryption
AES256
etag
"0488690f87032d1d90b0072cd44d017d"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
12113
x-amz-cf-id
SfBsiHqxjuDHq7wPKqWGUSX4CBuT992KByqbcrzCb9ainLH6H-W1Lw==
/
cm.lndata.com/ Frame CE29 		35 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.lndata.com/?tid=4084&uid=719184-dEEu0w4oz86A0r7qWGnEQdosbMO5GSRu
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=8500-7607fb2b932e0f71ebc845f7bb52b8b5ac9f4444e047f35ed68cf2c9d93cfa2a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
116.50.36.71 , Taiwan, ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW),
Reverse DNS
Software
TornadoServer/1.2.1 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/gif
Date
Tue, 14 Nov 2023 00:30:21 GMT
Server
TornadoServer/1.2.1
Connection
keep-alive
Etag
"0f4e929dd5bb2564f7ab9c76338e04e292a42ace"
Content-Length
35
P3P
CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
fp
cm-dev-poc.holmesmind.com/ Frame CE29 		0
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm-dev-poc.holmesmind.com/fp?fp_uuid=8500-7607fb2b932e0f71ebc845f7bb52b8b5ac9f4444e047f35ed68cf2c9d93cfa2a
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=8500-7607fb2b932e0f71ebc845f7bb52b8b5ac9f4444e047f35ed68cf2c9d93cfa2a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.113.25.197 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-113-25-197.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:20 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
content-type
text/html; charset=UTF-8
cm
c.holmesmind.com/ Frame CE29 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=8500-7607fb2b932e0f71ebc845f7bb52b8b5ac9f4444e047f35ed68cf2c9d93cfa2a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:21 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
google
m.holmesmind.com/ml/ Frame CE29
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=719184-dEEu0w4oz86A0r7qWGnEQdosbMO5GSRu&uu_m=undefined
  • https://m.holmesmind.com/ml/google?cf_uid=719184-dEEu0w4oz86A0r7qWGnEQdosbMO5GSRu&uu_m=undefined&google_gid=CAESELpb7JO05wcuflV_fu8vspA&google_cver=1
0
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.holmesmind.com/ml/google?cf_uid=719184-dEEu0w4oz86A0r7qWGnEQdosbMO5GSRu&uu_m=undefined&google_gid=CAESELpb7JO05wcuflV_fu8vspA&google_cver=1
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=8500-7607fb2b932e0f71ebc845f7bb52b8b5ac9f4444e047f35ed68cf2c9d93cfa2a
Protocol
H2
Server
35.227.249.156 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
156.249.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:21 GMT
x-guploader-uploadid
ABPtcPqFhFk-_vgCWz2VSiuWOy07Iw0nT-3LhYEpRCCJDgbHcjnN971Ik7f0Z065b8SyH1yMqMuhLMThdCwuHnK0chGMlI-gBxYs
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
last-modified
Wed, 21 Feb 2018 07:36:41 GMT
server
UploadServer
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-goog-generation
1519198601160228
content-type
image/png
x-goog-hash
crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
cache-control
public, max-age=3600
x-goog-stored-content-length
0
accept-ranges
bytes
expires
Tue, 14 Nov 2023 01:30:21 GMT

Redirect headers

pragma
no-cache
date
Tue, 14 Nov 2023 00:30:20 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://m.holmesmind.com/ml/google?cf_uid=719184-dEEu0w4oz86A0r7qWGnEQdosbMO5GSRu&uu_m=undefined&google_gid=CAESELpb7JO05wcuflV_fu8vspA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
358
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Preset.js
ad.holmesmind.com/adserver/ Frame 41D4 		1 KB
711 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/Preset.js?z=13859
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.113.7.192 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-113-7-192.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
78967c1e05202db8b0e2377bc1db35160fb02bfc348b3de05a6cc8d33c35cd1f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 14 Nov 2023 00:30:20 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
generate_204
tpc.googlesyndication.com/ Frame 8672 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?OIZzwQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:20 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame D592 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvxjAnUbL_V0WcZqrLpf2V5er-DDyyMABxw4q79j6pvatOW6HmWftV7mWwa7b88vtpaoTLh8DXs5Idk5VmiovXyZRy5PTjd515UlgJKyHP7WjokoBpPyDsWJL8rwoBMBceqb7Ke2QzKtw&sig=Cg0ArKJSzGdkexKJIRsbEAE&id=lidar2&mcvt=1000&p=875,365,1125,665&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231109&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2988576075&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699921811458&rpt=8220&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 00:30:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads.js
ad.holmesmind.com/adserver/ Frame 41D4 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=13859&rf=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&n=632&o=1&fc=8500-6i6tdgStIr7EImht94YfqKBHUcggab2Q&d=1&b=2&ts=1&ii=2&FPCK=8500-6i6tdgStIr7EImht94YfqKBHUcggab2Q&fp_uuid=8500-7607fb2b932e0f71ebc845f7bb52b8b5ac9f4444e047f35ed68cf2c9d93cfa2a&initver=230627P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.113.7.192 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-113-7-192.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
7d17566ef48333ef71d68b52d894dfdd7033a071fcd1310c2e767119cf515f7c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 14 Nov 2023 00:30:21 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame 41D4 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:4600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b97b6a79b734e9323aa8c3847d0b2a1bb5db32fc6a7df92ac69653d1c8ba13c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id
BhYfibf8ln9C4F8AF59WvZqelYblDtF0
date
Tue, 14 Nov 2023 00:30:22 GMT
via
1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
last-modified
Mon, 04 Sep 2023 03:28:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
x-amz-server-side-encryption
AES256
etag
"519bf06eca29382b4ee4cc4f1dace214"
x-cache
RefreshHit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2905
x-amz-cf-id
eYWrbfOEQnEhyoRdEwH14jPG2oYLAh08ltBIITiuZcpwMECYB7ucTA==
publishertag.js
static.criteo.net/js/ld/ Frame 41D4 		129 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
d6c5ee567fc259b1e6a5aaf4e1de177ebfec611be8dd32ec933ba6b0cf2b9e74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:20 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
etag
W/"653b5c0e-20336"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 15 Nov 2023 00:30:20 GMT
criteoV2.js
cdn.holmesmind.com/js/ Frame 41D4 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:4600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cef005a7925817203365e696b47631a1bb7741d6b22f19399f5b958069a09eda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id
ScZOn53LDZH9EqQBQtTybn_n.yFFnixh
date
Tue, 14 Nov 2023 00:30:20 GMT
via
1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
last-modified
Thu, 27 Jul 2023 02:29:01 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
60
x-amz-server-side-encryption
AES256
etag
"13519f9e63c9828d93a698c47992e115"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3197
x-amz-cf-id
63qKnNM4gUbjB7wAbuCqJPsPwDFuXie9I9iKQ5DmqH_NeLdOO6wqQA==
bridgewellV3.js
cdn.holmesmind.com/js/ Frame 41D4 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:4600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3c5e5a0064eec4419f514718f35b3eb4ff163a77ebf16445041f5498a84638b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id
DID93KRiG7PHJMF22E9BP3B26tce7ZQK
date
Tue, 14 Nov 2023 00:30:10 GMT
via
1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
last-modified
Mon, 02 Oct 2023 08:50:04 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
10
x-amz-server-side-encryption
AES256
etag
"41ecd67a1e57b2a3aa7cf0c876da0a59"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3470
x-amz-cf-id
gS2982DItClkrtjv-0_6-EKuXN__EFFS5W6sghAtZuGvMoENnXYlTg==
appier_mainV3.js
cdn.holmesmind.com/js/ Frame 41D4 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:4600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bd0366660d2837d11ab498b4adbca774d02854cbb182aaba77f5bc96075df9fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id
YYuAhwhSx_GsTeUJoqJMc_2F0T8dyIho
date
Tue, 14 Nov 2023 00:30:22 GMT
via
1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
last-modified
Tue, 29 Aug 2023 09:16:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
x-amz-server-side-encryption
AES256
etag
"f06a16ff0c73f1550fb80377786b8f06"
x-cache
RefreshHit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
6065
x-amz-cf-id
yOJUXNppHy4UUqthCzYlt2JuTjSDVzNp4DcZKY85eor7tpb26Rl3Sg==
ucfunnel.js
cdn.holmesmind.com/js/ Frame 41D4 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/ucfunnel.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:4600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6215cea030001547475bd19ec624e50c85af367309e115d7813ae4eaff664d32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id
7FnOHKe__pwg0dVwIyTfAcdImUIZ6pwv
date
Tue, 14 Nov 2023 00:30:11 GMT
via
1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
last-modified
Fri, 21 Jul 2023 03:54:43 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
10
x-amz-server-side-encryption
AES256
etag
"8ebabc4e0b1d40fe52514166c7db7048"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2166
x-amz-cf-id
c37huv_Udff1jxYPvRgt4TmL7QTofwSzVFVZUYYZPTAV5fjm_WNZ0A==
header
hb.aralego.com/ Frame 41D4 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=zh-TW&je=1&dnt=0&adid=ad-E2B6A4DA7838884AF9E83E64D69E36D&u=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&host=reurl.cc&w=300&h=250
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/ucfunnel.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Lanham, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 14 Nov 2023 00:30:20 GMT
access-control-allow-credentials
true
connection
close
prebid.aspx
prebid.scupio.com/recweb/ Frame 41D4 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.5812692171383442
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
210.59.219.34 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
210-59-219-34.hinet-ip.hinet.net
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/main/tw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://reurl.cc
Date
Tue, 14 Nov 2023 00:30:21 GMT
Access-Control-Allow-Credentials
true
Server
Kestrel
syncframe
gum.criteo.com/ Frame 8B8F 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/main/tw
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 14 Nov 2023 00:30:19 GMT
server
Kestrel
server-processing-duration-in-ticks
913082
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
cdb
bidder.criteo.com/ Frame 41D4 		0
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=144&profileId=184&bundle=EBSkx19WMFJVZnpaUU9ZVFdzZGpoQXQyYkZGNkVXTVlPJTJCMjF3Y21rTGNqJTJCWFR2NyUyRmxpUUJ4SFFnRDk1aHFpaERoUmJGNFNlYzZzVnBKOTBvWEJXdWFPcWtTOHk3MUhNSiUyRmpRVG9kTWdiZnBlNFBLTm9lSHZWYlVwJTJCQUdYdGJzTVhxb1dhZUh5aWh0UjVHRWczVnVVSkR1UTlRJTNEJTNE&cb=88438734324
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/main/tw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 14 Nov 2023 00:30:20 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
utag.js
t.ssp.hinet.net/ Frame 41D4 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:21 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 03:58:03 GMT
server
nginx
etag
W/"63745fcb-142e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Tue, 14 Nov 2023 00:40:21 GMT
events
bidder.criteo.com/csm/ Frame 41D4 		0
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/main/tw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 14 Nov 2023 00:30:20 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
pixel.gif
static.criteo.net/images/ Frame 41D4 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Fri, 08 Nov 2024 00:30:21 GMT
pixel.gif
static.criteo.net/images/ Frame 41D4 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Fri, 08 Nov 2024 00:30:21 GMT
sid
mug.criteo.com/ Frame 8B8F
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=EBSkx19WMFJVZnpaUU9ZVFdzZGpoQXQyYkZGNkVXTVlPJTJCMjF3Y21rTGNqJTJCWFR2NyUyRmxpUUJ4SF...
  • https://mug.criteo.com/sid?cpp=rLAkbHxaNXJPYktrdDlPRDZOT0w3SVhRN3VRWGpKeDNOK0pub3JIZjZuSVljcnlLRUU2MWRxZGVNYkhXQWlIeGVXdWtwbEh1ZGpVNDQ1NGt0UkxocExTV1E4WTQ3OHNiMkM4bzhZT1ZHTGJaU0owZHZNSCswdHFrU09WNX...
435 B
664 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=rLAkbHxaNXJPYktrdDlPRDZOT0w3SVhRN3VRWGpKeDNOK0pub3JIZjZuSVljcnlLRUU2MWRxZGVNYkhXQWlIeGVXdWtwbEh1ZGpVNDQ1NGt0UkxocExTV1E4WTQ3OHNiMkM4bzhZT1ZHTGJaU0owZHZNSCswdHFrU09WNXMxZmQ0cjdRdk1lTEVLNEJ2OVhzazlmQ2VZTVV1MDdhSTZDNzc3Y3A5OTNFWHg5Mjg5NllDTGdSVkUrcTllaGFXeFBtUk9yaFFhRFN5WEhqVUoyL2NBenpqRUtCbmQ2OWV4ejNmZ3hiUkVhNUozTEhjY1NRcE92RmoxT0UzNTFBS3NVTXlJdGwyUE9lWk5mZkwvNi9qOW94eXBvaHMxQT09fA&cppv=2
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
1c3b1a5b3fcdec08a8dfac5e9f026435092f19891698510d1547f06ebdfa4b31
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 00:30:20 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
724241
expires
0

Redirect headers

pragma
no-cache
date
Tue, 14 Nov 2023 00:30:20 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=rLAkbHxaNXJPYktrdDlPRDZOT0w3SVhRN3VRWGpKeDNOK0pub3JIZjZuSVljcnlLRUU2MWRxZGVNYkhXQWlIeGVXdWtwbEh1ZGpVNDQ1NGt0UkxocExTV1E4WTQ3OHNiMkM4bzhZT1ZHTGJaU0owZHZNSCswdHFrU09WNXMxZmQ0cjdRdk1lTEVLNEJ2OVhzazlmQ2VZTVV1MDdhSTZDNzc3Y3A5OTNFWHg5Mjg5NllDTGdSVkUrcTllaGFXeFBtUk9yaFFhRFN5WEhqVUoyL2NBenpqRUtCbmQ2OWV4ejNmZ3hiUkVhNUozTEhjY1NRcE92RmoxT0UzNTFBS3NVTXlJdGwyUE9lWk5mZkwvNi9qOW94eXBvaHMxQT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
277231
content-length
0
expires
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231108&jk=1948896639116033&bg=!-_il-LfNAAZxrfrxUa07ADQBe5WfONPCDYOZbGBvYn0vzeG4T-gllWsFINto27cCVH267cFynvOhXId_MM03sKNtYPC3AgAAAOxSAAAABmgBBwoABGb3PYuZArIvuzY1H4elKU-LJKEdcFMFAkPDhnL7XPyJgwhu6R1fKXBd_XLAMqeIJRpXI5Tgblqs8rkM-1nWZAlLRE8W0eivzKdwaHihT_WO2LJZBgCnkau5ZWnZ5y-GkHOeMYPjiFzcHDGYCIZnlTYBigVj8LZggGaWd5GYPSxjs_ppjJ5HY8LXx00VQ1SdDAPSP7oztuvVEtTGSHWC8YvvJnCKhO_oRToSPvlyL3H9Pzjy7MUD1QGEw-TBsPp4lCt0Vnm__uh5GUbCDi1gSpB_zunZphr1lFE3iLV3AD7uZfejCYsnEoO6G-rnKmu5QOntiWRyicSRolingUfTjrjbwqD538Dt818ymcTCBsNVgSO_4vXJXkLLjaYhQwBJTxlFhOrkpqfds1FNo-EpiYrB3HYccFhsjYW8R3zahA_CJeN8qbQMv4eHgkFc8OH2WxS15J6AJSjnveJBk7IPXhs2qRpqBKpOHTRDhxFH-X4wvUoUywRf0f-5GyWYtw0qnvbUO0CmqRGyRyHUe3uEfAQW4Uvu1xKO0nhxqZdOJgAH5UW2f3cVXaaj2cIGiMJUOP6kgpu9yVCo5mG6WhcadnWMN9F9T6ZGW7WNRlXFfxGlI1z93S6PeQFdTGL71dO-sjA4-D-fsG6bm-Ub_4AYabihvlzlPOTGShALjDK18JQip07Tsond53qghxxbtZDkT_E7QSlqDO3LvEP7fWrJmo4ZczcNnWddN2vBub8Rf564PFNlsKWEA4z2Ozd4FuKgLwBeN4Bsl6god-EazQt4JxF7syrh6R8bYFu_Nu_WVvmRvT-Ku086Dl5kgRkaFpFQ2sbnxIdF_qHKJEb_PTK929_At2sot8VmeUbDewgwLGoDb0l17_lsNaECh8iX37BHnb1NqkCnFmyxFpPuP-U5kx9QjTTizzd48Js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers
drawV2.js
cdn.holmesmind.com/js/ Frame 41D4 		13 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13859&rf=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&n=632&o=1&fc=8500-6i6tdgStIr7EImht94YfqKBHUcggab2Q&d=1&b=2&ts=1&ii=2&FPCK=8500-6i6tdgStIr7EImht94YfqKBHUcggab2Q&fp_uuid=8500-7607fb2b932e0f71ebc845f7bb52b8b5ac9f4444e047f35ed68cf2c9d93cfa2a&initver=230627P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:4600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
31b4d2ac4928b0129a5a969594be92783dbbb13112dd350f128de1b8d7215f30

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id
sfdFHmFdC8YPCZiGqqMtE7USitFZTlzr
date
Tue, 14 Nov 2023 00:30:19 GMT
via
1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
last-modified
Mon, 02 Oct 2023 08:54:55 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
23
x-amz-server-side-encryption
AES256
etag
"dcf480340ca4b65dc9aa76bd9e677036"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
13033
x-amz-cf-id
yVhK1h0uATWLrgEREgMtt6MVee75w3qgjEEqsL3cIZ8t2IBVra0daQ==
/
t.ssp.hinet.net/ Frame 41D4 		36 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
6f2027af7f0229d775c7133148333e1c003acef6732c99a12da1e6c683a4da4e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:21 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame 41D4 		0
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/main/tw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 14 Nov 2023 00:30:22 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
bid
ad2.apx.appier.net/v1/prebid/ Frame 41D4
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=EkVFZ37gAMCJtDMzn79SZQ
0
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame D3D0 		102 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bbf9f253a9d2241b64cfeec31ec6f7f3c6fefab85593c1856bf1ebfbe9e037a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:21 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31826
x-xss-protection
0
server
cafe
etag
797 / 19675 / m202311090101 / config-hash: 2459397958677358047
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 14 Nov 2023 00:30:21 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/ Frame D3D0 		429 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 23:17:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
4365
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137535
x-xss-protection
0
server
cafe
etag
18342593356503948095
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 12 Nov 2024 23:17:36 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame D3D0 		40 KB
16 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3446375665308635&correlator=3587216306304784&eid=31079527%2C31079576&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=128002626%2CGPT_%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8reurl%2C13859&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=1&sfv=1-0-40&sc=1&cookie=ID%3D2dd3d7d397253c87%3AT%3D1699921811%3ART%3D1699921811%3AS%3DALNI_MapNvWwD0jaJ-APKbUky_y9RE6C9A&gpic=UID%3D00000cc395fc31d2%3AT%3D1699921811%3ART%3D1699921811%3AS%3DALNI_MYmV09d4KWGhTY9_KVctl5nthwoPA&abxe=1&dt=1699921822131&lmt=1699921822&adxs=365&adys=875&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=y6vny0g4905v&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=5&url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&ref=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&top=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&vis=1&psz=300x250&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=1007361067.1699921811&ga_sid=1699921822&ga_hid=1965178725&ga_fc=true&dlt=1699921821865&idt=246&adks=4136938775&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7353a345612e6e295bbf3916a51433ff4ce43681d6ea1df4c49593527e37fb96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:22 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16459
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame D3D0 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311090101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ccf6f68aa8635a27b366271922532885bab581a3364d347aeb2f7660a633085d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:22 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12289
x-xss-protection
0
container.html
c14431c93fa191d9c973c3e3d47a20c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7B4E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c14431c93fa191d9c973c3e3d47a20c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/main/tw
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 14 Nov 2023 00:30:22 GMT
expires
Wed, 13 Nov 2024 00:30:22 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame D3D0 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 14 Nov 2023 00:30:22 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0431 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/main/tw
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2794
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 13 Nov 2023 23:43:48 GMT
expires
Tue, 12 Nov 2024 23:43:48 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 92A5 		829 B
562 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
11a9eedfc3ff54f76035e66b7fdfd934792f68fe9a8868aac90368b6fea5e866
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-_qd7jS6tG2KhQKQVSDRq7Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://reurl.cc/main/tw
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-_qd7jS6tG2KhQKQVSDRq7Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 14 Nov 2023 00:30:22 GMT
expires
Tue, 14 Nov 2023 00:30:22 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 0431 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 17:50:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
23970
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 12 Nov 2024 17:50:52 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 92A5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311090101&jk=3446375665308635&rc=05AKFjXw5mCj8Hb3zD408lCPghcSs76Bpthd9-wigtowp2JjgNOZl07VHrax3z-AOSVOBaO_4HhwUcluO5-l6OG36q07AP07pxL8xd94H1plDXbZ1MNxyI62m15wwKSbB5V2tNb-FKSJyPf67iK2_oFvTXC-uZpVo26e_r0tSQLkGuSG-bR6TBYx-gRA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers
container.html
c14431c93fa191d9c973c3e3d47a20c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 929E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c14431c93fa191d9c973c3e3d47a20c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/main/tw
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 14 Nov 2023 00:30:22 GMT
expires
Wed, 13 Nov 2024 00:30:22 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
generate_204
tpc.googlesyndication.com/ Frame 0431 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?tc6Aug
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:22 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame D3D0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311090101&jk=3446375665308635&bg=!SUqlSgXNAAZxrfrxUa07ADQBe5WfOP_r1WC2zjMl-XJ4gGT6P5rXrDoYvNw8YqHgmHDp6bk3C7-s0GufEJ_Iayrc9DPlAgAAAI9SAAAAB2gBB5kDHf4pWGlg9hDxzlEGzVDXxUf5Q-HolsYTTlz4laGgAezelZ7zKGFBsZprn-861rT1pqVZA_9pBQ-3h7vuM_fJ4a9gMhPbmNsj2LDK6fFu5kCNwXfKppauf35bmLXEIH99xJuPom1HiV5GSLSvTCtEcetqeT2otyP5EXVMDI1sYYpeixKUtbECIIsHdUGbqvNGzks190DTjZq6E3yTlD7FQfZ5G71FJ4_ghWw6KloPDV1caRI7GL14lxfJpDhcz5qyNU2Qh8sgcMydk113SZerr3QlRpeK1AfRkYB6g8LSpjYubHquIpTwFnZoDeXNUsDfddyoADpcZPAeV1Bg5gtdcnO0cfO_YCeZCQv_aAlSZaV8-uNWnOx0KmkOtj7xrpl7pD9wchqNkACIr-BBLJNmdSrFYLI3a_0ZlE2Hgyz3AYAxXpaq7d9bzQmSlLezqRyOLws6YMq6o05VKQOuey6C9vSVZcgCWl0Ug52ATmlL7TFmERthtaYSg2HeL31ok-nWT-nHZadukUxNCKpSRnW64Z0mcIYrfKi610E5QL8BPGwiPWgsK3st3k1DOX87m41Zwqc-ja6iuI7BXO9MpRFCymPy4CfgFa4L77ebRg7nlPBekfSUiAbGxSaV_kW0sl5VN0yLum39FZrV_bCKJWMAftr27UIYsjPj0gCxs3ro8z5f-hCtwQK9a8ZWf6zjjWVZO_yO2wie27BePx4K_SDzWH3RindO9v9CXWPti-4RNfq4DYUuyTiNLnQKKKFMizq3atDKY6MTsC67X_QOPKuMqI0lYGplRogpq16a6R3nJTTLUoD1WMl-e0YF3ZdKwxT-m1LjAUihsD7ZfD2WGRpufRuprj3mfsLU_HiYvSGrSrporPIF7CPd2HXyG561qBn-RDSNRXXHSaA7UWNXkOkAbXorjmFGPKfMvaFhLEMknzgZUBEYjcAQuepFEfMcRMIvXE4iWM1dgZtUmhh5qCKnqDO61SGIcx2tonsG96Awipj6bwLPl4l3c_BWLLRvJFdX9xEKmE__w1Bj5Gc6ibryDLgw9JS0Djqc_UmYWiPH
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/main/tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers
creative_add_on.js
cti.w55c.net/ct/ Frame 929E 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cti.w55c.net/ct/creative_add_on.js?w=300&h=250&zindex=0&ci=Xm5m1vekkx&ei=GOOGLE&ob=0&ai=0DaDXCcU00&epid=R0w3MTcw&fiu=WG1KVFAyNDVlMA&s=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&ciu=XROhqscfgR&btid=RjlEMEUwMkVDNDU2Qzc0NkNCMjQ0NzBEOEMyQjFCNUV8R0ZNb0hVaXRnYnwxNjk5OTIxODIyMjgxfDF8WG1KVFAyNDVlMHxYUk9ocXNjZmdSfDM5NDU4NDA4MV9FWHw1MzQyNHx8fHwuMFB8VVNE&c=DE&dt=2dt0005&sd=reurl.cc&cip=1&hmt=1&uidu=CAESEH6g4vIZJqR6GVLEYVXWRHU&spidu=GOOGLE&pidu=7170&hmpvu=ab487980-4c7c-429a-af1e-9c7f48b75e3e&hmtsu=3&odtu=2&mtfu=1&crdmu=300x250&cridu=XROhqscfgR&
Requested by
Host: c14431c93fa191d9c973c3e3d47a20c1.safeframe.googlesyndication.com
URL: https://c14431c93fa191d9c973c3e3d47a20c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:3e00:3:4706:a6c0:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e8090651b52c256938df2fb0582f24521fe0476939aab81d01b7f31a7ac75beb
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c14431c93fa191d9c973c3e3d47a20c1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id
0IYa12QvFdrNK.CC2JhaeEJAYjkhUjCe
content-encoding
br
via
1.1 ca8cb14c76df16342491237cea8cfed6.cloudfront.net (CloudFront)
date
Mon, 13 Nov 2023 08:00:49 GMT
strict-transport-security
max-age=2592000; includeSubDomains
x-amz-cf-pop
FRA60-P3
age
343370
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Fri, 17 Sep 2021 21:17:39 GMT
server
AmazonS3
etag
W/"a6c8a5bdec77729759b220b95bf503f9"
vary
Accept-Encoding
content-type
application/javascript
cache-control
must-revalidate
x-amz-cf-id
0NgdnJnLu_5gNrm9OUc73XKOkRv0w4f-M97OZ3t4FGPz9AbhFbZnRw==
XassetCEYbEcSW.png
ads.w55c.net/t/d/ Frame 929E 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.w55c.net/t/d/XassetCEYbEcSW.png?at=0&rtbhost=conf01-europe-west1.rtb.roku.com&btid=RjlEMEUwMkVDNDU2Qzc0NkNCMjQ0NzBEOEMyQjFCNUV8R0ZNb0hVaXRnYnwxNjk5OTIxODIyMjgxfDF8WG1KVFAyNDVlMHxYUk9ocXNjZmdSfDM5NDU4NDA4MV9FWHw1MzQyNHx8fHwuMFB8VVNE&ei=GOOGLE&ac=WFMwUE56aXZTMTpYU2YwU29uZW43fDB8MHxFVVI7&js=0&ob=0&ccw=SUFCMjQjMS4w&ci=Xm5m1vekkx&psid=NTkzOTA4MTEyNTc&s=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&ts=1699921822283&c=DE&r=BW&m=0&pc=74343&epid=R0w3MTcw&mi=d2Vi&wp_exchange=NWP
Requested by
Host: c14431c93fa191d9c973c3e3d47a20c1.safeframe.googlesyndication.com
URL: https://c14431c93fa191d9c973c3e3d47a20c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:b600:1b:f040:3600:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7cc53b9adf139d3c48666f76e1d316281c5e9065f7eeaa3fb329057c397f83e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c14431c93fa191d9c973c3e3d47a20c1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id
pTSK_3aD6MH1NhuW2vrruciFx4wLs9g_
date
Mon, 13 Nov 2023 04:36:39 GMT
via
1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
age
71625
x-amz-server-side-encryption
AES256
x-amz-meta-width
300
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
x-amz-meta-filesize
65085
x-amz-meta-height
250
content-length
65085
last-modified
Wed, 03 May 2023 17:26:36 GMT
server
AmazonS3
etag
"38988cf71c0e9e66d0bb0693f05250c3"
vary
Accept-Encoding
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
hQswNeSDO-gINZAG5A-uDdCTFnX1ABihNoWZ3i7GTwVkl9mpwPA29A==
pixel.php
t.hspvst.com/ Frame 929E 		95 B
928 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.hspvst.com/pixel.php?id=2677&t=P&cb=1064573950858648
Requested by
Host: c14431c93fa191d9c973c3e3d47a20c1.safeframe.googlesyndication.com
URL: https://c14431c93fa191d9c973c3e3d47a20c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
154.58.197.185 -, , ASN (),
Reverse DNS
Software
Apache / PHP/5.4.45-1~dotdeb+7.1
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c14431c93fa191d9c973c3e3d47a20c1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 00:30:23 GMT
Server
Apache
X-Powered-By
PHP/5.4.45-1~dotdeb+7.1
Transfer-Encoding
chunked
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Content-Type
image/png
Cache-Control
max-age=315360000
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Keep-Alive
timeout=3, max=1000
Expires
Fri, 11 Nov 2033 00:30:23 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231108/r20110914/client/ Frame 929E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231108/r20110914/client/window_focus_fy2021.js
Requested by
Host: c14431c93fa191d9c973c3e3d47a20c1.safeframe.googlesyndication.com
URL: https://c14431c93fa191d9c973c3e3d47a20c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c14431c93fa191d9c973c3e3d47a20c1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 10:30:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
50413
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 27 Nov 2023 10:30:10 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231108/r20110914/client/ Frame 929E 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231108/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: c14431c93fa191d9c973c3e3d47a20c1.safeframe.googlesyndication.com
URL: https://c14431c93fa191d9c973c3e3d47a20c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c14431c93fa191d9c973c3e3d47a20c1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 03:55:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
74091
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8543
x-xss-protection
0
server
cafe
etag
18034338113832500900
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 27 Nov 2023 03:55:32 GMT
l
www.google.com/ads/measurement/ Frame 929E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRVc9eSunIkkoeXzCN3RFQqfas3j6VVYjs7Tk0Dkk4XIs2_Engj86f2P9fpOPbea9IYpy46HB12RiqQmSjaqpoAgNJCag
Requested by
Host: c14431c93fa191d9c973c3e3d47a20c1.safeframe.googlesyndication.com
URL: https://c14431c93fa191d9c973c3e3d47a20c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c14431c93fa191d9c973c3e3d47a20c1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 929E 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: c14431c93fa191d9c973c3e3d47a20c1.safeframe.googlesyndication.com
URL: https://c14431c93fa191d9c973c3e3d47a20c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c14431c93fa191d9c973c3e3d47a20c1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 01:55:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
340517
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 09 Nov 2024 01:55:06 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 929E 		192 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c14431c93fa191d9c973c3e3d47a20c1.safeframe.googlesyndication.com
URL: https://c14431c93fa191d9c973c3e3d47a20c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
679387c2f15182819b17e9f3aec3cb611bbf474b3797f72a96a4f9bb439508ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c14431c93fa191d9c973c3e3d47a20c1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61843
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699570296391874"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 14 Nov 2023 00:30:23 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 9DE8 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: c14431c93fa191d9c973c3e3d47a20c1.safeframe.googlesyndication.com
URL: https://c14431c93fa191d9c973c3e3d47a20c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c14431c93fa191d9c973c3e3d47a20c1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
29306
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 13 Nov 2023 16:21:57 GMT
etag
48472445140208031
expires
Tue, 14 Nov 2023 16:21:57 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 929E 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4c67d4e070855d67a200d9b1b5660c38d341d9cd866d624fc3a6be617034987e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
adview
securepubads.g.doubleclick.net/pagead/ Frame 929E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CGuSMnr9SZabFC4L3gAentJKgA7qItI9cnNfu7qkIwI23ARABIABglYr8gZQHggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQngAgCoAwHIAwKqBPYBT9CNMKXCmmxiTOxUI1aWm4ZhFfsRJTSOoD8dKW8grBvffw0ColtXNrsEqWyC8sxSnAnbxYq_JPVyZ7k3x1052YRUpylnccEXoVI0w7uCNb7_dCixDlPIjY9qE1yxQP9GKaSH_YlGIPbGCru3fp9NzZoje6hzYgUQxrc0iXekz9IuhUBbDiXxv7maBb1JFkKNtw2US4T9Amt-MFfnfS4GtnjiEGZDwPPdmxO7KXx2pCdNEkn1IxsefEl_84DZSlpojvusacUEaNynpiEqN6-wPBQtBG8Gze2vzFwo_07w2-d4wLEOft9azeoE0x8sAQheei7hth6C4AQBgAaq0LPj0JH3j7kBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6gAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTQ0ODUyMzk0MjU5MjQ3ODcY4swZ&sigh=ucAIstN-siw&uach_m=[UACH]&cid=CAQSOwDICaaNCIGHeNQQaKdHE3Z0Gm39wz0SntYKl9eZfx9KleKMKrq9lvW_Pu-zyizwI4Q_hk3uJ0BOqp12GAE&cbvp=2&vis=1
Requested by
Host: c14431c93fa191d9c973c3e3d47a20c1.safeframe.googlesyndication.com
URL: https://c14431c93fa191d9c973c3e3d47a20c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c14431c93fa191d9c973c3e3d47a20c1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers
a.gif
i.w55c.net/ Frame 929E 		0
0
cs
ad.turn.com/r/ Frame 9DE8 		0
0
dpixel
cms.quantserve.com/ Frame 9DE8 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEHrTj-2r-3ni_q8NljuVpJs&google_cver=1&google_push=AXcoOmS8UYNPbo3PS3A8gpPiNNwubYijG7yV2sVntIuYfZwJwouz2LNDBV-i5Dp9SKA8YT9PBg327xEAZlvxTbJ3yV0ALULemxFoBg
Requested by
Host: c14431c93fa191d9c973c3e3d47a20c1.safeframe.googlesyndication.com
URL: https://c14431c93fa191d9c973c3e3d47a20c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:7eb1:3826:be7e:d981 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 00:30:24 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9DE8
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEDbHQtdLCQyxKf_iN3Mn5pI&google_cver=1&google_push=AXcoOmTIl96j6qQicu5PneDN9z_IX0afJlwOIbjXUw0Bp5GYUKoMGkXNf0GqIhZ4DVwOHpP_7XB4QD-a0hTucG6Y...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=YxYcFYhWS_8qOtRqEPSNjA&google_push=AXcoOmTIl96j6qQicu5PneDN9z_IX0afJlwOIbjXUw0Bp5GYUKoMGkXNf0GqIhZ4DVwOHpP_7XB4QD-a0hTucG6Y2qPy6V1Ln28C
0
0
google;c
d5p.de17a.com/cookies/ Frame 9DE8
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEGlF2-WRDIqQNi3wlUcp_r4&google_cver=1&google_push=AXcoOmTQuEvYtstzYU517MkGZWwiAtrAj5f5OYJX5mj06E6q789bm6RXiATOm-EDTkUc8v61T43xmBXj19teXRKmvY-MP5I...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEGlF2-WRDIqQNi3wlUcp_r4&google_cver=1&google_push=AXcoOmTQuEvYtstzYU517MkGZWwiAtrAj5f5OYJX5mj06E6q789bm6RXiATOm-EDTkUc8v61T43xmBXj19teXRKmvY-MP...
0
0
pixelmatch
ap.lijit.com/dsp/google/ Frame 9DE8
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEGkmCPmorEOQWLKjJEuFZDQ&google_cver=1&google_push=AXcoOmSKFAD1VtNXq6bPylvydlbYESaXLXyqXwCFXWcH36do4Yp2OL1gRX3kszvvtrbhGEPGPC76a7VMkEEG7nyoM...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEGkmCPmorEOQWLKjJEuFZDQ&google_cver=1&google_push=AXcoOmSKFAD1VtNXq6bPylvydlbYESaXLXyqXwCFXWcH36do4Yp2OL1gRX3kszvvtrbhGEPGPC76a7VMkEEG7nyoM...
0
0
ebda
match.360yield.com/match/ Frame 9DE8 		43 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.360yield.com/match/ebda?google_gid=CAESEB4UwrRKgD-nz6O8sPDp9_A&google_cver=1&google_push=AXcoOmTqpfWM-WghQPY5mdjeswpg_ZyL0G5xYNiQAX9vxLhzYfIXBaJU_d6Nj0J5CDrV57XL8k7nGEjkJP0-BH1morwrzGRUjv6H4Q
Requested by
Host: c14431c93fa191d9c973c3e3d47a20c1.safeframe.googlesyndication.com
URL: https://c14431c93fa191d9c973c3e3d47a20c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.50.150.248 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 14 Nov 2023 00:30:24 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
supply
eb2.3lift.com/sync/google/ Frame 9DE8
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEFhgbpNBB7dZs38fjQWH6rU&google_cver=1&google_push=AXcoOmROzzAI3TeOAObdtpGDpNrTvSwb6kHrIH0OCtZAEUSmdWPi3BHGuQlAXtXRY4NBvGKJAGxmmHyIc4wiZ7AwTl5CZ4IPmjXJ
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmROzzAI3TeOAObdtpGDpNrTvSwb6kHrIH0OCtZAEUSmdWPi3BHGuQlAXtXRY4NBvGKJAGxmmHyIc4wiZ7AwTl5CZ4IPmjX...
0
0
attr
cm.g.doubleclick.net/pixel/ Frame 9DE8 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JTQRiX2TmFrp48gdMAsNm7kQMOEaYUVBMrrM31cpCzn0zfJNBbXHoLBeAWLQZrW26d9acl
Requested by
Host: c14431c93fa191d9c973c3e3d47a20c1.safeframe.googlesyndication.com
URL: https://c14431c93fa191d9c973c3e3d47a20c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:30:23 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.facebook.com
URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FCreditCards.com.tw%252F%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId
Domain
static.xx.fbcdn.net
URL
https://static.xx.fbcdn.net/rsrc.php/v3/yU/l/0,cross/sWQ2_2ddXFW.css?_nc_x=Ij3Wp8lg5Kz
Domain
static.xx.fbcdn.net
URL
https://static.xx.fbcdn.net/rsrc.php/v3/y_/l/0,cross/JpAL-DGp_eM.css?_nc_x=Ij3Wp8lg5Kz
Domain
static.xx.fbcdn.net
URL
https://static.xx.fbcdn.net/rsrc.php/v3/y7/r/znkvXUm4wFF.js?_nc_x=Ij3Wp8lg5Kz
Domain
static.xx.fbcdn.net
URL
https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/7mVAm5TtRCZ.js?_nc_x=Ij3Wp8lg5Kz
Domain
static.xx.fbcdn.net
URL
https://static.xx.fbcdn.net/rsrc.php/v3/y9/r/ie38mp0O07P.js?_nc_x=Ij3Wp8lg5Kz
Domain
www.facebook.com
URL
https://www.facebook.com/ajax/bz?__a=1&__ccg=EXCELLENT&__dyn=7xeUmxa13xu1syUbAihwRwqo98nwgU5Gex-ewSwMwNw8OdwJwvE3vx61cw9y0Ko2_CwjE3awbG78b87C1xwEwlU-0nS4o5-0ha2l2Utw78waOfwbK0RE5a1qw8W1uwa-7U1bo6i6811E2ZwrU6C0L836w5Kw&__hs=19675.BP%3Aplugin_default_pkg.2.0..0.0&__hsi=7301108581444530173&__req=4&__rev=1009868551&__s=%3A%3Aja7uoa&__sp=1&__user=0&dpr=1&jazoest=21863&lsd=ZXqJGEbVeLPb30KKRvYs-y
Domain
ad2.apx.appier.net
URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=EkVFZ37gAMCJtDMzn79SZQ
Domain
i.w55c.net
URL
https://i.w55c.net/a.gif?t=0&rtbhost=conf01-europe-west1.rtb.roku.com&rts=1&btid=RjlEMEUwMkVDNDU2Qzc0NkNCMjQ0NzBEOEMyQjFCNUV8R0ZNb0hVaXRnYnwxNjk5OTIxODIyMjgxfDF8WG1KVFAyNDVlMHxYUk9ocXNjZmdSfDM5NDU4NDA4MV9FWHw1MzQyNHx8fHwuMFB8VVNE&ei=GOOGLE&wp_exchange=ZVK_ngAC4qYK4DuCAASaJ22tCucU91Nrm1P7Ig&ac=WFMwUE56aXZTMTpYU2YwU29uZW43fDB8MHxFVVI7&psid=NTkzOTA4MTEyNTc&js=0&ob=0&ccw=SUFCMjQjMS4w&ci=Xm5m1vekkx&fiu=WG1KVFAyNDVlMA&fid=XmJTP245e0&sd=reurl.cc&s=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&ts=1699921822283&dvdp=i.w55c.net/dv.jpg&ai=0DaDXCcU00&c=DE&r=BW&m=0&pc=74343&rnd=1064573950858648&epid=R0w3MTcw&ct=b126c92c760c4964ba6058483a07fa14&os=Mm8wMDAy&dc=NzI4NWEyMmNjZmE2NGM1Y2JmMzBmYzExNmQzNGFhNGU&dm=MU1ocWFxcHZ5RQ&l=emh8fA&ri=2rxtlU&cip=1&alg=TGcwMDA4&v=1&euid=Q0FFU0VINmc0dklaSnFSNkdWTEVZVlhXUkhV&mt=2cmt0001&mi=d2Vi&dt=2dt0005&tz=RXVyb3BlL0Jlcmxpbg&sg=G_mwAgI0iI2byp-2Q292Vw&buid=Xdb4DXiaK1Q&dv=MUxWSXJn&az=europe-west1-c&hmt=1&hmdp=s.h.w55c.net/2/948461/analytics.gif&hmtiu=9484611643830741015000&uidu=CAESEH6g4vIZJqR6GVLEYVXWRHU&spidu=GOOGLE&pidu=7170&hmpvu=ab487980-4c7c-429a-af1e-9c7f48b75e3e&hmtsu=3&odtu=2&mtfu=1&crdmu=300x250&cridu=XROhqscfgR&naoh=i.w55c.net/na.gif&ndgh=i.w55c.net/ng.gif&cbvp=2
Domain
ad.turn.com
URL
https://ad.turn.com/r/cs?pid=3&google_gid=CAESEFC674s7yaz6sHzZ9ZO9hHs&google_cver=1&google_push=AXcoOmR5us_whC9UbqUtULBXZeUtaxAej439Uu6IRJD0xU3u2DJdPKIk_p5yl_z2MGgEBEG4PYFDcZPOCJEn_xcTMC6sfroHXJYOPw
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=YxYcFYhWS_8qOtRqEPSNjA&google_push=AXcoOmTIl96j6qQicu5PneDN9z_IX0afJlwOIbjXUw0Bp5GYUKoMGkXNf0GqIhZ4DVwOHpP_7XB4QD-a0hTucG6Y2qPy6V1Ln28C
Domain
d5p.de17a.com
URL
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEGlF2-WRDIqQNi3wlUcp_r4&google_cver=1&google_push=AXcoOmTQuEvYtstzYU517MkGZWwiAtrAj5f5OYJX5mj06E6q789bm6RXiATOm-EDTkUc8v61T43xmBXj19teXRKmvY-MP5IGhMDp
Domain
ap.lijit.com
URL
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEGkmCPmorEOQWLKjJEuFZDQ&google_cver=1&google_push=AXcoOmSKFAD1VtNXq6bPylvydlbYESaXLXyqXwCFXWcH36do4Yp2OL1gRX3kszvvtrbhGEPGPC76a7VMkEEG7nyoMimdxRHq7Y7T&sovrn_retry=true
Domain
eb2.3lift.com
URL
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmROzzAI3TeOAObdtpGDpNrTvSwb6kHrIH0OCtZAEUSmdWPi3BHGuQlAXtXRY4NBvGKJAGxmmHyIc4wiZ7AwTl5CZ4IPmjXJ&google_gid=CAESEFhgbpNBB7dZs38fjQWH6rU

Verdicts & Comments Add Verdict or Comment

203 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| documentPictureInPicture object| sas object| googletag object| adloox_pubint object| anymindTS function| startAnymindTS function| gtag object| dataLayer object| adsbygoogle function| $ function| jQuery object| bootstrap function| Vue object| VueQrcode object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| app object| renews function| getRenewsFeeds function| fbq function| _fbq string| labelToken string| category string| GoogleAnalyticsObject function| ga function| Sweetalert2 function| SweetAlert function| Swal function| sweetAlert function| swal object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data boolean| google_plmetrics object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| axios object| google_tag_manager function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData function| saveAs function| saveTextAs function| google_sa_impl object| google_image_requests number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| closure_lm_75277 object| regeneratorRuntime object| ox_esp function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 object| _33across object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_144 object| Criteo object| Criteo_identitytag_144 object| brWidgetInit object| truvid_protected object| GoogleGcLKhOms

33 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09AKFjXw65a_Up1IAfUuHO1_xZqyXZRfO0mj7yL-eGdpBsQNidhvRotCa_lu486v36W5kAUNReK8RNhiXbXEqXQLg
reurl.cc/ Name: clientIdV2
Value: cffba54ebbd5e8cf93ab7eac0b739a60ac3da09c38f872229856212d063f0d8dc24c236a822342e5448e7c32202900b79953ffef00d0dd2f64fb826ac1c15c26d74dc0ca39637b578b704271
reurl.cc/ Name: clientId
Value: cffba54ebbd5e8cf93ab7eac0b739a60ac3da09c38f872229856212d063f0d8dc24c236a822342e5448e7c32202900b79953ffef00d0dd2f64fb826ac1c15c26d74dc0ca39637b578b704271
reurl.cc/ Name: lang
Value: tw
.reurl.cc/ Name: _ga
Value: GA1.2.1007361067.1699921811
.reurl.cc/ Name: _gid
Value: GA1.2.540399222.1699921811
.reurl.cc/ Name: _gat
Value: 1
.reurl.cc/ Name: _fbp
Value: fb.1.1699921811218.162351090
.doubleclick.net/ Name: IDE
Value: AHWqTUkrdFsZuXpmQBeFfTPhTsD57R3Yr-Ebwj7wv8AQmHr1zlY6DFfdZHvESSqGpIw
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.reurl.cc/ Name: __gads
Value: ID=2dd3d7d397253c87:T=1699921811:RT=1699921811:S=ALNI_MapNvWwD0jaJ-APKbUky_y9RE6C9A
.reurl.cc/ Name: __gpi
Value: UID=00000cc395fc31d2:T=1699921811:RT=1699921811:S=ALNI_MYmV09d4KWGhTY9_KVctl5nthwoPA
.reurl.cc/ Name: _ga_N394QBRGC0
Value: GS1.1.1699921810.1.0.1699921811.59.0.0
.criteo.com/ Name: uid
Value: f76628a5-9a7e-4697-84da-7c3190d86ac4
.openx.net/ Name: i
Value: 5f43ff68-8f76-4b8d-9bbd-ef3bab4f1090|1699921811
.prnasia.com/ Name: __cf_bm
Value: 3EMOyignKiJwF1CRVA0bFEJbmzIky17NmvoZbldu9Dc-1699921812-0-AfwCA3WK5pEgnTWwsr8ZOE8CaARFbDDGt2LXeeOc6LIx2Ynb6Ap33DAi1U9jIY9gIqmjVBIZB+8kfWk021vhVDs=
.holmesmind.com/ Name: P
Value: 719184-dEEu0w4oz86A0r7qWGnEQdosbMO5GSRu
.holmesmind.com/ Name: Vision
Value: 20231114-23:59,20231114-11,20231114-11,20231114-23:59
.holmesmind.com/ Name: C
Value: null
.holmesmind.com/ Name: RK
Value: null
.holmesmind.com/ Name: fcm
Value: 1
.lndata.com/ Name: admckid
Value: 2311140830171398885
.hinet.net/ Name: uuid
Value: 1d776f8f-e3c9-43dc-9957-cdfd8d0ca66d
.reurl.cc/ Name: CFFPCKUUID
Value: 3310-lpfn2Ee2AoL7thDOGiLPPfnaqBb8fbnO
.reurl.cc/ Name: CFFPCKUUIDMAIN
Value: 8500-6i6tdgStIr7EImht94YfqKBHUcggab2Q
.reurl.cc/ Name: FPUUID
Value: 8500-7607fb2b932e0f71ebc845f7bb52b8b5ac9f4444e047f35ed68cf2c9d93cfa2a
.reurl.cc/ Name: __htid
Value: 1d776f8f-e3c9-43dc-9957-cdfd8d0ca66d
.reurl.cc/ Name: _ht_em
Value: 1
.reurl.cc/ Name: cto_bundle
Value: i5WxiF9WMFJVZnpaUU9ZVFdzZGpoQXQyYkZGSW1WWnclMkJrWDklMkZ2YUp0ZFBWdFhCRVZuVVh1TGhBSWl6UyUyRllaRmxyTXlkcncwS2dwSWVJJTJGRWFaanJHN3RLV1Y1YlJ2dU1EWVRCTzgybWlMTzZ3VGNzVFc4dWJmQ1ZLV1FIWUJ4a29HTFYzaElibndySE1EZFZoUHNtSW9WTFclMkJ3JTNEJTNE
.reurl.cc/ Name: _ht_hi
Value: 1
.holmesmind.com/ Name: R
Value: null
.holmesmind.com/ Name: G
Value: we3u7ZGJymKY5J47cKd8kQ==
.holmesmind.com/ Name: d
Value: /jHzqDFxfoBZ4WTyQK3MPaD5j7NQOgUkv1Txfycvr2ReudB2dm6t0KDrpHJuqax6WjAFQ16PJy71RxDiXPBzgA==

4 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
network error URL: https://fcm.holmesmind.com/cm.php
Message:
Failed to load resource: the server responded with a status of 502 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1d776f8f-e3c9-43dc-9957-cdfd8d0ca66d.t.ssp.hinet.net
712cbcb39354d81d29ccd65183f99df2.safeframe.googlesyndication.com
ad.holmesmind.com
ad.turn.com
ad2.apx.appier.net
ads.w55c.net
anymind360.com
ap.lijit.com
asset.re-news.tw
bcp.crwdcntrl.net
bidder.criteo.com
blog.alphaloan.co
c.holmesmind.com
c14431c93fa191d9c973c3e3d47a20c1.safeframe.googlesyndication.com
cdn-ima.33across.com
cdn.holmesmind.com
cdn.jsdelivr.net
cdn.rawgit.com
cdnjs.cloudflare.com
cm-dev-poc.holmesmind.com
cm.g.doubleclick.net
cm.lndata.com
cms.quantserve.com
cnt.trvdp.com
connect.facebook.net
creditcards.com.tw
cti.w55c.net
d5p.de17a.com
eb2.3lift.com
fcm.holmesmind.com
fcm2.holmesmind.com
fonts.gstatic.com
go.trvdp.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
hb.aralego.com
i.w55c.net
i0.wp.com
img.gbyhn.com.tw
img.racingcharger.tw
invstatic101.creativecdn.com
m.holmesmind.com
match.360yield.com
mma.prnasia.com
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
prebid-asia.creativecdn.com
prebid.scupio.com
region1.analytics.google.com
reurl.cc
rt.ad-score.com
s.trvdp.com
scontent.xx.fbcdn.net
securepubads.g.doubleclick.net
static.criteo.net
static.wixstatic.com
static.xx.fbcdn.net
stats.g.doubleclick.net
stg.truvidplayer.com
storage.re-news.tw
storage.reurl.cc
t.hspvst.com
t.ssp.hinet.net
tags.crwdcntrl.net
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.rayskyinvest.com
ad.turn.com
ad2.apx.appier.net
ap.lijit.com
cm.g.doubleclick.net
d5p.de17a.com
eb2.3lift.com
i.w55c.net
static.xx.fbcdn.net
www.facebook.com
103.132.192.30
116.50.36.71
13.113.25.197
13.113.7.192
13.32.99.3
142.250.181.226
143.204.215.16
143.204.98.125
151.101.1.55
154.58.197.185
162.210.196.208
172.64.152.89
192.0.77.2
192.0.78.187
192.0.78.25
2001:4860:4802:32::36
203.75.214.136
210.59.219.34
2400:52e0:1e00::1080:1
2600:9000:2057:2800:1e:5c56:d400:93a1
2600:9000:206f:b600:1b:f040:3600:93a1
2600:9000:2250:4600:0:e06c:e940:93a1
2600:9000:2251:3e00:3:4706:a6c0:93a1
2606:4700::6810:5614
2606:4700::6811:180e
2606:4700::6811:eec2
2620:116:800d:21:7eb1:3826:be7e:d981
2a00:1450:4001:801::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::2004
2a00:1450:4001:811::2002
2a00:1450:4001:813::2003
2a00:1450:4001:81c::2001
2a00:1450:4001:81c::2002
2a00:1450:4001:81c::2008
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::2001
2a00:1450:400c:c0b::9d
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:3::c
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a06:98c1:3120::3
34.102.146.192
34.117.23.234
34.120.135.53
34.149.36.179
34.149.98.30
34.95.67.231
34.96.70.87
34.98.64.218
35.185.130.121
35.201.76.93
35.208.216.174
35.227.249.156
35.244.196.223
52.192.254.229
52.50.150.248
54.73.167.29
61.216.47.122
65.9.66.122
65.9.66.66
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0165c15a2bedf362f02f1dd1835b5c625faa48d7c0807de80cc4dd3ca40de809
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
084b66d058a7471423c598dd8095baa9df556bc68ca17911fa181360c0c5148e
0912eb76845cca43ec976e9bc886ca3f240697afb98c9ec95ec6c34fa32a8a71
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0da7fc1ae23678b2872653962d147fcd1cbd0a5a9c8f84d44ae99bc581fd9062
0fab9d8226565c933226a271beae622492261fbed07bbd227add760da1ad9de3
11a9eedfc3ff54f76035e66b7fdfd934792f68fe9a8868aac90368b6fea5e866
12eb9631172126e161c7840bcabe4b1cce3126f2d5f1ac3b164981eaf25dc8b4
13e64e2153618f475e94e0e85fa68c9ce910cfc9b24ca9d44fa546a7d2020a24
151dfaf662d4bceaea9790312beaf06e644cf1efed72a51ac2f0c75c10aa2e8c
16cf673198b29bb08e83f5d8f74182d97d9c6dfa729c60f90f6195e739de9d20
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1bee388c13b47b1eb689659a0069a14e157753398b86a1b11933e3ace8deb92a
1c3b1a5b3fcdec08a8dfac5e9f026435092f19891698510d1547f06ebdfa4b31
1cea8f5e200fcfc0e1d1b0797151f138faa548d850f9dde66a43424eb93f9450
23b0d7aef7db2588fa552a9a15339b1580f8eb7d6793c51ee8ab1b277ddc5983
29153c60b594167ed55c3d2c1bb3e430b98d14f38216694703feaeda56a797ca
29e111f5157f6db8aa56f9949e8389ad3aaac0ff9b40d144041839e39d7edbc4
2ef51c9964d695f70064527941258a28c78c6e74ead2898ed97fab9c2f0b1cca
3050a5556edc5876cd83e63f15e56fe19cb428129345a58d1f57687414504698
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31b4d2ac4928b0129a5a969594be92783dbbb13112dd350f128de1b8d7215f30
33c70491ffd630eea528e50d58f77b7fbd062c11d9455314b323ecb30ea19eb6
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
3772767ff67487697ff10935d55de63df2c7ee53435326b45577f86819e84c71
39d446fc3fb117c98b8f8a3b71487ff7f11be7ac8833dee8d8e5f8d86d73e6a4
3c32d8ad2e6d94bacd6e3ed17ba214c88bebdb2202956af91b5e2a54473ea248
3db39c0096778fa0380e297c95dd892a4fc92f0c924fec2e6f2dc9960352e851
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f352d99570c28d81e952f0ee25c39dafab4e3922a2580fe044cfe01db38ab26
42055f6bbd7821b5b9744720802a476d3129e79e538b69f738b308e87d31b34c
440b431e1cb78883e1afbeb37de130406aef2c1cbd16b399a7f4b3f7b097475d
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb
4636fb9df5ae103fbad3764c9f98400be1c9384cbe77fdb6951b96adcac788b1
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4b52781951c70cc8a2ae2afdaac5d673c656c3be0f1c769fa6c1e9e4f5ed8d3b
4c67d4e070855d67a200d9b1b5660c38d341d9cd866d624fc3a6be617034987e
4cb99c9b67e4b722de05ac7b3cdca346387e52344c20aaddd4561d67c99deb37
4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55
4f258b5559b789e95a73c6318c79f8e2a37f58d713f2dadd40ebb60d81ed8935
503a774bf20bd3971bbd7fc68f61f36d22ec220c0e76740634ea69e598de8d6d
51f74ec3793708addfe58f063a36bbce4850757bc7249fab7c370bf683ef206f
5226f0c1cb4086dbf80f23302f95c797ac20de1d386df35475fdad398487de5b
52bb2d07b65ec544edeb2a33f4103397a28f036f0d100090f3e17e4364aea1fb
534ee289bd1c92715ce8be648d22d9c3ee2c5383e4f49e0d554ffce7cf269289
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
569cde2a2d9c46b8a90a8c4296aa45d9f52a146d7b075f9e5dba7fcc2f03ce2c
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
5ad88988f5871797f8a6ae266d8cf7449aaaa85007064bf7fcc256abb80b39d7
5e5ccb934b7fb2d827c2eff1da9e850fa47f110cef1064c9bae41469ada55873
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
612d42439895e1c36809be63be5f032e857507cba763ba7daebd9d4a827c6a99
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61eb289cae69868d1c355989f903cfdb129b2407595b7051dbe54cfc1dbd3c42
6215cea030001547475bd19ec624e50c85af367309e115d7813ae4eaff664d32
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
6480d194b98b9fc3e4589a44b7e54b81ad926722e5b6fb7cc236161e2c2e03ac
67082e98d79aa4792e6599bed6131d0510af19d36b0f95c48f9396801de9a428
675c68ec272e15adac541942a16ddfa45419f6f959147e4728a4e26c512520ad
679387c2f15182819b17e9f3aec3cb611bbf474b3797f72a96a4f9bb439508ef
692f4a9505b8282e944f8f0a97b240a9326231159ad1cd337ea2569da4587920
6a9063ae02774e12a558214f2693e25c1b114826ca1875ab4a5ebbc6c37b6b92
6f2027af7f0229d775c7133148333e1c003acef6732c99a12da1e6c683a4da4e
7132e1816c1855a2c04c25b9a7f709b650c145369e4341b7c1b86d4093c6290b
7170dfc1482453f027cd78abc4d1a6f05f2dd7cfcb897b770aea8e1362a63507
72e78ede6ea1410d9a9f9ddb2fd655c9ac5283853118e72ba8dfe7f695c4e8f4
7353a345612e6e295bbf3916a51433ff4ce43681d6ea1df4c49593527e37fb96
73c7b835eb22fe56030c51e53a6d60ffcc31e6d7321d2c8283fd4450502bd46a
749079c4e18ad34ac381e98d3fa23e070937ae17b73e27bb066eae5350ed667d
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
78967c1e05202db8b0e2377bc1db35160fb02bfc348b3de05a6cc8d33c35cd1f
7ad443ebb19fd107858ac4944e5cba2defd6e71f60e105d517a6f02ce2b50ba7
7cc53b9adf139d3c48666f76e1d316281c5e9065f7eeaa3fb329057c397f83e5
7d17566ef48333ef71d68b52d894dfdd7033a071fcd1310c2e767119cf515f7c
7da2c78aebbd6e2db645e5b97424ed43196e116ef824980565996bdc513550a5
80056dd737175ce31fe366e66e4d6ed6d0cf38425fc8fc478791b894c2091480
80b37dddaa8871f85ffc188bd3afce855b66aa4ce23e7cb07c4eee6e0c31d77f
8128514a9917b6dcdf20f7ee24d6b00a27b2a6aa0f971acb988f358f25ac4005
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89580acfeb91e447cf2baf895923452c9468724331bfe2c40db3a843731fc654
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
90102b36c17b8182fcb580b55b917d4807fb037df4dd104a6815ad305e2bea20
96328a3dbc2eab604776a954e29863f9660c74029e277d82fc524b7e5aaaef5b
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
9906749d3d93f871771cafb03841b7c7d6e223448af4201dfba6bc3d7f3e0555
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bf7a78aee25831462944d12274fa09185d53bb0dae8de5a6cd67e67cad9c8ee
9c95792b14cad4642ea9bbcb71cd49f6d2d57bd3a53bc1bc8630e26bbd6fd5a7
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
a0ca3dda62ca775febb7bb6dfc425136e86934e149e63ef82df5263eb886e4a6
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
a1f14dbba4a024c805fd35a6b7c26a2c588a573e016823d0145607a742015ee6
a3c359c57252a61f72e4f11709d76a4ce815012984a4558f4eb46609ec30314b
a3fb12e0586cb7710bc4ff3f906aa390cd18576b4d2a086389454e72c7f0b8df
ab11d6135fa97ed25f1d587b1bc32e1ac64e45774b44443b0e7d864e13861051
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b23ac362567cca60783ea53b670e4c1b89b7681ca3bc412aa1a627b59bd7bb1a
b97b6a79b734e9323aa8c3847d0b2a1bb5db32fc6a7df92ac69653d1c8ba13c5
baa47cb028f5878356baacb8c2760dbc85b3695c4fe1c346e26b4b978eb0100f
bb9297a72403105c23970666e8496459900c88d46145f542b2dec778833d4f03
bbf9f253a9d2241b64cfeec31ec6f7f3c6fefab85593c1856bf1ebfbe9e037a6
bd0366660d2837d11ab498b4adbca774d02854cbb182aaba77f5bc96075df9fb
c205c874491530a4288b8f643e5da8fbcf7c54bee71bb787f4444e77de90e821
c6d70e06fe41214ac2b19a2f783cdb9394036867ea87ee39c48e7ed8f370c9cf
c7d5594f3a599ccd0b1a336bb68a24d59882f394bb0b9c9a29c5200cd2b48468
c89a1c6ef9d590bf73b12d90868ac887d79994c954822f9f0ea451c5aeebe92b
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
ca01e71d19cac479f63dbe05af40eccbb1876a181144f20b379b2b3a0f28cf18
ccf6f68aa8635a27b366271922532885bab581a3364d347aeb2f7660a633085d
cef005a7925817203365e696b47631a1bb7741d6b22f19399f5b958069a09eda
d0965efaf89d450c3a7fe584903fe8b87dcbf1e7a9a32028d4c77513d8e871be
d3870b8eb9c163df41da9404ff99806a385c846d10ecd6bb404beda59470adc8
d53564927a9df8cb75782a1d760ea4465adbe62a6e5cce8d85774ee3311a21f3
d66d050c1353eca80d839d1a923cc17dfa16e8c6269071a616913e6c48d527cb
d6c5ee567fc259b1e6a5aaf4e1de177ebfec611be8dd32ec933ba6b0cf2b9e74
d8c52fe5bb662564ab7edf0abe01a2202dcc36eaa71ce6a465cd64210c4eb2c0
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e13547eec8879c9b576c2e06837303ad06ea15905d4eb075291ff21686a5b3da
e1d1649412fe22c67266784bef13ad9d6658505a83a1a1cc81f555807bd403b5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8090651b52c256938df2fb0582f24521fe0476939aab81d01b7f31a7ac75beb
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e9685c588da94d0c4b0ee88b43cf80da52fd32761ceb79851d4f802acc1ddfd2
ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f09be930447af6bbff6ea23dce23ee0dc302ce038770481d2674e9247c5c7710
f3c5e5a0064eec4419f514718f35b3eb4ff163a77ebf16445041f5498a84638b
f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a
f82a282830621fb7fdc3d1f8793e016dbdedb75da94c52eabbf33036ff69de16
fb4a1ce6dfcba35211052403191f739a43aafef3ebab7af5e3866d02da0e60fe
fd545b920599d2b5b2ec1dccca5a4b3f384e3a8d33fe2d898b3a0e84f7e4515a