reurl.cc Open in urlscan Pro
35.185.130.121 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://reurl.cc/
Effective URL:
https://reurl.cc/main/en
Submission: On June 30 via manual (June 30th 2022, 9:42:24 pm UTC) from US — Scanned from US

Summary HTTP 246 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 53 IPs in 4 countries across 42 domains to perform 246 HTTP transactions. The main IP is 35.185.130.121, located in Taipei, Taiwan and belongs to GOOGLE, US. The main domain is reurl.cc. The Cisco Umbrella rank of the primary domain is 218275.
TLS certificate: Issued by R3 on May 25th 2022. Valid for: 3 months.

This is the only time reurl.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 8	35.185.130.121 35.185.130.121	15169 (GOOGLE) (GOOGLE)
6	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.149.98.30 34.149.98.30	15169 (GOOGLE) (GOOGLE)
20	2607:f8b0:400... 2607:f8b0:4006:80e::2002	15169 (GOOGLE) (GOOGLE)
1 1	138.199.40.58 138.199.40.58	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
33	2600:9000:216... 2600:9000:2162:e000:0:e06c:e940:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f01... 2a03:2880:f012:10c:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	35.244.196.223 35.244.196.223	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:822::200e	15169 (GOOGLE) (GOOGLE)
2	34.95.67.231 34.95.67.231	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
35	203.75.214.136 203.75.214.136	3462 (HINET Dat...) (HINET Data Communication Business Group)
1 6	35.201.76.93 35.201.76.93	15169 (GOOGLE) (GOOGLE)
5	2600:9000:202... 2600:9000:202c:ae00:3:1794:2540:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2607:f8b0:400... 2607:f8b0:4006:820::2002	15169 (GOOGLE) (GOOGLE)
1	192.0.78.135 192.0.78.135	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2606:4700:303... 2606:4700:3034::ac43:961f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3032::6815:43a6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
1	192.0.78.236 192.0.78.236	2635 (AUTOMATTIC) (AUTOMATTIC)
1	34.102.176.152 34.102.176.152	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c17::9a	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:823::2004	15169 (GOOGLE) (GOOGLE)
5	142.251.40.194 142.251.40.194	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:81e::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f112:182:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	104.117.59.235 104.117.59.235	16625 (AKAMAI-AS) (AKAMAI-AS)
5	54.238.107.229 54.238.107.229	16509 (AMAZON-02) (AMAZON-02)
6 15	142.251.32.98 142.251.32.98	15169 (GOOGLE) (GOOGLE)
3	35.227.249.156 35.227.249.156	15169 (GOOGLE) (GOOGLE)
6 12	34.96.119.68 34.96.119.68	15169 (GOOGLE) (GOOGLE)
6 6	172.105.235.90 172.105.235.90	63949 (LINODE-AP...) (LINODE-AP Linode)
4	103.132.192.30 103.132.192.30	138552 (RTBHOUSE-...) (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD.)
1	35.227.202.26 35.227.202.26	15169 (GOOGLE) (GOOGLE)
2 4	68.67.179.135 68.67.179.135	29990 (ASN-APPNEX) (ASN-APPNEX)
4	34.117.219.39 34.117.219.39	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	2620:100:a001::4 2620:100:a001::4	19750 (AS-CRITEO) (AS-CRITEO)
2	210.59.219.181 210.59.219.181	3462 (HINET Dat...) (HINET Data Communication Business Group)
4	74.119.119.129 74.119.119.129	19750 (AS-CRITEO) (AS-CRITEO)
4	13.112.127.33 13.112.127.33	16509 (AMAZON-02) (AMAZON-02)
1 2	199.115.117.82 199.115.117.82	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
3	2606:4700:20:... 2606:4700:20::681a:467	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 4	2620:100:a001::c 2620:100:a001::c	19750 (AS-CRITEO) (AS-CRITEO)
1 2	210.59.219.175 210.59.219.175	() ()
4	143.204.146.9 143.204.146.9	() ()
2	74.119.119.139 74.119.119.139	19750 (AS-CRITEO) (AS-CRITEO)
10	2607:f8b0:400... 2607:f8b0:4006:81e::2001	15169 (GOOGLE) (GOOGLE)
2	192.96.200.41 192.96.200.41	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
1	2607:f8b0:400... 2607:f8b0:4006:80e::2001	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80d::2002	() ()
12	2607:f8b0:400... 2607:f8b0:4006:821::2006	() ()
3 5	104.18.18.126 104.18.18.126	() ()
2 2	104.66.251.81 104.66.251.81	() ()
1 1	74.121.140.14 74.121.140.14	() ()
1 1	104.45.178.220 104.45.178.220	() ()
2 2	135.148.35.200 135.148.35.200	() ()
1 1	174.137.133.49 174.137.133.49	() ()
1 1	34.225.205.223 34.225.205.223	() ()
2 2	35.207.24.140 35.207.24.140	() ()
2	142.250.65.226 142.250.65.226	() ()
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2b	() ()
246	53

8 35.185.130.121 (Taipei, Taiwan) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 121.130.185.35.bc.googleusercontent.com

reurl.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.149.98.30 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 30.98.149.34.bc.googleusercontent.com

storage.reurl.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2607:f8b0:4006:80e::2002 (New York, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.199.40.58 (New York, United States) 1 redirects

ASN60068 (CDN77 ^_^, GB)
PTR: unn-138-199-40-58.datapacket.com

cdn.rawgit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2600:9000:2162:e000:0:e06c:e940:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f012:10c:face:b00c:0:3 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.196.223 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 223.196.244.35.bc.googleusercontent.com

storage.re-news.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:822::200e (New York, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.67.231 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 231.67.95.34.bc.googleusercontent.com

fcm.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 203.75.214.136 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-75-214-136.hinet-ip.hinet.net

t.ssp.hinet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
28d36932-5c75-4e23-b5d4-239bab842394.t.ssp.hinet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.201.76.93 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 93.76.201.35.bc.googleusercontent.com

c.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:202c:ae00:3:1794:2540:93a1 (United States)

ASN16509 (AMAZON-02, US)

adcdn.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:820::2002 (New York, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.78.135 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

creditcards.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::ac43:961f (United States)

ASN13335 (CLOUDFLARENET, US)

img.gbyhn.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::6815:43a6 (United States)

ASN13335 (CLOUDFLARENET, US)

img.racingcharger.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i2.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.78.236 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

blog.alphaloan.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.176.152 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 152.176.102.34.bc.googleusercontent.com

static.wixstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c17::9a (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:823::2004 (New York, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.251.40.194 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81e::2002 (New York, United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.117.59.235 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-117-59-235.deploy.static.akamaitechnologies.com

static-tagr.gd1.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.238.107.229 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-238-107-229.ap-northeast-1.compute.amazonaws.com

ad.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.251.32.98 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.227.249.156 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 156.249.227.35.bc.googleusercontent.com

m.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 34.96.119.68 (Kansas City, United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: 68.119.96.34.bc.googleusercontent.com

ad2.apx.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.105.235.90 (Tokyo, Japan) 6 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1889-90.members.linode.com

gocm.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net

prebid-asia.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.202.26 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 26.202.227.35.bc.googleusercontent.com

tw-gmtdmp.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 68.67.179.135 (Secaucus, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.117.219.39 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 39.219.117.34.bc.googleusercontent.com

fp.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 210.59.219.181 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)

prebid.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 74.119.119.129 (United States)

ASN19750 (AS-CRITEO, US)
PTR: bidder.va1.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.112.127.33 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-112-127-33.ap-northeast-1.compute.amazonaws.com

ccm.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.115.117.82 (Manassas, United States) 1 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

ads.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:467 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.aralego.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:100:a001::c (United States) 2 redirects

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 210.59.219.175 (None, ) 1 redirects

ASN- ()

rec.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 143.204.146.9 (None, )

ASN- ()

img.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:4006:81e::2001 (New York, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.96.200.41 (Norfolk, United States)

ASN30633 (LEASEWEB-USA-WDC, US)

sync.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80e::2001 (New York, United States)

ASN15169 (GOOGLE, US)

f25fe1c71078ecfa622f900009c1dbd5.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80d::2002 (None, )

ASN- ()

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2607:f8b0:4006:821::2006 (None, )

ASN- ()

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.18.126 (None, ) 3 redirects

ASN- ()

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.66.251.81 (None, ) 2 redirects

ASN- ()

px.owneriq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.121.140.14 (None, ) 1 redirects

ASN- ()

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.45.178.220 (None, ) 1 redirects

ASN- ()

mweb.ck.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 135.148.35.200 (None, ) 2 redirects

ASN- ()

c.us1.dyntrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.137.133.49 (None, ) 1 redirects

ASN- ()

dsp.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.225.205.223 (None, ) 1 redirects

ASN- ()

ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.207.24.140 (None, ) 2 redirects

ASN- ()

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.65.226 (None, )

ASN- ()

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2b (None, )

ASN- ()

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
62	holmesmind.com 1 redirects cdn.holmesmind.com — Cisco Umbrella Rank: 132990 fcm.holmesmind.com — Cisco Umbrella Rank: 133075 c.holmesmind.com — Cisco Umbrella Rank: 99184 adcdn.holmesmind.com — Cisco Umbrella Rank: 132236 ad.holmesmind.com — Cisco Umbrella Rank: 90055 m.holmesmind.com — Cisco Umbrella Rank: 214879 fp.holmesmind.com — Cisco Umbrella Rank: 128422 ccm.holmesmind.com — Cisco Umbrella Rank: 260856	205 KB
35	hinet.net t.ssp.hinet.net — Cisco Umbrella Rank: 84669 28d36932-5c75-4e23-b5d4-239bab842394.t.ssp.hinet.net	25 KB
31	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 120 tpc.googlesyndication.com — Cisco Umbrella Rank: 160 f25fe1c71078ecfa622f900009c1dbd5.safeframe.googlesyndication.com	534 KB
26	doubleclick.net 6 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 54 stats.g.doubleclick.net — Cisco Umbrella Rank: 119 cm.g.doubleclick.net — Cisco Umbrella Rank: 205 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209 googleads4.g.doubleclick.net	206 KB
18	appier.net 12 redirects ad2.apx.appier.net — Cisco Umbrella Rank: 37324 gocm.c.appier.net — Cisco Umbrella Rank: 2352	3 KB
12	2mdn.net s0.2mdn.net	157 KB
10	criteo.com 2 redirects bidder.criteo.com — Cisco Umbrella Rank: 744 gum.criteo.com — Cisco Umbrella Rank: 391 mug.criteo.com — Cisco Umbrella Rank: 2727	16 KB
9	reurl.cc 1 redirects reurl.cc — Cisco Umbrella Rank: 218275 storage.reurl.cc	19 KB
8	scupio.com 1 redirects prebid.scupio.com — Cisco Umbrella Rank: 59979 rec.scupio.com img.scupio.com bw.scupio.com Failed	23 KB
7	google.com www.google.com — Cisco Umbrella Rank: 8 adservice.google.com — Cisco Umbrella Rank: 92	2 KB
6	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 429	127 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com	4 KB
4	aralego.com 1 redirects ads.aralego.com — Cisco Umbrella Rank: 33203 sync.aralego.com — Cisco Umbrella Rank: 2245	2 KB
4	criteo.net static.criteo.net — Cisco Umbrella Rank: 606	79 KB
4	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 244	4 KB
4	creativecdn.com prebid-asia.creativecdn.com — Cisco Umbrella Rank: 17702	680 B
3	aralego.net cdn.aralego.net — Cisco Umbrella Rank: 6191	45 KB
3	mookie1.com static-tagr.gd1.mookie1.com — Cisco Umbrella Rank: 40206 tw-gmtdmp.mookie1.com — Cisco Umbrella Rank: 347679	3 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49	20 KB
2	mfadsrvr.com 2 redirects rtb.mfadsrvr.com	1 KB
2	dyntrk.com 2 redirects c.us1.dyntrk.com	1 KB
2	owneriq.net 2 redirects px.owneriq.net	2 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 96	9 KB
2	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 867	747 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 155	33 KB
1	jquery.com code.jquery.com	33 KB
1	yieldmo.com 1 redirects ads.yieldmo.com	468 B
1	adkernel.com 1 redirects dsp.adkernel.com	540 B
1	inmobi.com 1 redirects mweb.ck.inmobi.com	462 B
1	mathtag.com 1 redirects sync.mathtag.com	861 B
1	googletagservices.com www.googletagservices.com	43 KB
1	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 532	5 KB
1	wixstatic.com static.wixstatic.com — Cisco Umbrella Rank: 5126	1 MB
1	alphaloan.co blog.alphaloan.co	180 KB
1	wp.com i0.wp.com — Cisco Umbrella Rank: 3319	27 KB
1	racingcharger.tw img.racingcharger.tw	120 KB
1	gbyhn.com.tw img.gbyhn.com.tw	63 KB
1	creditcards.com.tw creditcards.com.tw	52 KB
1	re-news.tw storage.re-news.tw	5 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 231	5 KB
1	rawgit.com 1 redirects cdn.rawgit.com — Cisco Umbrella Rank: 9565	723 B
0	googleapis.com Failed fonts.googleapis.com Failed
246	42

	Domain	Requested by
33	cdn.holmesmind.com	reurl.cc cdn.holmesmind.com ad.holmesmind.com
28	t.ssp.hinet.net	cdn.holmesmind.com t.ssp.hinet.net
20	pagead2.googlesyndication.com	reurl.cc pagead2.googlesyndication.com ads.aralego.com tpc.googlesyndication.com securepubads.g.doubleclick.net googleads.g.doubleclick.net
15	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net
12	s0.2mdn.net	reurl.cc s0.2mdn.net
12	ad2.apx.appier.net	6 redirects reurl.cc
10	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net securepubads.g.doubleclick.net
8	reurl.cc	1 redirects reurl.cc
7	28d36932-5c75-4e23-b5d4-239bab842394.t.ssp.hinet.net	cdn.holmesmind.com reurl.cc t.ssp.hinet.net
6	gocm.c.appier.net	6 redirects
6	c.holmesmind.com	1 redirects cdn.holmesmind.com reurl.cc
6	cdn.jsdelivr.net	reurl.cc
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	ad.holmesmind.com	cdn.holmesmind.com reurl.cc
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
5	adcdn.holmesmind.com	cdn.holmesmind.com
4	img.scupio.com	reurl.cc rec.scupio.com code.jquery.com
4	gum.criteo.com	2 redirects static.criteo.net
4	ccm.holmesmind.com	reurl.cc cdn.holmesmind.com
4	bidder.criteo.com	static.criteo.net
4	static.criteo.net	cdn.holmesmind.com reurl.cc
4	fp.holmesmind.com	cdn.holmesmind.com
4	ib.adnxs.com	2 redirects static-tagr.gd1.mookie1.com googleads.g.doubleclick.net
4	prebid-asia.creativecdn.com	cdn.holmesmind.com
4	www.google.com	reurl.cc tpc.googlesyndication.com googleads.g.doubleclick.net
3	securepubads.g.doubleclick.net	cdn.aralego.net securepubads.g.doubleclick.net
3	cdn.aralego.net	reurl.cc ads.aralego.com
3	m.holmesmind.com	cdn.holmesmind.com
3	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
3	www.google-analytics.com	reurl.cc www.google-analytics.com
2	googleads4.g.doubleclick.net	reurl.cc
2	rtb.mfadsrvr.com	2 redirects
2	c.us1.dyntrk.com	2 redirects
2	px.owneriq.net	2 redirects
2	sync.aralego.com	ads.aralego.com
2	mug.criteo.com
2	rec.scupio.com	1 redirects code.jquery.com
2	ads.aralego.com	1 redirects ads.aralego.com
2	prebid.scupio.com	cdn.holmesmind.com
2	static-tagr.gd1.mookie1.com	cdn.holmesmind.com
2	www.facebook.com	reurl.cc
2	partner.googleadservices.com	pagead2.googlesyndication.com
2	fcm.holmesmind.com	cdn.holmesmind.com
2	connect.facebook.net	reurl.cc connect.facebook.net
1	code.jquery.com	rec.scupio.com
1	ads.yieldmo.com	1 redirects
1	dsp.adkernel.com	1 redirects
1	mweb.ck.inmobi.com	1 redirects
1	sync.mathtag.com	1 redirects
1	www.googletagservices.com	googleads.g.doubleclick.net
1	f25fe1c71078ecfa622f900009c1dbd5.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	tw-gmtdmp.mookie1.com	reurl.cc
1	static.xx.fbcdn.net	www.facebook.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	static.wixstatic.com	reurl.cc
1	blog.alphaloan.co	reurl.cc
1	i0.wp.com	reurl.cc
1	img.racingcharger.tw	reurl.cc
1	img.gbyhn.com.tw	reurl.cc
1	creditcards.com.tw	reurl.cc
1	storage.re-news.tw	reurl.cc
1	cdnjs.cloudflare.com	reurl.cc
1	cdn.rawgit.com	1 redirects
1	storage.reurl.cc	reurl.cc
0	fonts.googleapis.com Failed	img.scupio.com
0	bw.scupio.com Failed	img.scupio.com
246	66

This site contains links to these domains. Also see Links.

Domain
imgus.cc
youtils.cc
re-news.tw
stockinfo.tw

Subject Issuer	Validity	Valid
reurl.cc R3	`2022-05-25` - `2022-08-23`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-02` - `2023-06-01`	a year	crt.sh
storage.reurl.cc GTS CA 1D4	`2022-05-06` - `2022-08-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.holmesmind.com Go Daddy Secure Certificate Authority - G2	`2022-05-19` - `2023-06-20`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-04-09` - `2022-07-08`	3 months	crt.sh
storage.re-news.tw GTS CA 1D4	`2022-06-30` - `2022-09-28`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.ssp.hinet.net	`2021-10-12` - `2022-10-12`	a year	crt.sh
tls.automattic.com R3	`2022-05-18` - `2022-08-16`	3 months	crt.sh
*.gbyhn.com.tw E1	`2022-06-06` - `2022-09-04`	3 months	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-11` - `2023-07-12`	a year	crt.sh
*.wixstatic.com Sectigo RSA Domain Validation Secure Server CA	`2022-04-30` - `2022-10-27`	6 months	crt.sh
www.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
static-tagr.gd1.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2021-12-03` - `2022-12-01`	a year	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-17` - `2023-04-12`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.t.ssp.hinet.net	`2022-04-14` - `2023-04-14`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-21` - `2022-09-23`	3 months	crt.sh
*.scupio.com Sectigo RSA Organization Validation Secure Server CA	`2021-10-13` - `2022-11-13`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-15` - `2022-09-18`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.aralego.com Sectigo RSA Domain Validation Secure Server CA	`2021-10-21` - `2022-11-20`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh

This page contains 38 frames:

Primary Page: https://reurl.cc/main/en
Frame ID: 0E6074B3E860087D80D6B905986409B3
Requests: 47 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 0AF60AB7F9D44D07EAA15BDF9A697F03
Requests: 5 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 360E697EB878C5649D3C3AC191732F1D
Requests: 11 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: DC38ECD6442CD4093BD88035FF8B1D37
Requests: 13 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: 731B149325A4E720F8AEB5E07F8E052A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20190131/zrt_lookup.html
Frame ID: 15C1CF1350BA5BFCEAE0B05345B706D4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1004948140419605&output=html&adk=1812271804&adf=3025194257&lmt=1656625339&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Freurl.cc%2Fmain%2Fen&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656625339078&bpp=3&bdt=454&idt=301&shv=r20220629&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=274280369543&frm=20&pv=2&ga_vid=1674439292.1656625339&ga_sid=1656625339&ga_hid=1902698968&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31067527%2C31062930&oid=2&pvsid=2352599408283853&tmod=313680082&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=322
Frame ID: 75CBE2652451E58AC278A99932BDB998
Requests: 1 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 1AEA0006E3A5FAAA11E57E26F580AA07
Requests: 8 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 1D7709046C7886AF528ACDD4BDDC8B0E
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Frame ID: 90B54D8E144BABEA29C7064B4E1C3EB7
Requests: 2 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: F071D189094CBACC7C1F512D2ED75D9D
Requests: 1 HTTP requests in this frame

Frame: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=533-5BOs13xXrn9qSzZoeIjrYefWM5fmKvwV&CFFPCKUUID=1832-8Lbp2LW7lcM8J1GLkmdKpYdWPtD1wQPM&url=https%3A%2F%2Freurl.cc%2Fmain%2Fen&maindomain=reurl.cc
Frame ID: 9A1AAF3DFA7C42125706967C72BC7BE9
Requests: 1 HTTP requests in this frame

Frame: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=533-5BOs13xXrn9qSzZoeIjrYefWM5fmKvwV&CFFPCKUUID=1832-8Lbp2LW7lcM8J1GLkmdKpYdWPtD1wQPM&url=https%3A%2F%2Freurl.cc%2Fmain%2Fen&maindomain=reurl.cc
Frame ID: 0ABF37A3F506EA11F72538D052DA7199
Requests: 1 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/init.js
Frame ID: B2C837D66868E0415B99345AC40AAF06
Requests: 5 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/init.js
Frame ID: 55E9D76BB3C952DA4B63CAB79C88DD2A
Requests: 4 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: EDC163D6E05635740B86D7E3A29231EA
Requests: 8 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: E64A257FB78EF987DFFBE6B349E20BC2
Requests: 20 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: A9A10F0103D0C3692AABD1F91426BE23
Requests: 8 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 2DFB8CB49DF7C05FFB4111F41E625130
Requests: 22 HTTP requests in this frame

Frame: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=533-5BOs13xXrn9qSzZoeIjrYefWM5fmKvwV&CFFPCKUUID=1832-8Lbp2LW7lcM8J1GLkmdKpYdWPtD1wQPM&url=https%3A%2F%2Freurl.cc%2Fmain%2Fen&maindomain=reurl.cc
Frame ID: 5A011DF0B3F478B9ACDAAC35C3F469DE
Requests: 1 HTTP requests in this frame

Frame: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=533-5BOs13xXrn9qSzZoeIjrYefWM5fmKvwV&CFFPCKUUID=1832-8Lbp2LW7lcM8J1GLkmdKpYdWPtD1wQPM&url=https%3A%2F%2Freurl.cc%2Fmain%2Fen&maindomain=reurl.cc
Frame ID: 2F1AF8B9E17BBDF717B502E3D66D02C0
Requests: 1 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Frame ID: 1B21992DCEED2067CB50ADE69A547EC9
Requests: 5 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: 5225975A5DA8C46532B15AA0CB9F452E
Requests: 2 HTTP requests in this frame

Frame: https://img.scupio.com/js/rec.js
Frame ID: 265AE015859895F1CFD254AA67EDA37C
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FE075C76573E93CAD4C790347EB49F07
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CFB0BCE37674E845740481BAC49F508F
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: FBC7F9DFA9B35D913A309492433ADA75
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: DF42AD342C73861C2CBB7E08231CBFB9
Requests: 6 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 56166F7493AF2576E178C9D448E42102
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13802&adk=655181929&adf=2645242779&pi=t.ma~as.2784%2F13802&w=300&url=https%3A%2F%2Freurl.cc%2Fmain%2Fen&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656625342748&bpp=17&bdt=271&idt=175&shv=r20220629&mjsv=m202206270101&ptt=5&saldr=sa&cookie=ID%3Ddc01047ff7d83bfa-224fd8c042d30022%3AT%3D1656625339%3ART%3D1656625339%3AS%3DALNI_MZQyFBKr277imZ91sPCH8xcQoK-UQ&gpic=UID%3D0000063a4617efb8%3AT%3D1656625339%3ART%3D1656625339%3AS%3DALNI_MZdCwRSXLq7Q7Ddrnjb6yx_Nuz7kA&correlator=274280369543&frm=23&ife=1&pv=2&ga_vid=1674439292.1656625339&ga_sid=1656625343&ga_hid=1975221430&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=365&ady=320&biw=1600&bih=1200&isw=300&ish=250&ifk=319788758&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44766558%2C42531605%2C42531607&oid=2&pvsid=559565331182305&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.9dywiak6eq07&fsb=1&dtd=187
Frame ID: 703893E8AF952E3814601F27E481EB23
Requests: 14 HTTP requests in this frame

Frame: https://f25fe1c71078ecfa622f900009c1dbd5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=5
Frame ID: E643537A0B419E712040EE683EF13020
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCqpPCiAxi6kKnJATAB&v=APEucNXMp7L7JMGYMCJvnUtKyy6fkaVOZMfXw4huFbaJNE4tc9aZcI673vEl4PuvjRvkaYvB32Xl1lrSdICQdGosC70Zzq4uJg
Frame ID: 1EECF9AF09AAAD1901ACE9A53488986D
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 70645FC61F10C8F5E36052DDA1146E0C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B73A52CDA19DAEEC81A952456F600188
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 260009A7159D41D94B82AF6667167E54
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C2DDDB701E4654C71642D2CA996DFD78
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17008832406504071435/300x250/index.html
Frame ID: D492FE3DA4EA171D79544462EC89FDC4
Requests: 11 HTTP requests in this frame

Frame: https://img.scupio.com/html/ls.html?mid=52
Frame ID: 999DBD46F421117441A3BD531429C2A1
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

URL Shortener - reurl

Page URL History Show full URLs

https://reurl.cc/ HTTP 302
https://reurl.cc/main/en Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/vue(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Axios (JavaScript libraries) Expand

Overall confidence: 100%
Detected patterns

/axios(@|/)([\d.]+)(?:/[a-z]+)?/axios(?:.min)?\.js

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

SweetAlert2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

sweetalert2(?:\.all)?(?:\.min)?\.js
/npm/sweetalert2@([\d.]+)
sweetalert2@([\d.]+)/dist/sweetalert2(?:\.all)(?:\.min)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

246
Requests

88 %
HTTPS

36 %
IPv6

42
Domains

66
Subdomains

53
IPs

4
Countries

3247 kB
Transfer

5529 kB
Size

35
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: https://imgus.cc/
Title: Imgus

Search URL Search Domain Scan URL

URL: https://youtils.cc/yt-dlp/main/en
Title: Download youtube

Search URL Search Domain Scan URL

URL: https://youtils.cc/utm
Title: what is utm?

Search URL Search Domain Scan URL

URL: https://re-news.tw/creditcard/274698

Search URL Search Domain Scan URL

URL: https://re-news.tw/gbyhn/39562

Search URL Search Domain Scan URL

URL: https://re-news.tw/racingcharger/28642

Search URL Search Domain Scan URL

URL: https://re-news.tw/golike/3123

Search URL Search Domain Scan URL

URL: https://re-news.tw/alphaloan/24662

Search URL Search Domain Scan URL

URL: https://re-news.tw/zocha/62ac3baf046fbcdeb316da93

Search URL Search Domain Scan URL

URL: https://youtils.cc/emoji
Title: Emoji

Search URL Search Domain Scan URL

URL: https://youtils.cc/geoip
Title: Geo IP

Search URL Search Domain Scan URL

URL: https://youtils.cc/big5gb
Title: Big5/GB Converter

Search URL Search Domain Scan URL

URL: https://youtils.cc/qrcode
Title: QR Code

Search URL Search Domain Scan URL

URL: https://youtils.cc/length
Title: Length Converter

Search URL Search Domain Scan URL

URL: https://stockinfo.tw/
Title: Taiwan Stock

Search URL Search Domain Scan URL

URL: https://youtils.cc/wordcounter/zh-Hants
Title: Word Counter

Search URL Search Domain Scan URL

URL: https://youtils.cc/password/zh-Hants
Title: Password Generator

Search URL Search Domain Scan URL

URL: https://youtils.cc/dateCalculator
Title: Date Calculator

Search URL Search Domain Scan URL

URL: https://youtils.cc/lunarCalendar
Title: Lunar Calendar

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://reurl.cc/ HTTP 302
https://reurl.cc/main/en Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://cdn.rawgit.com/zenorocha/clipboard.js/v1.7.1/dist/clipboard.min.js HTTP 301
https://cdn.jsdelivr.net/gh/zenorocha/clipboard.js@v1.7.1/dist/clipboard.min.js

Request Chain 27

https://c.holmesmind.com/cm HTTP 302
https://c.holmesmind.com/cm?tc=getIn&

Request Chain 63

https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=594277-FyYCBEAIauRNGHPnlY4kJ1QtSEf89ZbO&uu_m=undefined HTTP 302
https://m.holmesmind.com/ml/google?cf_uid=594277-FyYCBEAIauRNGHPnlY4kJ1QtSEf89ZbO&uu_m=undefined&google_gid=CAESELzbBlke-8c9PFHKRuf9kNw&google_cver=1

Request Chain 65

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=t63Dvz-GAd-YnmCivBi-Yg

Request Chain 100

https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=594277-FyYCBEAIauRNGHPnlY4kJ1QtSEf89ZbO&uu_m=undefined HTTP 302
https://m.holmesmind.com/ml/google?cf_uid=594277-FyYCBEAIauRNGHPnlY4kJ1QtSEf89ZbO&uu_m=undefined&google_gid=CAESELzbBlke-8c9PFHKRuf9kNw&google_cver=1

Request Chain 104

https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=594277-FyYCBEAIauRNGHPnlY4kJ1QtSEf89ZbO&uu_m=undefined HTTP 302
https://m.holmesmind.com/ml/google?cf_uid=594277-FyYCBEAIauRNGHPnlY4kJ1QtSEf89ZbO&uu_m=undefined&google_gid=CAESELzbBlke-8c9PFHKRuf9kNw&google_cver=1

Request Chain 116

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=t63Dvz-GAd-YnmCivBi-Yg

Request Chain 117

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=t63Dvz-GAd-YnmCivBi-Yg

Request Chain 133

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=t63Dvz-GAd-YnmCivBi-Yg

Request Chain 134

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=t63Dvz-GAd-YnmCivBi-Yg

Request Chain 135

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=t63Dvz-GAd-YnmCivBi-Yg

Request Chain 154

https://ads.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 159

https://rec.scupio.com/recweb/js/rec.js HTTP 301
https://img.scupio.com/js/rec.js

Request Chain 162

https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=HLIupnxJWWdlS0U0M3RvMFp3clJHajBNUnkvbzU2cjdwTlk0b1M1czZ1ck1CemsvWWZMZEpoeWNBWGNZODJtdTVwM1IvR1NzMnlvemdJNjJOZnJlbVhCODBobHBLSHdTQUNlTHJBb3F2SldDbEt2VzBDcFI1NTBJSTU1TzkybUVQUUJFaXlFaHN1QS9RTFJGTW4zYUxBMzlhRjZrcG54SVJ5QVJHcjFJMTdjVGZZRGlnSDNCRnptc3ZuWGN1L2N5ZzZ2eUQ1VnJZQ250RHZ0ZlBZZEZ6TEl0WlRBOFZXNmJNRmZ3dkZodWkrYU16Mmc0TUtXSXkvcVZMQjBOQVVDNWtmaWxMRkpUOGpqK3VDY2dOcW1KUHZueVJMdz09fA&cppv=2

Request Chain 173

https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=TQ8ayV9oUEpRamZ1VGNvY3JjTWhrWk8zV3p2UXdOcXVqdSUyRkclMkJuTEclMkZRWlNUbXN3eU16JTJCeGxwb1VpaENIUjZMd1olMkZ4UTFMRjJYUklqZEZ6c0pSY29nY2RPSnliJTJGWWpWOGlPeU1ZUW5NY0ZpOHdNYTBYa00yd29IM1hzMG91b2NCVEp1JTJGdHJoRXRZcUtXTjVFMWNYUnE1d2cyUSUzRCUzRA&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=411d-3x3MWJaWUE3S3ZTdFRwSDJkZjg5ZU1rT3A5YVFyNWl6UnlncC9VMzVMQmg4bmJHWTNHS0dLdWEyNFNLY0d5Q0hwZUR2YkNWVzMraDI5blhtSWxGOVhaR2hUUmpxRTQvOEZpa3VDTkhuZDdBdWI1a3p5NHhkQkpVVXlzZW5sVklqZGJRendQSGNWVU9kV1F3cHJFK3ZLQWVQSjgzUDZIRXJKMXhWOWJxbTBqU1VjYkNyWG1zVWEzTWFBeTZ1NnZpRSsxS3R2b2lOdEt5a2FucWtISDRsaW5BQXVGM1ZNT0JtcFg2OG00eWgrVDVrT1hHTHZ0dEJMOTk3aU8wYktYZEEzZWZHTE8xdjNwMHlkWGVkUUVhbUd4dz09fA&cppv=2

Request Chain 202

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECl9wOj32ILY04jUKt8SCHk&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECl9wOj32ILY04jUKt8SCHk&google_cver=1&C=1

Request Chain 203

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yr4Yv9pDOTXRWhibtOAmcAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECl9wOj32ILY04jUKt8SCHk&google_cver=1

Request Chain 204

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEMaoiuXWSrOAmsfFjLhfE6U&google_cver=1

Request Chain 205

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDAzOTQzMjY5MTE1NzYzNDMyNQ%3D%3D

Request Chain 210

https://px.owneriq.net/ecmg?google_gid=CAESEDNU4Pimp-gs-joqFsTLXJk&google_cver=1&google_push=ARnp8GCPosS0dHirlgyBrSMAzmJ7duzOYN9alRhc7a75TW7yE3aJrmFm5gDwdJtKW-ajYbGGR982dC158YIhY1bo174uz-6R4TlS HTTP 302
https://px.owneriq.net/ecc?redir=https%3a%2f%2fcm.g.doubleclick.net%2fpixel%3fgoogle_nid%3downeriq1%26google_sc%26google_push%3dARnp8GCPosS0dHirlgyBrSMAzmJ7duzOYN9alRhc7a75TW7yE3aJrmFm5gDwdJtKW-ajYbGGR982dC158YIhY1bo174uz-6R4TlS%26google_cver%3d1%26google_gid%3dCAESEDNU4Pimp-gs-joqFsTLXJk%26google_hm%3dUTcwOTkxMTc0MzE5NDMwNjgzNjY%3d&uid=Q7099117431943068366&ref=%2Fecmg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=ARnp8GCPosS0dHirlgyBrSMAzmJ7duzOYN9alRhc7a75TW7yE3aJrmFm5gDwdJtKW-ajYbGGR982dC158YIhY1bo174uz-6R4TlS&google_cver=1&google_gid=CAESEDNU4Pimp-gs-joqFsTLXJk&google_hm=UTcwOTkxMTc0MzE5NDMwNjgzNjY=

Request Chain 211

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEPK52E4d5YNP9NU3ZU44Sxw&google_cver=1&google_push=ARnp8GDHJMRbbCDmFiofxpNBhaLbhUBdR-fhXyCYy8MHq_qF7MWYLAEkyHpTyyz9H9dW4CfkKmZ2trBTcyHa93Gw-uzSkofvPTU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ARnp8GDHJMRbbCDmFiofxpNBhaLbhUBdR-fhXyCYy8MHq_qF7MWYLAEkyHpTyyz9H9dW4CfkKmZ2trBTcyHa93Gw-uzSkofvPTU

Request Chain 212

https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEGJ3_8GcsNiG8BhkaDI6jwg&google_cver=1&google_push=ARnp8GASwWdy_y9a8OQoQe0nuaTJ-jLt1JKwAPrThmJzJjS_DJJMG7ZFNisEd2lCFj4VoCa4CrpTZ_VI9Kl9vF9tjwM3YqqzINxU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=MTdmOGQyYTEtYjljNi00MDM3LTg3NWUtMWM4NGZmYjA5OWVj&google_gid=CAESEGJ3_8GcsNiG8BhkaDI6jwg&google_cver=1&google_push=ARnp8GASwWdy_y9a8OQoQe0nuaTJ-jLt1JKwAPrThmJzJjS_DJJMG7ZFNisEd2lCFj4VoCa4CrpTZ_VI9Kl9vF9tjwM3YqqzINxU

Request Chain 213

https://c.us1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_push=%GOOGLE_PUSH%&cty=br&google_gid=CAESEPe5qC_5DdZn7NdMpmvTAx8&google_cver=1&google_push=ARnp8GBk0wskr0VJGGPCzwpY9AQKoZVYuCdn4SJz7dMgScwMM2zONKZysooQuhHJVsAXOPgJ3Hkt7JNoV6eeeWErmEX70EGcQ_yF HTTP 302
https://c.us1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_push=%GOOGLE_PUSH%&cty=br&google_gid=CAESEPe5qC_5DdZn7NdMpmvTAx8&google_cver=1&google_push=ARnp8GBk0wskr0VJGGPCzwpY9AQKoZVYuCdn4SJz7dMgScwMM2zONKZysooQuhHJVsAXOPgJ3Hkt7JNoV6eeeWErmEX70EGcQ_yF&prevuid=06030001_62be18bfee156&knw= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic_brazil&google_push=ARnp8GBk0wskr0VJGGPCzwpY9AQKoZVYuCdn4SJz7dMgScwMM2zONKZysooQuhHJVsAXOPgJ3Hkt7JNoV6eeeWErmEX70EGcQ_yF&google_hm=MDYwMzAwMDFfNjJiZTE4YmZlZTE1Ng%3D%3D

Request Chain 214

https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEKlUa4yIe_DdhdjKNZhAlGI&google_cver=1&google_push=ARnp8GDhTzaVr9TKywB35QrGxfzC4bmdtWlR59LJZy_edrnhxr6abHUThI7i5abgAd9tAxS7UWlBm-gmxyIJww_yQXnS6BBT0q-W HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTYxNjA0MDc1Njk0Mzg0NDQ1NjE&google_push=ARnp8GDhTzaVr9TKywB35QrGxfzC4bmdtWlR59LJZy_edrnhxr6abHUThI7i5abgAd9tAxS7UWlBm-gmxyIJww_yQXnS6BBT0q-W

Request Chain 215

https://ads.yieldmo.com/exptsync?google_gid=CAESELOLmCxT98bLtX_Kj9TCBn8&google_cver=1&google_push=ARnp8GDzi92v98Z7wRssny5Rez9TcvvSKMBv88DYor1h6Jan-8LK3lWICCn37YLJviOeADtheWGUXSd_aSuegrd6VS46GUU7wWPg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=ARnp8GDzi92v98Z7wRssny5Rez9TcvvSKMBv88DYor1h6Jan-8LK3lWICCn37YLJviOeADtheWGUXSd_aSuegrd6VS46GUU7wWPg&google_hm=ZzNjMDQ0Y2Q4OWY4ODE5Y2ExMmI=

Request Chain 216

https://rtb.mfadsrvr.com/sync?ssp=google&ssp_init=step1&google_gid=CAESEMoe6uOgy8X3DqBBmeUgYWA&google_cver=1&google_push=ARnp8GAspP7o0mry-3NUOjmjOBABASbLV3hMaTOAgqbK13IL5t9OrWKkJGAQzsJXVJFFVjn4BkkVELfIOKJP8jTDhetvmzwjS51zUQ HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=google&ssp_init=step1&google_gid=CAESEMoe6uOgy8X3DqBBmeUgYWA&google_cver=1&google_push=ARnp8GAspP7o0mry-3NUOjmjOBABASbLV3hMaTOAgqbK13IL5t9OrWKkJGAQzsJXVJFFVjn4BkkVELfIOKJP8jTDhetvmzwjS51zUQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=RGrn3V3XSvaLqQvipOWRBA==&no_redirect=1&google_push=ARnp8GAspP7o0mry-3NUOjmjOBABASbLV3hMaTOAgqbK13IL5t9OrWKkJGAQzsJXVJFFVjn4BkkVELfIOKJP8jTDhetvmzwjS51zUQ

246 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request en Show response
reurl.cc/main/
Redirect Chain

https://reurl.cc/
https://reurl.cc/main/en

13 KB
4 KB

186ms
186ms

Document
text/html

35.185.130.121
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/main/en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 756efd9fbbdf83c3337fd83e88bb9e48410931d4446850c597710fed4c9cb4c7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 30 Jun 2022 21:42:18 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding

Redirect headers

content-length: 31
content-type: text/html; charset=utf-8
date: Thu, 30 Jun 2022 21:42:18 GMT
location: /main/en
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/ 152 KB
24 KB 130ms
49ms Stylesheet
text/css 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/bootstrap.min.css

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 8770669
x-jsd-version: 4.3.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19127-FRA, cache-mdw17367-MDW
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"2606e-bhA1SChFSJj9qA9V897LNH/Z7SE"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5CU5nutxxsZsPHItUK%2Bsrfqb%2BvhF7V%2Fu9bzWPVW7RVkK2ol9KCIBgqK8UyLUNMHrl%2BEYVn30HSpmvZ7wK75uzlRv0EXOhAVcN3SCdtzBeM6oJrvoQgs2Mh4VFKYkJdkbWNdFmCQlaB5VYwHLAb4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 723a122f0f112919-ORD

GET
H2 200 style.css
storage.reurl.cc/stylesheets/rwd/ 3 KB
1 KB 109ms
28ms Stylesheet
text/css 34.149.98.30
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.reurl.cc/stylesheets/rwd/style.css
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.98.30 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 30.98.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e32272da242ceb6ecfad754975bc09782c6229a7a46c58e46cec347aab22be64

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 17:49:06 GMT
via: 1.1 google
last-modified: Thu, 05 May 2022 00:38:33 GMT
age: 13992
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public,max-age=28800
content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1091

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 162 KB
56 KB 172ms
72ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1004948140419605

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d3709f16009ae2d03520b6032674fd905fd85243fc707c781a67297b3bcbb9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Origin: https://reurl.cc
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56385
x-xss-protection: 0
server: cafe
etag: 6651519055282664426
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 30 Jun 2022 21:42:18 GMT

GET
H2 200 pixel.js Show response
reurl.cc/javascripts/ 470 B
559 B 184ms
184ms Script
application/javascript 35.185.130.121
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/javascripts/pixel.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 6e9ab8ab1d57a0695a66577e348ae4343e1a92f70cb4835a52c4863f11114037

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/main/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:18 GMT
content-encoding: gzip
last-modified: Sun, 08 Aug 2021 17:07:38 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"61100f5a-1d6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Fri, 30 Jun 2023 21:42:18 GMT

GET
H3

200

clipboard.min.js Show response
cdn.jsdelivr.net/gh/zenorocha/clipboard.js@v1.7.1/dist/
Redirect Chain

https://cdn.rawgit.com/zenorocha/clipboard.js/v1.7.1/dist/clipboard.min.js
https://cdn.jsdelivr.net/gh/zenorocha/clipboard.js@v1.7.1/dist/clipboard.min.js

11 KB
4 KB

35ms
34ms

Script
application/javascript

2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/zenorocha/clipboard.js@v1.7.1/dist/clipboard.min.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/en

Protocol

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0da7fc1ae23678b2872653962d147fcd1cbd0a5a9c8f84d44ae99bc581fd9062

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:19 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 7507233
x-jsd-version: 1.7.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19138-FRA, cache-iad-kiad7000123-IAD
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"2aa5-qeaI8MJlRinRJjDbMhGpT3WiLLY"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3dCPjiK9s3Nq6GwYZtU8%2BF8P%2BCCEWL7n9IU60dUSyUQvyvNw3huj7fkUz28MGd5aM9z4Kmk9jmU0hZ%2FR9nCUNdpMloEXlNW0V1ttdfyvj4m9wJsGOK8fVp2dZ%2BnuiumAXDtWV50d95%2BNxeHhk2o%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 723a1230dc2b6350-ORD

Redirect headers

date: Thu, 30 Jun 2022 21:42:18 GMT
x-content-type-options: nosniff
cdn-edgestorageid: 885
age: 44474
access-control-expose-headers: *
x-cache: MISS, HIT
cdn-cachedat: 06/30/2022 21:42:18
cdn-pullzone: 201235
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443", h3-29=":443", h3-27=":443"
content-length: 113
server: BunnyCDN-NY-885
x-served-by: cache-fra19174-FRA, cache-chi-kigq8000057-CHI
access-control-allow-origin: *
cdn-proxyver: 1.02
cdn-requestpullcode: 301
location: https://cdn.jsdelivr.net/gh/zenorocha/clipboard.js@v1.7.1/dist/clipboard.min.js
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/plain; charset=utf-8
cdn-cache: EXPIRED
vary: Accept-Encoding
cache-control: public, max-age=2592000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: dd9cb910766e1fd8ee9f4259465acd61
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 301
cdn-requestpullsuccess: True

GET
H2 200 axios.min.js Show response
cdnjs.cloudflare.com/ajax/libs/axios/0.19.0/ 13 KB
5 KB 96ms
40ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/axios/0.19.0/axios.min.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b52781951c70cc8a2ae2afdaac5d673c656c3be0f1c769fa6c1e9e4f5ed8d3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3724949
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4224
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:06:02 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d6a-3580"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VA4dX2xAVm4G%2Fa0K219CXErWMGxOX8NAf9ypZbE3wep6OzW7PWZb4wlNyhBEZbQqPjUSXqJw%2F0Y3B2FZtOPvmrqsizjkf1EGS7Wcen5YEVn9V3yn7ZmMEY%2BL4R62HjNu0X3XhFjLdpDfLlBN6xqEF5%2BC"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 723a1230084c2cdd-ORD
expires: Tue, 20 Jun 2023 21:42:18 GMT

GET
H2 200 sweetalert2.all.min.js Show response
cdn.jsdelivr.net/npm/sweetalert2@9/dist/ 65 KB
18 KB 46ms
44ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/sweetalert2@9/dist/sweetalert2.all.min.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2950bc3fd628cb8a8c6b1367f664e31353a6ff9edd99c3f2831ce548610a05b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 43000
x-jsd-version: 9.17.2
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19121-FRA, cache-mdw17320-MDW
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"105f5-IoZ47xa2VqsB8s6EqlY9hdo2pRY"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DqyBNEx%2BAodR%2BciBy079bRPTHK8sH%2FBIgX3MUlUgnBFuutedOBiuB6MKHs066TYAj82MROezsYRp6WXDkNwNAmy6ScCsnS89KKGpmWsJV2nsg8hgwBEsoIW9RBZf9apgeBSNQ1YQ8N%2FFzcwmayg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 723a122fb8392919-ORD

GET
H2 200 FileSaver.js Show response
reurl.cc/javascripts/ 12 KB
4 KB 186ms
184ms Script
application/javascript 35.185.130.121
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/javascripts/FileSaver.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: f3481bf12191837d5e19d9526f18fd20fc88395a403c1a0b098eeef10a7f56ab

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/main/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:18 GMT
content-encoding: gzip
last-modified: Sun, 08 Aug 2021 17:07:38 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"61100f5a-2fce"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Fri, 30 Jun 2023 21:42:18 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 163 KB
56 KB 169ms
69ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

820360cb8edd61a2c26690730f947fd1e8866700a32b7679006cbc9b25a93ce8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56414
x-xss-protection: 0
server: cafe
etag: 14373292110468328118
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 30 Jun 2022 21:42:18 GMT

GET
H2 200 jquery.min.js Show response
cdn.jsdelivr.net/npm/jquery@3.4.1/dist/ 86 KB
31 KB 153ms
73ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/jquery@3.4.1/dist/jquery.min.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 8770817
x-jsd-version: 3.4.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19121-FRA, cache-mdw17334-MDW
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"15851-iFI5JDUbrAtdVg/gxXgeJVbnaT0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uIEPBeSFaI%2BK1q1Pr3UaHbVAVpZvOnO94zO%2B%2FjMrnQ1WKnw%2FHJcq18ER%2FCtFUpixJMGK4Lb0XW7HBvKZK25epdiE5Sg3OQWwTUqW%2FrU1hErzcuZInpC7sGnB4xI5%2ByQb1%2FdVebp6lu7YMZ5IJd4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 723a122f0f152919-ORD

GET
H2 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.4.1/dist/js/ 59 KB
16 KB 136ms
56ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.4.1/dist/js/bootstrap.min.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 8770473
x-jsd-version: 4.4.1
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19149-FRA, cache-mdw17373-MDW
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"ea6a-s8EWxl5vBTqqtF5WGaeOwAJxpQ8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xKIzQbo3867jKTLAqFWHw5tfLrgNigeT4wxKoBpiSjPh7J2ukdQEAlfDmeBkzCsQksjvihHCmKomAdyd2GfeBFBOYzcf35IrRr6DDtxkD9%2Fsk0PHhFcjaxSV51a5nV%2FAs08nx8JKCxwv%2BJdP1MY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 723a122f0f172919-ORD

GET
H2 200 vue.min.js Show response
cdn.jsdelivr.net/npm/vue@2.5.16/dist/ 84 KB
33 KB 127ms
47ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/vue@2.5.16/dist/vue.min.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 8770716
x-jsd-version: 2.5.16
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19178-FRA, cache-mdw17336-MDW
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"151b4-KLsckeN7U/TrtIzkgtzLJAAD4Hg"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZEYEOa3vFlTJfbQWjPpFT2wndJfEhY72S94FcFt1eMqyfPo28lhd0yVcs0i5ZZsljmtnTaoia3SGQhdojhD7YpIj42MwuyEcCUjywXtv7mBu8zjh6el4rkOfLRZreaZ4gbco%2B4kbm3ehbXA3caQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 723a122f0f182919-ORD

GET
H2 200 vue-qrcode.min.js Show response
reurl.cc/javascripts/ 18 KB
7 KB 185ms
185ms Script
application/javascript 35.185.130.121
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/javascripts/vue-qrcode.min.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 62a62225a4e6e5ea098b9ed6aa19c2149880cbd6d3e0314f2b875a32b1f8ce25

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/main/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:18 GMT
content-encoding: gzip
last-modified: Sun, 08 Aug 2021 17:07:38 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"61100f5a-470c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Fri, 30 Jun 2023 21:42:18 GMT

GET
H2 200 main.js Show response
reurl.cc/javascripts/ 5 KB
1 KB 186ms
184ms Script
application/javascript 35.185.130.121
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/javascripts/main.js?v=7
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 00fc5eede87ce2644e673193b3ffce854cad06f548d8a6057acce9c0dbef3b2d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/main/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:18 GMT
content-encoding: gzip
last-modified: Mon, 29 Nov 2021 04:36:28 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"61a458cc-12bf"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Fri, 30 Jun 2023 21:42:18 GMT

GET
H2 200 init.js Show response
cdn.holmesmind.com/js/ 6 KB
7 KB 82ms
80ms Script
application/javascript 2600:9000:2162:e000:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/init.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2162:e000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: UdwMmUAM2dmZqopCO7YOeMhqjXQRxqvB
via: 1.1 77a52be30020596b6a87a26e3dcc75e6.cloudfront.net (CloudFront)
last-modified: Fri, 04 Mar 2022 10:10:49 GMT
server: AmazonS3
age: 28
etag: "439e160b698f1ec2efb45c3b6cd6b265"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Thu, 30 Jun 2022 21:42:18 GMT
x-amz-cf-pop: EWR52-C3
accept-ranges: bytes
content-length: 6552
x-amz-cf-id: Jpg_bhdIoGf3PKVlwiZpLp4S7QiAYIEMcvKaGYJprYHpwCQo7Aw34g==

GET
H2 200 renews.js Show response
reurl.cc/javascripts/ 698 B
561 B 186ms
185ms Script
application/javascript 35.185.130.121
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/javascripts/renews.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 12e46b645dde5408be7fc6f4ce9647addac5d09c5f27dc8e3ffe9e07e6c9a935

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/main/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:18 GMT
content-encoding: gzip
last-modified: Thu, 05 May 2022 00:38:33 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"62731c89-2ba"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Fri, 30 Jun 2023 21:42:18 GMT

GET
H2 200 ga2.js Show response
reurl.cc/javascripts/ 618 B
588 B 186ms
185ms Script
application/javascript 35.185.130.121
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/javascripts/ga2.js?v=2
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 9c8c0ac19964706e18280f35973180a896d74c52c760c2d7047d6a94c1329a6f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/main/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:18 GMT
content-encoding: gzip
last-modified: Thu, 24 Mar 2022 12:16:16 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"623c6110-26a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Fri, 30 Jun 2023 21:42:18 GMT

GET
H2 200 rwd_cap.js Show response
cdn.holmesmind.com/js/ 41 KB
41 KB 855ms
737ms Script
application/javascript 2600:9000:2162:e000:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/rwd_cap.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2162:e000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 003c6c7476d2158d18f48473e7071c87f48e8e1cf957343020a148c97ba30482

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: BN9WwPCNLHdSgIvzd1_opxGo9OZ3hU5f
via: 1.1 77a52be30020596b6a87a26e3dcc75e6.cloudfront.net (CloudFront)
last-modified: Wed, 23 Mar 2022 02:02:46 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C3
etag: "8fdf120a4b0155367b0b2347946ccc01"
x-cache: RefreshHit from cloudfront
content-type: application/javascript
date: Thu, 30 Jun 2022 21:42:20 GMT
accept-ranges: bytes
content-length: 41735
x-amz-cf-id: g_gw_HIk9jZz_KW3di2BC2ARsbVWgjoDZ1rd0fmviW_eOJZP1Cec0Q==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 158ms
46ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/javascripts/pixel.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f8bdb531d36caf4bb43071d1be58a2d1b153d3a403f4b8f4e6a919dd46213f47

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 25939
x-xss-protection: 0
pragma: public
x-fb-debug: V08IwZezGEry58e1Uc0FC4x5Blpftzx9+LHx7QvqJiExoS2+rpQKnALQC38WsW7lHUo0G2pxwrD8mHItgORSow==
x-fb-trip-id: 1512268381
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 30 Jun 2022 21:42:18 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 feeds Show response
storage.re-news.tw/ 5 KB
5 KB 276ms
196ms XHR
text/html 35.244.196.223
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.re-news.tw/feeds
Requested by: Host: reurl.cc
URL: https://reurl.cc/javascripts/renews.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.196.223 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 223.196.244.35.bc.googleusercontent.com
Software: / Express
Resource Hash: 07a4f1e16e855990e6dec42333590a646626e1caf234659c64a8ae9be945a61a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:19 GMT
via: 1.1 google
etag: W/"14c8-2cZ2XWMiCNP8GzFkIIMdhbpc9bQ"
x-powered-by: Express
vary: Origin
content-type: text/html; charset=utf-8
access-control-allow-origin: https://reurl.cc
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5320

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 139ms
40ms Script
text/javascript 2607:f8b0:4006:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/javascripts/ga2.js?v=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 2752
date: Thu, 30 Jun 2022 20:56:27 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 30 Jun 2022 22:56:27 GMT

GET
H2 200 capmapping.htm Show response
cdn.holmesmind.com/js/ Frame 0AF6 3 KB
3 KB 48ms
47ms Document
text/html 2600:9000:2162:e000:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/capmapping.htm
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2162:e000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cdb7b46cae42cd81431bbd6892f43d4f84508bf5fb2bde0ae32bc577ce26d275

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 39
content-length: 3040
content-type: text/html
date: Thu, 30 Jun 2022 21:41:53 GMT
etag: "1127744b801151c03a119650091819d4"
last-modified: Thu, 30 Jun 2022 11:31:53 GMT
server: AmazonS3
via: 1.1 77a52be30020596b6a87a26e3dcc75e6.cloudfront.net (CloudFront)
x-amz-cf-id: sUD6G_eHAV9EmGucgo9XmfeuhoY966TL8bIEKA9ac4sTy-RtDmlvvw==
x-amz-cf-pop: EWR52-C3
x-amz-version-id: g5VVGnMBETOJxS05mTLHyDLw3VP4V67X
x-cache: Hit from cloudfront

GET
H2 200 edmp_init.js Show response
cdn.holmesmind.com/js/ 662 B
1012 B 48ms
47ms Script
application/javascript 2600:9000:2162:e000:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/edmp_init.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2162:e000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 77a52be30020596b6a87a26e3dcc75e6.cloudfront.net (CloudFront)
last-modified: Fri, 12 Mar 2021 02:45:40 GMT
server: AmazonS3
age: 27
etag: "f58f8a90686f8ffb3325107e8a788b71"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Thu, 30 Jun 2022 21:42:15 GMT
x-amz-cf-pop: EWR52-C3
accept-ranges: bytes
content-length: 662
x-amz-cf-id: FTvxds7V0Assx4eWGB-ZloO5bV6oboSFnmFPX3D3SDDj_egL-Ro1-g==

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame 360E 6 KB
6 KB 48ms
47ms Script
application/javascript 2600:9000:2162:e000:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2162:e000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1291c3d774415b830ea3f2c5ce78d160485606386d08a878c87f41ccdbe4a73f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: TffX4.BvLss5nGbaNkDOhki_IqknqyWa
via: 1.1 77a52be30020596b6a87a26e3dcc75e6.cloudfront.net (CloudFront)
last-modified: Fri, 18 Mar 2022 03:26:21 GMT
server: AmazonS3
age: 39
etag: "8de5f5c245a6377bb4dc88fbf8c0c6f5"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Thu, 30 Jun 2022 21:42:16 GMT
x-amz-cf-pop: EWR52-C3
accept-ranges: bytes
content-length: 6093
x-amz-cf-id: xqudZNSLtQ0_EXCgpAIX_IOFIpNWHe6KoDrjhojtDtvNJSCqlqB5SA==

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame DC38 6 KB
6 KB 46ms
46ms Script
application/javascript 2600:9000:2162:e000:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2162:e000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1291c3d774415b830ea3f2c5ce78d160485606386d08a878c87f41ccdbe4a73f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: TffX4.BvLss5nGbaNkDOhki_IqknqyWa
via: 1.1 77a52be30020596b6a87a26e3dcc75e6.cloudfront.net (CloudFront)
last-modified: Fri, 18 Mar 2022 03:26:21 GMT
server: AmazonS3
age: 39
etag: "8de5f5c245a6377bb4dc88fbf8c0c6f5"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Thu, 30 Jun 2022 21:42:16 GMT
x-amz-cf-pop: EWR52-C3
accept-ranges: bytes
content-length: 6093
x-amz-cf-id: dLuMiKNvUY_PplIl2rmXzveX1PCIU1hhrDQ5syNCtIuUannB8u7Mkg==

GET
H2 200 cm.php Show response
fcm.holmesmind.com/ Frame 731B 39 B
191 B 131ms
55ms Document
text/html 34.95.67.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fcm.holmesmind.com/cm.php
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.67.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.67.95.34.bc.googleusercontent.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795

Request headers

Referer: https://cdn.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39
content-type: text/html; charset=UTF-8
date: Thu, 30 Jun 2022 21:42:19 GMT
server: Apache/2.4.29 (Ubuntu)
via: 1.1 google

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 0AF6 4 KB
2 KB 600ms
196ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

1419b8b18e2084e1d79ca111dba4eb9ea7dd22171029e13467e77d90c3f1a06e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:19 GMT
content-encoding: gzip
last-modified: Wed, 23 Feb 2022 08:43:40 GMT
server: nginx
etag: W/"6215f3bc-11a3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
strict-transport-security: max-age=0
expires: Thu, 30 Jun 2022 21:52:19 GMT

GET
H3

200

cm
c.holmesmind.com/ Frame 0AF6
Redirect Chain

https://c.holmesmind.com/cm
https://c.holmesmind.com/cm?tc=getIn&

0
16 B

70ms
41ms

Image
text/html

35.201.76.93
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm?tc=getIn&
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H3
Server: 35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:19 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

Redirect headers

location: https://c.holmesmind.com/cm?tc=getIn&
date: Thu, 30 Jun 2022 21:42:19 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

GET
H2 200 Preset.js Show response
adcdn.holmesmind.com/adserver/ Frame 360E 536 B
625 B 534ms
403ms Script
text/html 2600:9000:202c:ae00:3:1794:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adcdn.holmesmind.com/adserver/Preset.js?z=13858
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:202c:ae00:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 051141599f128f399f2cd53514ee1c28ba9d269ce1b065ba81dcc4b11a5d3b02

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:19 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: EWR52-C2
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
x-amz-cf-id: ge2Xsi2qU7q_5bkxwQAr4zZe25ugPtqU3RD-RWTj1Sl2KPDicOTPEw==
via: 1.1 f452d023faa737bf8fd4899df4e76a44.cloudfront.net (CloudFront)

GET
H2 200 Preset.js Show response
adcdn.holmesmind.com/adserver/ Frame DC38 606 B
640 B 515ms
396ms Script
text/html 2600:9000:202c:ae00:3:1794:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adcdn.holmesmind.com/adserver/Preset.js?z=13860
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:202c:ae00:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e830fb2cd84ed7cc6eb54b4f7b682ddc8bf7dfe2bc02c3662631f0ee9abda2b7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:19 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: EWR52-C2
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
x-amz-cf-id: RsHpHKOeg2vVRpHnqXXueLTvYagsdeWusfLjTtLo6Z1GWSUgM7TtuA==
via: 1.1 f452d023faa737bf8fd4899df4e76a44.cloudfront.net (CloudFront)

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 139ms
55ms XHR
text/plain 2607:f8b0:4006:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1902698968&t=pageview&_s=1&dl=https%3A%2F%2Freurl.cc%2Fmain%2Fen&ul=en-us&de=UTF-8&dt=URL%20Shortener%20-%20reurl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1628180677&gjid=1390916228&cid=1674439292.1656625339&tid=UA-102456694-1&_gid=2128540723.1656625339&_r=1&_slc=1&z=849114739

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://reurl.cc/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 21:42:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 124ms
41ms Image
image/gif 2607:f8b0:4006:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1902698968&t=event&_s=2&dl=https%3A%2F%2Freurl.cc%2Fmain%2Fen&ul=en-us&de=UTF-8&dt=URL%20Shortener%20-%20reurl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=pause&ea=0&el=MTA0LjIzNy4xOTMuMjg&ev=1&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=1674439292.1656625339&tid=UA-102456694-1&_gid=2128540723.1656625339&z=1077430070

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/en

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 14:41:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 25274
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206270101/ 340 KB
120 KB 163ms
77ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206270101/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

658dc7de923c49cdbe65e3be3df7821fbc3350c1ee8f3abc61d4b6f88e2798a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122496
x-xss-protection: 0
server: cafe
etag: 16292706846097297840
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Jun 2022 21:42:19 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220629/r20190131/ Frame 15C1 10 KB
5 KB 139ms
40ms Document
text/html 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220629/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 25772
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4414
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Jun 2022 14:32:47 GMT
etag: 10429905676100781186
expires: Thu, 14 Jul 2022 14:32:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 2022-%E5%9C%8B%E5%85%A7%E5%A4%96%E4%B8%80%E8%88%AC%E6%B6%88%E8%B2%BB%E6%8E%A8%E8%96%A6%E4%BF%A1%E7%94%A8%E5%8D%A1-1080x630.jpg
creditcards.com.tw/wp-content/uploads/2021/12/ 52 KB
52 KB 154ms
80ms Image
image/webp 192.0.78.135
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://creditcards.com.tw/wp-content/uploads/2021/12/2022-%E5%9C%8B%E5%85%A7%E5%A4%96%E4%B8%80%E8%88%AC%E6%B6%88%E8%B2%BB%E6%8E%A8%E8%96%A6%E4%BF%A1%E7%94%A8%E5%8D%A1-1080x630.jpg?crop=1

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.135 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

8f61bd096e382919f3f024ce35ac5c0c7a15ba7d887ac413955282cfbc10ec36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:19 GMT
x-ac: 2.mdw _atomic_dca
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-length: 53266
x-nc: HIT dfw 8
last-modified: Thu, 30 Jun 2022 21:04:03 GMT
server: nginx
etag: "cdc2b44bd205c087"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
expires: Sun, 30 Jun 2024 09:04:03 GMT

GET
H2 200 1656485301-0af92fb13daf27978da0794a1bfca2fc-840x525.jpg
img.gbyhn.com.tw/2022/06/ 62 KB
63 KB 124ms
45ms Image
image/jpeg 2606:4700:3034::ac43:961f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.gbyhn.com.tw/2022/06/1656485301-0af92fb13daf27978da0794a1bfca2fc-840x525.jpg

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:961f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa2910d5b194360204fbd991cd46dd0d5d7df9613b4b25d64606143939622f63

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:19 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 34047
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 63475
last-modified: Wed, 29 Jun 2022 06:48:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LmC0TF%2FaV3TJKmCq6OYMKGaw4NDbvFBb4poORoyszXs7shBKxZ1%2F3aKWP5ou%2BJukRfpuMkxbpbtcJbYLeAUV7DHmBVhU2ZwfmgRS2TwWYpkYqusqnIBxhwLfNLIBf%2BUqqUxaJTHaa3apRl1y89vR"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 723a12326d1a2919-ORD
expires: Wed, 06 Jul 2022 06:55:20 GMT

GET
H2 200 2022063001451251.jpg
img.racingcharger.tw/wp-content/uploads/ 119 KB
120 KB 110ms
34ms Image
image/jpeg 2606:4700:3032::6815:43a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.racingcharger.tw/wp-content/uploads/2022063001451251.jpg
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:43a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6542992076ca52d7e2ce0b31aa9064ceba4716695f0db1b73c0609026fc2aee9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:19 GMT
cf-cache-status: HIT
last-modified: Thu, 30 Jun 2022 01:45:18 GMT
server: cloudflare
age: 22146
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lq54Dj7usfC8nrxIbcfgmELOGtCESlf%2BewDAJlh0pEEPUufEhDGCqyyXNUdfEhTMDdT5w9FLRvNzbYf7p%2Bb9lJOgDSSBJbAsid2PfwVMc6Gg7qSxTPs3Ne4%2BrpB36DMG3lVYuvJ0jEdpElNLxI25B%2FvAwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=28800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 723a12326d146303-ORD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 122078

GET
H2 200 img_6074-scaled.jpg
i0.wp.com/golike.tw/wp-content/uploads/2022/05/ 27 KB
27 KB 88ms
26ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/golike.tw/wp-content/uploads/2022/05/img_6074-scaled.jpg?fit=1024%2C813&ssl=1

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

5f190cdef5343e34b0903462d2e9c4d4005dbf5ecbff21f5b626c64b1da3c614

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc: HIT mdw 3
date: Thu, 30 Jun 2022 21:42:19 GMT
x-content-type-options: nosniff
last-modified: Mon, 27 Jun 2022 09:30:55 GMT
server: nginx
etag: "1a3b347b148baa63"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://golike.tw/wp-content/uploads/2022/05/img_6074-scaled.jpg>; rel="canonical"
content-length: 27250
expires: Wed, 26 Jun 2024 21:30:55 GMT

GET
H2 200 %E4%BF%A1%E8%B2%B8%E6%87%B6%E4%BA%BA%E5%8C%855.png
blog.alphaloan.co/wp-content/uploads/2022/06/ 179 KB
180 KB 152ms
79ms Image
image/png 192.0.78.236
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.alphaloan.co/wp-content/uploads/2022/06/%E4%BF%A1%E8%B2%B8%E6%87%B6%E4%BA%BA%E5%8C%855.png

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.236 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

aeb63af102f5c2c830253e989845a55307bf225c46e0e47bca4f8422b7750a99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:19 GMT
x-ac: 2.mdw _atomic_dca
last-modified: Wed, 22 Jun 2022 06:39:00 GMT
server: nginx
etag: "62b2b904-2ccd4"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 183508
expires: Thu, 07 Jul 2022 21:42:19 GMT

GET
H2 200 file.png
static.wixstatic.com/media/8d2acb_fdb46ac5354548829f23a46cc4d4a954~mv2.jpeg/v1/fit/w_1000,h_720,al_c,q_80/ 1 MB
1 MB 87ms
27ms Image
image/png 34.102.176.152
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.wixstatic.com/media/8d2acb_fdb46ac5354548829f23a46cc4d4a954~mv2.jpeg/v1/fit/w_1000,h_720,al_c,q_80/file.png
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.176.152 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 152.176.102.34.bc.googleusercontent.com
Software: openresty/1.19.9.1 /
Resource Hash: 42176dd8bba6d2b3043429bc0f0401f069e2c8e3e2642fa3f2cfef58cad0071b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 23:31:08 GMT
via: 1.1 google
server: openresty/1.19.9.1
age: 598271
etag: ""
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
content-length: 1235774
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
wix-tracer: 2AzzBnyLAmr9ySOmrhQrc75ZWVu
x-seen-by: image-manipulator-5f566575f-m7rhm

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
435 B 136ms
46ms XHR
text/plain 2607:f8b0:4004:c17::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-102456694-1&cid=1674439292.1656625339&jid=1628180677&gjid=1390916228&_gid=2128540723.1656625339&_u=IEBAAEAAAAAAAC~&z=317102914

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://reurl.cc/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 30 Jun 2022 21:42:19 GMT
content-type: text/plain
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1675200226052423 Show response
connect.facebook.net/signals/config/ 25 KB
7 KB 96ms
48ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1675200226052423?v=2.9.64&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

14d81a1f56c3afc885c549790618c21255c9a8a5e7e9cad92eff138ec81297d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 7102
x-xss-protection: 0
pragma: public
x-fb-debug: qqAb9r1aHgtXa/BGraJIDGv9+FExP8ijdQvgWYl3W4wrQbv6tHTJIyN+jH4bClI1wNBan5Z/AgcZ0r0iA8RMgw==
x-frame-options: DENY
date: Thu, 30 Jun 2022 21:42:19 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 158ms
59ms Image
image/gif 2607:f8b0:4006:823::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-102456694-1&cid=1674439292.1656625339&jid=1628180677&_u=IEBAAEAAAAAAAC~&z=1499021618

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2004 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 21:42:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 383 B
694 B 168ms
56ms Script
text/javascript 142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=reurl.cc&callback=_gfp_s_&client=ca-pub-1004948140419605&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206270101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

cafe /

Resource Hash

1ca6fb5674f43e64627225752deab53fb6fe0e13ea45997d07c6045d634003d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 249
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 166ms
62ms Script
application/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=reurl.cc

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206270101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Jun 2022 21:42:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 69ms
68ms Image
image/gif 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Freurl.cc%2Fmain%2Fen&tn=NAV&cls=navbar%20navbar-expand-lg%20navbar-dark%20bg-reurl%20fixed-top%20nav-no-padding&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/en

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 21:42:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 75CB 603 B
68 B 152ms
66ms Document
text/html 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1004948140419605&output=html&adk=1812271804&adf=3025194257&lmt=1656625339&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Freurl.cc%2Fmain%2Fen&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656625339078&bpp=3&bdt=454&idt=301&shv=r20220629&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=274280369543&frm=20&pv=2&ga_vid=1674439292.1656625339&ga_sid=1656625339&ga_hid=1902698968&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31067527%2C31062930&oid=2&pvsid=2352599408283853&tmod=313680082&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=322

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206270101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Jun 2022 21:42:19 GMT
expires: Thu, 30 Jun 2022 21:42:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
www.facebook.com/tr/ 44 B
409 B 156ms
47ms Image
image/gif 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1675200226052423&ev=PageView&dl=https%3A%2F%2Freurl.cc%2Fmain%2Fen&rl=&if=false&ts=1656625339471&sw=1600&sh=1200&v=2.9.64&r=stable&ec=0&o=28&fbp=fb.1.1656625339470.489429192&it=1656625339237&coo=false&rqm=GET

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:19 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Thu, 30 Jun 2022 21:42:19 GMT

GET
H/1.1 200
OK tagr_lib_learn_tw_v3.js Show response
static-tagr.gd1.mookie1.com/s1/ 4 KB
1 KB 188ms
42ms Script
application/javascript 104.117.59.235
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tagr.gd1.mookie1.com/s1/tagr_lib_learn_tw_v3.js?tagid=V2_98222&id=ClickForce_Learn
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rwd_cap.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.117.59.235 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-59-235.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 10407b8212733e00354b330f4e4790764e6bc187a9d2b6b62b27aeb387bc268b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 30 Jun 2022 21:42:19 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 Jul 2016 05:38:37 GMT
Server: nginx
ETag: "57999a5d-1153"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1217

GET
H/1.1 200
OK checkSegmentsNFI.min.js Show response
static-tagr.gd1.mookie1.com/s1/sas/lh1/ 1 KB
843 B 188ms
43ms Script
application/javascript 104.117.59.235
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tagr.gd1.mookie1.com/s1/sas/lh1/checkSegmentsNFI.min.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rwd_cap.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.117.59.235 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-59-235.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: afc3261eac9e8f5606c513fa7c62f5add4200b8d171d1972f11abe2ec1a0ac41

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 30 Jun 2022 21:42:19 GMT
Content-Encoding: gzip
Last-Modified: Thu, 03 Nov 2016 14:26:27 GMT
Server: nginx
ETag: "581b4913-428"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 552

GET
H2 200 capmapping.htm Show response
cdn.holmesmind.com/js/ Frame 1AEA 3 KB
3 KB 45ms
45ms Document
text/html 2600:9000:2162:e000:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/capmapping.htm
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rwd_cap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2162:e000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cdb7b46cae42cd81431bbd6892f43d4f84508bf5fb2bde0ae32bc577ce26d275

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 40
content-length: 3040
content-type: text/html
date: Thu, 30 Jun 2022 21:41:53 GMT
etag: "1127744b801151c03a119650091819d4"
last-modified: Thu, 30 Jun 2022 11:31:53 GMT
server: AmazonS3
via: 1.1 77a52be30020596b6a87a26e3dcc75e6.cloudfront.net (CloudFront)
x-amz-cf-id: dYeDYkFXhM3xZNF0BjMyRS0741iQEXv48s0IL7nFf3Kne6Cr9oAE1w==
x-amz-cf-pop: EWR52-C3
x-amz-version-id: g5VVGnMBETOJxS05mTLHyDLw3VP4V67X
x-cache: Hit from cloudfront

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame 1D77 6 KB
6 KB 55ms
53ms Script
application/javascript 2600:9000:2162:e000:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rwd_cap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2162:e000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1291c3d774415b830ea3f2c5ce78d160485606386d08a878c87f41ccdbe4a73f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: TffX4.BvLss5nGbaNkDOhki_IqknqyWa
via: 1.1 77a52be30020596b6a87a26e3dcc75e6.cloudfront.net (CloudFront)
last-modified: Fri, 18 Mar 2022 03:26:21 GMT
server: AmazonS3
age: 40
etag: "8de5f5c245a6377bb4dc88fbf8c0c6f5"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Thu, 30 Jun 2022 21:42:16 GMT
x-amz-cf-pop: EWR52-C3
accept-ranges: bytes
content-length: 6093
x-amz-cf-id: 0jOsWqPSWO89rPTpRv32YP8gu5be2Rn4L0zOAWxOtOiq8oDXS6iefQ==

GET
H3 200 cm
c.holmesmind.com/ 0
15 B 883ms
882ms Image
text/html 35.201.76.93
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:20 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

GET
H2 200 page.php Show response
www.facebook.com/plugins/ Frame 90B5 15 KB
9 KB 153ms
138ms Document
text/html 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8684d7f55158ce26be099d38dbf7b5ccf37a302539f6576f553a761367cfa02c

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Thu, 30 Jun 2022 21:42:19 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: HIZki9Dl/5pBbnCVzvNC+DXaSPGU19ZWscPe2jOG0FciD6T6beRC1YyLCNdrJDDgUPekbsQujVX/kpjUh6mKVA==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H2 200 ads.js Show response
ad.holmesmind.com/adserver/ Frame DC38 2 KB
1005 B 638ms
203ms Script
text/html 54.238.107.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/ads.js?z=13860&rf=https%3A%2F%2Freurl.cc%2Fmain%2Fen&n=642&o=1&d=1&b=2&ts=1&ii=3&FPCK=1832-8Lbp2LW7lcM8J1GLkmdKpYdWPtD1wQPM&initver=210830P
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.238.107.229 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-238-107-229.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 174d52effbb0e93f569f126045b9063772c5d181cbc5687e64ed08eed1d34c77

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Thu, 30 Jun 2022 21:42:20 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 rtbhouseV2.js Show response
cdn.holmesmind.com/js/ Frame DC38 3 KB
3 KB 60ms
59ms Script
application/javascript 2600:9000:2162:e000:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2162:e000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 77a52be30020596b6a87a26e3dcc75e6.cloudfront.net (CloudFront)
last-modified: Tue, 04 Aug 2020 09:25:10 GMT
server: AmazonS3
age: 8
etag: "6a605eea47197fa280f27aaf1fa1521d"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Thu, 30 Jun 2022 21:42:17 GMT
x-amz-cf-pop: EWR52-C3
accept-ranges: bytes
content-length: 2773
x-amz-cf-id: CUdM8GI5kVh5gw-D8LnXXjxZ7VVrJ3OZ57RtYWDZLYMmEAPC0agFOA==

GET
H2 200 appierV2.js Show response
cdn.holmesmind.com/js/ Frame DC38 3 KB
3 KB 60ms
59ms Script
application/javascript 2600:9000:2162:e000:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appierV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2162:e000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 77a52be30020596b6a87a26e3dcc75e6.cloudfront.net (CloudFront)
last-modified: Thu, 11 Mar 2021 07:54:26 GMT
server: AmazonS3
age: 32
etag: "548ed610a8571343fb3022f543174735"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Thu, 30 Jun 2022 21:42:17 GMT
x-amz-cf-pop: EWR52-C3
accept-ranges: bytes
content-length: 3177
x-amz-cf-id: KzzstE02m2ZjDpVapEBni7F1v3-Zh8CDG45fpH7MGWmidtsNTQLtpA==

GET
H2 200 ads.js Show response
ad.holmesmind.com/adserver/ Frame 360E 2 KB
986 B 640ms
207ms Script
text/html 54.238.107.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/ads.js?z=13858&rf=https%3A%2F%2Freurl.cc%2Fmain%2Fen&n=664&o=1&d=1&b=2&ts=1&ii=3&FPCK=1832-8Lbp2LW7lcM8J1GLkmdKpYdWPtD1wQPM&initver=210830P
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.238.107.229 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-238-107-229.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 0cfb22f77a86f61bf46513447bf234eeeac5ba63603293c711a5bfff8ca0cde3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Thu, 30 Jun 2022 21:42:20 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 rtbhouseV2.js Show response
cdn.holmesmind.com/js/ Frame 360E 3 KB
3 KB 58ms
57ms Script
application/javascript 2600:9000:2162:e000:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2162:e000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 77a52be30020596b6a87a26e3dcc75e6.cloudfront.net (CloudFront)
last-modified: Tue, 04 Aug 2020 09:25:10 GMT
server: AmazonS3
age: 8
etag: "6a605eea47197fa280f27aaf1fa1521d"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Thu, 30 Jun 2022 21:42:17 GMT
x-amz-cf-pop: EWR52-C3
accept-ranges: bytes
content-length: 2773
x-amz-cf-id: xCtItJUmJ5AdEvMArXW0IXcL2Rch7BhA2KNaxtiis2hyzDyXxIYkeg==

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame 0AF6 37 B
407 B 200ms
200ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

4ad763a87c855ced8dd3906f992b2c55991f27b983a55418e6dece2b1b0fe715

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:19 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H3 200 cm
c.holmesmind.com/ Frame 1AEA 0
15 B 854ms
853ms Image
text/html 35.201.76.93
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:20 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

GET
H3 200 cm.php Show response
fcm.holmesmind.com/ Frame F071 95 B
103 B 107ms
51ms Document
text/html 34.95.67.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fcm.holmesmind.com/cm.php
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.95.67.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.67.95.34.bc.googleusercontent.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: b73e6cb22f3ae22bcbe36217e226c082f813a2a8a7961644093d849bcbd30294

Request headers

Referer: https://cdn.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 86
content-type: text/html; charset=UTF-8
date: Thu, 30 Jun 2022 21:42:19 GMT
server: Apache/2.4.29 (Ubuntu)
vary: Accept-Encoding
via: 1.1 google

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 1AEA 4 KB
2 KB 197ms
196ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

1419b8b18e2084e1d79ca111dba4eb9ea7dd22171029e13467e77d90c3f1a06e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:19 GMT
content-encoding: gzip
last-modified: Wed, 23 Feb 2022 08:43:40 GMT
server: nginx
etag: W/"6215f3bc-11a3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
strict-transport-security: max-age=0
expires: Thu, 30 Jun 2022 21:52:19 GMT

GET
H2

200

google
m.holmesmind.com/ml/ Frame 1AEA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=594277-FyYCBEAIauRNGHPnlY4kJ1QtSEf89ZbO&uu_m=undefined
https://m.holmesmind.com/ml/google?cf_uid=594277-FyYCBEAIauRNGHPnlY4kJ1QtSEf89ZbO&uu_m=undefined&google_gid=CAESELzbBlke-8c9PFHKRuf9kNw&google_cver=1

0
475 B

284ms
197ms

Image
image/png

35.227.249.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.holmesmind.com/ml/google?cf_uid=594277-FyYCBEAIauRNGHPnlY4kJ1QtSEf89ZbO&uu_m=undefined&google_gid=CAESELzbBlke-8c9PFHKRuf9kNw&google_cver=1
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Server: 35.227.249.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 156.249.227.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:19 GMT
x-guploader-uploadid: ADPycdsfqJp3Aw_aKghyEZNa-OYELEbTcrCZGeSB7ghPqOWbihWBUNNqVJEdN7Wgc5QnsfmBxNAa_18Ca3dYHBNbgxWKWw
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
last-modified: Wed, 21 Feb 2018 07:36:41 GMT
server: UploadServer
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-goog-hash: crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
x-goog-generation: 1519198601160228
cache-control: public, max-age=3600
x-goog-stored-content-length: 0
accept-ranges: bytes
content-type: image/png
expires: Thu, 30 Jun 2022 22:42:19 GMT

Redirect headers

pragma: no-cache
date: Thu, 30 Jun 2022 21:42:19 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://m.holmesmind.com/ml/google?cf_uid=594277-FyYCBEAIauRNGHPnlY4kJ1QtSEf89ZbO&uu_m=undefined&google_gid=CAESELzbBlke-8c9PFHKRuf9kNw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 358
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Preset.js Show response
adcdn.holmesmind.com/adserver/ Frame 1D77 731 B
680 B 405ms
404ms Script
text/html 2600:9000:202c:ae00:3:1794:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adcdn.holmesmind.com/adserver/Preset.js?z=12684
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:202c:ae00:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: c459ca0a26510a1a84a8fae1a943563c00834327312f399d5c47f7cddc1d7ebe

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:19 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: EWR52-C2
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
x-amz-cf-id: _7tkFsKTXQPVyjBEYGj_UbKj2jZPWoYsriYFUxXmePuETvin1humKQ==
via: 1.1 f452d023faa737bf8fd4899df4e76a44.cloudfront.net (CloudFront)

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame DC38
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=t63Dvz-GAd-YnmCivBi-Yg

2 B
19 B

310ms
259ms

XHR
application/json

34.96.119.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=t63Dvz-GAd-YnmCivBi-Yg
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol: H3
Server: 34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:20 GMT
via: 1.1 google
server: nginx/1.19.0
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Thu, 30 Jun 2022 21:42:20 GMT
server: nginx
access-control-allow-origin: null
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=t63Dvz-GAd-YnmCivBi-Yg
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame DC38 0
170 B 670ms
221ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://reurl.cc
date: Thu, 30 Jun 2022 21:42:20 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame 360E 0
170 B 669ms
222ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://reurl.cc
date: Thu, 30 Jun 2022 21:42:20 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

GET
H2 200 0-jKBnEADX1.css
static.xx.fbcdn.net/rsrc.php/v3/yC/l/0,cross/ Frame 90B5 18 KB
5 KB 144ms
48ms Stylesheet
text/css 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yC/l/0,cross/0-jKBnEADX1.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c8d85f1b469075f92f46deb83d62869a35c9f166c9345ed367c17ef9408f9bd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:19 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: DAvjofSf0mhAWtrikS49Ew==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 4669
x-fb-rlafr: 0
x-fb-debug: zYNnxmzTkpOCgdN/Sdd2bG+qQCchgWUJ3QOrvs25tKC6QRujqKOMMnCI+LIlvybfko0cg4eds+wT5pVMjeiiJQ==
x-fb-trip-id: 1512268381
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 30 Jun 2023 14:33:32 GMT

GET
H2 200 learn
tw-gmtdmp.mookie1.com/t/v2/ 43 B
641 B 330ms
188ms Image
image/gif 35.227.202.26
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tw-gmtdmp.mookie1.com/t/v2/learn?tagid=V2_98222&src.domain=reurl.cc&src.url=%252Fmain%252Fen&src.id=ClickForce_Learn&src.rand=3219084446
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.202.26 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 26.202.227.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 21:42:19 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK jpt Show response
ib.adnxs.com/ 0
662 B 132ms
43ms Script
text/html 68.67.179.135
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/jpt?id=10761225&callback=window.xaxS.auctionResult&cb=9747468586

Requested by

Host: static-tagr.gd1.mookie1.com
URL: https://static-tagr.gd1.mookie1.com/s1/sas/lh1/checkSegmentsNFI.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.179.135 Secaucus, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 30 Jun 2022 21:42:19 GMT
X-Proxy-Origin: 104.237.193.28; 104.237.193.28; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid: 52abaeac-646a-44e6-84d2-195e46775542
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 landing.php Show response
fp.holmesmind.com/ Frame 9A1A 0
82 B 308ms
195ms Document
text/html 34.117.219.39
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=533-5BOs13xXrn9qSzZoeIjrYefWM5fmKvwV&CFFPCKUUID=1832-8Lbp2LW7lcM8J1GLkmdKpYdWPtD1wQPM&url=https%3A%2F%2Freurl.cc%2Fmain%2Fen&maindomain=reurl.cc
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.219.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 39.219.117.34.bc.googleusercontent.com
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-headers: x-requested-with,content-type
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 30 Jun 2022 21:42:20 GMT
server: nginx/1.20.0
vary: Accept-Encoding
via: 1.1 google

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame DC38 4 KB
2 KB 196ms
196ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

1419b8b18e2084e1d79ca111dba4eb9ea7dd22171029e13467e77d90c3f1a06e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:19 GMT
content-encoding: gzip
last-modified: Wed, 23 Feb 2022 08:43:40 GMT
server: nginx
etag: W/"6215f3bc-11a3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
strict-transport-security: max-age=0
expires: Thu, 30 Jun 2022 21:52:19 GMT

GET
H2 200 landing.php Show response
fp.holmesmind.com/ Frame 0ABF 0
249 B 304ms
194ms Document
text/html 34.117.219.39
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=533-5BOs13xXrn9qSzZoeIjrYefWM5fmKvwV&CFFPCKUUID=1832-8Lbp2LW7lcM8J1GLkmdKpYdWPtD1wQPM&url=https%3A%2F%2Freurl.cc%2Fmain%2Fen&maindomain=reurl.cc
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.219.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 39.219.117.34.bc.googleusercontent.com
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-headers: x-requested-with,content-type
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 30 Jun 2022 21:42:20 GMT
server: nginx/1.20.0
vary: Accept-Encoding
via: 1.1 google

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 360E 4 KB
2 KB 196ms
196ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

1419b8b18e2084e1d79ca111dba4eb9ea7dd22171029e13467e77d90c3f1a06e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:19 GMT
content-encoding: gzip
last-modified: Wed, 23 Feb 2022 08:43:40 GMT
server: nginx
etag: W/"6215f3bc-11a3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
strict-transport-security: max-age=0
expires: Thu, 30 Jun 2022 21:52:19 GMT

GET
H2 200 emome2 Show response
t.ssp.hinet.net/ Frame 0AF6 30 B
278 B 203ms
203ms XHR
application/json 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/emome2?u=28d36932-5c75-4e23-b5d4-239bab842394

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:19 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame 1AEA 36 B
406 B 205ms
205ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

4a75843ec2e00b2e307f31de4e6300e3ebb63e77e04139692eccc899ef6569d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:19 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame DC38 36 B
399 B 199ms
198ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

4a75843ec2e00b2e307f31de4e6300e3ebb63e77e04139692eccc899ef6569d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:20 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame 360E 36 B
399 B 201ms
201ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

4a75843ec2e00b2e307f31de4e6300e3ebb63e77e04139692eccc899ef6569d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:20 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 emome2 Show response
t.ssp.hinet.net/ Frame 1AEA 30 B
278 B 200ms
200ms XHR
application/json 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/emome2?u=28d36932-5c75-4e23-b5d4-239bab842394

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:20 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 emome2 Show response
t.ssp.hinet.net/ Frame DC38 30 B
271 B 200ms
200ms XHR
application/json 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/emome2?u=28d36932-5c75-4e23-b5d4-239bab842394

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:20 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 emome2 Show response
t.ssp.hinet.net/ Frame 360E 30 B
271 B 200ms
200ms XHR
application/json 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/emome2?u=28d36932-5c75-4e23-b5d4-239bab842394

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:20 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 drawV2.js Show response
cdn.holmesmind.com/js/ Frame DC38 10 KB
10 KB 53ms
53ms Script
application/javascript 2600:9000:2162:e000:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/drawV2.js
Requested by: Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13860&rf=https%3A%2F%2Freurl.cc%2Fmain%2Fen&n=642&o=1&d=1&b=2&ts=1&ii=3&FPCK=1832-8Lbp2LW7lcM8J1GLkmdKpYdWPtD1wQPM&initver=210830P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2162:e000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 77a52be30020596b6a87a26e3dcc75e6.cloudfront.net (CloudFront)
last-modified: Fri, 16 Oct 2020 09:58:46 GMT
server: AmazonS3
age: 22
etag: "84d8b1a745228113e60f5e62f0eff6d3"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Thu, 30 Jun 2022 21:42:18 GMT
x-amz-cf-pop: EWR52-C3
accept-ranges: bytes
content-length: 10359
x-amz-cf-id: TH71Km6n36v5aXuD_p0Ke2EaLbtseXxYJEm0WGusu3tFGZ52JDWiZA==

GET
H2 200 drawV2.js Show response
cdn.holmesmind.com/js/ Frame 360E 10 KB
10 KB 54ms
54ms Script
application/javascript 2600:9000:2162:e000:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/drawV2.js
Requested by: Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13858&rf=https%3A%2F%2Freurl.cc%2Fmain%2Fen&n=664&o=1&d=1&b=2&ts=1&ii=3&FPCK=1832-8Lbp2LW7lcM8J1GLkmdKpYdWPtD1wQPM&initver=210830P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2162:e000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 77a52be30020596b6a87a26e3dcc75e6.cloudfront.net (CloudFront)
last-modified: Fri, 16 Oct 2020 09:58:46 GMT
server: AmazonS3
age: 22
etag: "84d8b1a745228113e60f5e62f0eff6d3"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Thu, 30 Jun 2022 21:42:18 GMT
x-amz-cf-pop: EWR52-C3
accept-ranges: bytes
content-length: 10359
x-amz-cf-id: GfQoz7gtemoZglY9Y94VsvRsekxJqtjFr2HI9zat2XzODKXBcE3zgg==

GET
H2 200 cm Show response
t.ssp.hinet.net/ Frame 1AEA 0
194 B 203ms
202ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=cf&cid=594277-FyYCBEAIauRNGHPnlY4kJ1QtSEf89ZbO&mp=28d36932-5c75-4e23-b5d4-239bab842394

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:20 GMT
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 pixel
28d36932-5c75-4e23-b5d4-239bab842394.t.ssp.hinet.net/ Frame 1AEA 0
80 B 1044ms
195ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://28d36932-5c75-4e23-b5d4-239bab842394.t.ssp.hinet.net/pixel?bd=28d36932-5c75-4e23-b5d4-239bab842394&t=cf

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:21 GMT
server: nginx
content-length: 0
strict-transport-security: max-age=0
content-type: image/png

GET
H2 200 cm Show response
t.ssp.hinet.net/ Frame DC38 0
187 B 203ms
202ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=50ef57&cid=533-5BOs13xXrn9qSzZoeIjrYefWM5fmKvwV&mp=28d36932-5c75-4e23-b5d4-239bab842394

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:20 GMT
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 pixel
28d36932-5c75-4e23-b5d4-239bab842394.t.ssp.hinet.net/ Frame DC38 0
79 B 871ms
196ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://28d36932-5c75-4e23-b5d4-239bab842394.t.ssp.hinet.net/pixel?bd=28d36932-5c75-4e23-b5d4-239bab842394&t=50ef57

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/en

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:21 GMT
server: nginx
content-length: 0
strict-transport-security: max-age=0
content-type: image/png

GET
H2 200 pixel
28d36932-5c75-4e23-b5d4-239bab842394.t.ssp.hinet.net/ Frame 360E 0
79 B 870ms
197ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://28d36932-5c75-4e23-b5d4-239bab842394.t.ssp.hinet.net/pixel?bd=28d36932-5c75-4e23-b5d4-239bab842394&t=50ef57

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:21 GMT
server: nginx
content-length: 0
strict-transport-security: max-age=0
content-type: image/png

GET
H2 200 cm Show response
t.ssp.hinet.net/ Frame 360E 0
187 B 199ms
199ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=50ef57&cid=533-5BOs13xXrn9qSzZoeIjrYefWM5fmKvwV&mp=28d36932-5c75-4e23-b5d4-239bab842394

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:20 GMT
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 init.js Show response
cdn.holmesmind.com/js/ Frame B2C8 6 KB
7 KB 47ms
46ms Script
application/javascript 2600:9000:2162:e000:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/init.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2162:e000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: UdwMmUAM2dmZqopCO7YOeMhqjXQRxqvB
via: 1.1 77a52be30020596b6a87a26e3dcc75e6.cloudfront.net (CloudFront)
last-modified: Fri, 04 Mar 2022 10:10:49 GMT
server: AmazonS3
age: 30
etag: "439e160b698f1ec2efb45c3b6cd6b265"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Thu, 30 Jun 2022 21:42:18 GMT
x-amz-cf-pop: EWR52-C3
accept-ranges: bytes
content-length: 6552
x-amz-cf-id: w_k-oLRhnFuaQz2UFPbBDdBtAVeUBBdf-AYCa6JmW4eajanOqBqL6Q==

GET
H2 200 init.js Show response
cdn.holmesmind.com/js/ Frame 55E9 6 KB
7 KB 47ms
46ms Script
application/javascript 2600:9000:2162:e000:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/init.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2162:e000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: UdwMmUAM2dmZqopCO7YOeMhqjXQRxqvB
via: 1.1 77a52be30020596b6a87a26e3dcc75e6.cloudfront.net (CloudFront)
last-modified: Fri, 04 Mar 2022 10:10:49 GMT
server: AmazonS3
age: 30
etag: "439e160b698f1ec2efb45c3b6cd6b265"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Thu, 30 Jun 2022 21:42:18 GMT
x-amz-cf-pop: EWR52-C3
accept-ranges: bytes
content-length: 6552
x-amz-cf-id: iJF3dFTQiFr-BnjKv5Q2kZaBjHA-SzradhBknSKhNzLro7BkbpGLaw==

GET
H2 200 capmapping.htm Show response
cdn.holmesmind.com/js/ Frame EDC1 3 KB
3 KB 47ms
46ms Document
text/html 2600:9000:2162:e000:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/capmapping.htm
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2162:e000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cdb7b46cae42cd81431bbd6892f43d4f84508bf5fb2bde0ae32bc577ce26d275

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 41
content-length: 3040
content-type: text/html
date: Thu, 30 Jun 2022 21:41:53 GMT
etag: "1127744b801151c03a119650091819d4"
last-modified: Thu, 30 Jun 2022 11:31:53 GMT
server: AmazonS3
via: 1.1 77a52be30020596b6a87a26e3dcc75e6.cloudfront.net (CloudFront)
x-amz-cf-id: zBZxzRnpiNV1Mo5LVlvw6E5H-ODO2-97t1zEE-dp9hoOUbRQMJvgOQ==
x-amz-cf-pop: EWR52-C3
x-amz-version-id: g5VVGnMBETOJxS05mTLHyDLw3VP4V67X
x-cache: Hit from cloudfront

GET
H2 200 edmp_init.js Show response
cdn.holmesmind.com/js/ Frame B2C8 662 B
1004 B 50ms
47ms Script
application/javascript 2600:9000:2162:e000:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/edmp_init.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2162:e000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 77a52be30020596b6a87a26e3dcc75e6.cloudfront.net (CloudFront)
last-modified: Fri, 12 Mar 2021 02:45:40 GMT
server: AmazonS3
age: 29
etag: "f58f8a90686f8ffb3325107e8a788b71"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Thu, 30 Jun 2022 21:42:15 GMT
x-amz-cf-pop: EWR52-C3
accept-ranges: bytes
content-length: 662
x-amz-cf-id: Emlc5AHoaDbqMlFVlovhDQ05CGQ5uvwBrASCBlc714_bB3GD32KlLw==

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame E64A 6 KB
6 KB 47ms
47ms Script
application/javascript 2600:9000:2162:e000:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2162:e000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1291c3d774415b830ea3f2c5ce78d160485606386d08a878c87f41ccdbe4a73f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: TffX4.BvLss5nGbaNkDOhki_IqknqyWa
via: 1.1 77a52be30020596b6a87a26e3dcc75e6.cloudfront.net (CloudFront)
last-modified: Fri, 18 Mar 2022 03:26:21 GMT
server: AmazonS3
age: 41
etag: "8de5f5c245a6377bb4dc88fbf8c0c6f5"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Thu, 30 Jun 2022 21:42:16 GMT
x-amz-cf-pop: EWR52-C3
accept-ranges: bytes
content-length: 6093
x-amz-cf-id: pNDMsuSRB6eGqjABZ_2xYf6kiYET1ZnsuOfKfcFQjEVyd5fBUz2hmg==

GET
H2 200 capmapping.htm Show response
cdn.holmesmind.com/js/ Frame A9A1 3 KB
3 KB 48ms
48ms Document
text/html 2600:9000:2162:e000:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/capmapping.htm
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2162:e000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cdb7b46cae42cd81431bbd6892f43d4f84508bf5fb2bde0ae32bc577ce26d275

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 42
content-length: 3040
content-type: text/html
date: Thu, 30 Jun 2022 21:41:53 GMT
etag: "1127744b801151c03a119650091819d4"
last-modified: Thu, 30 Jun 2022 11:31:53 GMT
server: AmazonS3
via: 1.1 77a52be30020596b6a87a26e3dcc75e6.cloudfront.net (CloudFront)
x-amz-cf-id: K-W5L9Q8ztvPjLFTmipLblWiZrwHnBCi5PZVqnUSyRIqeYOIsz5SLg==
x-amz-cf-pop: EWR52-C3
x-amz-version-id: g5VVGnMBETOJxS05mTLHyDLw3VP4V67X
x-cache: Hit from cloudfront

GET
H2 200 edmp_init.js Show response
cdn.holmesmind.com/js/ Frame 55E9 662 B
1003 B 47ms
46ms Script
application/javascript 2600:9000:2162:e000:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/edmp_init.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2162:e000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 77a52be30020596b6a87a26e3dcc75e6.cloudfront.net (CloudFront)
last-modified: Fri, 12 Mar 2021 02:45:40 GMT
server: AmazonS3
age: 30
etag: "f58f8a90686f8ffb3325107e8a788b71"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Thu, 30 Jun 2022 21:42:15 GMT
x-amz-cf-pop: EWR52-C3
accept-ranges: bytes
content-length: 662
x-amz-cf-id: Hhpwmh29Mf0YgISJhD60s0B_VdPcur3sLsRjSDu0v_eD92_gR3wSBQ==

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame 2DFB 6 KB
6 KB 48ms
48ms Script
application/javascript 2600:9000:2162:e000:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2162:e000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1291c3d774415b830ea3f2c5ce78d160485606386d08a878c87f41ccdbe4a73f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: TffX4.BvLss5nGbaNkDOhki_IqknqyWa
via: 1.1 77a52be30020596b6a87a26e3dcc75e6.cloudfront.net (CloudFront)
last-modified: Fri, 18 Mar 2022 03:26:21 GMT
server: AmazonS3
age: 42
etag: "8de5f5c245a6377bb4dc88fbf8c0c6f5"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Thu, 30 Jun 2022 21:42:16 GMT
x-amz-cf-pop: EWR52-C3
accept-ranges: bytes
content-length: 6093
x-amz-cf-id: fw4LqMsPBuv880iMl7Up9_0IIuRd36O9uFdKB5jSHNohshbZK-92ig==

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame EDC1 4 KB
2 KB 198ms
195ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

1419b8b18e2084e1d79ca111dba4eb9ea7dd22171029e13467e77d90c3f1a06e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:21 GMT
content-encoding: gzip
last-modified: Wed, 23 Feb 2022 08:43:40 GMT
server: nginx
etag: W/"6215f3bc-11a3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
strict-transport-security: max-age=0
expires: Thu, 30 Jun 2022 21:52:21 GMT

GET
H3 200 cm
c.holmesmind.com/ Frame EDC1 0
13 B 44ms
41ms Image
text/html 35.201.76.93
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:21 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

GET
H3

200

google
m.holmesmind.com/ml/ Frame EDC1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=594277-FyYCBEAIauRNGHPnlY4kJ1QtSEf89ZbO&uu_m=undefined
https://m.holmesmind.com/ml/google?cf_uid=594277-FyYCBEAIauRNGHPnlY4kJ1QtSEf89ZbO&uu_m=undefined&google_gid=CAESELzbBlke-8c9PFHKRuf9kNw&google_cver=1

0
23 B

655ms
602ms

Image
image/png

35.227.249.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.holmesmind.com/ml/google?cf_uid=594277-FyYCBEAIauRNGHPnlY4kJ1QtSEf89ZbO&uu_m=undefined&google_gid=CAESELzbBlke-8c9PFHKRuf9kNw&google_cver=1
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H3
Server: 35.227.249.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 156.249.227.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:21 GMT
x-guploader-uploadid: ADPycdsvc3f1oqp4sn8YwCj3ca8OjPbKSDKebne99LilDlh4plUrLO1wofQE4jZV1xiP-APbEEMTcwM-Zl1W_VqbTF8
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
last-modified: Wed, 21 Feb 2018 07:36:41 GMT
server: UploadServer
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-goog-hash: crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
x-goog-generation: 1519198601160228
cache-control: public, max-age=3600
x-goog-stored-content-length: 0
accept-ranges: bytes
content-type: image/png
expires: Thu, 30 Jun 2022 22:42:21 GMT

Redirect headers

pragma: no-cache
date: Thu, 30 Jun 2022 21:42:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://m.holmesmind.com/ml/google?cf_uid=594277-FyYCBEAIauRNGHPnlY4kJ1QtSEf89ZbO&uu_m=undefined&google_gid=CAESELzbBlke-8c9PFHKRuf9kNw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 358
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Preset.js Show response
adcdn.holmesmind.com/adserver/ Frame E64A 1 KB
747 B 400ms
399ms Script
text/html 2600:9000:202c:ae00:3:1794:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adcdn.holmesmind.com/adserver/Preset.js?z=13861
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:202c:ae00:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 260a38fd6cc5ef58002f66b9a6efcd915c7a2035a626948e5003e5ddf727d9c8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:21 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: EWR52-C2
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
x-amz-cf-id: QKQxPOuNcjDwMDqnpauqJpe6j_QuePpCwfwm-1BoVBb99oSfoFWY7g==
via: 1.1 f452d023faa737bf8fd4899df4e76a44.cloudfront.net (CloudFront)

GET
H3 200 cm
c.holmesmind.com/ Frame A9A1 0
13 B 42ms
41ms Image
text/html 35.201.76.93
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:21 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame A9A1 4 KB
2 KB 198ms
196ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

1419b8b18e2084e1d79ca111dba4eb9ea7dd22171029e13467e77d90c3f1a06e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:21 GMT
content-encoding: gzip
last-modified: Wed, 23 Feb 2022 08:43:40 GMT
server: nginx
etag: W/"6215f3bc-11a3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
strict-transport-security: max-age=0
expires: Thu, 30 Jun 2022 21:52:21 GMT

GET
H3

200

google
m.holmesmind.com/ml/ Frame A9A1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=594277-FyYCBEAIauRNGHPnlY4kJ1QtSEf89ZbO&uu_m=undefined
https://m.holmesmind.com/ml/google?cf_uid=594277-FyYCBEAIauRNGHPnlY4kJ1QtSEf89ZbO&uu_m=undefined&google_gid=CAESELzbBlke-8c9PFHKRuf9kNw&google_cver=1

0
23 B

656ms
604ms

Image
image/png

35.227.249.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.holmesmind.com/ml/google?cf_uid=594277-FyYCBEAIauRNGHPnlY4kJ1QtSEf89ZbO&uu_m=undefined&google_gid=CAESELzbBlke-8c9PFHKRuf9kNw&google_cver=1
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H3
Server: 35.227.249.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 156.249.227.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:21 GMT
x-guploader-uploadid: ADPycdvlidNxiAmOpXWonEF2arIMsoBQ8CBzu9ULxWFv99-gGKusThardLN1qkd90Aae9H7X1j_wyEgf5IpmSbLeTW1LQA
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
last-modified: Wed, 21 Feb 2018 07:36:41 GMT
server: UploadServer
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-goog-hash: crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
x-goog-generation: 1519198601160228
cache-control: public, max-age=3600
x-goog-stored-content-length: 0
accept-ranges: bytes
content-type: image/png
expires: Thu, 30 Jun 2022 22:42:21 GMT

Redirect headers

pragma: no-cache
date: Thu, 30 Jun 2022 21:42:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://m.holmesmind.com/ml/google?cf_uid=594277-FyYCBEAIauRNGHPnlY4kJ1QtSEf89ZbO&uu_m=undefined&google_gid=CAESELzbBlke-8c9PFHKRuf9kNw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 358
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Preset.js Show response
adcdn.holmesmind.com/adserver/ Frame 2DFB 1 KB
742 B 234ms
233ms Script
text/html 2600:9000:202c:ae00:3:1794:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adcdn.holmesmind.com/adserver/Preset.js?z=13859
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:202c:ae00:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 02a11d118de5f3d9a7fda77638a07a33218aa18e1888cc0376889be1fdd8595e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:21 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: EWR52-C2
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
x-amz-cf-id: kGHnlbLjCE3JSiD2qogloQPpxlddMkfb93-ZLG0yekLvFYDvBqiHRA==
via: 1.1 f452d023faa737bf8fd4899df4e76a44.cloudfront.net (CloudFront)

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame EDC1 36 B
406 B 199ms
198ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

4a75843ec2e00b2e307f31de4e6300e3ebb63e77e04139692eccc899ef6569d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:21 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame A9A1 36 B
406 B 199ms
199ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

4a75843ec2e00b2e307f31de4e6300e3ebb63e77e04139692eccc899ef6569d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:21 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 ads.js Show response
ad.holmesmind.com/adserver/ Frame 2DFB 2 KB
1 KB 215ms
212ms Script
text/html 54.238.107.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/ads.js?z=13859&rf=https%3A%2F%2Freurl.cc%2Fmain%2Fen&n=356&o=1&d=1&b=2&ts=1&ii=2&FPCK=1832-8Lbp2LW7lcM8J1GLkmdKpYdWPtD1wQPM&initver=210830P
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.238.107.229 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-238-107-229.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 69ac378c92e73fd9f95ce5d8100304fd424362d2079d2d7898f0ef0c3ac125f0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Thu, 30 Jun 2022 21:42:21 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 rtbhouseV2.js Show response
cdn.holmesmind.com/js/ Frame 2DFB 3 KB
3 KB 48ms
45ms Script
application/javascript 2600:9000:2162:e000:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2162:e000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 77a52be30020596b6a87a26e3dcc75e6.cloudfront.net (CloudFront)
last-modified: Tue, 04 Aug 2020 09:25:10 GMT
server: AmazonS3
age: 10
etag: "6a605eea47197fa280f27aaf1fa1521d"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Thu, 30 Jun 2022 21:42:17 GMT
x-amz-cf-pop: EWR52-C3
accept-ranges: bytes
content-length: 2773
x-amz-cf-id: ft3w0DiQV7AbanPICyYur2cTI138TE2utBAe4cBWVDKBWk70q20-mw==

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame 2DFB 119 KB
39 KB 141ms
43ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

850a150239aa319a9c772f1e6e71c15680d670c980c3daf41734c6ce8e0e8255

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:21 GMT
content-encoding: gzip
last-modified: Tue, 03 May 2022 11:21:03 GMT
server: nginx
etag: W/"6271101f-1dc01"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 01 Jul 2022 21:42:21 GMT

GET
H2 200 criteoV2.js Show response
cdn.holmesmind.com/js/ Frame 2DFB 2 KB
3 KB 51ms
49ms Script
application/javascript 2600:9000:2162:e000:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/criteoV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2162:e000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 77a52be30020596b6a87a26e3dcc75e6.cloudfront.net (CloudFront)
last-modified: Tue, 04 Aug 2020 09:25:12 GMT
server: AmazonS3
age: 34
etag: "e8f33fcb581483ced4a09b3c8e7550e4"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Thu, 30 Jun 2022 21:42:17 GMT
x-amz-cf-pop: EWR52-C3
accept-ranges: bytes
content-length: 2443
x-amz-cf-id: OpkZIUK7Q4b7OxuVGKpHtEmCgdrODF-B--YtcCuYQ8kaZEoECj3FVQ==

GET
H2 200 bridgewellV3.js Show response
cdn.holmesmind.com/js/ Frame 2DFB 4 KB
5 KB 60ms
58ms Script
application/javascript 2600:9000:2162:e000:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2162:e000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 77a52be30020596b6a87a26e3dcc75e6.cloudfront.net (CloudFront)
last-modified: Tue, 20 Apr 2021 06:25:23 GMT
server: AmazonS3
age: 20
etag: "c3b948e5a48dd0ec20c265d6d8da7add"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Thu, 30 Jun 2022 21:42:21 GMT
x-amz-cf-pop: EWR52-C3
accept-ranges: bytes
content-length: 4530
x-amz-cf-id: fjDkx_YXkzkNx8mitlTRgi4RYuVr5NAKSH0gDm9crqk-2zR2roBBRQ==

GET
H2 200 appierV2.js Show response
cdn.holmesmind.com/js/ Frame 2DFB 3 KB
3 KB 49ms
47ms Script
application/javascript 2600:9000:2162:e000:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appierV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2162:e000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 77a52be30020596b6a87a26e3dcc75e6.cloudfront.net (CloudFront)
last-modified: Thu, 11 Mar 2021 07:54:26 GMT
server: AmazonS3
age: 34
etag: "548ed610a8571343fb3022f543174735"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Thu, 30 Jun 2022 21:42:17 GMT
x-amz-cf-pop: EWR52-C3
accept-ranges: bytes
content-length: 3177
x-amz-cf-id: -Vl8w8q0pGzyRyBHyEkWCe60UZHvyPzL9A4SBKfs66Z7yv6rfxtoWA==

GET
H2 200 appier_mainV3.js Show response
cdn.holmesmind.com/js/ Frame 2DFB 3 KB
3 KB 50ms
49ms Script
application/javascript 2600:9000:2162:e000:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2162:e000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d541f77dd45df41c827a1c2b2899696c336c7bb3a1a06422d66ca4f37454258e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 77a52be30020596b6a87a26e3dcc75e6.cloudfront.net (CloudFront)
last-modified: Fri, 15 Oct 2021 07:41:44 GMT
server: AmazonS3
age: 20
etag: "adc35fd9401ac04bdb2a47c466e46174"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Thu, 30 Jun 2022 21:42:17 GMT
x-amz-cf-pop: EWR52-C3
accept-ranges: bytes
content-length: 2568
x-amz-cf-id: Tg0b8RH5bnbXVrvmy8eVbow_pV6LziHQTh79By3O0pg8iJaDOzQLyg==

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame 2DFB 0
170 B 227ms
223ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://reurl.cc
date: Thu, 30 Jun 2022 21:42:21 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame 2DFB
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=t63Dvz-GAd-YnmCivBi-Yg

2 B
19 B

260ms
257ms

XHR
application/json

34.96.119.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=t63Dvz-GAd-YnmCivBi-Yg
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol: H3
Server: 34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:21 GMT
via: 1.1 google
server: nginx/1.19.0
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Thu, 30 Jun 2022 21:42:21 GMT
server: nginx
access-control-allow-origin: null
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=t63Dvz-GAd-YnmCivBi-Yg
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame 2DFB
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=t63Dvz-GAd-YnmCivBi-Yg

2 B
19 B

263ms
258ms

XHR
application/json

34.96.119.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=t63Dvz-GAd-YnmCivBi-Yg
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol: H3
Server: 34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:21 GMT
via: 1.1 google
server: nginx/1.19.0
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Thu, 30 Jun 2022 21:42:21 GMT
server: nginx
access-control-allow-origin: null
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=t63Dvz-GAd-YnmCivBi-Yg
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 204 prebid.aspx Show response
prebid.scupio.com/recweb/ Frame 2DFB 0
159 B 679ms
223ms XHR
text/html 210.59.219.181
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.scupio.com/recweb/prebid.aspx?cb=0.012869628045054204
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 210.59.219.181 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 30 Jun 2022 21:42:21 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: text/html
access-control-allow-origin: https://reurl.cc
cache-control: private
access-control-allow-credentials: true

GET
H2 200 emome2 Show response
t.ssp.hinet.net/ Frame EDC1 30 B
278 B 200ms
200ms XHR
application/json 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/emome2?u=28d36932-5c75-4e23-b5d4-239bab842394

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:21 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 ads.js Show response
ad.holmesmind.com/adserver/ Frame E64A 2 KB
1 KB 209ms
207ms Script
text/html 54.238.107.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/ads.js?z=13861&rf=https%3A%2F%2Freurl.cc%2Fmain%2Fen&n=7&o=1&d=1&b=2&ts=1&ii=2&FPCK=1832-8Lbp2LW7lcM8J1GLkmdKpYdWPtD1wQPM&initver=210830P
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.238.107.229 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-238-107-229.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: c0b16f948f2728e2e2a8fdd00aa04588b4ab6ca379da02e9bd9701908e2f543e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Thu, 30 Jun 2022 21:42:21 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 rtbhouseV2.js Show response
cdn.holmesmind.com/js/ Frame E64A 3 KB
3 KB 48ms
45ms Script
application/javascript 2600:9000:2162:e000:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2162:e000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 77a52be30020596b6a87a26e3dcc75e6.cloudfront.net (CloudFront)
last-modified: Tue, 04 Aug 2020 09:25:10 GMT
server: AmazonS3
age: 10
etag: "6a605eea47197fa280f27aaf1fa1521d"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Thu, 30 Jun 2022 21:42:17 GMT
x-amz-cf-pop: EWR52-C3
accept-ranges: bytes
content-length: 2773
x-amz-cf-id: QytgsEvsS_hGy9TBsvUpRfXu1MY19uAj0jmEee7PhLvA6EVdfsMImA==

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame E64A 119 KB
39 KB 50ms
48ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

850a150239aa319a9c772f1e6e71c15680d670c980c3daf41734c6ce8e0e8255

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:21 GMT
content-encoding: gzip
last-modified: Tue, 03 May 2022 11:21:03 GMT
server: nginx
etag: W/"6271101f-1dc01"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 01 Jul 2022 21:42:21 GMT

GET
H2 200 criteoV2.js Show response
cdn.holmesmind.com/js/ Frame E64A 2 KB
3 KB 49ms
47ms Script
application/javascript 2600:9000:2162:e000:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/criteoV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2162:e000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 77a52be30020596b6a87a26e3dcc75e6.cloudfront.net (CloudFront)
last-modified: Tue, 04 Aug 2020 09:25:12 GMT
server: AmazonS3
age: 34
etag: "e8f33fcb581483ced4a09b3c8e7550e4"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Thu, 30 Jun 2022 21:42:17 GMT
x-amz-cf-pop: EWR52-C3
accept-ranges: bytes
content-length: 2443
x-amz-cf-id: MPaaZ4nBPXBAQfPP4bbZbCm3SV_y6M2FJebx0xegFFqvPY8lEaC-qA==

GET
H2 200 bridgewellV3.js Show response
cdn.holmesmind.com/js/ Frame E64A 4 KB
5 KB 51ms
50ms Script
application/javascript 2600:9000:2162:e000:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2162:e000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 77a52be30020596b6a87a26e3dcc75e6.cloudfront.net (CloudFront)
last-modified: Tue, 20 Apr 2021 06:25:23 GMT
server: AmazonS3
age: 20
etag: "c3b948e5a48dd0ec20c265d6d8da7add"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Thu, 30 Jun 2022 21:42:21 GMT
x-amz-cf-pop: EWR52-C3
accept-ranges: bytes
content-length: 4530
x-amz-cf-id: 6hV_okjePdQCU6ET8RUFVlUAn7He_sZACHKxMI4WfGUcqQpRyX-yBA==

GET
H2 200 appierV2.js Show response
cdn.holmesmind.com/js/ Frame E64A 3 KB
3 KB 52ms
51ms Script
application/javascript 2600:9000:2162:e000:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appierV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2162:e000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 77a52be30020596b6a87a26e3dcc75e6.cloudfront.net (CloudFront)
last-modified: Thu, 11 Mar 2021 07:54:26 GMT
server: AmazonS3
age: 34
etag: "548ed610a8571343fb3022f543174735"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Thu, 30 Jun 2022 21:42:17 GMT
x-amz-cf-pop: EWR52-C3
accept-ranges: bytes
content-length: 3177
x-amz-cf-id: Y5FVGz1ujWzEDs2ZOF4Jjv8d-NAFwueS8dkMWrY-FjO7ipR8TtNT7g==

GET
H2 200 appier_mainV3.js Show response
cdn.holmesmind.com/js/ Frame E64A 3 KB
3 KB 53ms
52ms Script
application/javascript 2600:9000:2162:e000:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2162:e000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d541f77dd45df41c827a1c2b2899696c336c7bb3a1a06422d66ca4f37454258e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 77a52be30020596b6a87a26e3dcc75e6.cloudfront.net (CloudFront)
last-modified: Fri, 15 Oct 2021 07:41:44 GMT
server: AmazonS3
age: 20
etag: "adc35fd9401ac04bdb2a47c466e46174"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Thu, 30 Jun 2022 21:42:17 GMT
x-amz-cf-pop: EWR52-C3
accept-ranges: bytes
content-length: 2568
x-amz-cf-id: o1GCo2mLrBRYno8dPQ25C_Ud5ik0Gsxjvg0R6MmdXmTYEJ00hNVXfg==

GET
H2 200 emome2 Show response
t.ssp.hinet.net/ Frame A9A1 30 B
278 B 200ms
200ms XHR
application/json 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/emome2?u=28d36932-5c75-4e23-b5d4-239bab842394

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:21 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 2DFB 0
210 B 152ms
49ms XHR
text/plain 74.119.119.129
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=123&profileId=184&cb=66981107509

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

bidder.va1.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 30 Jun 2022 21:42:20 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H3 200 landing.php Show response
fp.holmesmind.com/ Frame 5A01 0
37 B 217ms
189ms Document
text/html 34.117.219.39
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=533-5BOs13xXrn9qSzZoeIjrYefWM5fmKvwV&CFFPCKUUID=1832-8Lbp2LW7lcM8J1GLkmdKpYdWPtD1wQPM&url=https%3A%2F%2Freurl.cc%2Fmain%2Fen&maindomain=reurl.cc
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.219.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 39.219.117.34.bc.googleusercontent.com
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-headers: x-requested-with,content-type
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 30 Jun 2022 21:42:21 GMT
server: nginx/1.20.0
vary: Accept-Encoding
via: 1.1 google

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 2DFB 4 KB
2 KB 198ms
196ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

1419b8b18e2084e1d79ca111dba4eb9ea7dd22171029e13467e77d90c3f1a06e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:21 GMT
content-encoding: gzip
last-modified: Wed, 23 Feb 2022 08:43:40 GMT
server: nginx
etag: W/"6215f3bc-11a3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
strict-transport-security: max-age=0
expires: Thu, 30 Jun 2022 21:52:21 GMT

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame E64A 0
170 B 222ms
221ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://reurl.cc
date: Thu, 30 Jun 2022 21:42:21 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 200 prebid.aspx Show response
prebid.scupio.com/recweb/ Frame E64A 2 KB
1 KB 532ms
224ms XHR
text/html 210.59.219.181
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.scupio.com/recweb/prebid.aspx?cb=0.8305525857185314
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 210.59.219.181 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7f46e8dbcf34af695c2eb803b2aac9e384b83111e203816bffd9b6a9880a8804

Request headers

Referer: https://reurl.cc/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 30 Jun 2022 21:42:21 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: https://reurl.cc
cache-control: private
access-control-allow-credentials: true
content-length: 1342

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame E64A
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=t63Dvz-GAd-YnmCivBi-Yg

2 B
19 B

261ms
261ms

XHR
application/json

34.96.119.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=t63Dvz-GAd-YnmCivBi-Yg
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol: H3
Server: 34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:22 GMT
via: 1.1 google
server: nginx/1.19.0
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Thu, 30 Jun 2022 21:42:21 GMT
server: nginx
access-control-allow-origin: null
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=t63Dvz-GAd-YnmCivBi-Yg
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame E64A
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=t63Dvz-GAd-YnmCivBi-Yg

2 B
19 B

262ms
262ms

XHR
application/json

34.96.119.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=t63Dvz-GAd-YnmCivBi-Yg
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol: H3
Server: 34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:22 GMT
via: 1.1 google
server: nginx/1.19.0
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Thu, 30 Jun 2022 21:42:21 GMT
server: nginx
access-control-allow-origin: null
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=t63Dvz-GAd-YnmCivBi-Yg
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame E64A
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=t63Dvz-GAd-YnmCivBi-Yg

2 B
19 B

617ms
617ms

XHR
application/json

34.96.119.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=t63Dvz-GAd-YnmCivBi-Yg
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol: H3
Server: 34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:22 GMT
via: 1.1 google
server: nginx/1.19.0
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Thu, 30 Jun 2022 21:42:21 GMT
server: nginx
access-control-allow-origin: null
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=t63Dvz-GAd-YnmCivBi-Yg
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

GET
H2 200 drawV2.js Show response
cdn.holmesmind.com/js/ Frame 2DFB 10 KB
10 KB 48ms
48ms Script
application/javascript 2600:9000:2162:e000:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/drawV2.js
Requested by: Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13859&rf=https%3A%2F%2Freurl.cc%2Fmain%2Fen&n=356&o=1&d=1&b=2&ts=1&ii=2&FPCK=1832-8Lbp2LW7lcM8J1GLkmdKpYdWPtD1wQPM&initver=210830P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2162:e000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 77a52be30020596b6a87a26e3dcc75e6.cloudfront.net (CloudFront)
last-modified: Fri, 16 Oct 2020 09:58:46 GMT
server: AmazonS3
age: 23
etag: "84d8b1a745228113e60f5e62f0eff6d3"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Thu, 30 Jun 2022 21:42:18 GMT
x-amz-cf-pop: EWR52-C3
accept-ranges: bytes
content-length: 10359
x-amz-cf-id: ZWdJtYONcAXcbq_Suim2wVPnuiL9nPqJ6fPe4_JuPoF_x2cq4DSxAQ==

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame E64A 177 B
426 B 112ms
50ms XHR
application/json 74.119.119.129
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=123&profileId=184&cb=7505221842

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

bidder.va1.vip.prod.criteo.com

Software

Finatra /

Resource Hash

b959038d7366d023b60b04d1d8a2d721f983f16ae6019fedad7a2cd6aca0d1b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 30 Jun 2022 21:42:21 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 164

GET
H2 200 chtmp.php
ccm.holmesmind.com/ Frame 55E9 0
214 B 735ms
322ms Image
text/html 13.112.127.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D594277-FyYCBEAIauRNGHPnlY4kJ1QtSEf89ZbO%26SID%3D45917%26Tags%3D2005%2C2004%2C2003
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.112.127.33 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-112-127-33.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Thu, 30 Jun 2022 21:42:22 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 chtmp.php
ccm.holmesmind.com/ Frame 55E9 0
214 B 732ms
320ms Image
text/html 13.112.127.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D594277-FyYCBEAIauRNGHPnlY4kJ1QtSEf89ZbO%26SID%3D44161%26Tags%3D2010%2C2009%2C2005%2C2004%2C2003%2C2002
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.112.127.33 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-112-127-33.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Thu, 30 Jun 2022 21:42:22 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H3 200 landing.php Show response
fp.holmesmind.com/ Frame 2F1A 0
37 B 193ms
193ms Document
text/html 34.117.219.39
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=533-5BOs13xXrn9qSzZoeIjrYefWM5fmKvwV&CFFPCKUUID=1832-8Lbp2LW7lcM8J1GLkmdKpYdWPtD1wQPM&url=https%3A%2F%2Freurl.cc%2Fmain%2Fen&maindomain=reurl.cc
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.219.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 39.219.117.34.bc.googleusercontent.com
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-headers: x-requested-with,content-type
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 30 Jun 2022 21:42:21 GMT
server: nginx/1.20.0
vary: Accept-Encoding
via: 1.1 google

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame E64A 4 KB
2 KB 199ms
197ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

1419b8b18e2084e1d79ca111dba4eb9ea7dd22171029e13467e77d90c3f1a06e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:21 GMT
content-encoding: gzip
last-modified: Wed, 23 Feb 2022 08:43:40 GMT
server: nginx
etag: W/"6215f3bc-11a3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
strict-transport-security: max-age=0
expires: Thu, 30 Jun 2022 21:52:21 GMT

POST
H2 204 events
bidder.criteo.com/csm/ Frame 2DFB 0
209 B 52ms
47ms Ping
text/plain 74.119.119.129
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

bidder.va1.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 30 Jun 2022 21:42:21 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame 2DFB 43 B
365 B 49ms
44ms Image
image/gif 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=1

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:21 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
strict-transport-security: max-age=31536000; preload;
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sun, 25 Jun 2023 21:42:21 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame 2DFB 43 B
365 B 47ms
43ms Image
image/gif 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=2

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:21 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
strict-transport-security: max-age=31536000; preload;
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sun, 25 Jun 2023 21:42:21 GMT

POST
H2 204 events
bidder.criteo.com/csm/ Frame E64A 0
209 B 52ms
49ms Ping
text/plain 74.119.119.129
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

bidder.va1.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 30 Jun 2022 21:42:21 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H2 200 drawV2.js Show response
cdn.holmesmind.com/js/ Frame E64A 10 KB
10 KB 53ms
50ms Script
application/javascript 2600:9000:2162:e000:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/drawV2.js
Requested by: Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13861&rf=https%3A%2F%2Freurl.cc%2Fmain%2Fen&n=7&o=1&d=1&b=2&ts=1&ii=2&FPCK=1832-8Lbp2LW7lcM8J1GLkmdKpYdWPtD1wQPM&initver=210830P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2162:e000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 77a52be30020596b6a87a26e3dcc75e6.cloudfront.net (CloudFront)
last-modified: Fri, 16 Oct 2020 09:58:46 GMT
server: AmazonS3
age: 23
etag: "84d8b1a745228113e60f5e62f0eff6d3"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Thu, 30 Jun 2022 21:42:18 GMT
x-amz-cf-pop: EWR52-C3
accept-ranges: bytes
content-length: 10359
x-amz-cf-id: 0vwDmW7fRk7vc-XRbOxVhTn4s36o34gpEQ5wAB0LBBTXpB-TdJdl5w==

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame 2DFB 36 B
399 B 207ms
198ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

4a75843ec2e00b2e307f31de4e6300e3ebb63e77e04139692eccc899ef6569d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:21 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 chtmp.php
ccm.holmesmind.com/ Frame B2C8 0
215 B 579ms
319ms Image
text/html 13.112.127.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D594277-FyYCBEAIauRNGHPnlY4kJ1QtSEf89ZbO%26SID%3D45917%26Tags%3D2005%2C2004%2C2003
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.112.127.33 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-112-127-33.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Thu, 30 Jun 2022 21:42:22 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 chtmp.php
ccm.holmesmind.com/ Frame B2C8 0
214 B 588ms
329ms Image
text/html 13.112.127.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D594277-FyYCBEAIauRNGHPnlY4kJ1QtSEf89ZbO%26SID%3D44161%26Tags%3D2010%2C2009%2C2005%2C2004%2C2003%2C2002
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.112.127.33 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-112-127-33.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Thu, 30 Jun 2022 21:42:22 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 cm Show response
t.ssp.hinet.net/ Frame EDC1 0
194 B 200ms
199ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=cf&cid=594277-FyYCBEAIauRNGHPnlY4kJ1QtSEf89ZbO&mp=28d36932-5c75-4e23-b5d4-239bab842394

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:21 GMT
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 pixel
28d36932-5c75-4e23-b5d4-239bab842394.t.ssp.hinet.net/ Frame EDC1 0
79 B 196ms
196ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://28d36932-5c75-4e23-b5d4-239bab842394.t.ssp.hinet.net/pixel?bd=28d36932-5c75-4e23-b5d4-239bab842394&t=cf

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:21 GMT
server: nginx
content-length: 0
strict-transport-security: max-age=0
content-type: image/png

GET
H2 200 pixel
28d36932-5c75-4e23-b5d4-239bab842394.t.ssp.hinet.net/ Frame A9A1 0
79 B 196ms
196ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://28d36932-5c75-4e23-b5d4-239bab842394.t.ssp.hinet.net/pixel?bd=28d36932-5c75-4e23-b5d4-239bab842394&t=cf

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:21 GMT
server: nginx
content-length: 0
strict-transport-security: max-age=0
content-type: image/png

GET
H2 200 cm Show response
t.ssp.hinet.net/ Frame A9A1 0
194 B 199ms
199ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=cf&cid=594277-FyYCBEAIauRNGHPnlY4kJ1QtSEf89ZbO&mp=28d36932-5c75-4e23-b5d4-239bab842394

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:21 GMT
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/ Frame 1B21
Redirect Chain

https://ads.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

42 KB
43 KB

105ms
38ms

Script
application/octet-stream

2606:4700:20::681a:467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol: H2
Server: 2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ea014dbd2141838e64f839656dd6eec7e513ebac16b0b811430b3a81b777a58

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6613
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43274
last-modified: Thu, 10 Feb 2022 09:21:22 GMT
server: cloudflare
etag: "6204d912-a90a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L4e7t9e96oa8VGkrpzos9gxddBi8JTha1icsBEYsECYT9ZVU%2B2af40OeIbWHqIGNod5oAy2e9krWZ6Gxrxf79ViI8a41PXHMXHmOQOA74w9GmIwna5L5GbKDYgyLkXk5HhS3X6YU1cFf2S6MHg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 723a12464bf286f6-ORD

Redirect headers

Location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection: close
Content-length: 0

GET
H2 200 cm Show response
t.ssp.hinet.net/ Frame 2DFB 0
187 B 200ms
198ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=50ef57&cid=533-5BOs13xXrn9qSzZoeIjrYefWM5fmKvwV&mp=28d36932-5c75-4e23-b5d4-239bab842394

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:22 GMT
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 pixel
28d36932-5c75-4e23-b5d4-239bab842394.t.ssp.hinet.net/ Frame 2DFB 0
79 B 196ms
195ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://28d36932-5c75-4e23-b5d4-239bab842394.t.ssp.hinet.net/pixel?bd=28d36932-5c75-4e23-b5d4-239bab842394&t=50ef57

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/en

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:22 GMT
server: nginx
content-length: 0
strict-transport-security: max-age=0
content-type: image/png

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 150ms
67ms XHR
application/json 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220629&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206270101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e7a23f230ea7e2e860827f14aefd6568d4bb095df7b4db9af494b90c45fde76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Jun 2022 21:42:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10693
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 5225 15 KB
6 KB 128ms
42ms Document
text/html 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Resource Hash

fb86633ecb74692134067335cb70dd9fd869f3108a4863588433fdc9e6db2e4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 6144
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 30 Jun 2022 21:42:21 GMT
server-processing-duration-in-ticks: 2268
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

rec.js Show response
img.scupio.com/js/ Frame 265A
Redirect Chain

https://rec.scupio.com/recweb/js/rec.js
https://img.scupio.com/js/rec.js

21 KB
8 KB

191ms
56ms

Script
application/javascript

143.204.146.9

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/rec.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol: H2
Server: 143.204.146.9 -, , ASN (),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 09533e9658b31fcb79764178f8e7e9df7e1c36a7dc7bd22b5fa87e2da89a56d4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:23 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 03:30:07 GMT
server: nginx/1.12.1
age: 36
etag: W/"6182023f-5429"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 f0f871e82b1bc21a8b78c1d73717a40a.cloudfront.net (CloudFront)
cache-control: max-age=10800
x-amz-cf-pop: EWR52-C2
x-amz-cf-id: XlIqYZZBh2IXRPe_H1ivZyXCNHQ8uRSADMJZau2Nc43YXUQJXNAJMA==
expires: Fri, 01 Jul 2022 00:41:47 GMT

Redirect headers

Location: https://img.scupio.com/js/rec.js
Date: Thu, 30 Jun 2022 21:42:23 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Content-Length: 155
Content-Type: text/html; charset=UTF-8

GET
H2 200 pixel
28d36932-5c75-4e23-b5d4-239bab842394.t.ssp.hinet.net/ Frame E64A 0
79 B 196ms
195ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://28d36932-5c75-4e23-b5d4-239bab842394.t.ssp.hinet.net/pixel?bd=28d36932-5c75-4e23-b5d4-239bab842394&t=50ef57

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:22 GMT
server: nginx
content-length: 0
strict-transport-security: max-age=0
content-type: image/png

GET
H2 200 cm Show response
t.ssp.hinet.net/ Frame E64A 0
187 B 200ms
199ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=50ef57&cid=533-5BOs13xXrn9qSzZoeIjrYefWM5fmKvwV&mp=28d36932-5c75-4e23-b5d4-239bab842394

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:22 GMT
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2

200

sid Show response
mug.criteo.com/ Frame 5225
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=HLIupnxJWWdlS0U0M3RvMFp3clJHajBNUnkvbzU2cjdwTlk0b1M1czZ1ck1CemsvWWZMZEpoeWNBWGNZODJtdTVwM1IvR1NzMnlvemdJNjJOZnJlbVhCODBobHBLSHdTQUNlTHJBb3F2SldDbEt2VzBDcFI1NTBJSTU1Tz...

444 B
638 B

157ms
50ms

Fetch
application/json

74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=HLIupnxJWWdlS0U0M3RvMFp3clJHajBNUnkvbzU2cjdwTlk0b1M1czZ1ck1CemsvWWZMZEpoeWNBWGNZODJtdTVwM1IvR1NzMnlvemdJNjJOZnJlbVhCODBobHBLSHdTQUNlTHJBb3F2SldDbEt2VzBDcFI1NTBJSTU1TzkybUVQUUJFaXlFaHN1QS9RTFJGTW4zYUxBMzlhRjZrcG54SVJ5QVJHcjFJMTdjVGZZRGlnSDNCRnptc3ZuWGN1L2N5ZzZ2eUQ1VnJZQ250RHZ0ZlBZZEZ6TEl0WlRBOFZXNmJNRmZ3dkZodWkrYU16Mmc0TUtXSXkvcVZMQjBOQVVDNWtmaWxMRkpUOGpqK3VDY2dOcW1KUHZueVJMdz09fA&cppv=2

Protocol

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Resource Hash

39b79bc57fee651ab0cb7967043adea8ee929c57e88dc8608c940b1480479775

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 21:42:22 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 5064
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 30 Jun 2022 21:42:21 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=HLIupnxJWWdlS0U0M3RvMFp3clJHajBNUnkvbzU2cjdwTlk0b1M1czZ1ck1CemsvWWZMZEpoeWNBWGNZODJtdTVwM1IvR1NzMnlvemdJNjJOZnJlbVhCODBobHBLSHdTQUNlTHJBb3F2SldDbEt2VzBDcFI1NTBJSTU1TzkybUVQUUJFaXlFaHN1QS9RTFJGTW4zYUxBMzlhRjZrcG54SVJ5QVJHcjFJMTdjVGZZRGlnSDNCRnptc3ZuWGN1L2N5ZzZ2eUQ1VnJZQ250RHZ0ZlBZZEZ6TEl0WlRBOFZXNmJNRmZ3dkZodWkrYU16Mmc0TUtXSXkvcVZMQjBOQVVDNWtmaWxMRkpUOGpqK3VDY2dOcW1KUHZueVJMdz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1511
content-length: 541
expires: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 156ms
56ms Script
text/javascript 2607:f8b0:4006:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206270101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 30 Jun 2022 21:42:22 GMT

GET
H3 200 ucfad-formats.css
cdn.aralego.net/css/dev/ Frame 1B21 975 B
886 B 77ms
44ms Stylesheet
text/css 2606:4700:20::681a:467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:22 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5658
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xXE0tQIfkQNdZQfdjM1PLOi9usfHM0y6%2F%2FsdSFjIR59cU0Bsebi%2BjjUNU7AAYmGiJqSgFUIM4GoBcDehkcjC1BThkKE%2BN83OL3PyO8PQoS8e%2B0W3I24%2BqK3bv8nN5VAL6tjbof%2BAiFdfGVU57g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 723a1246b84d2bd4-ORD
cf-bgj: minify

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ Frame 1B21 46 B
486 B 202ms
51ms XHR
text/html 192.96.200.41
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.200.41 Norfolk, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 2d75df67f303e2bf6559edab0d806681aeb9cb8ff2f38dd1fd9b6726189291b5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 30 Jun 2022 21:42:22 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://reurl.cc
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 46

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ Frame 1B21 554 B
1 KB 180ms
92ms XHR
text/html 199.115.117.82
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=reurl.cc&u=https%3A%2F%2Freurl.cc%2Fmain%2Fen&adid=ad-E2B64EDA2E2EEE771779EE992A288D72&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.22979712130344998&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B&ao=https%3A%2F%2Freurl.cc&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.115.117.82 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: a93f716cf27b006ca9b1cf4379be09a005335f365b3295659a07733c6c2127e1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 30 Jun 2022 21:42:22 GMT
X-Width: 300
X-Height: 250
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://reurl.cc
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
X-AdSource: PSA
X-Adtype: html
Connection: close
Access-Control-Allow-Credentials: true
Content-Length: 554
X-AdStyle: banner

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FE07 13 KB
5 KB 128ms
41ms Document
text/html 2607:f8b0:4006:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 154345
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 29 Jun 2022 02:49:57 GMT
expires: Thu, 29 Jun 2023 02:49:57 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame CFB0 783 B
533 B 148ms
61ms Document
text/html 2607:f8b0:4006:823::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2004 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

84faa0382ce8a481c78c9be4a6aff3d5ad24fd1e9e13fa8209705ed599daf0ed

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8i-EY5Xde2grxEIr5weHCA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-8i-EY5Xde2grxEIr5weHCA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 30 Jun 2022 21:42:22 GMT
expires: Thu, 30 Jun 2022 21:42:22 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame FBC7 15 KB
6 KB 47ms
47ms Document
text/html 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Resource Hash

fb86633ecb74692134067335cb70dd9fd869f3108a4863588433fdc9e6db2e4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 6144
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 30 Jun 2022 21:42:21 GMT
server-processing-duration-in-ticks: 4533
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame DF42 116 KB
39 KB 64ms
64ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: ads.aralego.com
URL: https://ads.aralego.com/sdk

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b3d40e2585c8690067b86558f4e4c103f3e9cd2375b64ba54ee483086f88e6ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39834
x-xss-protection: 0
server: cafe
etag: 12651519038215640883
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 30 Jun 2022 21:42:22 GMT

GET
H3 200 cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame 5616 714 B
839 B 35ms
34ms Document
text/html 2606:4700:20::681a:467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
age: 6090
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 723a1247da8a2bd4-ORD
content-encoding: br
content-type: text/html
date: Thu, 30 Jun 2022 21:42:22 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Wed, 09 Feb 2022 05:59:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rr%2F56uEvcTAw1QZqK39iiQSGFc%2F227IVCUCO7c6toLoxoDydfqEGt3Ji3BHw%2FgoD3I6bJO0MxzKcML3UDmOc7bwUVJYINet4vdXDm9FKw9F9zlW2SHxsWK7Q76BsZ43cWhW2GwjcF907xqZqHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK idsync
sync.aralego.com/ Frame 1B21 35 B
384 B 154ms
55ms Image
image/gif 192.96.200.41
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.200.41 Norfolk, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 30 Jun 2022 21:42:22 GMT
Connection: close
Content-Length: 35
Content-Type: image/gif

GET
H2

200

sid Show response
mug.criteo.com/ Frame FBC7
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=TQ8ayV9oUEpRamZ1VGNvY3JjTWhrWk8zV3p2UXdOcXVqdSUyRkclMkJuTEclMkZRWlNUbXN3eU16JTJCeG...
https://mug.criteo.com/sid?cpp=411d-3x3MWJaWUE3S3ZTdFRwSDJkZjg5ZU1rT3A5YVFyNWl6UnlncC9VMzVMQmg4bmJHWTNHS0dLdWEyNFNLY0d5Q0hwZUR2YkNWVzMraDI5blhtSWxGOVhaR2hUUmpxRTQvOEZpa3VDTkhuZDdBdWI1a3p5NHhkQkpVVX...

417 B
630 B

50ms
49ms

Fetch
application/json

74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=411d-3x3MWJaWUE3S3ZTdFRwSDJkZjg5ZU1rT3A5YVFyNWl6UnlncC9VMzVMQmg4bmJHWTNHS0dLdWEyNFNLY0d5Q0hwZUR2YkNWVzMraDI5blhtSWxGOVhaR2hUUmpxRTQvOEZpa3VDTkhuZDdBdWI1a3p5NHhkQkpVVXlzZW5sVklqZGJRendQSGNWVU9kV1F3cHJFK3ZLQWVQSjgzUDZIRXJKMXhWOWJxbTBqU1VjYkNyWG1zVWEzTWFBeTZ1NnZpRSsxS3R2b2lOdEt5a2FucWtISDRsaW5BQXVGM1ZNT0JtcFg2OG00eWgrVDVrT1hHTHZ0dEJMOTk3aU8wYktYZEEzZWZHTE8xdjNwMHlkWGVkUUVhbUd4dz09fA&cppv=2

Protocol

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Resource Hash

be2ac168a90e5b9537ae6158829bf0e0fbd819775147d618c47682c19944c829

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 21:42:21 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4654
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 30 Jun 2022 21:42:22 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=411d-3x3MWJaWUE3S3ZTdFRwSDJkZjg5ZU1rT3A5YVFyNWl6UnlncC9VMzVMQmg4bmJHWTNHS0dLdWEyNFNLY0d5Q0hwZUR2YkNWVzMraDI5blhtSWxGOVhaR2hUUmpxRTQvOEZpa3VDTkhuZDdBdWI1a3p5NHhkQkpVVXlzZW5sVklqZGJRendQSGNWVU9kV1F3cHJFK3ZLQWVQSjgzUDZIRXJKMXhWOWJxbTBqU1VjYkNyWG1zVWEzTWFBeTZ1NnZpRSsxS3R2b2lOdEt5a2FucWtISDRsaW5BQXVGM1ZNT0JtcFg2OG00eWgrVDVrT1hHTHZ0dEJMOTk3aU8wYktYZEEzZWZHTE8xdjNwMHlkWGVkUUVhbUd4dz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 2063
content-length: 541
expires: 0

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 5616 81 KB
28 KB 166ms
64ms Script
text/javascript 142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

sffe /

Resource Hash

0277aa0cf7602f1c646402b09b87e83941c7c65efbf3b7ba93a2eb6423688289

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28098
x-xss-protection: 0
server: sffe
etag: "1260 / 967 of 1000 / last-modified: 1656587214"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 30 Jun 2022 21:42:22 GMT

GET
H3 200 edue1xTc5YuiZOhJi4VIA_c20CetZt5T9y7Q3cNnrTA.js Show response
pagead2.googlesyndication.com/bg/ Frame FE07 36 KB
14 KB 42ms
41ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/edue1xTc5YuiZOhJi4VIA_c20CetZt5T9y7Q3cNnrTA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79db9ed714dce58ba264e8498b854803f736d027ad66de53f72ed0ddc367ad30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 19:22:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 267572
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13936
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 27 Jun 2023 19:22:50 GMT

GET
H3 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206270101/ Frame DF42 340 KB
120 KB 96ms
95ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206270101/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

658dc7de923c49cdbe65e3be3df7821fbc3350c1ee8f3abc61d4b6f88e2798a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122496
x-xss-protection: 0
server: cafe
etag: 16292706846097297840
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Jun 2022 21:42:22 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame CFB0 0
0 81ms
81ms Image
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220629&jk=2352599408283853&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80e::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H2 200 tp
ad.holmesmind.com/adserver/ Frame B2C8 0
77 B 186ms
186ms Image
image/png 54.238.107.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.holmesmind.com/adserver/tp?tpid=300x250&tp=bridgewell&c=0.014364&p=e94605de818c1303cb5e74117a517c08-13861&t=1656625341
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.238.107.229 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-238-107-229.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:22 GMT
content-type: image/png
server: nginx/1.14.0 (Ubuntu)

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame FE07 0
9 B 42ms
42ms Image
text/plain 2607:f8b0:4006:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?JjjbKA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81e::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:22 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame DF42 12 B
53 B 139ms
56ms Script
text/javascript 142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=reurl.cc&callback=_gfp_s_&client=ca-pub-4485239425924787&cookie=ID%3Ddc01047ff7d83bfa-224fd8c042d30022%3AT%3D1656625339%3ART%3D1656625339%3AS%3DALNI_MZQyFBKr277imZ91sPCH8xcQoK-UQ&gpic=UID%3D0000063a4617efb8%3AT%3D1656625339%3ART%3D1656625339%3AS%3DALNI_MZdCwRSXLq7Q7Ddrnjb6yx_Nuz7kA&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206270101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame DF42 107 B
122 B 146ms
62ms Script
application/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=reurl.cc

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206270101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Jun 2022 21:42:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7038 17 KB
9 KB 507ms
507ms Document
text/html 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13802&adk=655181929&adf=2645242779&pi=t.ma~as.2784%2F13802&w=300&url=https%3A%2F%2Freurl.cc%2Fmain%2Fen&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656625342748&bpp=17&bdt=271&idt=175&shv=r20220629&mjsv=m202206270101&ptt=5&saldr=sa&cookie=ID%3Ddc01047ff7d83bfa-224fd8c042d30022%3AT%3D1656625339%3ART%3D1656625339%3AS%3DALNI_MZQyFBKr277imZ91sPCH8xcQoK-UQ&gpic=UID%3D0000063a4617efb8%3AT%3D1656625339%3ART%3D1656625339%3AS%3DALNI_MZdCwRSXLq7Q7Ddrnjb6yx_Nuz7kA&correlator=274280369543&frm=23&ife=1&pv=2&ga_vid=1674439292.1656625339&ga_sid=1656625343&ga_hid=1975221430&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=365&ady=320&biw=1600&bih=1200&isw=300&ish=250&ifk=319788758&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44766558%2C42531605%2C42531607&oid=2&pvsid=559565331182305&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.9dywiak6eq07&fsb=1&dtd=187

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206270101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aeb34c4fe0c4ac40366c43bbc38ab9c1186d7f842eb5976c71aa7605e6ed9813

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 9477
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Jun 2022 21:42:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_2022062701.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 5616 373 KB
127 KB 126ms
41ms Script
text/javascript 142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062701.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

sffe /

Resource Hash

01fb24629611503ba4ea42ea9d94c1b82449d62985a6087c5e22e9e38b9b0ff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 11:16:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 296742
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130259
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:39:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 27 Jun 2023 11:16:41 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 5616 107 B
122 B 62ms
62ms Script
application/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Jun 2022 21:42:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 5616 307 B
157 B 95ms
95ms XHR
text/plain 142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3748211639333242&correlator=378601661565689&eid=31068158%2C44768339%2C42531608&output=ldjh&gdfp_req=1&vrg=2022062701&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-38&ecs=20220630&fsapi=false&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1656625343207&lmt=1644386353&dlt=1656625342720&idt=463&biw=-12245933&bih=-12245933&adxs=-12245933&adys=-12245933&ucis=kwqvpxouzbw7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&nhd=5&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Freurl.cc%2F&top=https%3A%2F%2Freurl.cc%2F&frm=8&vis=1&scr_x=-12245933&scr_y=-12245933&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=511549883.1656625343&ga_sid=1656625343&ga_hid=1465723562&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

cafe /

Resource Hash

daf2f71db1f1c47bab32b68948278c22a0a72d3e72a4d414fcf7afb59bf22434

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:23 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 128
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cdn.aralego.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
f25fe1c71078ecfa622f900009c1dbd5.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E643 6 KB
4 KB 167ms
57ms Document
text/html 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f25fe1c71078ecfa622f900009c1dbd5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=5

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 30 Jun 2022 21:42:23 GMT
expires: Fri, 30 Jun 2023 21:42:23 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 75ms
74ms Image
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220629&jk=2352599408283853&bg=!_f6l_rrNAAaLlKKnq5Q7ACkAdvg8WvKcOPPTAalsOM3FQpoJvkXaVC6jI-tuf2iucEvo10G3xVmH1AIAAABTUgAAAAJoAQcKAAeJ7qUlkwrPmQKdqzM7aBaBjizVUDc3tJeL3Xw0nkJYeseOZEgH0mb2XqZkpMZjPuB3SYoB6M2NQZNRKofxGAOYlkZbJQ9pZJ_OVGvsgqBOc4B6fIkJK03ZLUIrJEmUKgOdTgSOWk_r_oDcp8Ic95nQjZT1LNlVbV04lZoF-JlODmCLlW_ztQTbNQDgxeCmtywLUm0iAijYpsC6WYc6xXCjOmU3CnwwMuZurttp7NdNZyH0etNvgL7I5OHamvnfp5LrlWf5cyZiKuUzfgzCNRJ0TYBZLsRYqFK8GbjA0R_wCbD2vlTYxo-iP0sPDlCCMIDpj-89MEL-wzx1VL372JtFxSnPOGzcH6HSvxQebu_wt1Z5QYDkO9ExWg4Ac92FDG7-xeXfH1HicwgYf5CZQkrno1WHeZJAqLg0fWu2_-m-oXN0dkkud3vQEiLImfjohhqARFwZCRa7Rm89N0bBAHKNSJtRT8G50g5PmVNxO9J683Gd_36yjAUd47eL8gXrbwnv-gis9rr3TNQjdXspnarce5ZOAd1QVv2cFnuiwvYFMDfhhpESOBhulz5shBur_9A1tfhRZbrqiTGEnLSjGIEeUCW92legAuBXollbsuXmipd6zkxzi7bEXmyKPeyNLHDHz6s-AYRRNZV7qeCT9d-KykyoEuaoPwmLKjlL4Ykq3UXwAEVl2ET8J2Gi7lsjidRXGxcV1o0Dn0Tc8KAkvKKbKlWBPCfNbbCyiwe8OwFaNlUo6CV_Qkvcheu-vBmAskHF8EvbwpwVTSKuUDz_rktjDLyWoUuw1sUs_6Tp0CRQ1UqTc4qrPpZJTbeDFD7SaNphavDjKscb5B1lotxT7I3xDQAri9Hs0BZxZVmp8O1YWckNb-CYVgyVn13aIh9wQQMdI_tQD3Yt
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80e::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 5616 14 KB
10 KB 64ms
64ms XHR
application/json 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022062701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d5bd8192b0b2f87984fc56393fda3c03a333c39a8a68ee431d150281395f7b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Jun 2022 21:42:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10537
x-xss-protection: 0

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7038 42 B
63 B 70ms
68ms Image
image/gif 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BUSJ38_4XSRQBuhS2gZ5tUVh7ppMRzp4UnC9jsk72nZtILaE2uLHGywlAtCh43q7uw539LoYjPoVijX_7Z4MbMiGOMJmQRydkP2Zt8yIixGcwIqIw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13802&adk=655181929&adf=2645242779&pi=t.ma~as.2784%2F13802&w=300&url=https%3A%2F%2Freurl.cc%2Fmain%2Fen&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656625342748&bpp=17&bdt=271&idt=175&shv=r20220629&mjsv=m202206270101&ptt=5&saldr=sa&cookie=ID%3Ddc01047ff7d83bfa-224fd8c042d30022%3AT%3D1656625339%3ART%3D1656625339%3AS%3DALNI_MZQyFBKr277imZ91sPCH8xcQoK-UQ&gpic=UID%3D0000063a4617efb8%3AT%3D1656625339%3ART%3D1656625339%3AS%3DALNI_MZdCwRSXLq7Q7Ddrnjb6yx_Nuz7kA&correlator=274280369543&frm=23&ife=1&pv=2&ga_vid=1674439292.1656625339&ga_sid=1656625343&ga_hid=1975221430&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=365&ady=320&biw=1600&bih=1200&isw=300&ish=250&ifk=319788758&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44766558%2C42531605%2C42531607&oid=2&pvsid=559565331182305&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.9dywiak6eq07&fsb=1&dtd=187

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 21:42:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame 7038 3 KB
1 KB 43ms
41ms Script
text/javascript 2607:f8b0:4006:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:31:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 678
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Jul 2022 21:31:05 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7038 138 KB
43 KB 336ms
79ms Script
text/javascript 2607:f8b0:4006:80d::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43256
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1656329918998510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 30 Jun 2022 21:42:23 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame 7038 17 KB
7 KB 42ms
41ms Script
text/javascript 2607:f8b0:4006:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:25:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1014
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Jul 2022 21:25:29 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 7038 0
0 59ms
58ms Image
text/html 2607:f8b0:4006:823::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ_0ha46mOE4nO83b_tP2nxEV3pDgsMaWFT2CuHZS_nHwYsgQu5zoEgfQOdgP5AFf3JDDp5T9KhS785CJgeAL9XkegWEQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13802&adk=655181929&adf=2645242779&pi=t.ma~as.2784%2F13802&w=300&url=https%3A%2F%2Freurl.cc%2Fmain%2Fen&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656625342748&bpp=17&bdt=271&idt=175&shv=r20220629&mjsv=m202206270101&ptt=5&saldr=sa&cookie=ID%3Ddc01047ff7d83bfa-224fd8c042d30022%3AT%3D1656625339%3ART%3D1656625339%3AS%3DALNI_MZQyFBKr277imZ91sPCH8xcQoK-UQ&gpic=UID%3D0000063a4617efb8%3AT%3D1656625339%3ART%3D1656625339%3AS%3DALNI_MZdCwRSXLq7Q7Ddrnjb6yx_Nuz7kA&correlator=274280369543&frm=23&ife=1&pv=2&ga_vid=1674439292.1656625339&ga_sid=1656625343&ga_hid=1975221430&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=365&ady=320&biw=1600&bih=1200&isw=300&ish=250&ifk=319788758&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44766558%2C42531605%2C42531607&oid=2&pvsid=559565331182305&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.9dywiak6eq07&fsb=1&dtd=187
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:823::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 5616 17 KB
6 KB 57ms
56ms Script
text/javascript 2607:f8b0:4006:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 30 Jun 2022 21:42:23 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 1EEC 624 B
297 B 61ms
61ms Document
text/html 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCqpPCiAxi6kKnJATAB&v=APEucNXMp7L7JMGYMCJvnUtKyy6fkaVOZMfXw4huFbaJNE4tc9aZcI673vEl4PuvjRvkaYvB32Xl1lrSdICQdGosC70Zzq4uJg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13802&adk=655181929&adf=2645242779&pi=t.ma~as.2784%2F13802&w=300&url=https%3A%2F%2Freurl.cc%2Fmain%2Fen&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656625342748&bpp=17&bdt=271&idt=175&shv=r20220629&mjsv=m202206270101&ptt=5&saldr=sa&cookie=ID%3Ddc01047ff7d83bfa-224fd8c042d30022%3AT%3D1656625339%3ART%3D1656625339%3AS%3DALNI_MZQyFBKr277imZ91sPCH8xcQoK-UQ&gpic=UID%3D0000063a4617efb8%3AT%3D1656625339%3ART%3D1656625339%3AS%3DALNI_MZdCwRSXLq7Q7Ddrnjb6yx_Nuz7kA&correlator=274280369543&frm=23&ife=1&pv=2&ga_vid=1674439292.1656625339&ga_sid=1656625343&ga_hid=1975221430&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=365&ady=320&biw=1600&bih=1200&isw=300&ish=250&ifk=319788758&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44766558%2C42531605%2C42531607&oid=2&pvsid=559565331182305&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.9dywiak6eq07&fsb=1&dtd=187
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Jun 2022 21:42:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 7038 77 KB
32 KB 98ms
97ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A4njlaiqeaUq_xzGnbMR4ZS8tfBp_OTYvgyhqAgH_nAPxhdvNi3W__iLCdiGwhHQCqy2t-2t2NEqiKw2yEU0S4Bw-ELC5HhP3gchcuF88-4sUcVElqS4L3kmL9a1WuI2DdSR0_5YtiI-d9_GJBtcFme20f1g&dbm_d=AKAmf-B3mSGb-PzyxaJfR-4LlYHfFxRrmqD14FAPzrABPu0XuKrQgg_kdjrCBnTcbQtorKbIu2BTRpFmciwO6NvJGeYAb7AlSN9PlyY_dlgBS74x-K8EGx1VAqBLaqrPyy4KMdlheeUUEIsANkkKJqu0oC9_7zZpV1DZLKRa1j8yMURrh1V-7z871sZ9q4-398eIQ4tZMxnPBVOBEVhph1VkpRCEp8aRQ7_pjYrTlHmmGDGKULm9sFCuGXNjzoBKrjSYPRG_RZwKGkiEp-a4hohWhS4FEQEFKybC5h0iI6dBisoBcrmg-yXBa7ZUHms61d2g96Mljff9jbK7nPxJc7D_R20jxhy382iaD6PH7YEnKPg0EWwJc_gJgVXRlS8c0ATwXPwGl2X7YmNgspm1yBQCwlMC9utEH4LMUO-OuIbl5xu7qztwl1Fo9HC_T_km2r4y-MDl8MXJjaJrcjjuvPX3cQ1XmftOpPnLIbxYixVBkdFvQkITPyRjtcdiyIypCW2ERI2ivZdxS-o-aZ_6jMARcwe8TX1aBqynrifiVw9MSOvDL3TNxVJfCxI3N-1Yc4Gb4QNPyjyhmcPi0TGWvC1_q2gFvgxg9QCqYZsnufIpnahpyQBxTH80qcGgd0E316b8p5A6h9W5oPZEc10cRNXMCOq2kHRmxpmhbhAkI48xqWlrWIJmWeLriZwIeplYX9jKV4n5ot5y0I10LuwqEHG55ihptZ7DEBpKgKo5AIjoIoWej8AS5_MH3uyEsQmhYe0cnecbduldV3YJUhhRmVtkKgiWQR1AvdjqsQjfqMRWl4DyLP7EftcWysFlLpvX23SSI5enBzmz-l6OeWVuuXDYSnpv3OHmSyNA7tX5QBlIA9GN68HtMFrIxQkKZGh-04vE0XvvE2NxTz--E9U9m8l_5wiMyYmApf0y3hDYQ8pGMVUNjDA-HpxuDPlxfO0JI3MOF3lJCqZRNNvU7_GX845kynooFLyYbxhenLg9RS9xK4f6eMSgIYtuTgK3YYe0Jexf4kiaecugguZgwDC4ZjQuZeFS9eJg877eUgTneQe58B5BsDL2oLea094fl5WFqPlqlvf-B-t3yRLWbNHWPGu-FXtIU8ksZVtoG1gOOSdabiQjxwtK-mx4eTPNE0A4DxwI8LpLw-mTVDOYFYVeVm0SgyYaombVjRbJhLtmVWHgmw1kJl9vzeYEUDzZG-qSejcSNHfHZWfQYCjj4hMxYDNewfYY-iDgd1huHcwuV6PFg_eTcLcKufY9cvfkPeI5MM0_8CC2GzJdSLZruoNdNDG2VJdi7PWbTnXumQtysQiTJtPUuzMZspKLYrVLFr2K-zcLyw-HU5J4fj8zrdMHXyst_hxK7LFZs7FQW7lXvy5oHQazssAiIbQSegeWNnieWDPqVhAGENj0bPEQ_jE499kCHQOjIBkxStzza5WF7DZZntDxelHKveVN7ebKZxOXEI7LET_GoCxa9-xr44cc5L-4w-u23wkoKrQTuxGIiltF-egBhz0GLTZh_fkPFnKNyj8th-UitTpTfvLbCuf3_-Q_fgnw7XFQMwQZzUkeFW9u1utUV9Ppb-ttBFzPzgRGkQJLMkx9bKO4IcLNzw88YtBcRGIxwAh0yj1wwEcZxM5PRKZfRrU2ng6iTLw08xbyRKBbB-ti7YCL6afOv4BOOCgXcKpDHjr7fHuagytsEcU9NJ0qCNMXKinQzzZq5BDT-DaG3yvUMtGHazGa34Jm3Jcm52M6u2TerK2QhU9PPP9IS7B_isnMjLUlwzh3XDTHlOmO_51TsQFmLFI9vvmZb_cp9Oxh6GWsFyUOWC2w-mI4p9rZUVfFJ3PAUT6AZ_hhMboQaPXdovT2R8C4jdCxBpC9Y2HZrtjpy5wMe5YDRwbdYTks3NsdyEaeQ3nrPmrRgsobGjfzknvelAod2d_wSPp7rX1EUIaX7GhYhh8N97Xc7mki5xuxRfHms3SyL6fb9AwcdlMnBn7J91av9ixkSOFTJuwhrw_AdhpNGBGoxln5P4nVVsV22ytnxBRxRA7gJVEZge-0QzYq4Uf7FLoU7mMbqslYSnUfbSZqWVhr2YlJgqgdgAqs-OLMk4MbaSICfcQWhSxJ9KkSfICunZ7yTBL8ElAIlSqpbz65Tkk5zvG_aK6_SEBo8d3Go6flpsBogdXHj5Tk4WktSj_qucjH85t3SHJ0tgLnbmuknwzEzTPDdpsX6m-oVW9DX5f3uL1Cfbc4u94b9-nCbbHgPiOtVatbQdpAmD6_Qihm7hcyXEgyE8OFp_iF35y2gLN183G3Tq68H0dC937SypYxLFILZtzE_h3vu8xHv-8oAHW1g4CnNTQUxeQONpGUDd-1MNu3dG9gn9HYtijt_-XzcC4LsN5b4xB3X35UlRb2ohTjIYgkPuENqJtAyXiVTio4r8XBLQx0oFrY74cSLHanMyQAU85xMV2Rpb6wHEke0YaO4wdrJ3YbFdTcsPvlD-ySD_B5HTLK7bk-Y1oX_fyLBUN_d9sjqmSExer_ks9Ar_4nVQ5ne1HvU-4loqwurG4MvVyswd1XLJi6j8nnzu4n6kSRf3CjLBZvXRmPp3lfoQEg9Nb72k-ahOTPDa0y8ErN3D94AISoRWVBcMGRWY3ySYvkt-BYYZ2YjgIbsX-QOr1cs8cTyVapxhihiZzOkgCIYYWdJNB8Byc0tli6CuWa8eWPnooOklXvD9eBsRf-BnIO1JNvmNevhtfb1CF3h1af0l_rb54XREvika15Q-abyRbSLaYOvVJBAE70hpTtIAC-vJCxoKwQKA9Dh5D69brB8qsaY1gE0tI8QH-PNhTaJUUJr_clyac0mevAs6taJkHKbrdcSn7zPeDqVMT3wNL-ZORvG0e82oeBZnXWKaG2rOTc3et0uHcLzpMe26GXpNzF9whcuERbPY7BcALutyrfkak7dswusyPY3QXHVTfgOmllpsrSSCTu6DvDQgCHHNpXR9apO2ZKgHR9LlcBn1nHeMqx1fNCz4wkHxUlGmU_lKyXy34O5ovGwEAZP-POLi7w2Rh0Mze04s4jZoqqv6_SeDIV5nvICryjI1DhNZvpyCx5zUm72tWjmepLVA-4bR2Cl0Bo9zELlHNaP5-E9-sw0tLl7KoohKa0Boc-TsCovZWKcPMOs_KGGnG7KMCYA2SCZtFP962KytZ0G_c&cid=CAASJeRoTTsk86yUouzPuAG7gXUT1QPiWszrtcyUamDPSeo6Nx4R0Y0&rfl=6%2Chttps%253A%252F%252Freurl.cc%242%2C%2C%2C%2C%2Chttps%253A%252F%252Freurl.cc%252F%240

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9e07a3a7a2d0d0e8eadb51ad8517a84b68d3adcdead1be438e51d76e98f22dc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13802&adk=655181929&adf=2645242779&pi=t.ma~as.2784%2F13802&w=300&url=https%3A%2F%2Freurl.cc%2Fmain%2Fen&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656625342748&bpp=17&bdt=271&idt=175&shv=r20220629&mjsv=m202206270101&ptt=5&saldr=sa&cookie=ID%3Ddc01047ff7d83bfa-224fd8c042d30022%3AT%3D1656625339%3ART%3D1656625339%3AS%3DALNI_MZQyFBKr277imZ91sPCH8xcQoK-UQ&gpic=UID%3D0000063a4617efb8%3AT%3D1656625339%3ART%3D1656625339%3AS%3DALNI_MZdCwRSXLq7Q7Ddrnjb6yx_Nuz7kA&correlator=274280369543&frm=23&ife=1&pv=2&ga_vid=1674439292.1656625339&ga_sid=1656625343&ga_hid=1975221430&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=365&ady=320&biw=1600&bih=1200&isw=300&ish=250&ifk=319788758&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44766558%2C42531605%2C42531607&oid=2&pvsid=559565331182305&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.9dywiak6eq07&fsb=1&dtd=187
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 21:42:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33181
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7064 13 KB
5 KB 43ms
43ms Document
text/html 2607:f8b0:4006:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 154346
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 29 Jun 2022 02:49:57 GMT
expires: Thu, 29 Jun 2023 02:49:57 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B73A 783 B
536 B 64ms
64ms Document
text/html 2607:f8b0:4006:823::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2004 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b367e007532c0da845d4f68079be015707ce9eddab519a940c9fe5794ceec63d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1Iq8UNtKEVf5LjXz2pnqOg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-1Iq8UNtKEVf5LjXz2pnqOg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 30 Jun 2022 21:42:23 GMT
expires: Thu, 30 Jun 2022 21:42:23 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 7038 106 KB
38 KB 169ms
40ms Script
text/javascript 2607:f8b0:4006:821::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 18:12:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12618
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 01 Jul 2022 18:12:05 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220629/r20110914/elements/html/ Frame 7038 8 KB
3 KB 41ms
41ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220629/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A4njlaiqeaUq_xzGnbMR4ZS8tfBp_OTYvgyhqAgH_nAPxhdvNi3W__iLCdiGwhHQCqy2t-2t2NEqiKw2yEU0S4Bw-ELC5HhP3gchcuF88-4sUcVElqS4L3kmL9a1WuI2DdSR0_5YtiI-d9_GJBtcFme20f1g&dbm_d=AKAmf-B3mSGb-PzyxaJfR-4LlYHfFxRrmqD14FAPzrABPu0XuKrQgg_kdjrCBnTcbQtorKbIu2BTRpFmciwO6NvJGeYAb7AlSN9PlyY_dlgBS74x-K8EGx1VAqBLaqrPyy4KMdlheeUUEIsANkkKJqu0oC9_7zZpV1DZLKRa1j8yMURrh1V-7z871sZ9q4-398eIQ4tZMxnPBVOBEVhph1VkpRCEp8aRQ7_pjYrTlHmmGDGKULm9sFCuGXNjzoBKrjSYPRG_RZwKGkiEp-a4hohWhS4FEQEFKybC5h0iI6dBisoBcrmg-yXBa7ZUHms61d2g96Mljff9jbK7nPxJc7D_R20jxhy382iaD6PH7YEnKPg0EWwJc_gJgVXRlS8c0ATwXPwGl2X7YmNgspm1yBQCwlMC9utEH4LMUO-OuIbl5xu7qztwl1Fo9HC_T_km2r4y-MDl8MXJjaJrcjjuvPX3cQ1XmftOpPnLIbxYixVBkdFvQkITPyRjtcdiyIypCW2ERI2ivZdxS-o-aZ_6jMARcwe8TX1aBqynrifiVw9MSOvDL3TNxVJfCxI3N-1Yc4Gb4QNPyjyhmcPi0TGWvC1_q2gFvgxg9QCqYZsnufIpnahpyQBxTH80qcGgd0E316b8p5A6h9W5oPZEc10cRNXMCOq2kHRmxpmhbhAkI48xqWlrWIJmWeLriZwIeplYX9jKV4n5ot5y0I10LuwqEHG55ihptZ7DEBpKgKo5AIjoIoWej8AS5_MH3uyEsQmhYe0cnecbduldV3YJUhhRmVtkKgiWQR1AvdjqsQjfqMRWl4DyLP7EftcWysFlLpvX23SSI5enBzmz-l6OeWVuuXDYSnpv3OHmSyNA7tX5QBlIA9GN68HtMFrIxQkKZGh-04vE0XvvE2NxTz--E9U9m8l_5wiMyYmApf0y3hDYQ8pGMVUNjDA-HpxuDPlxfO0JI3MOF3lJCqZRNNvU7_GX845kynooFLyYbxhenLg9RS9xK4f6eMSgIYtuTgK3YYe0Jexf4kiaecugguZgwDC4ZjQuZeFS9eJg877eUgTneQe58B5BsDL2oLea094fl5WFqPlqlvf-B-t3yRLWbNHWPGu-FXtIU8ksZVtoG1gOOSdabiQjxwtK-mx4eTPNE0A4DxwI8LpLw-mTVDOYFYVeVm0SgyYaombVjRbJhLtmVWHgmw1kJl9vzeYEUDzZG-qSejcSNHfHZWfQYCjj4hMxYDNewfYY-iDgd1huHcwuV6PFg_eTcLcKufY9cvfkPeI5MM0_8CC2GzJdSLZruoNdNDG2VJdi7PWbTnXumQtysQiTJtPUuzMZspKLYrVLFr2K-zcLyw-HU5J4fj8zrdMHXyst_hxK7LFZs7FQW7lXvy5oHQazssAiIbQSegeWNnieWDPqVhAGENj0bPEQ_jE499kCHQOjIBkxStzza5WF7DZZntDxelHKveVN7ebKZxOXEI7LET_GoCxa9-xr44cc5L-4w-u23wkoKrQTuxGIiltF-egBhz0GLTZh_fkPFnKNyj8th-UitTpTfvLbCuf3_-Q_fgnw7XFQMwQZzUkeFW9u1utUV9Ppb-ttBFzPzgRGkQJLMkx9bKO4IcLNzw88YtBcRGIxwAh0yj1wwEcZxM5PRKZfRrU2ng6iTLw08xbyRKBbB-ti7YCL6afOv4BOOCgXcKpDHjr7fHuagytsEcU9NJ0qCNMXKinQzzZq5BDT-DaG3yvUMtGHazGa34Jm3Jcm52M6u2TerK2QhU9PPP9IS7B_isnMjLUlwzh3XDTHlOmO_51TsQFmLFI9vvmZb_cp9Oxh6GWsFyUOWC2w-mI4p9rZUVfFJ3PAUT6AZ_hhMboQaPXdovT2R8C4jdCxBpC9Y2HZrtjpy5wMe5YDRwbdYTks3NsdyEaeQ3nrPmrRgsobGjfzknvelAod2d_wSPp7rX1EUIaX7GhYhh8N97Xc7mki5xuxRfHms3SyL6fb9AwcdlMnBn7J91av9ixkSOFTJuwhrw_AdhpNGBGoxln5P4nVVsV22ytnxBRxRA7gJVEZge-0QzYq4Uf7FLoU7mMbqslYSnUfbSZqWVhr2YlJgqgdgAqs-OLMk4MbaSICfcQWhSxJ9KkSfICunZ7yTBL8ElAIlSqpbz65Tkk5zvG_aK6_SEBo8d3Go6flpsBogdXHj5Tk4WktSj_qucjH85t3SHJ0tgLnbmuknwzEzTPDdpsX6m-oVW9DX5f3uL1Cfbc4u94b9-nCbbHgPiOtVatbQdpAmD6_Qihm7hcyXEgyE8OFp_iF35y2gLN183G3Tq68H0dC937SypYxLFILZtzE_h3vu8xHv-8oAHW1g4CnNTQUxeQONpGUDd-1MNu3dG9gn9HYtijt_-XzcC4LsN5b4xB3X35UlRb2ohTjIYgkPuENqJtAyXiVTio4r8XBLQx0oFrY74cSLHanMyQAU85xMV2Rpb6wHEke0YaO4wdrJ3YbFdTcsPvlD-ySD_B5HTLK7bk-Y1oX_fyLBUN_d9sjqmSExer_ks9Ar_4nVQ5ne1HvU-4loqwurG4MvVyswd1XLJi6j8nnzu4n6kSRf3CjLBZvXRmPp3lfoQEg9Nb72k-ahOTPDa0y8ErN3D94AISoRWVBcMGRWY3ySYvkt-BYYZ2YjgIbsX-QOr1cs8cTyVapxhihiZzOkgCIYYWdJNB8Byc0tli6CuWa8eWPnooOklXvD9eBsRf-BnIO1JNvmNevhtfb1CF3h1af0l_rb54XREvika15Q-abyRbSLaYOvVJBAE70hpTtIAC-vJCxoKwQKA9Dh5D69brB8qsaY1gE0tI8QH-PNhTaJUUJr_clyac0mevAs6taJkHKbrdcSn7zPeDqVMT3wNL-ZORvG0e82oeBZnXWKaG2rOTc3et0uHcLzpMe26GXpNzF9whcuERbPY7BcALutyrfkak7dswusyPY3QXHVTfgOmllpsrSSCTu6DvDQgCHHNpXR9apO2ZKgHR9LlcBn1nHeMqx1fNCz4wkHxUlGmU_lKyXy34O5ovGwEAZP-POLi7w2Rh0Mze04s4jZoqqv6_SeDIV5nvICryjI1DhNZvpyCx5zUm72tWjmepLVA-4bR2Cl0Bo9zELlHNaP5-E9-sw0tLl7KoohKa0Boc-TsCovZWKcPMOs_KGGnG7KMCYA2SCZtFP962KytZ0G_c&cid=CAASJeRoTTsk86yUouzPuAG7gXUT1QPiWszrtcyUamDPSeo6Nx4R0Y0&rfl=6%2Chttps%253A%252F%252Freurl.cc%242%2C%2C%2C%2C%2Chttps%253A%252F%252Freurl.cc%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:37:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 298
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Jul 2022 21:37:25 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220629/r20110914/ Frame 7038 27 KB
10 KB 41ms
41ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220629/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8247e71c60f01cce914615568139113018a1a129dceb0fe0af55edb0211b8fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:40:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 143
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10545
x-xss-protection: 0
server: cafe
etag: 4672069523611413616
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Jul 2022 21:40:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 1EEC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECl9wOj32ILY04jUKt8SCHk&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECl9wOj32ILY04jUKt8SCHk&google_cver=1&C=1

43 B
907 B

133ms
121ms

Image
image/gif

104.18.18.126

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECl9wOj32ILY04jUKt8SCHk&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCqpPCiAxi6kKnJATAB&v=APEucNXMp7L7JMGYMCJvnUtKyy6fkaVOZMfXw4huFbaJNE4tc9aZcI673vEl4PuvjRvkaYvB32Xl1lrSdICQdGosC70Zzq4uJg
Protocol: H3
Server: 104.18.18.126 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray: 723a124fc94362b7-ORD
pragma: no-cache
date: Thu, 30 Jun 2022 21:42:24 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xrQbZ8arbmT64Blx0BzaYNcvm2ybbt%2BmcaGjpAr%2FQtDOF8bEKndNVue8jqcPElCNCe6rvTtT8JFEklOH%2BzBYl0MsCNVwp%2FSurer9PkV9zn4vJOqJOmcl3NOCaoURyS4EDvWbGSIzj0Qutg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 30 Jun 2022 21:42:23 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BUgyLQ6Wn%2Fp%2F2EnLIgtkL1bj8EkRJ9euw1toR3etUnLqCpsqbsOdSmuOoEh9dNUuXo8ddDVGG%2FW2EYUlkE1GIOjMY%2BXbRaT%2F67wm%2BDt1zSetp4C8Wh8gkrPcNyPp2uDBSpm0%2BRw%2FJiohvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESECl9wOj32ILY04jUKt8SCHk&google_cver=1&C=1
cache-control: no-cache
cf-ray: 723a124eecdb2d58-ORD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 1EEC
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yr4Yv9pDOTXRWhibtOAmcAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECl9wOj32ILY04jUKt8SCHk&google_cver=1

43 B
907 B

80ms
79ms

Image
image/gif

104.18.18.126

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECl9wOj32ILY04jUKt8SCHk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCqpPCiAxi6kKnJATAB&v=APEucNXMp7L7JMGYMCJvnUtKyy6fkaVOZMfXw4huFbaJNE4tc9aZcI673vEl4PuvjRvkaYvB32Xl1lrSdICQdGosC70Zzq4uJg
Protocol: H3
Server: 104.18.18.126 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray: 723a1250fbc662b7-ORD
pragma: no-cache
date: Thu, 30 Jun 2022 21:42:24 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l2KZlVFK0%2Bdpb0sTg7uKBTrwrpeypeueWjLAtIJK2w7DoDXSq3vFdJK%2B4b%2F3jsblNOhF4fEdBmCU18PHgVdKDzcQbbSlcL8LsIHd4MNYJqGZDI%2B3q0d8Ydxu4FbuimsXmVdMulx4xKR4Pg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 30 Jun 2022 21:42:24 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECl9wOj32ILY04jUKt8SCHk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 1EEC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEMaoiuXWSrOAmsfFjLhfE6U&google_cver=1

43 B
1018 B

152ms
64ms

Image
image/gif

68.67.179.135
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEMaoiuXWSrOAmsfFjLhfE6U&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCqpPCiAxi6kKnJATAB&v=APEucNXMp7L7JMGYMCJvnUtKyy6fkaVOZMfXw4huFbaJNE4tc9aZcI673vEl4PuvjRvkaYvB32Xl1lrSdICQdGosC70Zzq4uJg

Protocol

HTTP/1.1

Server

68.67.179.135 Secaucus, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 30 Jun 2022 21:42:23 GMT
X-Proxy-Origin: 104.237.193.28; 104.237.193.28; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid: 557e95b1-23ea-49f2-8836-fa718063d424
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 30 Jun 2022 21:42:23 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEMaoiuXWSrOAmsfFjLhfE6U&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1EEC
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDAzOTQzMjY5MTE1NzYzNDMyNQ%3D%3D

170 B
188 B

63ms
62ms

Image
image/png

142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDAzOTQzMjY5MTE1NzYzNDMyNQ%3D%3D

Requested by

Protocol

Server

142.251.32.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 21:42:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 30 Jun 2022 21:42:23 GMT
X-Proxy-Origin: 104.237.193.28; 104.237.193.28; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid: 287096b5-29c8-4f8d-a632-7e1758f91304
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDAzOTQzMjY5MTE1NzYzNDMyNQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 7038 41 KB
15 KB 42ms
42ms Script
text/javascript 2607:f8b0:4006:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:13:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 271717
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 27 Jun 2023 18:13:46 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 2600 1 KB
749 B 42ms
41ms Document
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 8417
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Jun 2022 19:22:06 GMT
etag: 48472445140208031
expires: Fri, 01 Jul 2022 19:22:06 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 edue1xTc5YuiZOhJi4VIA_c20CetZt5T9y7Q3cNnrTA.js Show response
pagead2.googlesyndication.com/bg/ Frame 7064 36 KB
14 KB 42ms
41ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/edue1xTc5YuiZOhJi4VIA_c20CetZt5T9y7Q3cNnrTA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79db9ed714dce58ba264e8498b854803f736d027ad66de53f72ed0ddc367ad30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 19:22:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 267573
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13936
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 27 Jun 2023 19:22:50 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame C2DD 22 KB
8 KB 42ms
41ms Document
text/html 2607:f8b0:4006:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 271715
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 27 Jun 2022 18:13:48 GMT
expires: Tue, 27 Jun 2023 18:13:48 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2600
Redirect Chain

https://px.owneriq.net/ecmg?google_gid=CAESEDNU4Pimp-gs-joqFsTLXJk&google_cver=1&google_push=ARnp8GCPosS0dHirlgyBrSMAzmJ7duzOYN9alRhc7a75TW7yE3aJrmFm5gDwdJtKW-ajYbGGR982dC158YIhY1bo174uz-6R4TlS
https://px.owneriq.net/ecc?redir=https%3a%2f%2fcm.g.doubleclick.net%2fpixel%3fgoogle_nid%3downeriq1%26google_sc%26google_push%3dARnp8GCPosS0dHirlgyBrSMAzmJ7duzOYN9alRhc7a75TW7yE3aJrmFm5gDwdJtKW-ajY...
https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=ARnp8GCPosS0dHirlgyBrSMAzmJ7duzOYN9alRhc7a75TW7yE3aJrmFm5gDwdJtKW-ajYbGGR982dC158YIhY1bo174uz-6R4TlS&google_cver=1&googl...

170 B
188 B

57ms
57ms

Image
image/png

142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=ARnp8GCPosS0dHirlgyBrSMAzmJ7duzOYN9alRhc7a75TW7yE3aJrmFm5gDwdJtKW-ajYbGGR982dC158YIhY1bo174uz-6R4TlS&google_cver=1&google_gid=CAESEDNU4Pimp-gs-joqFsTLXJk&google_hm=UTcwOTkxMTc0MzE5NDMwNjgzNjY=

Requested by

Protocol

Server

142.251.32.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 21:42:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 30 Jun 2022 21:42:24 GMT
Server: Apache/2.4.6 (CentOS)
X-Powered-By: PHP/7.3.33
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=ARnp8GCPosS0dHirlgyBrSMAzmJ7duzOYN9alRhc7a75TW7yE3aJrmFm5gDwdJtKW-ajYbGGR982dC158YIhY1bo174uz-6R4TlS&google_cver=1&google_gid=CAESEDNU4Pimp-gs-joqFsTLXJk&google_hm=UTcwOTkxMTc0MzE5NDMwNjgzNjY=
Cache-Control: max-age=37733
Connection: keep-alive
Content-Type: text/html
Content-Length: 154

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2600
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEPK52E4d5YNP9NU3ZU44Sxw&google_cver=1&google_push=ARnp8GDHJMRbbCDmFiofxpNBhaLbhUBdR-fhXyCYy8MHq_qF7MWYLAEkyHpTyyz9H9dW4CfkKmZ2trBTcyHa93Gw...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ARnp8GDHJMRbbCDmFiofxpNBhaLbhUBdR-fhXyCYy8MHq_qF7MWYLAEkyHpTyyz9H9dW4CfkKmZ2trBTcyHa93Gw-uzSkofvPTU

170 B
188 B

60ms
59ms

Image
image/png

142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ARnp8GDHJMRbbCDmFiofxpNBhaLbhUBdR-fhXyCYy8MHq_qF7MWYLAEkyHpTyyz9H9dW4CfkKmZ2trBTcyHa93Gw-uzSkofvPTU

Requested by

Protocol

Server

142.251.32.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 21:42:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 30 Jun 2022 21:42:23 GMT
Server: MT3 4475 c1dc35a master iad-pixel-x28 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ARnp8GDHJMRbbCDmFiofxpNBhaLbhUBdR-fhXyCYy8MHq_qF7MWYLAEkyHpTyyz9H9dW4CfkKmZ2trBTcyHa93Gw-uzSkofvPTU
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 30 Jun 2022 21:42:22 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2600
Redirect Chain

https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEGJ3_8GcsNiG8BhkaDI6jwg&google_cver=...
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=MTdmOGQyYTEtYjljNi00MDM3LTg3NWUtMWM4NGZmYjA5OWVj&google_gid=CAESEGJ3_8GcsNiG8BhkaDI6jwg&google_cver=1&google_push=ARnp8GAS...

170 B
188 B

59ms
59ms

Image
image/png

142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=MTdmOGQyYTEtYjljNi00MDM3LTg3NWUtMWM4NGZmYjA5OWVj&google_gid=CAESEGJ3_8GcsNiG8BhkaDI6jwg&google_cver=1&google_push=ARnp8GASwWdy_y9a8OQoQe0nuaTJ-jLt1JKwAPrThmJzJjS_DJJMG7ZFNisEd2lCFj4VoCa4CrpTZ_VI9Kl9vF9tjwM3YqqzINxU

Requested by

Protocol

Server

142.251.32.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 21:42:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=MTdmOGQyYTEtYjljNi00MDM3LTg3NWUtMWM4NGZmYjA5OWVj&google_gid=CAESEGJ3_8GcsNiG8BhkaDI6jwg&google_cver=1&google_push=ARnp8GASwWdy_y9a8OQoQe0nuaTJ-jLt1JKwAPrThmJzJjS_DJJMG7ZFNisEd2lCFj4VoCa4CrpTZ_VI9Kl9vF9tjwM3YqqzINxU
date: Thu, 30 Jun 2022 21:42:23 GMT
content-length: 0
strict-transport-security: max-age=15724800; includeSubDomains
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2600
Redirect Chain

https://c.us1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_push=%GOOGLE_PUSH%&cty=br&google_gid=CAESEPe5qC_5DdZn7NdMpmvTAx8&google_cver=1&google_push=ARnp8GBk0wskr0VJGGPCzwpY9AQKoZVYuCdn4SJz7dMgScwMM...
https://c.us1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_push=%GOOGLE_PUSH%&cty=br&google_gid=CAESEPe5qC_5DdZn7NdMpmvTAx8&google_cver=1&google_push=ARnp8GBk0wskr0VJGGPCzwpY9AQKoZVYuCdn4SJz7dMgScwMM...
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic_brazil&google_push=ARnp8GBk0wskr0VJGGPCzwpY9AQKoZVYuCdn4SJz7dMgScwMM2zONKZysooQuhHJVsAXOPgJ3Hkt7JNoV6eeeWErmEX70EGcQ_yF&google_hm=MDYwMzAwMDFf...

170 B
188 B

67ms
65ms

Image
image/png

142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=dynadmic_brazil&google_push=ARnp8GBk0wskr0VJGGPCzwpY9AQKoZVYuCdn4SJz7dMgScwMM2zONKZysooQuhHJVsAXOPgJ3Hkt7JNoV6eeeWErmEX70EGcQ_yF&google_hm=MDYwMzAwMDFfNjJiZTE4YmZlZTE1Ng%3D%3D

Requested by

Protocol

Server

142.251.32.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 21:42:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 30 Jun 2022 21:42:24 GMT
server: nginx
access-control-allow-origin: *
transfer-encoding: chunked
access-control-allow-methods: POST, GET, OPTIONS
p3p: CP="NOI DEV OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_nid=dynadmic_brazil&google_push=ARnp8GBk0wskr0VJGGPCzwpY9AQKoZVYuCdn4SJz7dMgScwMM2zONKZysooQuhHJVsAXOPgJ3Hkt7JNoV6eeeWErmEX70EGcQ_yF&google_hm=MDYwMzAwMDFfNjJiZTE4YmZlZTE1Ng%3D%3D
cache-control: no-cache
content-type: text/html; charset=UTF-8
access-control-allow-headers: Origin
keep-alive: timeout=10

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2600
Redirect Chain

https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEKlUa4yIe_DdhdjKNZhAlGI&google_cver=1&google_push=ARnp8GDhTzaVr9TKywB35QrGxfzC4bmdtWlR59LJZy_edrnhxr6abHUThI7i5abgAd9tAxS7UWlBm-gmxyIJww_yQX...
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTYxNjA0MDc1Njk0Mzg0NDQ1NjE&google_push=ARnp8GDhTzaVr9TKywB35QrGxfzC4bmdtWlR59LJZy_edrnhxr6abHUThI7i5abgAd9tAxS7UWlBm-gmxyIJww_yQXnS...

170 B
188 B

61ms
58ms

Image
image/png

142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTYxNjA0MDc1Njk0Mzg0NDQ1NjE&google_push=ARnp8GDhTzaVr9TKywB35QrGxfzC4bmdtWlR59LJZy_edrnhxr6abHUThI7i5abgAd9tAxS7UWlBm-gmxyIJww_yQXnS6BBT0q-W

Requested by

Protocol

Server

142.251.32.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 21:42:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTYxNjA0MDc1Njk0Mzg0NDQ1NjE&google_push=ARnp8GDhTzaVr9TKywB35QrGxfzC4bmdtWlR59LJZy_edrnhxr6abHUThI7i5abgAd9tAxS7UWlBm-gmxyIJww_yQXnS6BBT0q-W
Date: Thu, 30 Jun 2022 21:42:23 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2600
Redirect Chain

https://ads.yieldmo.com/exptsync?google_gid=CAESELOLmCxT98bLtX_Kj9TCBn8&google_cver=1&google_push=ARnp8GDzi92v98Z7wRssny5Rez9TcvvSKMBv88DYor1h6Jan-8LK3lWICCn37YLJviOeADtheWGUXSd_aSuegrd6VS46GUU7wWPg
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=ARnp8GDzi92v98Z7wRssny5Rez9TcvvSKMBv88DYor1h6Jan-8LK3lWICCn37YLJviOeADtheWGUXSd_aSuegrd6VS46GUU7wWPg&google_hm=ZzNjMDQ0Y2Q4OWY4ODE5...

170 B
188 B

58ms
58ms

Image
image/png

142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=ARnp8GDzi92v98Z7wRssny5Rez9TcvvSKMBv88DYor1h6Jan-8LK3lWICCn37YLJviOeADtheWGUXSd_aSuegrd6VS46GUU7wWPg&google_hm=ZzNjMDQ0Y2Q4OWY4ODE5Y2ExMmI=

Requested by

Protocol

Server

142.251.32.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 21:42:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 30 Jun 2022 21:42:23 GMT
location: https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=ARnp8GDzi92v98Z7wRssny5Rez9TcvvSKMBv88DYor1h6Jan-8LK3lWICCn37YLJviOeADtheWGUXSd_aSuegrd6VS46GUU7wWPg&google_hm=ZzNjMDQ0Y2Q4OWY4ODE5Y2ExMmI=
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2600
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=google&ssp_init=step1&google_gid=CAESEMoe6uOgy8X3DqBBmeUgYWA&google_cver=1&google_push=ARnp8GAspP7o0mry-3NUOjmjOBABASbLV3hMaTOAgqbK13IL5t9OrWKkJGAQzsJXVJFFVjn4BkkV...
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=google&ssp_init=step1&google_gid=CAESEMoe6uOgy8X3DqBBmeUgYWA&google_cver=1&google_push=ARnp8GAspP7o0mry-3NUOjmjOBABASbLV3hMaTOAgqbK13IL5t9OrWKkJGAQzsJXVJFFVj...
https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=RGrn3V3XSvaLqQvipOWRBA==&no_redirect=1&google_push=ARnp8GAspP7o0mry-3NUOjmjOBABASbLV3hMaTOAgqbK13IL5t9OrW...

170 B
188 B

58ms
58ms

Image
image/png

142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=RGrn3V3XSvaLqQvipOWRBA==&no_redirect=1&google_push=ARnp8GAspP7o0mry-3NUOjmjOBABASbLV3hMaTOAgqbK13IL5t9OrWKkJGAQzsJXVJFFVjn4BkkVELfIOKJP8jTDhetvmzwjS51zUQ

Requested by

Protocol

Server

142.251.32.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 21:42:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=RGrn3V3XSvaLqQvipOWRBA==&no_redirect=1&google_push=ARnp8GAspP7o0mry-3NUOjmjOBABASbLV3hMaTOAgqbK13IL5t9OrWKkJGAQzsJXVJFFVjn4BkkVELfIOKJP8jTDhetvmzwjS51zUQ
date: Thu, 30 Jun 2022 21:42:24 GMT
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
via: 1.1 google

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 2600 0
12 B 57ms
55ms Image
text/html 142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I6FgSukQSNnINCU7_b3CRjsjF-VysP5vhg4qcnlvq0AITanwzbaAk1bZlJQgfX1bQr8A_AJQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.32.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:23 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B73A 0
0 76ms
76ms Image
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022062701&jk=3748211639333242&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80e::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/17008832406504071435/300x250/ Frame D492 4 KB
1 KB 129ms
45ms Document
text/html 2607:f8b0:4006:821::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17008832406504071435/300x250/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

d9e577539931b84a9d48e013a18f91375825f4b17fd34d39d43595475a32a71b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 225112
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1452
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 28 Jun 2022 07:10:31 GMT
expires: Wed, 28 Jun 2023 07:10:31 GMT
last-modified: Fri, 29 Apr 2022 10:25:28 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7038 0
622 B 182ms
81ms Ping
image/gif 142.250.65.226

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvpX0gaa3AwM2fI-KTrh5uxZxRH_EKsE94z4KX5Ym45pNhkkgJU6B5lFYJeGcy1_Az_BvOAubv4NQ6trjYtXzHOw2yHekCiAsyM9B0W2c3ShLehXVID3bkXbYiKSS9YKVb-L3b51WAx_29ENyCG8B_6JJry05O4kgz0OKCoNbsuaWtXlQ8Dui7oE8WxDKbw-hptHXWFs95NRgxxk-TbAkEhMNTDnXydv-0I2h882-Z2i9afDdtgD7ir51QSrrfy1AqPE51RMS5-kDfLJY9AFZo0ybxtyufjPxt-HUk7-Q5sf5_XhyWSMO0JC-VEosAqNKM4H0HF2madp2u74KJzJOqPS6JZvT1dQwf_7jLQjMg6iX2lnUk-FQ9KLsaoSYo7EpwNRGT6oezJ6_PMwukauuGRNJT4t4nPBoOGL8Pw0KIQHKbVyUigjvKNzgkiuxkJWcAWPKBaFCHQG9Wo0-7EeMx6OsMsDTlkDdU5tbFQupShoUVsnbOY0N8liyrPYfdrr0ZvjCRhiHwmDeCFIar0PhWww0dH8rtFvPMtCzNs3TgpYpZQJHBPI-lkluACx25-_YCgKU_H-vc7AQKy0YXO3eT8kHxQK0r67hD5IUG-XQrB410CgKAZvBNhCAtufy_rWBbgbYZsFH9D79eYO98255T8ti3Pv1ah0XudbRm_Wm7D1g-DFLsT4miAG0RVpDcRndYMD45l5uz_SPW5EPCCvLdKpuydLZQqUZDKlmQGLYPPueTnPLH8dXmCnWM3lG34l_61c4LaEqkLil63C9mHVJ1WWvdEcUdPXV5QeF2-HJgopv-vDwACOiE5ElVGh9SoiGWDXFd4TgTwqDbfPjH_4GyN2x4LhQdKkZO7U23FNyEIlOf4zgzR5ZX6I6XMFUnaFNORIBWkRZDG7PyDVETz3Q0EjpOx3wlmvI-o0nKb2vYZhxS9ahHJx7JtmwMXM22gdzymqN_TVrAEGr6hobJe-xqBm3tg0yVQuGarQimDLqMhuxgPylb44UyhzGek678lndknqrmaWIbvDf7u4lxxNnbcDboI48yrjbl7W7uhDKsrOnJHiBuY4lDJXfCjb7wkBmsBRAZpRb8SiwXb9jj5iFyFN6czx5lxiZGHKJ9Qu5munCS18P4WrlH7O9MDWwlWCZ3Ifo7iAcHXweyfCyPRx9fv5NURFcxFQBRIIcjrzR17Fdhym2kXL2INHyqeABiwyBRgt_AWVrKpo4MSh16i7ziDG5ofhCbl7_Ba2ieRxTA&sai=AMfl-YSa_JU4v9u7hvEc7k0acYYCpPANfcBp0HZf5cKdvlR7IUj9yn0nkQ8LN__uRA3v8CxJz562r28fhk_5DjLt19HY8Yo33iA5IUrKv5nMDrzMlvr4I-WLCpzKjQd6NfPwhEBNrmnkoBR8LsOyftIqUUE3C2KkDpmuFJ2KdxpFt4h03xnL76bXyE46nOqVI_nJ4eIbr5LAGKugSpoMI53DKLCE&sig=Cg0ArKJSzO-TqnEmU3R_EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=245&cbvp=1&cstd=241&cisv=r20220629.48432&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.226 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Thu, 30 Jun 2022 21:42:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 jquery-1.7.2.min.js Show response
code.jquery.com/ Frame 265A 93 KB
33 KB 89ms
28ms Script
application/javascript 2001:4de0:ac18::1:a:2b

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.7.2.min.js
Requested by: Host: rec.scupio.com
URL: https://rec.scupio.com/recweb/js/rec.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2b -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:23 GMT
content-encoding: gzip
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
server: nginx
etag: W/"620cd6ff-17278"
vary: Accept-Encoding
x-hw: 1656625343.dop008.ch4.t,1656625343.cds117.ch4.hn,1656625343.cds265.ch4.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 33626

GET
DATA 200
OK truncated
/ Frame 7038 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5c42df997eb269c0d77e9c4d34ceedcb090bd4eca802906fc7484dfcf6437774

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 edue1xTc5YuiZOhJi4VIA_c20CetZt5T9y7Q3cNnrTA.js Show response
pagead2.googlesyndication.com/bg/ Frame C2DD 36 KB
14 KB 41ms
41ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/edue1xTc5YuiZOhJi4VIA_c20CetZt5T9y7Q3cNnrTA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79db9ed714dce58ba264e8498b854803f736d027ad66de53f72ed0ddc367ad30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 19:22:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 267573
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13936
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 27 Jun 2023 19:22:50 GMT

GET
H2 200 ls.html Show response
img.scupio.com/html/ Frame 999D 1 KB
1 KB 115ms
114ms Document
text/html 143.204.146.9

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/html/ls.html?mid=52
Requested by: Host: rec.scupio.com
URL: https://rec.scupio.com/recweb/js/rec.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.146.9 -, , ASN (),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 2411
cache-control: max-age=604800
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 30 Jun 2022 21:02:14 GMT
etag: W/"583295c9-4dc"
expires: Thu, 07 Jul 2022 21:02:13 GMT
last-modified: Mon, 21 Nov 2016 06:35:53 GMT
server: nginx/1.12.1
vary: Origin
via: 1.1 f0f871e82b1bc21a8b78c1d73717a40a.cloudfront.net (CloudFront)
x-amz-cf-id: 4NRP8rikHLNSWZsEhRp9yQ8K9Hus-ZFcNkgmZFzpfj8i16SFY23xeQ==
x-amz-cf-pop: EWR52-C2
x-cache: Hit from cloudfront

POST
H/1.1 200
OK rec.aspx Show response
rec.scupio.com/recweb/ Frame 265A 10 KB
3 KB 229ms
229ms XHR
text/javascript 210.59.219.175

General

Check archive.org

Show headers Download Go to

Full URL: https://rec.scupio.com/recweb/rec.aspx?cb=0.36755856784450724
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.7.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 210.59.219.175 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e921a189daa8af986c630f8e8e1237325f1a64dc3c2bda3edc9df706a7917bae

Request headers

Accept: */*
Referer: https://reurl.cc/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Thu, 30 Jun 2022 21:42:23 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin: https://reurl.cc
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Type: text/javascript; charset=utf-8
Content-Length: 2839

GET
H3 200 style.css
s0.2mdn.net/sadbundle/17008832406504071435/300x250/css/ Frame D492 1 KB
387 B 49ms
49ms Stylesheet
text/css 2607:f8b0:4006:821::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17008832406504071435/300x250/css/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17008832406504071435/300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

b1aeaa1d2e1da2717e6913eced18f1e909a4871512dc58b2ba43f09d3532346d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17008832406504071435/300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:04:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 272278
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 358
x-xss-protection: 0
last-modified: Fri, 29 Apr 2022 10:25:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 27 Jun 2023 18:04:26 GMT

GET
H3 200 bg.jpg
s0.2mdn.net/sadbundle/17008832406504071435/300x250/images/ Frame D492 49 KB
49 KB 49ms
49ms Image
image/jpeg 2607:f8b0:4006:821::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17008832406504071435/300x250/images/bg.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17008832406504071435/300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

8cc7739a68d9e5512a5f63da9ba8c4fe440f73178dc5cf73b7f9cf0c3a65f498

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17008832406504071435/300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 04:00:38 GMT
x-content-type-options: nosniff
age: 236506
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50192
x-xss-protection: 0
last-modified: Fri, 29 Apr 2022 10:25:28 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 28 Jun 2023 04:00:38 GMT

GET
H3 200 yellowBg.png
s0.2mdn.net/sadbundle/17008832406504071435/300x250/images/ Frame D492 3 KB
3 KB 46ms
44ms Image
image/png 2607:f8b0:4006:821::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17008832406504071435/300x250/images/yellowBg.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17008832406504071435/300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

e4c87859a5ec52d41b9a03b88d4427abb910d9718f96a11a7a7e7f54d9c2850e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17008832406504071435/300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 10:18:34 GMT
x-content-type-options: nosniff
age: 213830
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2817
x-xss-protection: 0
last-modified: Fri, 29 Apr 2022 10:25:28 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 28 Jun 2023 10:18:34 GMT

GET
H3 200 legal.png
s0.2mdn.net/sadbundle/17008832406504071435/300x250/images/ Frame D492 4 KB
4 KB 57ms
55ms Image
image/png 2607:f8b0:4006:821::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17008832406504071435/300x250/images/legal.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17008832406504071435/300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

6deb09ef8eac770dec1ef731707267e67e8aa0bb2990e5e1c27ecb97b69476b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17008832406504071435/300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 04:00:38 GMT
x-content-type-options: nosniff
age: 236506
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3882
x-xss-protection: 0
last-modified: Fri, 29 Apr 2022 10:25:28 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 28 Jun 2023 04:00:38 GMT

GET
H3 200 logo.png
s0.2mdn.net/sadbundle/17008832406504071435/300x250/images/ Frame D492 6 KB
6 KB 54ms
52ms Image
image/png 2607:f8b0:4006:821::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17008832406504071435/300x250/images/logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17008832406504071435/300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

cfaae9574a55e32619544075c2b6fd2a434804201c93a6d5aa62355d828ccec9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17008832406504071435/300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 04:00:38 GMT
x-content-type-options: nosniff
age: 236506
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6544
x-xss-protection: 0
last-modified: Fri, 29 Apr 2022 10:25:28 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 28 Jun 2023 04:00:38 GMT

GET
H3 200 copy1.png
s0.2mdn.net/sadbundle/17008832406504071435/300x250/images/ Frame D492 7 KB
7 KB 46ms
45ms Image
image/png 2607:f8b0:4006:821::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17008832406504071435/300x250/images/copy1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17008832406504071435/300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

136ba6a013cbbce9fa813f3593cc53ddd2773a330c3914dc4646a8db359cc1b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17008832406504071435/300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 04:54:55 GMT
x-content-type-options: nosniff
age: 233249
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6732
x-xss-protection: 0
last-modified: Fri, 29 Apr 2022 10:25:28 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 28 Jun 2023 04:54:55 GMT

GET
H3 200 copy2.png
s0.2mdn.net/sadbundle/17008832406504071435/300x250/images/ Frame D492 8 KB
8 KB 54ms
53ms Image
image/png 2607:f8b0:4006:821::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17008832406504071435/300x250/images/copy2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17008832406504071435/300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

1db0e4bcf0deee4c9173ec67886c766e61f12a6be499d2f87aca0fe2c89dee2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17008832406504071435/300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 07:46:45 GMT
x-content-type-options: nosniff
age: 222939
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7876
x-xss-protection: 0
last-modified: Fri, 29 Apr 2022 10:25:28 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 28 Jun 2023 07:46:45 GMT

GET
H3 200 cta.png
s0.2mdn.net/sadbundle/17008832406504071435/300x250/images/ Frame D492 6 KB
6 KB 58ms
57ms Image
image/png 2607:f8b0:4006:821::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17008832406504071435/300x250/images/cta.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17008832406504071435/300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

d6ea564a89ea4015ef06ef8b50b3ad49acfbe938ea29f507c7c8f9403191be13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17008832406504071435/300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 04:00:38 GMT
x-content-type-options: nosniff
age: 236506
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6360
x-xss-protection: 0
last-modified: Fri, 29 Apr 2022 10:25:28 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 28 Jun 2023 04:00:38 GMT

GET
H3 200 tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame D492 105 KB
35 KB 65ms
65ms Script
text/javascript 2607:f8b0:4006:821::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17008832406504071435/300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17008832406504071435/300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35824
x-xss-protection: 0
last-modified: Fri, 09 Oct 2015 14:01:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 30 Jun 2022 21:42:24 GMT

GET
H3 200 main.js Show response
s0.2mdn.net/sadbundle/17008832406504071435/300x250/js/ Frame D492 1 KB
422 B 46ms
45ms Script
application/x-javascript 2607:f8b0:4006:821::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17008832406504071435/300x250/js/main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17008832406504071435/300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

7575cf85e27f8e76b56195af1344a8998cae6eaa065239e61eac515278bc9d2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17008832406504071435/300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 04:55:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 233233
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 393
x-xss-protection: 0
last-modified: Fri, 29 Apr 2022 10:25:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 28 Jun 2023 04:55:11 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 7064 0
9 B 45ms
41ms Image
text/plain 2607:f8b0:4006:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?IatCWA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81e::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 21:42:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET initid.aspx
bw.scupio.com/ssp/ Frame 999D 0
0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C2DD 0
20 B 70ms
69ms Image
image/gif 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BFI7Cvxi-YtHTH9PC_gTbuqH4DQAAAAA4AeAEAg&bg=!oKOlo-fNAAaLlKKnq5Q7ACkAdvg8WnzXCeyAiWpn7GK2pRkWaEON_X7RfsSf3wzcT9bUcCiSJIgF2AIAAAB0UgAAAAJoAQeZAwszXwOjBsO7E97qQfxm-ZI6CAGQEbP-drAWklMGY-8eucKPiazXcfcsh4sO_jIV3vH95pf3Ep67BxH_3fCIgH8xBTGlSomqCzLcVmnQJNAjF3ankaabM0yVVZ70-MkUJJ0M_lsniQoP46Z2u_2LfNQ0ptLX2QC8gPqUFzt_6c6eBEPoJHs3EEbgrlxv-RhsyvMc17ryBChFaO5mRfkvV7MOH1EhOWReG9tord0vkC7spY2Y9_n2NSq87gprxQwpqSoLxsOhK3UT6aXNDNumvs6LriLF4YKfj2OeJDCbwb_yVxoR78vV2UwjM7GydZuj5lYCJFuBTgy2nHJhlRyTXKXyjIfZLK3hCufM_tZbjvxI2KJIqmfKB29y-i6O0-Na9uWMdVJNJcXTX7dzRRtJ3MM2GRuoae8UVTm0VdUCRt1BiVIff3n6VfGM1TCeqdK-dpTTxyiNMsGpxPaBOHlz5Fd5TKakWYtpB34tflgbpagTRK9p08v-vOhAGtUrYB4-DKY9RrtBHX3O0iSQSszaJpRdopWBVconXIeiHtEaW6vqS9vaAGDYYwN8PT0JoaI11QkpjoCVFEksCCLP1ajL6NafEPKTH_JY7lgZzzCDrSwL7UdjlT2U9IxoAl_L1ZWzkt59skNu6c-apjp74aY5LH4Z5S8Bc-br_tCQD9HfNqir9WSwWH0kg0olQOnAbHarKCpozQRZHr8-liSpj3rDm7cRfA0KDwyA76G_ChUpmlF0Pn3EboeWWlsZzNraukCv2y2Q-9mm68Nr4cjbK1OtZyDXE1vpuHzFRN0sBxMWM97_BRHMihci7mNlTjav5u7nZSKZtjSfAPXNhtnDEUfMViKoE03UiDZQRKUu6BuzYXqcA6l5OZEzQndNl5aPvUnF2wT3AiT_NgaYJnLob7InWZda52jo7W6tzlUs5dlm0tNBOTz6TG9P4Sdt2vzGfgxwYsCNPfh4UXI-5RA4_TlvOTaceKZ9ed1Ds0lDDKPS1OHACAoGRkzeoy9tEdwxtirIYE0pmM-kMebhYQtk4g

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 21:42:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7038 0
26 B 155ms
72ms Ping
image/gif 142.250.65.226

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvpX0gaa3AwM2fI-KTrh5uxZxRH_EKsE94z4KX5Ym45pNhkkgJU6B5lFYJeGcy1_Az_BvOAubv4NQ6trjYtXzHOw2yHekCiAsyM9B0W2c3ShLehXVID3bkXbYiKSS9YKVb-L3b51WAx_29ENyCG8B_6JJry05O4kgz0OKCoNbsuaWtXlQ8Dui7oE8WxDKbw-hptHXWFs95NRgxxk-TbAkEhMNTDnXydv-0I2h882-Z2i9afDdtgD7ir51QSrrfy1AqPE51RMS5-kDfLJY9AFZo0ybxtyufjPxt-HUk7-Q5sf5_XhyWSMO0JC-VEosAqNKM4H0HF2madp2u74KJzJOqPS6JZvT1dQwf_7jLQjMg6iX2lnUk-FQ9KLsaoSYo7EpwNRGT6oezJ6_PMwukauuGRNJT4t4nPBoOGL8Pw0KIQHKbVyUigjvKNzgkiuxkJWcAWPKBaFCHQG9Wo0-7EeMx6OsMsDTlkDdU5tbFQupShoUVsnbOY0N8liyrPYfdrr0ZvjCRhiHwmDeCFIar0PhWww0dH8rtFvPMtCzNs3TgpYpZQJHBPI-lkluACx25-_YCgKU_H-vc7AQKy0YXO3eT8kHxQK0r67hD5IUG-XQrB410CgKAZvBNhCAtufy_rWBbgbYZsFH9D79eYO98255T8ti3Pv1ah0XudbRm_Wm7D1g-DFLsT4miAG0RVpDcRndYMD45l5uz_SPW5EPCCvLdKpuydLZQqUZDKlmQGLYPPueTnPLH8dXmCnWM3lG34l_61c4LaEqkLil63C9mHVJ1WWvdEcUdPXV5QeF2-HJgopv-vDwACOiE5ElVGh9SoiGWDXFd4TgTwqDbfPjH_4GyN2x4LhQdKkZO7U23FNyEIlOf4zgzR5ZX6I6XMFUnaFNORIBWkRZDG7PyDVETz3Q0EjpOx3wlmvI-o0nKb2vYZhxS9ahHJx7JtmwMXM22gdzymqN_TVrAEGr6hobJe-xqBm3tg0yVQuGarQimDLqMhuxgPylb44UyhzGek678lndknqrmaWIbvDf7u4lxxNnbcDboI48yrjbl7W7uhDKsrOnJHiBuY4lDJXfCjb7wkBmsBRAZpRb8SiwXb9jj5iFyFN6czx5lxiZGHKJ9Qu5munCS18P4WrlH7O9MDWwlWCZ3Ifo7iAcHXweyfCyPRx9fv5NURFcxFQBRIIcjrzR17Fdhym2kXL2INHyqeABiwyBRgt_AWVrKpo4MSh16i7ziDG5ofhCbl7_Ba2ieRxTA&sai=AMfl-YSa_JU4v9u7hvEc7k0acYYCpPANfcBp0HZf5cKdvlR7IUj9yn0nkQ8LN__uRA3v8CxJz562r28fhk_5DjLt19HY8Yo33iA5IUrKv5nMDrzMlvr4I-WLCpzKjQd6NfPwhEBNrmnkoBR8LsOyftIqUUE3C2KkDpmuFJ2KdxpFt4h03xnL76bXyE46nOqVI_nJ4eIbr5LAGKugSpoMI53DKLCE&sig=Cg0ArKJSzO-TqnEmU3R_EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=574&vt=11&dtpt=329&dett=3&cstd=241&cisv=r20220629.48432&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/en

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Jun 2022 21:42:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame DF42 14 KB
10 KB 65ms
64ms XHR
application/json 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220629&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206270101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2918b9f7e01493db56ac3f5c9830d07f7466333c77f013fd1432c5dd7be35276

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Jun 2022 21:42:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10611
x-xss-protection: 0

GET
H2 200 ad482.js Show response
img.scupio.com/staticfiles/35d2d29dcbf36499d88c2aa19816ff1a24ee2fed/scripts/adbanner/build/ Frame 265A 20 KB
8 KB 45ms
45ms Script
application/javascript 143.204.146.9

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/staticfiles/35d2d29dcbf36499d88c2aa19816ff1a24ee2fed/scripts/adbanner/build/ad482.js
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.7.2.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.146.9 -, , ASN (),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: fb1187baa65231a848964f2449466ec640ff12eb0b0ca21f65c7016de49be9a8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 06:55:45 GMT
content-encoding: gzip
last-modified: Wed, 22 Jun 2022 06:47:32 GMT
server: nginx/1.12.1
age: 744399
etag: W/"62b2bb04-4e6c"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: EWR52-C2
x-amz-cf-id: FbVGvXlEHaWOgyGgIl6YA8w_F5VcaUPe3qCDe_uAbD0xSzm6GPalaA==
via: 1.1 f0f871e82b1bc21a8b78c1d73717a40a.cloudfront.net (CloudFront)
expires: Thu, 22 Jun 2023 06:55:45 GMT

GET
H2 200 CoverImage.js Show response
img.scupio.com/staticfiles/35d2d29dcbf36499d88c2aa19816ff1a24ee2fed/scripts/adbanner/build/ Frame 265A 1 KB
1 KB 45ms
45ms Script
application/javascript 143.204.146.9

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/staticfiles/35d2d29dcbf36499d88c2aa19816ff1a24ee2fed/scripts/adbanner/build/CoverImage.js
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.7.2.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.146.9 -, , ASN (),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 9ee1b5f0991caed05a8149e2e2d86f43a8a0d8600d5c83d2799601714a8af3c6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 06:54:38 GMT
content-encoding: gzip
last-modified: Wed, 22 Jun 2022 06:47:32 GMT
server: nginx/1.12.1
age: 744466
etag: W/"62b2bb04-54d"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: EWR52-C2
x-amz-cf-id: pxDq7NmJ_bWJPcKXHCuZgPqUfXyBy2pdhUIwUJuhl_jmMucykne9og==
via: 1.1 f0f871e82b1bc21a8b78c1d73717a40a.cloudfront.net (CloudFront)
expires: Thu, 22 Jun 2023 06:54:38 GMT

GET css2
fonts.googleapis.com/ Frame 265A 0
0

GET sodar2.js
tpc.googlesyndication.com/sodar/ Frame DF42 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: bw.scupio.com
URL: https://bw.scupio.com/ssp/initid.aspx?mode=L&cb=0.35896457479684796&mid=52

Domain: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;900

Domain: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;900

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Verdicts & Comments Add Verdict or Comment

93 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

35 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
reurl.cc/	1970-01-20 12:56:01	Name: clientIdV2 Value: cffba54ebbd5e8cf93ab7eac0b71c567f339af903af82426cc01212d073f5e8d9b43766a822a10e344df7d66262b05e49b53ffef00d0dd2f64fb826ac1c15c26d74dc1cf3f647a5e8e734371
reurl.cc/	1970-01-20 12:56:01	Name: clientId Value: cffba54ebbd5e8cf93ab7eac0b71c567f339af903af82426cc01212d073f5e8d9b43766a822a10e344df7d66262b05e49b53ffef00d0dd2f64fb826ac1c15c26d74dc1cf3f647a5e8e734371
reurl.cc/	1970-01-20 12:56:01	Name: lang Value: en
.reurl.cc/	1970-01-20 21:41:37	Name: _ga Value: GA1.2.1674439292.1656625339
.reurl.cc/	1970-01-20 04:11:51	Name: _gid Value: GA1.2.2128540723.1656625339
.reurl.cc/	1970-01-20 04:10:25	Name: _gat Value: 1
.holmesmind.com/	1970-01-23 19:47:22	Name: P Value: 594277-FyYCBEAIauRNGHPnlY4kJ1QtSEf89ZbO
.holmesmind.com/	1970-01-20 04:31:32	Name: Vision Value: 20220701-23:59,20220701-08,20220701-08,20220701-23:59
.holmesmind.com/	1970-01-20 04:31:32	Name: C Value: null
.holmesmind.com/	1970-01-20 06:35:22	Name: RK Value: null
.reurl.cc/	1970-01-20 06:20:01	Name: _fbp Value: fb.1.1656625339470.489429192
reurl.cc/	1970-01-20 04:53:37	Name: CFFPCKUUID Value: 1832-8Lbp2LW7lcM8J1GLkmdKpYdWPtD1wQPM
.reurl.cc/	1970-01-20 04:53:37	Name: CFFPCKUUIDMAIN Value: 533-5BOs13xXrn9qSzZoeIjrYefWM5fmKvwV
.reurl.cc/	1970-01-20 13:32:01	Name: __gads Value: ID=dc01047ff7d83bfa-224fd8c042d30022:T=1656625339:RT=1656625339:S=ALNI_MZQyFBKr277imZ91sPCH8xcQoK-UQ
.reurl.cc/	1970-01-20 13:32:01	Name: __gpi Value: UID=0000063a4617efb8:T=1656625339:RT=1656625339:S=ALNI_MZdCwRSXLq7Q7Ddrnjb6yx_Nuz7kA
.facebook.com/	1970-01-20 06:20:01	Name: fr Value: 0oykemRItH7Bx9AHo..Bivhi7...1.0.Bivhi7.
.holmesmind.com/	1970-01-20 04:11:51	Name: fcm Value: 1
.doubleclick.net/	1970-01-20 21:41:37	Name: IDE Value: AHWqTUlT7u9MpkRQzTmj-lQS9JAdbDwCXefHHvyZpsHyeWHjeDBpOjZKIy4wENXz8E8
.hinet.net/	1970-01-20 21:41:37	Name: uuid Value: 28d36932-5c75-4e23-b5d4-239bab842394
.mookie1.com/	1970-01-20 13:39:13	Name: id Value: 10522590165993922806
.mookie1.com/	1970-01-20 13:39:13	Name: mdata Value: 1\|10522590165993922806\|1656625339979
.mookie1.com/	1970-01-20 13:39:13	Name: ov Value: bdaf750dc750803ffc61d833d434adcc
.reurl.cc/	1970-01-20 12:56:01	Name: __htid Value: 28d36932-5c75-4e23-b5d4-239bab842394
.reurl.cc/	1970-01-20 04:10:28	Name: _ht_em Value: 1
.c.appier.net/	1970-01-20 12:56:01	Name: _auid Value: t63Dvz-GAd-YnmCivBi-Yg
.holmesmind.com/	1970-01-20 04:31:32	Name: R Value: null
.holmesmind.com/	1970-01-20 06:35:22	Name: G Value: we3u7ZGJymKY5J47cKd8kQ==
.holmesmind.com/	1970-01-23 19:47:22	Name: d Value: /jHzqDFxfoBZ4WTyQK3MPaD5j7NQOgUkv1Txfycvr2ReudB2dm6t0KDrpHJuqax6WjAFQ16PJy71RxDiXPBzgA==
.reurl.cc/	1970-01-20 04:11:51	Name: _ht_50ef57 Value: 1
.reurl.cc/	1970-01-20 04:11:51	Name: _ht_hi Value: 1
.criteo.com/	1970-01-20 13:32:01	Name: uid Value: 88eac435-fb8a-4dfe-99e7-02c75ea8e469
.aralego.com/	1970-01-20 12:56:01	Name: sspid Value: 33204050-ea91-3438-b57c-90d30a5a3316
.reurl.cc/	1970-01-20 13:32:01	Name: cto_bundle Value: VQlkY19oUEpRamZ1VGNvY3JjTWhrWk8zV3pqbG1YUG8xN1hvZjd5YXEzZWdLNTdwWW9qRGZNQ2J2UmhYdVBFUmxpQ0xjNDdQVHpsdXU2N1hiR0lCQ1FObXlRN3dvbGx5MzFHTnUycGgwMkF0eUZvVkFXT3FUJTJGRmFVOHQzN09qWSUyRllhdkZFTWlMcmVMZllzbm00QVI5Um54REhBJTNEJTNE
.aralego.com/	1970-01-20 12:56:01	Name: euconsent-v2 Value:
.aralego.com/	1970-01-20 12:56:01	Name: gdpr Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

28d36932-5c75-4e23-b5d4-239bab842394.t.ssp.hinet.net
ad.holmesmind.com
ad2.apx.appier.net
adcdn.holmesmind.com
ads.aralego.com
ads.yieldmo.com
adservice.google.com
bidder.criteo.com
blog.alphaloan.co
bw.scupio.com
c.holmesmind.com
c.us1.dyntrk.com
ccm.holmesmind.com
cdn.aralego.net
cdn.holmesmind.com
cdn.jsdelivr.net
cdn.rawgit.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
code.jquery.com
connect.facebook.net
creditcards.com.tw
dsp.adkernel.com
dsum-sec.casalemedia.com
f25fe1c71078ecfa622f900009c1dbd5.safeframe.googlesyndication.com
fcm.holmesmind.com
fonts.googleapis.com
fp.holmesmind.com
gocm.c.appier.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
i0.wp.com
ib.adnxs.com
img.gbyhn.com.tw
img.racingcharger.tw
img.scupio.com
m.holmesmind.com
mug.criteo.com
mweb.ck.inmobi.com
pagead2.googlesyndication.com
partner.googleadservices.com
prebid-asia.creativecdn.com
prebid.scupio.com
px.owneriq.net
rec.scupio.com
reurl.cc
rtb.mfadsrvr.com
s0.2mdn.net
securepubads.g.doubleclick.net
static-tagr.gd1.mookie1.com
static.criteo.net
static.wixstatic.com
static.xx.fbcdn.net
stats.g.doubleclick.net
storage.re-news.tw
storage.reurl.cc
sync.aralego.com
sync.mathtag.com
t.ssp.hinet.net
tpc.googlesyndication.com
tw-gmtdmp.mookie1.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagservices.com
bw.scupio.com
fonts.googleapis.com
tpc.googlesyndication.com
103.132.192.30
104.117.59.235
104.18.18.126
104.45.178.220
104.66.251.81
13.112.127.33
135.148.35.200
138.199.40.58
142.250.65.226
142.251.32.98
142.251.40.194
143.204.146.9
172.105.235.90
174.137.133.49
192.0.77.2
192.0.78.135
192.0.78.236
192.96.200.41
199.115.117.82
2001:4de0:ac18::1:a:2b
203.75.214.136
210.59.219.175
210.59.219.181
2600:9000:202c:ae00:3:1794:2540:93a1
2600:9000:2162:e000:0:e06c:e940:93a1
2606:4700:20::681a:467
2606:4700:3032::6815:43a6
2606:4700:3034::ac43:961f
2606:4700::6810:5814
2606:4700::6811:180e
2607:f8b0:4004:c17::9a
2607:f8b0:4006:80d::2002
2607:f8b0:4006:80e::2001
2607:f8b0:4006:80e::2002
2607:f8b0:4006:81e::2001
2607:f8b0:4006:81e::2002
2607:f8b0:4006:820::2002
2607:f8b0:4006:821::2006
2607:f8b0:4006:822::200e
2607:f8b0:4006:823::2004
2620:100:a001::4
2620:100:a001::c
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:182:face:b00c:0:25de
34.102.176.152
34.117.219.39
34.149.98.30
34.225.205.223
34.95.67.231
34.96.119.68
35.185.130.121
35.201.76.93
35.207.24.140
35.227.202.26
35.227.249.156
35.244.196.223
54.238.107.229
68.67.179.135
74.119.119.129
74.119.119.139
74.121.140.14
001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343
003c6c7476d2158d18f48473e7071c87f48e8e1cf957343020a148c97ba30482
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
00fc5eede87ce2644e673193b3ffce854cad06f548d8a6057acce9c0dbef3b2d
01fb24629611503ba4ea42ea9d94c1b82449d62985a6087c5e22e9e38b9b0ff6
0277aa0cf7602f1c646402b09b87e83941c7c65efbf3b7ba93a2eb6423688289
02a11d118de5f3d9a7fda77638a07a33218aa18e1888cc0376889be1fdd8595e
051141599f128f399f2cd53514ee1c28ba9d269ce1b065ba81dcc4b11a5d3b02
07a4f1e16e855990e6dec42333590a646626e1caf234659c64a8ae9be945a61a
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
09533e9658b31fcb79764178f8e7e9df7e1c36a7dc7bd22b5fa87e2da89a56d4
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cfb22f77a86f61bf46513447bf234eeeac5ba63603293c711a5bfff8ca0cde3
0da7fc1ae23678b2872653962d147fcd1cbd0a5a9c8f84d44ae99bc581fd9062
0e7a23f230ea7e2e860827f14aefd6568d4bb095df7b4db9af494b90c45fde76
10407b8212733e00354b330f4e4790764e6bc187a9d2b6b62b27aeb387bc268b
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1291c3d774415b830ea3f2c5ce78d160485606386d08a878c87f41ccdbe4a73f
12e46b645dde5408be7fc6f4ce9647addac5d09c5f27dc8e3ffe9e07e6c9a935
136ba6a013cbbce9fa813f3593cc53ddd2773a330c3914dc4646a8db359cc1b1
1419b8b18e2084e1d79ca111dba4eb9ea7dd22171029e13467e77d90c3f1a06e
14d81a1f56c3afc885c549790618c21255c9a8a5e7e9cad92eff138ec81297d0
174d52effbb0e93f569f126045b9063772c5d181cbc5687e64ed08eed1d34c77
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1ca6fb5674f43e64627225752deab53fb6fe0e13ea45997d07c6045d634003d9
1d3709f16009ae2d03520b6032674fd905fd85243fc707c781a67297b3bcbb9a
1d5bd8192b0b2f87984fc56393fda3c03a333c39a8a68ee431d150281395f7b8
1db0e4bcf0deee4c9173ec67886c766e61f12a6be499d2f87aca0fe2c89dee2e
204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce
260a38fd6cc5ef58002f66b9a6efcd915c7a2035a626948e5003e5ddf727d9c8
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2918b9f7e01493db56ac3f5c9830d07f7466333c77f013fd1432c5dd7be35276
2950bc3fd628cb8a8c6b1367f664e31353a6ff9edd99c3f2831ce548610a05b0
29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb
2d75df67f303e2bf6559edab0d806681aeb9cb8ff2f38dd1fd9b6726189291b5
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6
39b79bc57fee651ab0cb7967043adea8ee929c57e88dc8608c940b1480479775
42176dd8bba6d2b3043429bc0f0401f069e2c8e3e2642fa3f2cfef58cad0071b
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
4a75843ec2e00b2e307f31de4e6300e3ebb63e77e04139692eccc899ef6569d3
4ad763a87c855ced8dd3906f992b2c55991f27b983a55418e6dece2b1b0fe715
4b52781951c70cc8a2ae2afdaac5d673c656c3be0f1c769fa6c1e9e4f5ed8d3b
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
5c42df997eb269c0d77e9c4d34ceedcb090bd4eca802906fc7484dfcf6437774
5f190cdef5343e34b0903462d2e9c4d4005dbf5ecbff21f5b626c64b1da3c614
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62a62225a4e6e5ea098b9ed6aa19c2149880cbd6d3e0314f2b875a32b1f8ce25
6542992076ca52d7e2ce0b31aa9064ceba4716695f0db1b73c0609026fc2aee9
658dc7de923c49cdbe65e3be3df7821fbc3350c1ee8f3abc61d4b6f88e2798a9
69ac378c92e73fd9f95ce5d8100304fd424362d2079d2d7898f0ef0c3ac125f0
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6deb09ef8eac770dec1ef731707267e67e8aa0bb2990e5e1c27ecb97b69476b1
6e9ab8ab1d57a0695a66577e348ae4343e1a92f70cb4835a52c4863f11114037
756efd9fbbdf83c3337fd83e88bb9e48410931d4446850c597710fed4c9cb4c7
7575cf85e27f8e76b56195af1344a8998cae6eaa065239e61eac515278bc9d2f
75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2
79db9ed714dce58ba264e8498b854803f736d027ad66de53f72ed0ddc367ad30
7ea014dbd2141838e64f839656dd6eec7e513ebac16b0b811430b3a81b777a58
7f46e8dbcf34af695c2eb803b2aac9e384b83111e203816bffd9b6a9880a8804
820360cb8edd61a2c26690730f947fd1e8866700a32b7679006cbc9b25a93ce8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
84faa0382ce8a481c78c9be4a6aff3d5ad24fd1e9e13fa8209705ed599daf0ed
850a150239aa319a9c772f1e6e71c15680d670c980c3daf41734c6ce8e0e8255
8684d7f55158ce26be099d38dbf7b5ccf37a302539f6576f553a761367cfa02c
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8cc7739a68d9e5512a5f63da9ba8c4fe440f73178dc5cf73b7f9cf0c3a65f498
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834
8f61bd096e382919f3f024ce35ac5c0c7a15ba7d887ac413955282cfbc10ec36
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c8c0ac19964706e18280f35973180a896d74c52c760c2d7047d6a94c1329a6f
9e07a3a7a2d0d0e8eadb51ad8517a84b68d3adcdead1be438e51d76e98f22dc0
9ee1b5f0991caed05a8149e2e2d86f43a8a0d8600d5c83d2799601714a8af3c6
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a93f716cf27b006ca9b1cf4379be09a005335f365b3295659a07733c6c2127e1
aa2910d5b194360204fbd991cd46dd0d5d7df9613b4b25d64606143939622f63
aeb34c4fe0c4ac40366c43bbc38ab9c1186d7f842eb5976c71aa7605e6ed9813
aeb63af102f5c2c830253e989845a55307bf225c46e0e47bca4f8422b7750a99
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afc3261eac9e8f5606c513fa7c62f5add4200b8d171d1972f11abe2ec1a0ac41
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1aeaa1d2e1da2717e6913eced18f1e909a4871512dc58b2ba43f09d3532346d
b367e007532c0da845d4f68079be015707ce9eddab519a940c9fe5794ceec63d
b3d40e2585c8690067b86558f4e4c103f3e9cd2375b64ba54ee483086f88e6ea
b73e6cb22f3ae22bcbe36217e226c082f813a2a8a7961644093d849bcbd30294
b959038d7366d023b60b04d1d8a2d721f983f16ae6019fedad7a2cd6aca0d1b1
be2ac168a90e5b9537ae6158829bf0e0fbd819775147d618c47682c19944c829
c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b
c0b16f948f2728e2e2a8fdd00aa04588b4ab6ca379da02e9bd9701908e2f543e
c459ca0a26510a1a84a8fae1a943563c00834327312f399d5c47f7cddc1d7ebe
c8247e71c60f01cce914615568139113018a1a129dceb0fe0af55edb0211b8fd
c8d85f1b469075f92f46deb83d62869a35c9f166c9345ed367c17ef9408f9bd7
cdb7b46cae42cd81431bbd6892f43d4f84508bf5fb2bde0ae32bc577ce26d275
cfaae9574a55e32619544075c2b6fd2a434804201c93a6d5aa62355d828ccec9
d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795
d541f77dd45df41c827a1c2b2899696c336c7bb3a1a06422d66ca4f37454258e
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc
d6ea564a89ea4015ef06ef8b50b3ad49acfbe938ea29f507c7c8f9403191be13
d9e577539931b84a9d48e013a18f91375825f4b17fd34d39d43595475a32a71b
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
daf2f71db1f1c47bab32b68948278c22a0a72d3e72a4d414fcf7afb59bf22434
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32
e32272da242ceb6ecfad754975bc09782c6229a7a46c58e46cec347aab22be64
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e4c87859a5ec52d41b9a03b88d4427abb910d9718f96a11a7a7e7f54d9c2850e
e830fb2cd84ed7cc6eb54b4f7b682ddc8bf7dfe2bc02c3662631f0ee9abda2b7
e921a189daa8af986c630f8e8e1237325f1a64dc3c2bda3edc9df706a7917bae
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3481bf12191837d5e19d9526f18fd20fc88395a403c1a0b098eeef10a7f56ab
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032
f8bdb531d36caf4bb43071d1be58a2d1b153d3a403f4b8f4e6a919dd46213f47
fb1187baa65231a848964f2449466ec640ff12eb0b0ca21f65c7016de49be9a8
fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818
fb86633ecb74692134067335cb70dd9fd869f3108a4863588433fdc9e6db2e4f

reurl.cc Open in urlscan Pro 35.185.130.121 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

246 Requests

88 %HTTPS

36 %IPv6

42 Domains

66 Subdomains

53 IPs

4 Countries

3247 kBTransfer

5529 kBSize

35 Cookies

19 Outgoing links

Page URL History

Redirected requests

246 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

reurl.cc Open in urlscan Pro
35.185.130.121 Public Scan

Screenshot
Live screenshot

Full Image

246
Requests

88 %
HTTPS

36 %
IPv6

42
Domains

66
Subdomains

53
IPs

4
Countries

3247 kB
Transfer

5529 kB
Size

35
Cookies

246 HTTP transactions
1 data transactions