Submitted URL: http://reurl.cc/a7d82y
Effective URL: https://reurl.cc/a7d82y
Submission Tags: falconsandbox
Submission: On July 12 via api from US — Scanned from DE

Summary

This website contacted 68 IPs in 12 countries across 47 domains to perform 392 HTTP transactions. The main IP is 35.185.130.121, located in Taipei, Taiwan and belongs to GOOGLE, US. The main domain is reurl.cc. The Cisco Umbrella rank of the primary domain is 203216.
TLS certificate: Issued by R3 on May 25th 2022. Valid for: 3 months.
This is the only time reurl.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 5 35.185.130.121 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 34.149.98.30 15169 (GOOGLE)
2 35.186.215.140 15169 (GOOGLE)
29 13.224.189.97 16509 (AMAZON-02)
40 2600:9000:218... 16509 (AMAZON-02)
3 2a03:2880:f01... 32934 (FACEBOOK)
1 35.244.196.223 15169 (GOOGLE)
4 2a03:2880:f11... 32934 (FACEBOOK)
3 2a00:1450:400... 15169 (GOOGLE)
4 210.59.219.180 3462 (HINET Dat...)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
2 2a00:1450:400... 15169 (GOOGLE)
2 34.95.67.231 396982 (GOOGLE-CL...)
35 203.75.214.136 3462 (HINET Dat...)
1 6 35.201.76.93 15169 (GOOGLE)
5 2600:9000:225... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 212.82.100.146 34010 (YAHOO-IRD)
1 2a00:1288:110... 34010 (YAHOO-IRD)
7 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
7 52.69.221.200 16509 (AMAZON-02)
30 2a02:2638::3 44788 (ASN-CRITE...)
7 103.132.192.30 138552 (RTBHOUSE-...)
7 210.59.219.181 3462 (HINET Dat...)
8 16 34.96.119.68 15169 (GOOGLE)
8 8 172.105.213.147 63949 (LINODE-AP...)
12 178.250.0.165 44788 (ASN-CRITE...)
2 162.210.196.208 30633 (LEASEWEB-...)
5 34.117.219.39 396982 (GOOGLE-CL...)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 192.0.78.244 2635 (AUTOMATTIC)
1 192.0.78.236 2635 (AUTOMATTIC)
1 35.185.136.122 15169 (GOOGLE)
1 34.102.176.152 15169 (GOOGLE)
2 6 210.59.219.175 3462 (HINET Dat...)
5 18 142.250.186.34 15169 (GOOGLE)
2 35.227.249.156 15169 (GOOGLE)
2 13.112.127.33 16509 (AMAZON-02)
8 16 2a02:2638::1c 44788 (ASN-CRITE...)
2 2001:4de0:ac1... 20446 (STACKPATH...)
2 2 23.75.240.210 16625 (AKAMAI-AS)
4 104.89.20.125 16625 (AKAMAI-AS)
6 14 199.115.117.82 30633 (LEASEWEB-...)
2 2 2a05:d018:d29... 16509 (AMAZON-02)
3 15.197.193.217 16509 (AMAZON-02)
10 178.250.2.146 44788 (ASN-CRITE...)
2 69.173.144.139 26667 (RUBICONPR...)
1 69.173.158.64 26667 (RUBICONPR...)
6 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
8 142.250.185.162 15169 (GOOGLE)
24 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
16 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638::2 44788 (ASN-CRITE...)
2 2a02:2638::b 44788 (ASN-CRITE...)
1 2a02:2638:1::2 44788 (ASN-CRITE...)
4 4 18.194.91.60 16509 (AMAZON-02)
1 1 159.122.14.34 36351 (SOFTLAYER)
1 1 35.186.193.173 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 4 37.157.2.236 198622 (ADFORM)
2 2 207.198.113.89 13768 (COGECO-PEER1)
2 2 185.64.190.78 62713 (AS-PUBMATIC)
2 2 104.18.18.126 13335 (CLOUDFLAR...)
1 1 2600:9000:223... 16509 (AMAZON-02)
1 1 51.89.9.252 16276 (OVH)
2 2600:9000:223... 16509 (AMAZON-02)
2 178.250.0.160 44788 (ASN-CRITE...)
4 178.250.2.135 44788 (ASN-CRITE...)
4 178.250.0.162 44788 (ASN-CRITE...)
392 68
Apex Domain
Subdomains
Transfer
69 holmesmind.com
cdn.holmesmind.com — Cisco Umbrella Rank: 132510
fcm.holmesmind.com — Cisco Umbrella Rank: 144653
c.holmesmind.com — Cisco Umbrella Rank: 100693
adcdn.holmesmind.com — Cisco Umbrella Rank: 132082
ad.holmesmind.com — Cisco Umbrella Rank: 88500
fp.holmesmind.com — Cisco Umbrella Rank: 130147
m.holmesmind.com — Cisco Umbrella Rank: 231188
ccm.holmesmind.com — Cisco Umbrella Rank: 256248
191 KB
46 scupio.com
img.scupio.com — Cisco Umbrella Rank: 62462
bw.scupio.com — Cisco Umbrella Rank: 122246
prebid.scupio.com — Cisco Umbrella Rank: 57040
rec.scupio.com — Cisco Umbrella Rank: 128684
408 KB
44 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 757
gum.criteo.com — Cisco Umbrella Rank: 410
mug.criteo.com — Cisco Umbrella Rank: 2434
rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 12453
ads.eu.criteo.com — Cisco Umbrella Rank: 6835
rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 10375
cat.fr.eu.criteo.com — Cisco Umbrella Rank: 8655
170 KB
42 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 128
a2a5736ec106467a63cf005083d1428b.safeframe.googlesyndication.com
0bdff4dca86cb93601122d0736e65d6b.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 166
485 KB
38 criteo.net
static.criteo.net — Cisco Umbrella Rank: 649
pix.eu.criteo.net — Cisco Umbrella Rank: 6709
csm.eu.criteo.net — Cisco Umbrella Rank: 6900
340 KB
35 hinet.net
t.ssp.hinet.net — Cisco Umbrella Rank: 84480
f67f7ece-c05e-440b-b1ee-6544db77157b.t.ssp.hinet.net
218cad15-6387-4941-93c3-f36fad2a39e0.t.ssp.hinet.net
25 KB
29 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 138
cm.g.doubleclick.net — Cisco Umbrella Rank: 223
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 231
googleads.g.doubleclick.net — Cisco Umbrella Rank: 67
337 KB
24 appier.net
ad2.apx.appier.net — Cisco Umbrella Rank: 32715
gocm.c.appier.net — Cisco Umbrella Rank: 2554
3 KB
16 aralego.com
hb.aralego.com — Cisco Umbrella Rank: 12728
sync.aralego.com — Cisco Umbrella Rank: 2234
ads.aralego.com — Cisco Umbrella Rank: 27249
7 KB
11 google.com
www.google.com — Cisco Umbrella Rank: 17
adservice.google.com — Cisco Umbrella Rank: 103
4 KB
9 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1165
eus.rubiconproject.com — Cisco Umbrella Rank: 630
token.rubiconproject.com — Cisco Umbrella Rank: 787
pixel-apac.rubiconproject.com — Cisco Umbrella Rank: 26203
22 KB
7 creativecdn.com
prebid-asia.creativecdn.com — Cisco Umbrella Rank: 16942
1 KB
6 gstatic.com
fonts.gstatic.com
266 KB
6 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 6116
89 KB
6 reurl.cc
reurl.cc — Cisco Umbrella Rank: 203216
storage.reurl.cc
6 KB
5 google.de
www.google.de — Cisco Umbrella Rank: 4915
adservice.google.de — Cisco Umbrella Rank: 6937
2 KB
4 adform.net
c1.adform.net — Cisco Umbrella Rank: 651
2 KB
4 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 893
3 KB
4 yahoo.com
ads.yap.yahoo.com — Cisco Umbrella Rank: 8459
geo.yahoo.com — Cisco Umbrella Rank: 1288
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 528
3 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 96
9 KB
3 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 399
793 B
3 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 350
fonts.googleapis.com — Cisco Umbrella Rank: 81
198 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 69
20 KB
2 imrworldwide.com
secure-gl.imrworldwide.com — Cisco Umbrella Rank: 1513
1 KB
2 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 505
2 KB
2 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 684
1 KB
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 616
978 B
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 196
85 KB
2 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 957
467 B
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 695
66 KB
2 re-news.tw
storage.re-news.tw
re-news.tw
29 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 164
34 KB
2 sitemaji.com
ad.sitemaji.com — Cisco Umbrella Rank: 105389
11 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 459
59 KB
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 849
335 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 681
439 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 282
577 B
1 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 36798
607 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1074
710 B
1 wixstatic.com
static.wixstatic.com — Cisco Umbrella Rank: 5488
1 MB
1 alphaloan.co
blog.alphaloan.co
142 KB
1 creditcards.com.tw
creditcards.com.tw
44 KB
1 racingcharger.tw
img.racingcharger.tw
138 KB
1 gbyhn.com.tw
img.gbyhn.com.tw
53 KB
1 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 553
5 KB
1 yimg.com
s.yimg.com — Cisco Umbrella Rank: 401
30 KB
0 netmng.com Failed
google2waycm.netmng.com Failed
392 47
Domain Requested by
40 cdn.holmesmind.com reurl.cc
cdn.holmesmind.com
ad.holmesmind.com
30 static.criteo.net cdn.holmesmind.com
reurl.cc
static.criteo.net
img.scupio.com
ads.eu.criteo.com
29 img.scupio.com reurl.cc
img.scupio.com
rec.scupio.com
code.jquery.com
28 t.ssp.hinet.net cdn.holmesmind.com
t.ssp.hinet.net
24 pagead2.googlesyndication.com ads.aralego.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
18 cm.g.doubleclick.net 5 redirects googleads.g.doubleclick.net
16 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
16 gum.criteo.com 8 redirects static.criteo.net
16 ad2.apx.appier.net 8 redirects reurl.cc
12 bidder.criteo.com img.scupio.com
static.criteo.net
10 mug.criteo.com reurl.cc
10 sync.aralego.com 4 redirects ads.aralego.com
reurl.cc
img.scupio.com
8 gocm.c.appier.net 8 redirects
7 prebid.scupio.com cdn.holmesmind.com
img.scupio.com
7 prebid-asia.creativecdn.com cdn.holmesmind.com
img.scupio.com
7 ad.holmesmind.com cdn.holmesmind.com
img.scupio.com
7 www.google.com reurl.cc
tpc.googlesyndication.com
googleads.g.doubleclick.net
6 securepubads.g.doubleclick.net cdn.aralego.net
securepubads.g.doubleclick.net
6 fonts.gstatic.com fonts.googleapis.com
6 cdn.aralego.net reurl.cc
ads.aralego.com
6 rec.scupio.com 2 redirects img.scupio.com
code.jquery.com
6 c.holmesmind.com 1 redirects cdn.holmesmind.com
5 fp.holmesmind.com cdn.holmesmind.com
5 adcdn.holmesmind.com cdn.holmesmind.com
5 reurl.cc 1 redirects reurl.cc
4 csm.eu.criteo.net ads.eu.criteo.com
4 pix.eu.criteo.net ads.eu.criteo.com
4 c1.adform.net 4 redirects
4 pm.w55c.net 4 redirects
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
4 adservice.google.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
4 adservice.google.de securepubads.g.doubleclick.net
pagead2.googlesyndication.com
4 ads.aralego.com 2 redirects ads.aralego.com
4 eus.rubiconproject.com reurl.cc
eus.rubiconproject.com
4 f67f7ece-c05e-440b-b1ee-6544db77157b.t.ssp.hinet.net reurl.cc
t.ssp.hinet.net
4 bw.scupio.com img.scupio.com
ajax.googleapis.com
4 www.facebook.com reurl.cc
img.scupio.com
3 218cad15-6387-4941-93c3-f36fad2a39e0.t.ssp.hinet.net cdn.holmesmind.com
t.ssp.hinet.net
reurl.cc
3 match.adsrvr.org img.scupio.com
googleads.g.doubleclick.net
3 www.google-analytics.com reurl.cc
www.google-analytics.com
2 cat.fr.eu.criteo.com ads.eu.criteo.com
2 secure-gl.imrworldwide.com ads.eu.criteo.com
2 ssum-sec.casalemedia.com 2 redirects
2 image6.pubmatic.com 2 redirects
2 pixel-sync.sitescout.com 2 redirects
2 ads.eu.criteo.com googleads.g.doubleclick.net
2 www.googletagservices.com googleads.g.doubleclick.net
2 partner.googleadservices.com pagead2.googlesyndication.com
2 token.rubiconproject.com eus.rubiconproject.com
2 pr-bh.ybp.yahoo.com 2 redirects
2 secure-assets.rubiconproject.com 2 redirects
2 code.jquery.com rec.scupio.com
2 ccm.holmesmind.com reurl.cc
cdn.holmesmind.com
2 m.holmesmind.com cdn.holmesmind.com
2 hb.aralego.com img.scupio.com
2 fcm.holmesmind.com cdn.holmesmind.com
2 ajax.googleapis.com img.scupio.com
2 connect.facebook.net reurl.cc
connect.facebook.net
2 ad.sitemaji.com reurl.cc
ad.sitemaji.com
2 cdn.jsdelivr.net reurl.cc
1 onetag-sys.com 1 redirects
1 s.ad.smaato.net 1 redirects
1 s0.2mdn.net googleads.g.doubleclick.net
1 gcm.ctnsnet.com 1 redirects
1 um.simpli.fi 1 redirects
1 rtb.nl.eu.criteo.com googleads.g.doubleclick.net
1 rtb.fr.eu.criteo.com googleads.g.doubleclick.net
1 0bdff4dca86cb93601122d0736e65d6b.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 a2a5736ec106467a63cf005083d1428b.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 fonts.googleapis.com reurl.cc
1 pixel-apac.rubiconproject.com eus.rubiconproject.com
1 static.wixstatic.com reurl.cc
1 re-news.tw reurl.cc
1 blog.alphaloan.co reurl.cc
1 creditcards.com.tw reurl.cc
1 img.racingcharger.tw reurl.cc
1 img.gbyhn.com.tw reurl.cc
1 static.xx.fbcdn.net www.facebook.com
1 www.google.de reurl.cc
1 geo.yahoo.com reurl.cc
1 ads.yap.yahoo.com s.yimg.com
1 stats.g.doubleclick.net www.google-analytics.com
1 s.yimg.com ad.sitemaji.com
1 storage.re-news.tw reurl.cc
1 storage.reurl.cc reurl.cc
0 google2waycm.netmng.com Failed googleads.g.doubleclick.net
392 86

This site contains links to these domains. Also see Links.

Domain
youtils.cc
re-news.tw
stockinfo.tw
Subject Issuer Validity Valid
reurl.cc
R3
2022-05-25 -
2022-08-23
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-06-02 -
2023-06-01
a year crt.sh
storage.reurl.cc
GTS CA 1D4
2022-07-05 -
2022-10-03
3 months crt.sh
feebee.com.tw
R3
2022-06-21 -
2022-09-19
3 months crt.sh
*.scupio.com
Sectigo RSA Organization Validation Secure Server CA
2021-10-13 -
2022-11-13
a year crt.sh
*.holmesmind.com
Go Daddy Secure Certificate Authority - G2
2022-05-19 -
2023-06-20
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2022-04-21 -
2022-07-20
3 months crt.sh
storage.re-news.tw
GTS CA 1D4
2022-06-30 -
2022-09-28
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
*.api.fantasysports.yahoo.com
DigiCert SHA2 High Assurance Server CA
2022-06-13 -
2022-08-03
2 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
*.ssp.hinet.net
2021-10-12 -
2022-10-12
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-06-27 -
2022-09-19
3 months crt.sh
m.yap.yahoo.com
DigiCert SHA2 High Assurance Server CA
2022-03-02 -
2022-08-03
5 months crt.sh
yahoo.com
DigiCert SHA2 High Assurance Server CA
2022-02-11 -
2022-08-10
6 months crt.sh
www.google.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
www.google.de
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-06-21 -
2022-09-23
3 months crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2022-03-17 -
2023-04-12
a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-06-15 -
2022-09-18
3 months crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA
2021-10-21 -
2022-11-20
a year crt.sh
*.gbyhn.com.tw
E1
2022-06-06 -
2022-09-04
3 months crt.sh
tls.automattic.com
R3
2022-05-18 -
2022-08-16
3 months crt.sh
re-news.tw
R3
2022-07-04 -
2022-10-02
3 months crt.sh
*.wixstatic.com
Sectigo RSA Domain Validation Secure Server CA
2022-04-30 -
2022-10-27
6 months crt.sh
*.t.ssp.hinet.net
2022-04-14 -
2023-04-14
a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2021-07-14 -
2022-08-14
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2022-03-17 -
2023-04-04
a year crt.sh
*.gstatic.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
*.google.de
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
*.google.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
*.fr.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-05-18 -
2022-08-13
3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-05-27 -
2022-08-25
3 months crt.sh
*.nl.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-05-22 -
2022-08-24
3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2022-03-31 -
2023-05-02
a year crt.sh
*.doubleclick.net
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
*.imrworldwide.com
DigiCert TLS RSA SHA256 2020 CA1
2022-01-04 -
2023-02-03
a year crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-06-12 -
2022-09-12
3 months crt.sh

This page contains 59 frames:

Primary Page: https://reurl.cc/a7d82y
Frame ID: D4405FD5A1CFDE7F9D33B04948E92B5B
Requests: 31 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Frame ID: EEFF431DEA2A8683DF07D541A28825B3
Requests: 2 HTTP requests in this frame

Frame: https://ad.sitemaji.com/native/reurl_passback.js?s=728x90_pc
Frame ID: 3D32CD04C8980601645B5B18D4AFC9E1
Requests: 4 HTTP requests in this frame

Frame: https://img.scupio.com/html/ad.html?v=1.0.63
Frame ID: D69830271CD7AC00B5603068E9124539
Requests: 16 HTTP requests in this frame

Frame: https://img.scupio.com/html/ad.html?v=1.0.63
Frame ID: 1341421ACF3FD80F6CA92A8546C13244
Requests: 16 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 3712B8BDD9CDEE626AD57485896B9636
Requests: 5 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: DECF67126C8D3D64CB3BBF04F063C4FA
Requests: 25 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 8869C6CBDA2E612DC923FD944D980896
Requests: 12 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: E8AA8859D1B0EF5B2E3C5CB48F9571CB
Requests: 23 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: B7123E4A1D4376D2382416D1C341C711
Requests: 1 HTTP requests in this frame

Frame: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=2396-h52HJW4TZUhjRE083FyLZa2PSbzRa3CR&CFFPCKUUID=5644-nHLgNnuMUZqx1UfsTsNykm1bfVCVrumL&url=https%3A%2F%2Freurl.cc%2Fa7d82y&maindomain=reurl.cc
Frame ID: C675CC61C43F91C4196E957D38D68893
Requests: 1 HTTP requests in this frame

Frame: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=2396-h52HJW4TZUhjRE083FyLZa2PSbzRa3CR&CFFPCKUUID=5644-nHLgNnuMUZqx1UfsTsNykm1bfVCVrumL&url=https%3A%2F%2Freurl.cc%2Fa7d82y&maindomain=reurl.cc
Frame ID: 5A20EAACB164AB34F67EA73851E94A58
Requests: 1 HTTP requests in this frame

Frame: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=2396-h52HJW4TZUhjRE083FyLZa2PSbzRa3CR&CFFPCKUUID=5644-nHLgNnuMUZqx1UfsTsNykm1bfVCVrumL&url=https%3A%2F%2Freurl.cc%2Fa7d82y&maindomain=reurl.cc
Frame ID: 9079CEE06C490083E63B6DF00E7EA756
Requests: 1 HTTP requests in this frame

Frame: https://img.scupio.com/js/rec.js
Frame ID: 783266A561AD443EF67C58CEECDF8C6F
Requests: 6 HTTP requests in this frame

Frame: https://img.scupio.com/js/rec.js
Frame ID: AAF0D6F4DDD12A8A6CE1896A9D08611E
Requests: 22 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/init.js
Frame ID: 50ED57D165C3EFE54BFD8D565C0F8EB1
Requests: 3 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 9A28DCCBE6DD2CF0B7B98A57A81CF252
Requests: 8 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 54B341CA8AD2CC7BBE30B41C7C8795F1
Requests: 22 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: FE1A2673B4AF4093C12606D310ACFD3B
Requests: 1 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/init.js
Frame ID: B879C295E1825A86CF50A8A38EAE6884
Requests: 3 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 755125D1F1BDEE6FD02EF1F5FA337E37
Requests: 8 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 3480E6DF44A3460D4832CB88D6ED74AD
Requests: 21 HTTP requests in this frame

Frame: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=2396-h52HJW4TZUhjRE083FyLZa2PSbzRa3CR&CFFPCKUUID=5644-nHLgNnuMUZqx1UfsTsNykm1bfVCVrumL&url=https%3A%2F%2Freurl.cc%2Fa7d82y&maindomain=reurl.cc
Frame ID: F66EEB5F31FB16E518D2BBD07EF80E22
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: 415A741DDE3DD435544A66339747C2CF
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: D019EBD21BD854858E74BC5EBCF30EDF
Requests: 2 HTTP requests in this frame

Frame: https://img.scupio.com/html/ls.html
Frame ID: ED0DA65686869217364D4EAB4F7B68AD
Requests: 1 HTTP requests in this frame

Frame: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEGhblmCxaRD24Em7acA07ho&google_cver=1&google_ula=3918219,0
Frame ID: FBC5C48958943CE42E367DFFD9DC8375
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Frame ID: DA9A051AEA0A99D4253F748869E83C4A
Requests: 4 HTTP requests in this frame

Frame: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=2396-h52HJW4TZUhjRE083FyLZa2PSbzRa3CR&CFFPCKUUID=5644-nHLgNnuMUZqx1UfsTsNykm1bfVCVrumL&url=https%3A%2F%2Freurl.cc%2Fa7d82y&maindomain=reurl.cc
Frame ID: DF95A7A044484C2975F669F120D18777
Requests: 1 HTTP requests in this frame

Frame: https://img.scupio.com/html/ls.html?mid=52
Frame ID: 1A202F66A1C33567808522B9AB08DC0C
Requests: 1 HTTP requests in this frame

Frame: https://img.scupio.com/html/ls.html
Frame ID: 8B131D5B8755D593F605461B3A26CACD
Requests: 1 HTTP requests in this frame

Frame: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEGhblmCxaRD24Em7acA07ho&google_cver=1&google_ula=3918219,0
Frame ID: 141ECFDE0BA456DD0456BE8A92C1AEA1
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Frame ID: BCFA4E1016F55FC1A2F4314F4CED2160
Requests: 3 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Frame ID: 4608013866E2D02A5EEA9E87ED4E74A9
Requests: 5 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Frame ID: 4309B70350B1FA7F9271D1A072897DB4
Requests: 5 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: B8C40386DD4C2F765633CF015FC82A51
Requests: 9 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: D828E76A1D14166E0D77BBC73E4D6895
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 8928842CE7770D490F320F2976DE6A6A
Requests: 8 HTTP requests in this frame

Frame: https://a2a5736ec106467a63cf005083d1428b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=5
Frame ID: 477B948EAC8A9B2984604C3D0B278653
Requests: 1 HTTP requests in this frame

Frame: https://0bdff4dca86cb93601122d0736e65d6b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=5
Frame ID: 96518623ECF59452E8A3F3A7215F8306
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 20CBE45E23D2C1305135B4A52F03A85A
Requests: 8 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: 0AAF34583A08C1B391AE662421356039
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242781&pi=t.ma~as.2784%2F12679&w=300&url=https%3A%2F%2Freurl.cc%2Fa7d82y&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657662913708&bpp=12&bdt=551&idt=102&shv=r20220707&mjsv=m202207070101&ptt=5&saldr=sa&correlator=8080358364842&frm=23&ife=1&pv=2&ga_vid=506623428.1657662910&ga_sid=1657662914&ga_hid=1049140368&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=622&biw=1600&bih=1200&isw=300&ish=250&ifk=292260424&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31068196%2C42531606%2C44764002&oid=2&pvsid=211708314825957&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.79slkodixdb3&fsb=1&dtd=120
Frame ID: CCE8F3180E63459A853648D39487A6D0
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242780&pi=t.ma~as.2784%2F13801&w=300&url=https%3A%2F%2Freurl.cc%2Fa7d82y&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657662913760&bpp=15&bdt=478&idt=121&shv=r20220707&mjsv=m202207110101&ptt=5&saldr=sa&cookie=ID%3D3cc102208e27bde4-225cf021cccd008f%3AT%3D1657662913%3ART%3D1657662913%3AS%3DALNI_MZUNffKHyNVxFLyrTiuCNybFQLiyQ&correlator=8080358364842&frm=23&ife=1&pv=1&ga_vid=506623428.1657662910&ga_sid=1657662914&ga_hid=1848984361&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=622&biw=1600&bih=1200&isw=300&ish=250&ifk=1249474335&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44768326%2C44766558%2C31068381%2C42531606%2C42531607&oid=2&pvsid=4177307337193708&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.cawfm9i5ivpc&fsb=1&dtd=137
Frame ID: 463C6E4379763D71B01B72FA7392F5D7
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C9D0B6C3D18D543C0A88F767F60CA996
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A5FD66473E1AF99581345480B427B640
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: ADFF614599C243C6712571964CE9C699
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: FC2A33D906C56F3FAE26A0167E4E6E13
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: 7A2D770F844F0EBF98A4C2727867A2FE
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 04A320E5FC62EBE79A5F8F3CE8D8E46F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 101CA7C699034E66190ADE29535DB90D
Requests: 2 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ys3twQANiYMKGGYDAANAnd6tmykkqPeBV6Jsxg&u=%7CCmiiIZhd23Q9I9MUulsxggyO4M061lOUfBwyQk3FmD8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZetDT5vPMn_ZEttGy6HYLo44Q7wBABmby2W-T5O746N8P0q9kq_L8VKQv5jVSCUz2AXuPgoFJHy2jZu8sbvMU7Gm30qtzpVR-sYccEkLs8MP3noKBk1Cfb1UDI85EcCKZ6s7kNMzNCP0p3EUBr8OHjd3LDoL7zVXHF1PYfxP7ZRc66BNlSlPPnYfwkvHYwgRMLsr1Wyl0vn2yTacQy7_IvYUmj5ZT9QVK3ydcQ_XjW7E6xnXCSRDTQ8QCsbiMHz8WEtkYydXsvFlXlT93DZrDRGTHyOoJ8khucJVuc7iBLo4zHgmIAJcJ7ORVXOztnaxEOC4DbKHrCRXPEBLwwmQpBpiaifqs7BKIsPyHPpzSAciZT4r9ifcTOIXUWnY9sbRmNw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtG8Bwe3NYoOTNoPMYZ2BjfAOyZ7SsVzVnZH3cMCNtwEQASAAYJWCsYK4B4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJygqnEJ-SwPqgDAaoEqwFP0PfSaHoXs9t1VkHokGNMw0ul7ebAu8DFo3hHo0vYmPTo6GzsIqIl7WP6OQ0YLbXm0HnR73GA5Ebx1xiXlYnaqQInq3q4JS2slCFK4cYPnYLxVNWuAIJq2ccuGYZgY0iqmTECEzwiw6wyeSfIw-vZA_14IGUjJTCg0DghBtLQUqLnuoMUpVd8USqbZD7b64hxdHfqH2kn4aueRi6ZeBqxU1TBihXUa6n-CtWABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0nzf1e3139oPOub3_K1ts4m9Jokw%26client%3Dca-pub-4485239425924787%26adurl%3D
Frame ID: 7F647F94EBDFA51F256C39B5403A198B
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2BC75D0B7536CC0186E1259304D1ED6F
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ys3twQAOMc4KGKuOAAHd6nG_7PjkNBaOQzHBbg&u=%7CgbXvUnTIjmxYqnIea1h%2B17RO7HQ%2BjkhQWVywWO5NG%2Bo%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZetDT5vPMn_ZEttGy6HYLo44Be4v-TrJ1I3cJAqZSbGfWkBfS_sQD7RDB88qACK3RrnT-i6XPEFsN42VcrRTa2HTcUsNQbqFa3Bx0xF9KzDm2MF3HxQAYlgbwIrlB5WBJzyPjJhx0dfU8NBJU2qEQ3Dt9y8O0ZeE6BVuIHmwUwmaGRZBgs-OXouzNhpdwfAlD7eJ1uXAEIuzk73GxY0Y6jwGcdbkG8qhe9fwSy3ae0qP6Y4eARky9py1cZzalDkWJa8nW-G-8ncdr0ycoF3GFXxjIBOt3hr3KFx3gQZNHfISgBQ6epj2ZN5BC5xU25PTxr1fMYk7CwgWDmtKvJa7_ObPda-1dEiLiBZrt47BeOep4dGM-7i9YXsat3ofYhPLhQNfEGmp9S-NG-6HO-hzRkB0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5xYAwe3NYs7jOI7XYuq7h1DJntKxXNWdkfdwwI23ARABIABglYKxgrgHggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODegAdW20uoDyAEJqQJygqnEJ-SwPqgDAaoEqgFP0AGoAj1zAVYbAoIVoKqosOFduvsoLZfSqu3q9Wn4AdgmdCSV3Dc3RQtZf9sUzdcAtGfib-VAjPQmVfYcjCI5web3Aw0Q3gUxyXxJ15BFI2Z9sUhUfTtYbbY_gDgHuxhvt2XZc1HR99H17_NVXRLAceB3eJxRYJ1d3TgqIQRgPHLk8AC0WCuhKpuflSU2FVFC9PDU3IypupCZXpctggc7Vky7yV71f4_Vr4AG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0HR42ql9YGLkrwSw0OfwXfqnkVEw%26client%3Dca-pub-4485239425924787%26adurl%3D
Frame ID: 33015E18EF8B044111A937F45369E473
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 379FA74801C8101B42C18F713CB91A11
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 49016456F5A40535365809B049B5AC31
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 08EFA39C592331E0BBD5F13BBF779F23
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BFC74DB9761DED937D4F4AE5C14C38D2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 26DCF787D90A4AD9DE4B0ABBAE21EEE6
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

縮短網址產生器 - reurl

Page URL History Show full URLs

  1. http://reurl.cc/a7d82y HTTP 301
    https://reurl.cc/a7d82y Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/vue(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • /prebid\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

392
Requests

90 %
HTTPS

43 %
IPv6

47
Domains

86
Subdomains

68
IPs

12
Countries

4479 kB
Transfer

8542 kB
Size

47
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://reurl.cc/a7d82y HTTP 301
    https://reurl.cc/a7d82y Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36
  • https://c.holmesmind.com/cm HTTP 302
  • https://c.holmesmind.com/cm?tc=getIn&
Request Chain 66
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=N-xE0AqSDI-b2ph8v-3NYg
Request Chain 67
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=VtvY1kHmAxilUZOOv-3NYg
Request Chain 69
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=exuX5kFsCwmWwByrv-3NYg
Request Chain 70
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=MZSt_wRxBg2-2FU5v-3NYg
Request Chain 112
  • https://rec.scupio.com/recweb/js/rec.js HTTP 301
  • https://img.scupio.com/js/rec.js
Request Chain 120
  • https://rec.scupio.com/recweb/js/rec.js HTTP 301
  • https://img.scupio.com/js/rec.js
Request Chain 136
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=422561-TMH65wljeJha70tf2m9XiR8m4WrDVzqz&uu_m=undefined HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm=&cf_uid=422561-TMH65wljeJha70tf2m9XiR8m4WrDVzqz&uu_m=undefined&google_tc= HTTP 302
  • https://m.holmesmind.com/ml/google?cf_uid=422561-TMH65wljeJha70tf2m9XiR8m4WrDVzqz&uu_m=undefined&google_gid=CAESEHtsGtaCb9FmxqNcNfWd7TU&google_cver=1
Request Chain 146
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=N-xE0AqSDI-b2ph8v-3NYg
Request Chain 147
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=N-xE0AqSDI-b2ph8v-3NYg
Request Chain 159
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=422561-TMH65wljeJha70tf2m9XiR8m4WrDVzqz&uu_m=undefined HTTP 302
  • https://m.holmesmind.com/ml/google?cf_uid=422561-TMH65wljeJha70tf2m9XiR8m4WrDVzqz&uu_m=undefined&google_gid=CAESEHtsGtaCb9FmxqNcNfWd7TU&google_cver=1
Request Chain 173
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=N-xE0AqSDI-b2ph8v-3NYg
Request Chain 174
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=N-xE0AqSDI-b2ph8v-3NYg
Request Chain 189
  • https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q1hBMjAyMjA3MTMwNTU1MTE5NDMzNjA%3d&layout=js HTTP 302
  • https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEGhblmCxaRD24Em7acA07ho&google_cver=1&google_ula=3918219,0
Request Chain 190
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Request Chain 192
  • https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CXA20220713055511943360 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/f7ec386a-9b9b-45d8-bc34-9de591d01056?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-hlpai59E2oVQIQhLmCaRdSGVpnJcM0VQm_I5HaA-~A&redirect= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Request Chain 198
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=Snako3xqM0Y4KzFhSUdqc2p4Mkc4WUZKdUdoa05FNFBJNmM3TlVDV3FwaEJuV3ZGS2l2Z1IxM1ZLdytPUHNJKy9WOGhFTW1jb0dWWGIvVjlEQm9iLzA2SC9Xc1V4Qkp4SUZMeEtJN3JuZFJXeXRDd3BGN2dLM29jTkpoUUkvM3FhMC9oQWNoTGhLeTJ5MkJUT1lPNzY2SG9CWUNOZTJna09UT25aV0JOZ25LcWo2Zk5TSm1LbTFHT0xHcjA1U3ZDMUcybnVNUkYrQXZvSGFiWEVwWWh3Y1VsK01HSktEcVlWVzRqMHc5U25VNEVzb3haclVqZW05eWNTdEZvamc0MEV3SzZwbEluMWpjWEx6dEUyTFdVVXY4MVpPKytFQmVRdVVHZHZpckQvd1hOeUxBWT18&cppv=2
Request Chain 199
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=K_vNznxubEdHMTlubFVRZmZ3SUpWQnJUa1lMMldVODh3ZVVjZ0VubUxCcU9CeitQN0plYmVIVjZ3NjUxNUkxT3pEN0pkUDR1dlF4Qkc2QXlzVUszSG1EaWxqaVNQbTYrZFcwNjduZW04d2VOY3JqQVNSeFFaaHl0dFEzMVZ6S2l6MS81Y3BvSU14L0Ewb2s4RmJFWXRES2hLdkdNR2RsSTdrbStGdXhkL2Z0dlBSNGxOUUozblUwSVZadmErUkRaK0hlVVM4RFpLVi91WEdvdGVqeXhEaGVuWGlWUVk2S2ZMUEFRMUxrcnZZa0dMYzBUVUpDR3Q2aWowZU93Nm5hN3hJWXVuTVJmeXA0M00xRFE2aHF5M0tHb3JGemlBZUltUzB4RkpzMS9LLyswNEN1UT18&cppv=2
Request Chain 208
  • https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q0tBMjAyMjA3MTMwNTU1MTI4NTg4NTI%3d&layout=js HTTP 302
  • https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEGhblmCxaRD24Em7acA07ho&google_cver=1&google_ula=3918219,0
Request Chain 209
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Request Chain 211
  • https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CKA20220713055512858852 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/f7ec386a-9b9b-45d8-bc34-9de591d01056?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-G8vaLyxE2oWyJye815s.9aJssHSrmaANd3Qtrfo-~A&redirect= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Request Chain 222
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Request Chain 241
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Request Chain 283
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=jD4v-XwzZVQvRk1UcXM1NDRTdVE3amxPUlVycXB1Lzd3clpLMFBxWnkxb250WWhaTExTTlEybEtkZDJlR05lV05ZV2F3MlVPRVdpUnJsZmZKZkpRMFBDTmJoN1R2b2ZSS0cwVmdnRndlNklvd2doNUxoaGUrQUc2QlBob0F2SmY4bFZvbTRTby9FMFRlTzdDK2FDMkd3TzlXazVoYkViY05GbVI5UUdzbU82VjQ0Z0F6cW9EanQ1V3pjb1JTQWNlWVVzQWZkRDBlOUdoR3dFUjNqQmN3Ym9kWlhNbDVoS2tkYmVXYzZVa2lZMVQ5Z2VjL1FCN1ZWa0RxVUZ1SDRnOHdvekE1RmVNMk14R3pBQ0F5T1JOUmp4NU9oZz09fA&cppv=2
Request Chain 295
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=mSE2_F8xS0N2UVZDWXdyNnU0d1ByYnlIY3U2NmVJU1N3JTJCJTJGcXNmN0VtVXc0bCUyRjhPMUJhJTJCZVl1T0hDMzNPWFVXUDd4RXVORERIZjIwZ2h5S2U4b1QyNlVzbGRSNyUyRmFoeEgyaUVhZmZxYVpkN3U5Z3ZoOVJXSGg3aVZVenJZaUhzb1JwYiUyQjlkdFpybnRFc0dMZm9vRWFQcnp2QWclM0QlM0Q&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=5Rhx83xpTlA3d0l5T1ZQbUx4N3RpbytGRTdQZ2M4RlNKV0VlMHZ5WVlTRUtRa1ZWMFJTcFpBaUpuMGFMbXNOTEV0Visxc1JLVk9la1J2QXF4elp2RXVXdUcxUDFwV1lEbTR1eUxUTURRdE93V1ZpT1BjT0tEaldJR2s1TS9Jdy9jeEZlaEF4RjFYMUYxRGRRNXNXblA3dk9DOTEwcnNEdG9vdS9JTWNPRmV5SkZISkpGdEdlbXVqWFlyTWV0bUR6dldkbmd4NXc3OGwyOEN2Mnh5cmVENVc0QXlIQzRFaHkybWMzK283d241KzFDcmsxWWRBTEZqeFl5Ly81UmN4ZjY3eE4wY1YzZ2NIRjRtVHFrMUx5dnpubi9Ec3hSajlhM2M3M0RYL1Eyd0MxVHlCZz18&cppv=2
Request Chain 296
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=mSE2_F8xS0N2UVZDWXdyNnU0d1ByYnlIY3U2NmVJU1N3JTJCJTJGcXNmN0VtVXc0bCUyRjhPMUJhJTJCZVl1T0hDMzNPWFVXUDd4RXVORERIZjIwZ2h5S2U4b1QyNlVzbGRSNyUyRmFoeEgyaUVhZmZxYVpkN3U5Z3ZoOVJXSGg3aVZVenJZaUhzb1JwYiUyQjlkdFpybnRFc0dMZm9vRWFQcnp2QWclM0QlM0Q&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=9sY5cXxEVm40SHk1ZSsxcStaY3JXVUgwTlg4Zkc4SXVyTmpoR2xIZ1JIa2xJNVhtd3dGT3FVdGVYNWoybGFPVForMnViTjF3Q3dLY1RGTC9kZHZWOWtIUEo5SFgrZDFhMW5LcnJHMjQrTEF0OGMrdnEvRGdLYitpRFR6TlZaUHdvN2lMelJEdzlGb05rbFdyMUZQSHJjZk10dmpnUHpHOFVWQ21oOU1yWTl2MDQ5dnNLcVI1emxsQkd5SStWR2R3RGZ3aFBzOGhUUVRvY3dyZ2RYejZNWDQ1b05XWnltVzQwcU1VelFNTmkxMG45SkQ0dmRxaEdjaU55Y2RTeWNyWGVJbXJhZlhZTE83S0VILzBDQTBmUm5TV2VJcFQvT3BxSGtCakt4Z09ZT3ZyVUxTZz18&cppv=2
Request Chain 297
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=mSE2_F8xS0N2UVZDWXdyNnU0d1ByYnlIY3U2NmVJU1N3JTJCJTJGcXNmN0VtVXc0bCUyRjhPMUJhJTJCZVl1T0hDMzNPWFVXUDd4RXVORERIZjIwZ2h5S2U4b1QyNlVzbGRSNyUyRmFoeEgyaUVhZmZxYVpkN3U5Z3ZoOVJXSGg3aVZVenJZaUhzb1JwYiUyQjlkdFpybnRFc0dMZm9vRWFQcnp2QWclM0QlM0Q&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=Rwt-THxrVEphRTRXbnVPaG9WaHZuc1pTWCtPOWcyd2Vsc0IvbERVdjRPdE5XdWtkWWUyMGV2dm04akhkanIyRFAxdllrUjdTRDVHZkYrVFdSOU5jQ1RpTDB0SkovaHo3RlVsZDhXa3dUS1JyWjF1QXRUSGtoWkFZU3hsUnpzcmpCVlhpeGhKQW1OMFBKL2p4aXBtZHV6UC9QcjM4aU9SZ2U2bll5ZGtmMVRRbk85b2ErTnYxaS9PaTdkYngxZDlYOHBQU0FjRmFjaWpPNE5lRkNDZlpMdmZXbFM1U0ExMXJ4WjBEUU1NNnNWYytKRk1CQ2xLUklreEs5bmhhUXJWaEVhZ2dDUTdGcmZPSWVsYmYramlicWErd29GdVRXbDJmM3NZM0twc3B6R2VvRjVrWT18&cppv=2
Request Chain 309
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=-1xt53xwS2ZqaWExQ0FuM09PckwxbHUwZGdNbm9hNUdhTGZaRGw0WmdsNnM3TmFCVTRmOUNjR0NwNW9lN2Z0ZDFPTExtZEprVzZ4bEJ4VVo2MU9vY3hteWMyMWJ4TlR5L1gvZi9tR3NlbEh5ckdIY2VvWFlQN1kxVGlaT1BGbE1TS0NwdjZXaEJyR29CNjE0aEFWSFkrL1NyUVRldk1mMUJ6SjF2bXQwTi9ZMjFkL1AzY1F4K3FwdzdaL3B6VkQ1emQ1K2NERTAwSUpiRjdPYW1pQS81SWFRSjQvRGxOdHlJbVZRS0dackVwYUlXcWw5WC9MWWFiY041S1QxVWhXOXlDdUI5OG5yaXdZZE1wYjQvSHVybW5raXVYdmdFWGxCekNkblZaUnU2KzZiU3VIVT18&cppv=2
Request Chain 324
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELSRRGyPPH6Ra5SKomWwrrM&google_cver=1&google_push=AehlK4Cjpt5QCEau0te2s9zwaF_OVdeEjGh-IzgI3NEgomiwk81K2bzfZa3hZdcheWsRIlt8VUEinqbwQTBs_OFpAZCuqLyaQJE HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELSRRGyPPH6Ra5SKomWwrrM&google_cver=1&google_push=AehlK4Cjpt5QCEau0te2s9zwaF_OVdeEjGh-IzgI3NEgomiwk81K2bzfZa3hZdcheWsRIlt8VUEinqbwQTBs_OFpAZCuqLyaQJE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aDBEMU95M3gxT2JuUUM1&google_gid=CAESELSRRGyPPH6Ra5SKomWwrrM&google_cver=1&google_push=AehlK4Cjpt5QCEau0te2s9zwaF_OVdeEjGh-IzgI3NEgomiwk81K2bzfZa3hZdcheWsRIlt8VUEinqbwQTBs_OFpAZCuqLyaQJE
Request Chain 325
  • https://um.simpli.fi/gp_match?google_gid=CAESEH9fOF7oxFXcWOZl-Zk2-ZA&google_cver=1&google_push=AehlK4CdqveX4NIy79nDVfKwvTPRlQN43zFnyy05BieeUcBZroD5xNQUCPutzfR2uWOU_JrOJChVjj8afYVDMInKsA_mvBsmIQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0D83A353B7FB49278E551B318752CD43&google_push=AehlK4CdqveX4NIy79nDVfKwvTPRlQN43zFnyy05BieeUcBZroD5xNQUCPutzfR2uWOU_JrOJChVjj8afYVDMInKsA_mvBsmIQ
Request Chain 327
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESENYpUJQKFIQ2Dku8t6Manc0&google_cver=1&google_push=AehlK4C8O9pLTNsJa-bOfVy7Z2SJ4aWwnlfOc7_ojRbEHqhfWwxsJ74s3xwZCdL_n5Vq6-pf815T3daNpeCXcuS5w0dPdLxEP8w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AehlK4C8O9pLTNsJa-bOfVy7Z2SJ4aWwnlfOc7_ojRbEHqhfWwxsJ74s3xwZCdL_n5Vq6-pf815T3daNpeCXcuS5w0dPdLxEP8w&google_hm=OK8_VrFUSCGADt70lNj1r4Y
Request Chain 329
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELqww80i5VorKFaX3iaY-J0&google_cver=1&google_push=AehlK4CZm6Iji95uBNoOX9NJ2dAWHFcxLfteGu7aMdKD93_Ymh2STp0UeDtCwaRBWEc9DJyX-th1K6ei022dbNsU0VEkgeV2ATo HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESELqww80i5VorKFaX3iaY-J0&google_cver=1&google_push=AehlK4CZm6Iji95uBNoOX9NJ2dAWHFcxLfteGu7aMdKD93_Ymh2STp0UeDtCwaRBWEc9DJyX-th1K6ei022dbNsU0VEkgeV2ATo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjAyMTkyODkzNzQ4MDk5MjU1MQ&google_push=AehlK4CZm6Iji95uBNoOX9NJ2dAWHFcxLfteGu7aMdKD93_Ymh2STp0UeDtCwaRBWEc9DJyX-th1K6ei022dbNsU0VEkgeV2ATo
Request Chain 330
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELqww80i5VorKFaX3iaY-J0&google_cver=1&google_push=AehlK4DIjIbH9U0Rxut04aQxKLWUkhZrVhUjuJxxlCgqpiYck7B7Dgpu6Q6gL6Xoh7eCCnWLFKVYzqYgc3Uzk3mFQDikUwZtcX0 HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESELqww80i5VorKFaX3iaY-J0&google_cver=1&google_push=AehlK4DIjIbH9U0Rxut04aQxKLWUkhZrVhUjuJxxlCgqpiYck7B7Dgpu6Q6gL6Xoh7eCCnWLFKVYzqYgc3Uzk3mFQDikUwZtcX0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzkzMjYyMjk2Mzc2MTI1MTc2Ng&google_push=AehlK4DIjIbH9U0Rxut04aQxKLWUkhZrVhUjuJxxlCgqpiYck7B7Dgpu6Q6gL6Xoh7eCCnWLFKVYzqYgc3Uzk3mFQDikUwZtcX0
Request Chain 333
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELSRRGyPPH6Ra5SKomWwrrM&google_cver=1&google_push=AehlK4D-MuGGDGexbMa47TedX4DsF_q4XuRb16r8VndzTYUynqYmJ0k2cm1T_ciPgwGEB7QLCdYzVuvgvpS2xicfX4Bkq8uUk_w5 HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELSRRGyPPH6Ra5SKomWwrrM&google_cver=1&google_push=AehlK4D-MuGGDGexbMa47TedX4DsF_q4XuRb16r8VndzTYUynqYmJ0k2cm1T_ciPgwGEB7QLCdYzVuvgvpS2xicfX4Bkq8uUk_w5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aDBEMU95M3gxT2JuUUM1&google_gid=CAESELSRRGyPPH6Ra5SKomWwrrM&google_cver=1&google_push=AehlK4D-MuGGDGexbMa47TedX4DsF_q4XuRb16r8VndzTYUynqYmJ0k2cm1T_ciPgwGEB7QLCdYzVuvgvpS2xicfX4Bkq8uUk_w5
Request Chain 334
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEM4Zqtcg3JJOAaKFGfs6rx4&google_cver=1&google_push=AehlK4B1zZsBUoN8luYfMWb_zJCHOd8GG2LdXKezHwXP5K2h9dNLAfUi-82q7rKMCADfDLLTRWrmgs_D6DDr9HdWO5r0_4VQWoTs HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=8&google_gid=CAESEM4Zqtcg3JJOAaKFGfs6rx4&google_cver=1&google_push=AehlK4B1zZsBUoN8luYfMWb_zJCHOd8GG2LdXKezHwXP5K2h9dNLAfUi-82q7rKMCADfDLLTRWrmgs_D6DDr9HdWO5r0_4VQWoTs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=aqIGR98jTI68VVTLTYqT-GLN7cI
Request Chain 335
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGRGkQcO3kVMeVMshFRDvwM&google_cver=1&google_push=AehlK4CbpiUYSFVt-ojv2qT8jHPB_EkNgsv_58flWzLV_iP8O3eZm585jPgRomFxJt-WP4a_o8VKD40edY0rTM5PawwdhATtoECl HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGRGkQcO3kVMeVMshFRDvwM&google_cver=1&google_push=AehlK4CbpiUYSFVt-ojv2qT8jHPB_EkNgsv_58flWzLV_iP8O3eZm585jPgRomFxJt-WP4a_o8VKD40edY0rTM5PawwdhATtoECl&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Oe0NcKP3TOWQcf6gNpj0PA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AehlK4CbpiUYSFVt-ojv2qT8jHPB_EkNgsv_58flWzLV_iP8O3eZm585jPgRomFxJt-WP4a_o8VKD40edY0rTM5PawwdhATtoECl
Request Chain 336
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPDgFHrCtpobYmVWnUj1Wbk&google_cver=1&google_push=AehlK4A6UGx6iafkZeQh0iNe0I6sVP3Etonp-_WnbFaLn_gUNfk_taLgAqzBjTQhnJ4Oio7tBSJ4wUur0h-OWYrJTcswSWT83qSw HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEPDgFHrCtpobYmVWnUj1Wbk&google_push=AehlK4A6UGx6iafkZeQh0iNe0I6sVP3Etonp-_WnbFaLn_gUNfk_taLgAqzBjTQhnJ4Oio7tBSJ4wUur0h-OWYrJTcswSWT83qSw&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPDgFHrCtpobYmVWnUj1Wbk&google_hm=Ys3twjC9DFAk__CfUb-uvQAABLMAAAIB&google_nid=index&google_push=AehlK4A6UGx6iafkZeQh0iNe0I6sVP3Etonp-_WnbFaLn_gUNfk_taLgAqzBjTQhnJ4Oio7tBSJ4wUur0h-OWYrJTcswSWT83qSw
Request Chain 337
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESECN3snThleedYZEahO-DW_0&google_cver=1&google_push=AehlK4AnoUVZj5FfHdUvXXZreP8nosEesmL7tDfwa0zfD26qpoGQ70ns81xecV2FKE_uSfBE4Z5a-JOvGTCjW0bbz4Ho9QoKH-YB HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AehlK4AnoUVZj5FfHdUvXXZreP8nosEesmL7tDfwa0zfD26qpoGQ70ns81xecV2FKE_uSfBE4Z5a-JOvGTCjW0bbz4Ho9QoKH-YB
Request Chain 338
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEFRQ13DT0zcRq-I5P-aAvg4&google_cver=1&google_push=AehlK4B2EDHZhZ-lRp-4lj4-5IOpaLoSCPRukVdsaS0_HfLiXgYLeQgzqKe_Hhf44Sa15Mb-qMjR3BOVjb1WX4kwR4moF1_9SHw3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4B2EDHZhZ-lRp-4lj4-5IOpaLoSCPRukVdsaS0_HfLiXgYLeQgzqKe_Hhf44Sa15Mb-qMjR3BOVjb1WX4kwR4moF1_9SHw3
Request Chain 355
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=VkUMdHxlQ01NR0psbjk3Smt5bFZ5T0F6emxOSE1GbHh0Q2tuNEk3KzkzczdIY3RnTm9IWUZrMlo0Q1NHb28xUm1VZ3FPZTlDUmJCQW1ydkNGcWFBcnhRdERhcmQwa1ZzZE5qNzZGYWt4SDR6UTlkcE9DUG5rYkdwYXFNZC94NE85Z0trNklleW92MWxsSzBDWUJEUHRQT3MyVEE1ZHM2elY5SGRUVlRoYnM2Nm4xV1M1UlFuQzhvU1hiS2FDRW5LejhWOVFxMlVXTEpPUEFBbFVkYjEvTW14UFRHUURkcE02NmFQVFlYMkF2N1NRRnc3SWlwMmc1emNXVEZIMm1XdDF6NTdITHpKbE5GaWJINmZaTjZqNkpITjJmL0F1dk8rMWhKeGhHdlh2VDhTTkR3WT18&cppv=2

392 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request a7d82y
reurl.cc/
Redirect Chain
  • http://reurl.cc/a7d82y
  • https://reurl.cc/a7d82y
7 KB
2 KB
Document
General
Full URL
https://reurl.cc/a7d82y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2d9541a5b91ebb4cd6d495bade576413a965fcbae3e1f4ec91e4202143baf0cc

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 12 Jul 2022 21:55:09 GMT
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding

Redirect headers

Connection
keep-alive
Content-Length
178
Content-Type
text/html
Date
Tue, 12 Jul 2022 21:55:08 GMT
Location
https://reurl.cc/a7d82y
Server
nginx/1.18.0 (Ubuntu)
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/
152 KB
24 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/bootstrap.min.css
Requested by
Host: reurl.cc
URL: https://reurl.cc/a7d82y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
9808400
x-jsd-version
4.3.1
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19137-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"2606e-bhA1SChFSJj9qA9V897LNH/Z7SE"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SmupVbdV2cclWHqVU5uLVeXQtlQFhTnzAO1Y%2By8j0GZjUXt5kYce17teo15vsxRjV94jwDklActsgMSjpa57o4YJPVUAxNDPf4DHfp7r%2BQzzQJpIcU%2FycfiqteGQElIW8Ie%2BveWa8vtDzjTJkd0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
729d05825b685c8c-FRA
style.css
storage.reurl.cc/stylesheets/rwd/
3 KB
1 KB
Stylesheet
General
Full URL
https://storage.reurl.cc/stylesheets/rwd/style.css
Requested by
Host: reurl.cc
URL: https://reurl.cc/a7d82y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.98.30 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
30.98.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e32272da242ceb6ecfad754975bc09782c6229a7a46c58e46cec347aab22be64

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 17:40:23 GMT
via
1.1 google
last-modified
Thu, 05 May 2022 00:38:33 GMT
age
15286
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
public,max-age=28800
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1091
pixel.js
reurl.cc/javascripts/
470 B
559 B
Script
General
Full URL
https://reurl.cc/javascripts/pixel.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/a7d82y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
6e9ab8ab1d57a0695a66577e348ae4343e1a92f70cb4835a52c4863f11114037

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/a7d82y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:09 GMT
content-encoding
gzip
last-modified
Sun, 08 Aug 2021 17:07:38 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"61100f5a-1d6"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
expires
Wed, 12 Jul 2023 21:55:09 GMT
vue.min.js
cdn.jsdelivr.net/npm/vue@2.6.11/dist/
91 KB
35 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/vue@2.6.11/dist/vue.min.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/a7d82y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e0156dd49c03744e79bbea60eebbbb94b5811c1b71b91f5fb38a8270dedfbaf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1285527
x-jsd-version
2.6.11
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19149-FRA, cache-itm18825-ITM
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"16de6-q9I58ClmstMksFEsIDvbr4Kk7Xo"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rjjxzXalr8x68W%2FPkl02SAWjMA2UZgXsTBkGmxC%2Bu5Xl%2FVSVLsksnYkLQN%2BKUwOsqbjrTUfg5KNTJQ%2BeQG75n98SgeFipjtFMlCh3i0DKKq9JLnhZAfcsDI60rIh9%2FWOkjPtnymPN62WeHdDpQM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
729d05825b6a5c8c-FRA
access-control-expose-headers
*
renews.js
reurl.cc/javascripts/
698 B
561 B
Script
General
Full URL
https://reurl.cc/javascripts/renews.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/a7d82y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
12e46b645dde5408be7fc6f4ce9647addac5d09c5f27dc8e3ffe9e07e6c9a935

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/a7d82y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:09 GMT
content-encoding
gzip
last-modified
Thu, 05 May 2022 00:38:33 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"62731c89-2ba"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
expires
Wed, 12 Jul 2023 21:55:09 GMT
ysm_reurl.js
ad.sitemaji.com/
17 KB
6 KB
Script
General
Full URL
https://ad.sitemaji.com/ysm_reurl.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/a7d82y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.215.186.35.bc.googleusercontent.com
Software
nginx/1.12.1 (Ubuntu) /
Resource Hash
8290d97b04510b940ddca9f2aea802eaafb36fc7a8f52e4466ed2b77db35c632

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 18:47:30 GMT
via
1.1 google
last-modified
Thu, 20 Jun 2019 08:48:16 GMT
server
nginx/1.12.1 (Ubuntu)
age
11260
etag
W/"5d0b4850-4488"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400,public
content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5880
expires
Wed, 13 Jul 2022 18:47:30 GMT
ad.js
img.scupio.com/js/
73 KB
23 KB
Script
General
Full URL
https://img.scupio.com/js/ad.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/a7d82y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
bd2a94ff5c153ca5ae90b45c6f4a7a5256a151661dabee3e69dd15d5b49ddaf1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:52:34 GMT
content-encoding
gzip
last-modified
Thu, 07 Jul 2022 08:58:33 GMT
server
nginx/1.12.1
age
165
etag
W/"62c6a039-125c1"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront)
cache-control
max-age=900
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
mSKNyE_nu5jOq-MOHTQqH_WShGK1TLD0DtwDz8Ea2SnkPz6AnCQvHg==
expires
Tue, 12 Jul 2022 22:07:25 GMT
init.js
cdn.holmesmind.com/js/
6 KB
7 KB
Script
General
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/a7d82y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218d:d600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
UdwMmUAM2dmZqopCO7YOeMhqjXQRxqvB
via
1.1 ee4db0d243ceb0d1993e5f46ad6c0f00.cloudfront.net (CloudFront)
last-modified
Fri, 04 Mar 2022 10:10:49 GMT
server
AmazonS3
age
47
etag
"439e160b698f1ec2efb45c3b6cd6b265"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Tue, 12 Jul 2022 21:54:25 GMT
x-amz-cf-pop
CDG50-P2
accept-ranges
bytes
content-length
6552
x-amz-cf-id
WdMg0TcIBEapFqTcYVVlPPR0gSkiE_Ho_7UYT4LvNIlVDP4u6Erzag==
ga2.js
reurl.cc/javascripts/
618 B
588 B
Script
General
Full URL
https://reurl.cc/javascripts/ga2.js?v=2
Requested by
Host: reurl.cc
URL: https://reurl.cc/a7d82y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
9c8c0ac19964706e18280f35973180a896d74c52c760c2d7047d6a94c1329a6f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/a7d82y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:09 GMT
content-encoding
gzip
last-modified
Thu, 24 Mar 2022 12:16:16 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"623c6110-26a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
expires
Wed, 12 Jul 2023 21:55:09 GMT
fbevents.js
connect.facebook.net/en_US/
98 KB
26 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/javascripts/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f8bdb531d36caf4bb43071d1be58a2d1b153d3a403f4b8f4e6a919dd46213f47
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
25939
x-xss-protection
0
pragma
public
x-fb-debug
WhwCzslHT7+X5jrLr7Z9Glt5iARiYpNP4aMcuE5zJdsWg635rvoXaD1c+DPvbTc/+zc1M2ooKxqxCX2iAZFWew==
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 12 Jul 2022 21:55:10 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
feeds
storage.re-news.tw/
5 KB
5 KB
XHR
General
Full URL
https://storage.re-news.tw/feeds
Requested by
Host: reurl.cc
URL: https://reurl.cc/javascripts/renews.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.196.223 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
223.196.244.35.bc.googleusercontent.com
Software
/ Express
Resource Hash
2b4367e75feb243dba0e0d384cd6282e35e266d69e3af0c1fd86e1af6242e6bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:10 GMT
via
1.1 google
etag
W/"1476-Z4fR3Q54DVVQYcBGJPQrD/2jxok"
x-powered-by
Express
vary
Origin
content-type
text/html; charset=utf-8
access-control-allow-origin
https://reurl.cc
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5238
page.php
www.facebook.com/plugins/ Frame EEFF
15 KB
9 KB
Document
General
Full URL
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Requested by
Host: reurl.cc
URL: https://reurl.cc/a7d82y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1115213a7ea75b8482906dc8a9407cb2406ef1271bcd2eb2580c9ea21aed010b
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
date
Tue, 12 Jul 2022 21:55:10 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
priority
u=3,i
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
s4jURDfWmFIOwEbdCsfex0d5+TeH8PAzIyl8BjAV8kBesezxcVmASdNkq/EB/wryebmNhGpeRXO863vFyLR6wg==
x-fb-rlafr
0
x-xss-protection
0
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/javascripts/ga2.js?v=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
2953
date
Tue, 12 Jul 2022 21:05:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 12 Jul 2022 23:05:57 GMT
reurl_passback.js
ad.sitemaji.com/native/ Frame 3D32
15 KB
5 KB
Script
General
Full URL
https://ad.sitemaji.com/native/reurl_passback.js?s=728x90_pc
Requested by
Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_reurl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.215.186.35.bc.googleusercontent.com
Software
nginx/1.12.1 (Ubuntu) /
Resource Hash
9106df425157d837db9798b2b26f25f27f9a4e803f2fb0b2851c88492bec14fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 10:29:48 GMT
via
1.1 google
last-modified
Thu, 29 Aug 2019 10:21:10 GMT
server
nginx/1.12.1 (Ubuntu)
age
41122
etag
W/"5d67a716-3bbe"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400,public
content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5256
expires
Wed, 13 Jul 2022 10:29:48 GMT
1675200226052423
connect.facebook.net/signals/config/
25 KB
7 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1675200226052423?v=2.9.64&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0c0ae7c9ae24fb1960ea23003b63d33ab70816afdde5a003c8f5d7ac970ebdc5
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
7102
x-xss-protection
0
pragma
public
x-fb-debug
xrOPKUlS4X3Ut6VEL9GpsKLUXED/GoVfsAK9HpZopXff9cP/aScwsBdMi6Mo2SDISh21yILkbSEjz8CEQqNF5A==
x-fb-trip-id
686109401
x-frame-options
DENY
date
Tue, 12 Jul 2022 21:55:10 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
17229.json
img.scupio.com/js/config/
461 B
864 B
XHR
General
Full URL
https://img.scupio.com/js/config/17229.json?v=1.0.3839
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
f58fac2d17d320aa75b2d76b7be9e417be61a18da69939917bc2fc5dfa976425

Request headers

Accept
application/json, text/javascript, */*
Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Tue, 12 Jul 2022 21:55:10 GMT
via
1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
last-modified
Tue, 12 Jul 2022 02:20:56 GMT
server
nginx/1.12.1
x-amz-cf-pop
FRA2-C1
etag
"62ccda88-1cd"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=10800
accept-ranges
bytes
content-length
461
x-amz-cf-id
5gImv0Q0wiozopk_cJh5RGeq5bXmg9YciRQc1bAQFWSnKSxJG1Ay8w==
expires
Wed, 13 Jul 2022 00:55:10 GMT
adreqlog.aspx
bw.scupio.com/adpinline/
0
711 B
XHR
General
Full URL
https://bw.scupio.com/adpinline/adreqlog.aspx?cid=17229&cb=0.5190683964492768
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.180 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*
Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Tue, 12 Jul 2022 21:55:10 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
P3P
CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin
https://reurl.cc
Cache-Control
private
Access-Control-Allow-Credentials
true
Content-Type
application/json
Content-Length
0
ad.html
img.scupio.com/html/ Frame D698
83 KB
22 KB
Document
General
Full URL
https://img.scupio.com/html/ad.html?v=1.0.63
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
eb2400b93c441daad3ebd6ec5283d8a42257ac3dda43afb79628a7f651533f64

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
422
cache-control
max-age=2592000
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 12 Jul 2022 21:48:08 GMT
etag
W/"62c24ed0-14dae"
expires
Thu, 11 Aug 2022 21:48:07 GMT
last-modified
Mon, 04 Jul 2022 02:22:08 GMT
server
nginx/1.12.1
vary
Origin
via
1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront)
x-amz-cf-id
bJW71psW7SxOIeeG4-yFidWCpP8yveoxRA2EE4JUmn86VtY1GBO7pw==
x-amz-cf-pop
FRA2-C1
x-cache
Hit from cloudfront
17253.json
img.scupio.com/js/config/
461 B
864 B
XHR
General
Full URL
https://img.scupio.com/js/config/17253.json?v=1.0.3839
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
f5fe2878371b1a634bbc0baa7db8e5b66e985639ef292bfadce901342dacfd65

Request headers

Accept
application/json, text/javascript, */*
Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Tue, 12 Jul 2022 21:55:10 GMT
via
1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
last-modified
Tue, 12 Jul 2022 02:20:57 GMT
server
nginx/1.12.1
x-amz-cf-pop
FRA2-C1
etag
"62ccda89-1cd"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=10800
accept-ranges
bytes
content-length
461
x-amz-cf-id
98SMGooB4icNdWbDEuRksexf7d_IUn1XDs9IxwJHCsn7Vj_Jzoac2A==
expires
Wed, 13 Jul 2022 00:55:10 GMT
adreqlog.aspx
bw.scupio.com/adpinline/
0
711 B
XHR
General
Full URL
https://bw.scupio.com/adpinline/adreqlog.aspx?cid=17253&cb=0.7423690781773229
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.180 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*
Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Tue, 12 Jul 2022 21:55:10 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
P3P
CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin
https://reurl.cc
Cache-Control
private
Access-Control-Allow-Credentials
true
Content-Type
application/json
Content-Length
0
ad.html
img.scupio.com/html/ Frame 1341
83 KB
22 KB
Document
General
Full URL
https://img.scupio.com/html/ad.html?v=1.0.63
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
eb2400b93c441daad3ebd6ec5283d8a42257ac3dda43afb79628a7f651533f64

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
422
cache-control
max-age=2592000
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 12 Jul 2022 21:48:08 GMT
etag
W/"62c24ed0-14dae"
expires
Thu, 11 Aug 2022 21:48:07 GMT
last-modified
Mon, 04 Jul 2022 02:22:08 GMT
server
nginx/1.12.1
vary
Origin
via
1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront)
x-amz-cf-id
p1_dDh5wNC9OqvzSFJwccj-6J4xi5jdGoS-it60IaDcv3suTXLyhRQ==
x-amz-cf-pop
FRA2-C1
x-cache
Hit from cloudfront
native.js
s.yimg.com/dy/ads/ Frame 3D32
78 KB
30 KB
Script
General
Full URL
https://s.yimg.com/dy/ads/native.js
Requested by
Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/native/reurl_passback.js?s=728x90_pc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
a19902458ab4a5513642a87b381b9183a2fc725849b581fd953e22d824d1c5a7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:54:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49
x-amz-server-side-encryption
AES256
vary
Origin, Accept-Encoding
x-amz-request-id
8TDGWB70M54K6JG1
x-amz-id-2
aQ8EBbIVrW5Lh7yrbJzZp79Wl1Jtr0Ud2sq3uGvQME8Qs1N6N2moKUoIX1gwJyQllSouhCIfLSg=
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 08 Feb 2022 12:02:57 GMT
server
ATS
etag
"7e002e241fddeeb8dd76383206c47a3d-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
content-type
application/javascript
x-xss-protection
1; mode=block
cache-control
max-age=600
accept-ranges
bytes
capmapping.htm
cdn.holmesmind.com/js/ Frame 3712
3 KB
3 KB
Document
General
Full URL
https://cdn.holmesmind.com/js/capmapping.htm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218d:d600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cdb7b46cae42cd81431bbd6892f43d4f84508bf5fb2bde0ae32bc577ce26d275

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
8
content-length
3040
content-type
text/html
date
Tue, 12 Jul 2022 21:55:07 GMT
etag
"1127744b801151c03a119650091819d4"
last-modified
Thu, 30 Jun 2022 11:31:53 GMT
server
AmazonS3
via
1.1 ee4db0d243ceb0d1993e5f46ad6c0f00.cloudfront.net (CloudFront)
x-amz-cf-id
hfPP_aTVlUbFXeQ6FSgcO3AyEWMcFsRg2VCL41CBIJMZuCzdFSDidA==
x-amz-cf-pop
CDG50-P2
x-amz-version-id
g5VVGnMBETOJxS05mTLHyDLw3VP4V67X
x-cache
Hit from cloudfront
edmp_init.js
cdn.holmesmind.com/js/
662 B
1013 B
Script
General
Full URL
https://cdn.holmesmind.com/js/edmp_init.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218d:d600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 ee4db0d243ceb0d1993e5f46ad6c0f00.cloudfront.net (CloudFront)
last-modified
Fri, 12 Mar 2021 02:45:40 GMT
server
AmazonS3
age
47
etag
"f58f8a90686f8ffb3325107e8a788b71"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Tue, 12 Jul 2022 21:54:26 GMT
x-amz-cf-pop
CDG50-P2
accept-ranges
bytes
content-length
662
x-amz-cf-id
eqn0mHEtZ_wUzXQGRj55TiXT4s4rKt7tNdKK-oBbLpnEf7EtMptJBw==
presetfn.js
cdn.holmesmind.com/js/ Frame DECF
6 KB
6 KB
Script
General
Full URL
https://cdn.holmesmind.com/js/presetfn.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218d:d600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1291c3d774415b830ea3f2c5ce78d160485606386d08a878c87f41ccdbe4a73f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
TffX4.BvLss5nGbaNkDOhki_IqknqyWa
via
1.1 ee4db0d243ceb0d1993e5f46ad6c0f00.cloudfront.net (CloudFront)
last-modified
Fri, 18 Mar 2022 03:26:21 GMT
server
AmazonS3
age
56
etag
"8de5f5c245a6377bb4dc88fbf8c0c6f5"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Tue, 12 Jul 2022 21:54:14 GMT
x-amz-cf-pop
CDG50-P2
accept-ranges
bytes
content-length
6093
x-amz-cf-id
hROXA99pEfOO5ZG3YxOvc_aSTNbFh-bNqb3jcWuzCzrha33nqOWbpQ==
presetfn.js
cdn.holmesmind.com/js/ Frame 8869
6 KB
6 KB
Script
General
Full URL
https://cdn.holmesmind.com/js/presetfn.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218d:d600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1291c3d774415b830ea3f2c5ce78d160485606386d08a878c87f41ccdbe4a73f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
TffX4.BvLss5nGbaNkDOhki_IqknqyWa
via
1.1 ee4db0d243ceb0d1993e5f46ad6c0f00.cloudfront.net (CloudFront)
last-modified
Fri, 18 Mar 2022 03:26:21 GMT
server
AmazonS3
age
56
etag
"8de5f5c245a6377bb4dc88fbf8c0c6f5"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Tue, 12 Jul 2022 21:54:14 GMT
x-amz-cf-pop
CDG50-P2
accept-ranges
bytes
content-length
6093
x-amz-cf-id
Q0x4UIsZXgL84r7NKarBqc4uezOAQLiOSe0A1fcZpdluXsufESJp3g==
presetfn.js
cdn.holmesmind.com/js/ Frame E8AA
6 KB
6 KB
Script
General
Full URL
https://cdn.holmesmind.com/js/presetfn.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218d:d600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1291c3d774415b830ea3f2c5ce78d160485606386d08a878c87f41ccdbe4a73f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
TffX4.BvLss5nGbaNkDOhki_IqknqyWa
via
1.1 ee4db0d243ceb0d1993e5f46ad6c0f00.cloudfront.net (CloudFront)
last-modified
Fri, 18 Mar 2022 03:26:21 GMT
server
AmazonS3
age
56
etag
"8de5f5c245a6377bb4dc88fbf8c0c6f5"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Tue, 12 Jul 2022 21:54:14 GMT
x-amz-cf-pop
CDG50-P2
accept-ranges
bytes
content-length
6093
x-amz-cf-id
TNZHE7LNCgcRIqDo2thASNqchZQmKTekBUefY8NQoxv2Q09y7ySjVw==
/
www.facebook.com/tr/
44 B
297 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1675200226052423&ev=PageView&dl=https%3A%2F%2Freurl.cc%2Fa7d82y&rl=&if=false&ts=1657662910161&sw=1600&sh=1200&v=2.9.64&r=stable&ec=0&o=28&fbp=fb.1.1657662910159.257589389&it=1657662910113&coo=false&rqm=GET
Requested by
Host: reurl.cc
URL: https://reurl.cc/a7d82y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:10 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Tue, 12 Jul 2022 21:55:10 GMT
collect
www.google-analytics.com/j/
4 B
24 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=838446663&t=pageview&_s=1&dl=https%3A%2F%2Freurl.cc%2Fa7d82y&ul=en-us&de=UTF-8&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=228584829&gjid=950786825&cid=506623428.1657662910&tid=UA-102456694-1&_gid=208939267.1657662910&_r=1&_slc=1&z=453248616
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Jul 2022 21:55:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=838446663&t=event&_s=2&dl=https%3A%2F%2Freurl.cc%2Fa7d82y&ul=en-us&de=UTF-8&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=pause&ea=&el=&ev=1&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=506623428.1657662910&tid=UA-102456694-1&_gid=208939267.1657662910&z=1671953892
Requested by
Host: reurl.cc
URL: https://reurl.cc/a7d82y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Jul 2022 03:53:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
64898
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame D698
95 KB
34 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.63
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 15:09:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24360
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33951
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Jul 2023 15:09:10 GMT
prebid.js
img.scupio.com/js/ Frame D698
236 KB
83 KB
Script
General
Full URL
https://img.scupio.com/js/prebid.js?v=5.20.0
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.63
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
97a8ac3778e546a6f181085011be6050889e44dd212ac3e9782389f0b853c23d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/html/ad.html?v=1.0.63
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:53:55 GMT
content-encoding
gzip
last-modified
Tue, 28 Jun 2022 05:54:43 GMT
server
nginx/1.12.1
age
115
etag
W/"62ba97a3-3b047"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront)
cache-control
max-age=2592000
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
v-qtj7abaDbDU6LjOuCS0Ddyx048ghxOWhKVSEi4q6mkRAoeC3mvkA==
expires
Thu, 11 Aug 2022 21:53:15 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame 1341
95 KB
33 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.63
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 15:09:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24360
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33951
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Jul 2023 15:09:10 GMT
prebid.js
img.scupio.com/js/ Frame 1341
236 KB
83 KB
Script
General
Full URL
https://img.scupio.com/js/prebid.js?v=5.20.0
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.63
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
97a8ac3778e546a6f181085011be6050889e44dd212ac3e9782389f0b853c23d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/html/ad.html?v=1.0.63
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:53:55 GMT
content-encoding
gzip
last-modified
Tue, 28 Jun 2022 05:54:43 GMT
server
nginx/1.12.1
age
115
etag
W/"62ba97a3-3b047"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront)
cache-control
max-age=2592000
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
LY6jr5eR5l0mhiHERwGNb333eh-HngIA_B7pTy-RnKiYUng15viVjg==
expires
Thu, 11 Aug 2022 21:53:15 GMT
cm.php
fcm.holmesmind.com/ Frame B712
39 B
191 B
Document
General
Full URL
https://fcm.holmesmind.com/cm.php
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.67.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
231.67.95.34.bc.googleusercontent.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795

Request headers

Referer
https://cdn.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39
content-type
text/html; charset=UTF-8
date
Tue, 12 Jul 2022 21:55:10 GMT
server
Apache/2.4.29 (Ubuntu)
via
1.1 google
utag.js
t.ssp.hinet.net/ Frame 3712
5 KB
2 KB
Script
General
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
4ba46bfaca63b059874578152c263e1aaa8618019a1067adfdfcbd00f52339db
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:10 GMT
content-encoding
gzip
last-modified
Mon, 04 Jul 2022 02:05:56 GMT
server
nginx
etag
W/"62c24b04-12ae"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
strict-transport-security
max-age=0
expires
Tue, 12 Jul 2022 22:05:10 GMT
cm
c.holmesmind.com/ Frame 3712
Redirect Chain
  • https://c.holmesmind.com/cm
  • https://c.holmesmind.com/cm?tc=getIn&
0
16 B
Image
General
Full URL
https://c.holmesmind.com/cm?tc=getIn&
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H3
Server
35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:10 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8

Redirect headers

location
https://c.holmesmind.com/cm?tc=getIn&
date
Tue, 12 Jul 2022 21:55:10 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
Preset.js
adcdn.holmesmind.com/adserver/ Frame DECF
756 B
688 B
Script
General
Full URL
https://adcdn.holmesmind.com/adserver/Preset.js?z=13847
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:be00:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ce1e17725c0565bbdb0d7342bd669fea135d89a610c5f1c9ae7d0eed5e118267

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:48:43 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
age
387
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
x-amz-cf-pop
FRA60-P2
x-amz-cf-id
V_iCo19rWSePr8N4g39Yt3s4p0tlTPKKZvyD4PGI_Gkc3fP81-1fLg==
via
1.1 6e8224d5f2990b031ca60a58f18ac908.cloudfront.net (CloudFront)
Preset.js
adcdn.holmesmind.com/adserver/ Frame 8869
575 B
641 B
Script
General
Full URL
https://adcdn.holmesmind.com/adserver/Preset.js?z=13856
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:be00:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
22d4fe7a41e1b5ac442faeccace387a6e59c4f056bc35b71f1b65cf42e7a6721

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:48:43 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
age
387
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
x-amz-cf-pop
FRA60-P2
x-amz-cf-id
vwqnlpU7DsgEP9YnyQialI8m-ghwdhisyHRij9ll5FkkE0dXiyWvig==
via
1.1 6e8224d5f2990b031ca60a58f18ac908.cloudfront.net (CloudFront)
Preset.js
adcdn.holmesmind.com/adserver/ Frame E8AA
760 B
694 B
Script
General
Full URL
https://adcdn.holmesmind.com/adserver/Preset.js?z=13848
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:be00:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
37f7cb504e24d04c0a0ad415ed8612013957406bceb5dc53e21ce7480ecbe46d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:48:43 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
age
387
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
x-amz-cf-pop
FRA60-P2
x-amz-cf-id
E5O_vRFdr7NyP8Bq_LmHxiXrWDFNVxG2RPWVQTTXGLgu-jWZDBrKQQ==
via
1.1 6e8224d5f2990b031ca60a58f18ac908.cloudfront.net (CloudFront)
collect
stats.g.doubleclick.net/j/
4 B
437 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-102456694-1&cid=506623428.1657662910&jid=228584829&gjid=950786825&_gid=208939267.1657662910&_u=IEBAAEAAAAAAAC~&z=557435688
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 12 Jul 2022 21:55:10 GMT
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
getAds.do
ads.yap.yahoo.com/nosdk/wj/v1/ Frame 3D32
290 B
477 B
Script
General
Full URL
https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?locale=en_US&agentVersion=205&adTrackingEnabled=true&adUnitCode=64d289b9-de9a-443b-a2c0-d45680807e46&apiKey=M2G62KV2NBNXKBPVHWQN&usp=&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Freurl.cc%2Fa7d82y&caps=16&cb=jsonpCallback0
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.82.100.146 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
media-router-flurry71.prod.media.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
f7a8e9ba173126956cea416f7d8039002d47e39abd29f782ac164884ed216c5e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:10 GMT
content-encoding
gzip
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Accept-Encoding, User-Agent
content-type
application/javascript; charset=UTF-8
strict-transport-security
max-age=31536000
b
geo.yahoo.com/ Frame 3D32
43 B
446 B
Image
General
Full URL
https://geo.yahoo.com/b?t=xhkd7&9sdk8454
Requested by
Host: reurl.cc
URL: https://reurl.cc/a7d82y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Jul 2022 21:55:10 GMT
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
p3p
policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control
no-cache, no-store, private
x-envoy-upstream-service-time
1
content-type
image/gif
content-length
43
ga-audiences
www.google.com/ads/
42 B
501 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-102456694-1&cid=506623428.1657662910&jid=228584829&_u=IEBAAEAAAAAAAC~&z=652418175
Requested by
Host: reurl.cc
URL: https://reurl.cc/a7d82y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Jul 2022 21:55:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
501 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-102456694-1&cid=506623428.1657662910&jid=228584829&_u=IEBAAEAAAAAAAC~&z=652418175
Requested by
Host: reurl.cc
URL: https://reurl.cc/a7d82y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Jul 2022 21:55:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
62pTweBOaxk.css
static.xx.fbcdn.net/rsrc.php/v3/yp/l/0,cross/ Frame EEFF
18 KB
5 KB
Stylesheet
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yp/l/0,cross/62pTweBOaxk.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c19ff2da6f784dfbbcd1cb0c8305c7e52f69a56041b3016dbdf2bf60bf3c234b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:10 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
pQzj2/WbA9J9wTZmjyh1FQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
4810
x-fb-rlafr
0
x-fb-debug
WnMGJxfYOP8oNZBDMs/XNDnmQVI7WIj/GsMGcBBEaVmZoJzNpyjyOo2s500il/bmiTn6HO0rohF+f89oGr7lHg==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Wed, 12 Jul 2023 15:14:48 GMT
ads.js
ad.holmesmind.com/adserver/ Frame E8AA
2 KB
1 KB
Script
General
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=13848&rf=https%3A%2F%2Freurl.cc%2Fa7d82y&n=763&o=1&d=1&b=2&ts=1&ii=3&FPCK=5644-nHLgNnuMUZqx1UfsTsNykm1bfVCVrumL&initver=210830P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.69.221.200 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-69-221-200.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
981b5026eca755bc7879d27636e982449c88b5a4bbbb44d3741a52f7c1a729f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 12 Jul 2022 21:55:10 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame E8AA
3 KB
3 KB
Script
General
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218d:d600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 ee4db0d243ceb0d1993e5f46ad6c0f00.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:10 GMT
server
AmazonS3
age
22
etag
"6a605eea47197fa280f27aaf1fa1521d"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Tue, 12 Jul 2022 21:54:49 GMT
x-amz-cf-pop
CDG50-P2
accept-ranges
bytes
content-length
2773
x-amz-cf-id
FVrBP9Ufzsq8HAVDq8icEu9HfG6fpAg0gNAJGZRsbVNECixUaySIbg==
publishertag.js
static.criteo.net/js/ld/ Frame E8AA
119 KB
39 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
c40168707694e0bb9241c2f9f4ef86dfa65513f547b6a37c151babf07fcd7d53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:10 GMT
content-encoding
gzip
last-modified
Wed, 29 Jun 2022 06:23:35 GMT
server
nginx
etag
W/"62bbefe7-1dc0d"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 13 Jul 2022 21:55:10 GMT
criteoV2.js
cdn.holmesmind.com/js/ Frame E8AA
2 KB
3 KB
Script
General
Full URL
https://cdn.holmesmind.com/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218d:d600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 ee4db0d243ceb0d1993e5f46ad6c0f00.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:12 GMT
server
AmazonS3
age
22
etag
"e8f33fcb581483ced4a09b3c8e7550e4"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Tue, 12 Jul 2022 21:54:49 GMT
x-amz-cf-pop
CDG50-P2
accept-ranges
bytes
content-length
2443
x-amz-cf-id
P72X1kT5Vxhry4NuXVj13zskPJGjGXUVtgEiLxcHcFqxStO-47ITgQ==
bridgewellV3.js
cdn.holmesmind.com/js/ Frame E8AA
4 KB
5 KB
Script
General
Full URL
https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218d:d600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 ee4db0d243ceb0d1993e5f46ad6c0f00.cloudfront.net (CloudFront)
last-modified
Tue, 20 Apr 2021 06:25:23 GMT
server
AmazonS3
age
13
etag
"c3b948e5a48dd0ec20c265d6d8da7add"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Tue, 12 Jul 2022 21:55:03 GMT
x-amz-cf-pop
CDG50-P2
accept-ranges
bytes
content-length
4530
x-amz-cf-id
pZJzgtJbh412aRnR_9MF7RAvmEuXLBZhQizz9_NBiYL42yjs0RHqYw==
appierV2.js
cdn.holmesmind.com/js/ Frame E8AA
3 KB
3 KB
Script
General
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218d:d600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 ee4db0d243ceb0d1993e5f46ad6c0f00.cloudfront.net (CloudFront)
last-modified
Thu, 11 Mar 2021 07:54:26 GMT
server
AmazonS3
age
22
etag
"548ed610a8571343fb3022f543174735"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Tue, 12 Jul 2022 21:54:49 GMT
x-amz-cf-pop
CDG50-P2
accept-ranges
bytes
content-length
3177
x-amz-cf-id
Saf85_Z0Y6TBcwosLWK7cHdVgeK4MlG7lDgIcIVT86utQ0wUI8L8DA==
appier_mainV3.js
cdn.holmesmind.com/js/ Frame E8AA
3 KB
3 KB
Script
General
Full URL
https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218d:d600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d541f77dd45df41c827a1c2b2899696c336c7bb3a1a06422d66ca4f37454258e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 ee4db0d243ceb0d1993e5f46ad6c0f00.cloudfront.net (CloudFront)
last-modified
Fri, 15 Oct 2021 07:41:44 GMT
server
AmazonS3
age
22
etag
"adc35fd9401ac04bdb2a47c466e46174"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Tue, 12 Jul 2022 21:54:49 GMT
x-amz-cf-pop
CDG50-P2
accept-ranges
bytes
content-length
2568
x-amz-cf-id
XWwrILkfBIdvlwZNvLxdTGEEtGvlrXu5fRXBFZqSYtcfmVyl9ko_-g==
ads.js
ad.holmesmind.com/adserver/ Frame DECF
0
214 B
Script
General
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=13847&rf=https%3A%2F%2Freurl.cc%2Fa7d82y&n=799&o=1&d=1&b=2&ts=1&ii=3&FPCK=5644-nHLgNnuMUZqx1UfsTsNykm1bfVCVrumL&initver=210830P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.69.221.200 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-69-221-200.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 12 Jul 2022 21:55:10 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame DECF
3 KB
3 KB
Script
General
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218d:d600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 ee4db0d243ceb0d1993e5f46ad6c0f00.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:10 GMT
server
AmazonS3
age
22
etag
"6a605eea47197fa280f27aaf1fa1521d"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Tue, 12 Jul 2022 21:54:49 GMT
x-amz-cf-pop
CDG50-P2
accept-ranges
bytes
content-length
2773
x-amz-cf-id
M4LF2BmgasOC7DaagMfny4nIsMXe_icNdhsdwkuoPKtG_xdoV64wsw==
publishertag.js
static.criteo.net/js/ld/ Frame DECF
119 KB
39 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
c40168707694e0bb9241c2f9f4ef86dfa65513f547b6a37c151babf07fcd7d53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:10 GMT
content-encoding
gzip
last-modified
Wed, 29 Jun 2022 06:23:35 GMT
server
nginx
etag
W/"62bbefe7-1dc0d"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 13 Jul 2022 21:55:10 GMT
criteoV2.js
cdn.holmesmind.com/js/ Frame DECF
2 KB
3 KB
Script
General
Full URL
https://cdn.holmesmind.com/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218d:d600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 ee4db0d243ceb0d1993e5f46ad6c0f00.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:12 GMT
server
AmazonS3
age
22
etag
"e8f33fcb581483ced4a09b3c8e7550e4"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Tue, 12 Jul 2022 21:54:49 GMT
x-amz-cf-pop
CDG50-P2
accept-ranges
bytes
content-length
2443
x-amz-cf-id
u9VAxdPpjV2a99EGpYEx2HYBT48P7fzBIh5H5Cq3M35KK0YIN7MCcA==
bridgewellV3.js
cdn.holmesmind.com/js/ Frame DECF
4 KB
5 KB
Script
General
Full URL
https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218d:d600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 ee4db0d243ceb0d1993e5f46ad6c0f00.cloudfront.net (CloudFront)
last-modified
Tue, 20 Apr 2021 06:25:23 GMT
server
AmazonS3
age
13
etag
"c3b948e5a48dd0ec20c265d6d8da7add"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Tue, 12 Jul 2022 21:55:03 GMT
x-amz-cf-pop
CDG50-P2
accept-ranges
bytes
content-length
4530
x-amz-cf-id
G_mwG-p9ebxSzansL_c-GzRq3yHZ_HkRuoPju0lYi54u0VzOaV9L_g==
appierV2.js
cdn.holmesmind.com/js/ Frame DECF
3 KB
3 KB
Script
General
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218d:d600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 ee4db0d243ceb0d1993e5f46ad6c0f00.cloudfront.net (CloudFront)
last-modified
Thu, 11 Mar 2021 07:54:26 GMT
server
AmazonS3
age
22
etag
"548ed610a8571343fb3022f543174735"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Tue, 12 Jul 2022 21:54:49 GMT
x-amz-cf-pop
CDG50-P2
accept-ranges
bytes
content-length
3177
x-amz-cf-id
Nl64ggVEo0ndIRw8RVPK-rlC-VyTNXDnRYpr_PHMRViwkLWHf-yMTQ==
appier_mainV3.js
cdn.holmesmind.com/js/ Frame DECF
3 KB
3 KB
Script
General
Full URL
https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218d:d600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d541f77dd45df41c827a1c2b2899696c336c7bb3a1a06422d66ca4f37454258e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 ee4db0d243ceb0d1993e5f46ad6c0f00.cloudfront.net (CloudFront)
last-modified
Fri, 15 Oct 2021 07:41:44 GMT
server
AmazonS3
age
22
etag
"adc35fd9401ac04bdb2a47c466e46174"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Tue, 12 Jul 2022 21:54:49 GMT
x-amz-cf-pop
CDG50-P2
accept-ranges
bytes
content-length
2568
x-amz-cf-id
DR23dOrvZi_RcxkABQ37P68Cyef0ZcfcDWCgu1-Gxu8ZLbByrenURw==
ads.js
ad.holmesmind.com/adserver/ Frame 8869
2 KB
1000 B
Script
General
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=13856&rf=https%3A%2F%2Freurl.cc%2Fa7d82y&n=316&o=1&d=1&b=2&ts=1&ii=3&FPCK=5644-nHLgNnuMUZqx1UfsTsNykm1bfVCVrumL&initver=210830P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.69.221.200 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-69-221-200.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
f29279f9b11af9a9932ff0475e5922bd0b15642591a3d88ebcad2be5a96c32c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 12 Jul 2022 21:55:11 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame 8869
3 KB
3 KB
Script
General
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218d:d600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 ee4db0d243ceb0d1993e5f46ad6c0f00.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:10 GMT
server
AmazonS3
age
22
etag
"6a605eea47197fa280f27aaf1fa1521d"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Tue, 12 Jul 2022 21:54:49 GMT
x-amz-cf-pop
CDG50-P2
accept-ranges
bytes
content-length
2773
x-amz-cf-id
gWcn8hgx3bqt-PwMvbEOvcTbWoVNLyjwdIipNitYTIGacsDTwa1fkw==
appierV2.js
cdn.holmesmind.com/js/ Frame 8869
3 KB
3 KB
Script
General
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218d:d600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 ee4db0d243ceb0d1993e5f46ad6c0f00.cloudfront.net (CloudFront)
last-modified
Thu, 11 Mar 2021 07:54:26 GMT
server
AmazonS3
age
22
etag
"548ed610a8571343fb3022f543174735"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Tue, 12 Jul 2022 21:54:49 GMT
x-amz-cf-pop
CDG50-P2
accept-ranges
bytes
content-length
3177
x-amz-cf-id
XdVWwfa35Fo0Vznkq6N57sGrN2f6tl_iDZMEtgxK5VhP3tiEnGF0TA==
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame E8AA
0
170 B
XHR
General
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 12 Jul 2022 21:55:10 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
prebid.aspx
prebid.scupio.com/recweb/ Frame DECF
0
159 B
XHR
General
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.2563303310840639
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
210.59.219.181 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 12 Jul 2022 21:55:10 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
text/html
access-control-allow-origin
https://reurl.cc
cache-control
private
access-control-allow-credentials
true
prebid.aspx
prebid.scupio.com/recweb/ Frame DECF
0
27 B
XHR
General
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.78232814910638
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
210.59.219.181 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 12 Jul 2022 21:55:10 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
text/html
access-control-allow-origin
https://reurl.cc
cache-control
private
access-control-allow-credentials
true
bid
ad2.apx.appier.net/v1/prebid/ Frame DECF
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=N-xE0AqSDI-b2ph8v-3NYg
2 B
19 B
XHR
General
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=N-xE0AqSDI-b2ph8v-3NYg
Requested by
Host: reurl.cc
URL: https://reurl.cc/a7d82y
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:11 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Tue, 12 Jul 2022 21:55:11 GMT
server
nginx
access-control-allow-origin
null
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=N-xE0AqSDI-b2ph8v-3NYg
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame DECF
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=VtvY1kHmAxilUZOOv-3NYg
2 B
19 B
XHR
General
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=VtvY1kHmAxilUZOOv-3NYg
Requested by
Host: reurl.cc
URL: https://reurl.cc/a7d82y
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:11 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Tue, 12 Jul 2022 21:55:11 GMT
server
nginx
access-control-allow-origin
null
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=VtvY1kHmAxilUZOOv-3NYg
cache-control
no-store
access-control-allow-credentials
true
content-length
0
prebid.aspx
prebid.scupio.com/recweb/ Frame E8AA
2 KB
1 KB
XHR
General
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.8323042812764714
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
210.59.219.181 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
304ae1911a663654a9df33b95b1c0326c573ea07ca97ed0691b2dd6909659b87

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 12 Jul 2022 21:55:10 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
https://reurl.cc
cache-control
private
access-control-allow-credentials
true
content-length
1342
bid
ad2.apx.appier.net/v1/prebid/ Frame E8AA
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=exuX5kFsCwmWwByrv-3NYg
2 B
19 B
XHR
General
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=exuX5kFsCwmWwByrv-3NYg
Requested by
Host: reurl.cc
URL: https://reurl.cc/a7d82y
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:11 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Tue, 12 Jul 2022 21:55:11 GMT
server
nginx
access-control-allow-origin
null
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=exuX5kFsCwmWwByrv-3NYg
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame E8AA
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=MZSt_wRxBg2-2FU5v-3NYg
2 B
19 B
XHR
General
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=MZSt_wRxBg2-2FU5v-3NYg
Requested by
Host: reurl.cc
URL: https://reurl.cc/a7d82y
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:11 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Tue, 12 Jul 2022 21:55:11 GMT
server
nginx
access-control-allow-origin
null
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=MZSt_wRxBg2-2FU5v-3NYg
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame 8869
0
170 B
XHR
General
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 12 Jul 2022 21:55:10 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame DECF
0
170 B
XHR
General
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 12 Jul 2022 21:55:10 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
currency.json
img.scupio.com/js/config/ Frame D698
108 B
485 B
XHR
General
Full URL
https://img.scupio.com/js/config/currency.json
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
826f2141bd81e119934e346f1e6334bceaab96089d5530609f7e641b6afeff90

Request headers

Referer
https://img.scupio.com/html/ad.html?v=1.0.63
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 12 Jul 2022 21:55:08 GMT
via
1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront)
last-modified
Tue, 12 Jul 2022 19:15:07 GMT
server
nginx/1.12.1
age
53
etag
"62cdc83b-6c"
vary
Origin
x-cache
Hit from cloudfront
content-type
application/json
cache-control
max-age=10800
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
108
x-amz-cf-id
r4w_A-CvTPfKyslPWV80GvAN4Srhl0EETl6Q9QHJE1DF0STGgbfoUg==
expires
Wed, 13 Jul 2022 00:54:17 GMT
prebid.aspx
prebid.scupio.com/recweb/ Frame D698
2 KB
1 KB
XHR
General
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.2963933036151496
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
210.59.219.181 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
7671f552a264a5685e787335eeb2633dcf569d4e19dda8d601efdd09ba45e313

Request headers

Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 12 Jul 2022 21:55:10 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
https://img.scupio.com
cache-control
private
access-control-allow-credentials
true
content-length
1403
prebid.json
ad.holmesmind.com/adserver/ Frame D698
0
218 B
XHR
General
Full URL
https://ad.holmesmind.com/adserver/prebid.json?cb=1657662910267&hb=1&ver=1.21
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.69.221.200 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-69-221-200.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://img.scupio.com
date
Tue, 12 Jul 2022 21:55:10 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame D698
0
176 B
XHR
General
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://img.scupio.com
date
Tue, 12 Jul 2022 21:55:10 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
cdb
bidder.criteo.com/ Frame D698
0
215 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.21.0-pre&cb=84053939768
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 12 Jul 2022 21:55:10 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://img.scupio.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
header
hb.aralego.com/ Frame D698
0
323 B
XHR
General
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-6272B749823AD3B6FE98336EBDD2A34A&tdid=&schain=1.0%2C1!scupio.com%2C4808%2C1%2C%2C%2C&eids=&pubcid=1fb4a698-ad5f-4f45-9f83-7aae4a885519&u=https%3A%2F%2Freurl.cc%2Fa7d82y&host=reurl.cc&xr=0&ao=https%3A%2F%2Freurl.cc&ucfUid=f69761a1-b804-4684-8d7b-0033eac8a607&w=300&h=250
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 McLean, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://img.scupio.com
date
Tue, 12 Jul 2022 21:55:10 GMT
access-control-allow-credentials
true
connection
close
currency.json
img.scupio.com/js/config/ Frame 1341
108 B
476 B
XHR
General
Full URL
https://img.scupio.com/js/config/currency.json
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
826f2141bd81e119934e346f1e6334bceaab96089d5530609f7e641b6afeff90

Request headers

Referer
https://img.scupio.com/html/ad.html?v=1.0.63
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 12 Jul 2022 21:55:08 GMT
via
1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront)
last-modified
Tue, 12 Jul 2022 19:15:07 GMT
server
nginx/1.12.1
age
53
etag
"62cdc83b-6c"
vary
Origin
x-cache
Hit from cloudfront
content-type
application/json
cache-control
max-age=10800
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
108
x-amz-cf-id
jxAqc_5v6IKD8LnsxuZRmfqsO_9FpMviN_ee1O0d9rYLkmRsIbyEvQ==
expires
Wed, 13 Jul 2022 00:54:17 GMT
cdb
bidder.criteo.com/ Frame 1341
0
216 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.21.0-pre&cb=88541508852
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 12 Jul 2022 21:55:10 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://img.scupio.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
header
hb.aralego.com/ Frame 1341
0
323 B
XHR
General
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-9A2A7263E9EB6DA9F4EB86E487B8648A&tdid=&schain=1.0%2C1!scupio.com%2C4808%2C1%2C%2C%2C&eids=&pubcid=1fb4a698-ad5f-4f45-9f83-7aae4a885519&u=https%3A%2F%2Freurl.cc%2Fa7d82y&host=reurl.cc&xr=0&ao=https%3A%2F%2Freurl.cc&ucfUid=f7ec386a-9b9b-45d8-bc34-9de591d01056&w=970&h=250
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 McLean, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://img.scupio.com
date
Tue, 12 Jul 2022 21:55:10 GMT
access-control-allow-credentials
true
connection
close
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame 1341
0
176 B
XHR
General
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://img.scupio.com
date
Tue, 12 Jul 2022 21:55:10 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
prebid.aspx
prebid.scupio.com/recweb/ Frame 1341
2 KB
1 KB
XHR
General
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.8128695472796612
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
210.59.219.181 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5f2a50fa61507a697e6351c572eaca77410ad3fb9c14f9d55663b5761b2101dd

Request headers

Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 12 Jul 2022 21:55:10 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
https://img.scupio.com
cache-control
private
access-control-allow-credentials
true
content-length
1364
prebid.json
ad.holmesmind.com/adserver/ Frame 1341
0
218 B
XHR
General
Full URL
https://ad.holmesmind.com/adserver/prebid.json?cb=1657662910280&hb=1&ver=1.21
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.69.221.200 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-69-221-200.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://img.scupio.com
date
Tue, 12 Jul 2022 21:55:11 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cdb
bidder.criteo.com/ Frame DECF
177 B
425 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?ptv=124&profileId=184&cb=3413589572
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
c2ba19f4fb01b2a985eba903cd73db6685d4a430fd76a715491e702e7551c8a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 12 Jul 2022 21:55:10 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
163
cdb
bidder.criteo.com/ Frame DECF
0
209 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?ptv=124&profileId=184&cb=51902652219
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 12 Jul 2022 21:55:10 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
landing.php
fp.holmesmind.com/ Frame C675
0
82 B
Document
General
Full URL
https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=2396-h52HJW4TZUhjRE083FyLZa2PSbzRa3CR&CFFPCKUUID=5644-nHLgNnuMUZqx1UfsTsNykm1bfVCVrumL&url=https%3A%2F%2Freurl.cc%2Fa7d82y&maindomain=reurl.cc
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.219.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
39.219.117.34.bc.googleusercontent.com
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
x-requested-with,content-type
access-control-allow-methods
*
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 12 Jul 2022 21:55:10 GMT
server
nginx/1.20.0
vary
Accept-Encoding
via
1.1 google
utag.js
t.ssp.hinet.net/ Frame E8AA
5 KB
2 KB
Script
General
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
4ba46bfaca63b059874578152c263e1aaa8618019a1067adfdfcbd00f52339db
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:10 GMT
content-encoding
gzip
last-modified
Mon, 04 Jul 2022 02:05:56 GMT
server
nginx
etag
W/"62c24b04-12ae"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
strict-transport-security
max-age=0
expires
Tue, 12 Jul 2022 22:05:10 GMT
cdb
bidder.criteo.com/ Frame E8AA
0
209 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?ptv=124&profileId=184&cb=80410308936
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 12 Jul 2022 21:55:09 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
landing.php
fp.holmesmind.com/ Frame 5A20
0
249 B
Document
General
Full URL
https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=2396-h52HJW4TZUhjRE083FyLZa2PSbzRa3CR&CFFPCKUUID=5644-nHLgNnuMUZqx1UfsTsNykm1bfVCVrumL&url=https%3A%2F%2Freurl.cc%2Fa7d82y&maindomain=reurl.cc
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.219.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
39.219.117.34.bc.googleusercontent.com
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
x-requested-with,content-type
access-control-allow-methods
*
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 12 Jul 2022 21:55:10 GMT
server
nginx/1.20.0
vary
Accept-Encoding
via
1.1 google
utag.js
t.ssp.hinet.net/ Frame DECF
5 KB
2 KB
Script
General
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
4ba46bfaca63b059874578152c263e1aaa8618019a1067adfdfcbd00f52339db
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:10 GMT
content-encoding
gzip
last-modified
Mon, 04 Jul 2022 02:05:56 GMT
server
nginx
etag
W/"62c24b04-12ae"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
strict-transport-security
max-age=0
expires
Tue, 12 Jul 2022 22:05:10 GMT
landing.php
fp.holmesmind.com/ Frame 9079
0
82 B
Document
General
Full URL
https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=2396-h52HJW4TZUhjRE083FyLZa2PSbzRa3CR&CFFPCKUUID=5644-nHLgNnuMUZqx1UfsTsNykm1bfVCVrumL&url=https%3A%2F%2Freurl.cc%2Fa7d82y&maindomain=reurl.cc
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.219.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
39.219.117.34.bc.googleusercontent.com
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
x-requested-with,content-type
access-control-allow-methods
*
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 12 Jul 2022 21:55:10 GMT
server
nginx/1.20.0
vary
Accept-Encoding
via
1.1 google
utag.js
t.ssp.hinet.net/ Frame 8869
5 KB
2 KB
Script
General
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
4ba46bfaca63b059874578152c263e1aaa8618019a1067adfdfcbd00f52339db
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:10 GMT
content-encoding
gzip
last-modified
Mon, 04 Jul 2022 02:05:56 GMT
server
nginx
etag
W/"62c24b04-12ae"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
strict-transport-security
max-age=0
expires
Tue, 12 Jul 2022 22:05:10 GMT
events
bidder.criteo.com/csm/ Frame DECF
0
209 B
Ping
General
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 12 Jul 2022 21:55:10 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
events
bidder.criteo.com/csm/ Frame DECF
0
209 B
Ping
General
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 12 Jul 2022 21:55:09 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
pixel.gif
static.criteo.net/images/ Frame DECF
43 B
365 B
Image
General
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/a7d82y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:10 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
strict-transport-security
max-age=31536000; preload;
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Fri, 07 Jul 2023 21:55:10 GMT
pixel.gif
static.criteo.net/images/ Frame DECF
43 B
365 B
Image
General
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: reurl.cc
URL: https://reurl.cc/a7d82y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:10 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
strict-transport-security
max-age=31536000; preload;
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Fri, 07 Jul 2023 21:55:10 GMT
pixel.gif
static.criteo.net/images/ Frame E8AA
43 B
365 B
Image
General
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:10 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
strict-transport-security
max-age=31536000; preload;
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Fri, 07 Jul 2023 21:55:10 GMT
pixel.gif
static.criteo.net/images/ Frame E8AA
43 B
365 B
Image
General
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:10 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
strict-transport-security
max-age=31536000; preload;
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Fri, 07 Jul 2023 21:55:10 GMT
events
bidder.criteo.com/csm/ Frame E8AA
0
209 B
Ping
General
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 12 Jul 2022 21:55:10 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
1657376450-10f8b5008cb4d6fc34ef0565a077ce32-840x525.jpg
img.gbyhn.com.tw/2022/07/
53 KB
53 KB
Image
General
Full URL
https://img.gbyhn.com.tw/2022/07/1657376450-10f8b5008cb4d6fc34ef0565a077ce32-840x525.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/a7d82y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1167ff91904a91dea56b3fa14d7af416e140055a0729a45b8ed8dd4e012d859

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:10 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
283444
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
53936
last-modified
Sat, 09 Jul 2022 14:20:51 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UEDG6dVwvcN%2BJCJjtg%2FQOviYtwOwK%2FOAqSGNUnJlyuAQh55NRZv11NpxxKvh1uiaNR%2Fk%2FeC0ql3fOay%2BYO%2ByR3OmUqXGnwG2Muoe38%2BkF%2BSWOwAjMqTVkjq8UJbaOW1wqUAfa4WIGDxIt3qDXXaA"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
729d05891eb4692e-FRA
expires
Sat, 16 Jul 2022 14:28:27 GMT
2022062401201176.jpg
img.racingcharger.tw/wp-content/uploads/
137 KB
138 KB
Image
General
Full URL
https://img.racingcharger.tw/wp-content/uploads/2022062401201176.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/a7d82y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b128b6e32f4f6a2c659651afefe338808de869d4e6194c5ee0067bece38644b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:10 GMT
cf-cache-status
HIT
last-modified
Fri, 24 Jun 2022 01:20:18 GMT
server
cloudflare
age
18003
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aHeIzdtdB5LWWoBtBsUAbv6dS1spcc2rnuWmKnwKCOQIOxnzTV2DlNMarkAwdbeToM8SXeQKcRPGU5Od0%2BDMXTBIhAXGhrnzkcLy0u0WX24bbqLvBGbjSqd7h4%2FbF1NdtGIkVtdsx5SskqauvPKUJbnGpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=28800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
729d05899856bbef-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
140463
iLEO-%E4%BF%A1%E7%94%A8%E5%8D%A1%E6%8C%87%E5%AE%9A%E9%80%9A%E8%B7%AF%E6%9C%80%E9%AB%982%EF%BC%8C%E5%8F%B0%E7%81%A3Pay8-1080x630.jpg
creditcards.com.tw/wp-content/uploads/2022/07/
44 KB
44 KB
Image
General
Full URL
https://creditcards.com.tw/wp-content/uploads/2022/07/iLEO-%E4%BF%A1%E7%94%A8%E5%8D%A1%E6%8C%87%E5%AE%9A%E9%80%9A%E8%B7%AF%E6%9C%80%E9%AB%982%EF%BC%8C%E5%8F%B0%E7%81%A3Pay8-1080x630.jpg?crop=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/a7d82y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.244 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
72d627d926c01db0ba03d55b27f0ae4ba5b1cf1e14e0e598c6b410963dbd582c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:11 GMT
x-ac
2.hhn _atomic_ams
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
content-length
45194
x-nc
HIT bur 1
last-modified
Tue, 12 Jul 2022 06:46:54 GMT
server
nginx
etag
"79abca2de1c9ee64"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
expires
Thu, 11 Jul 2024 18:46:54 GMT
%E4%BF%A1%E8%B2%B8%E6%A1%88%E4%BE%8B67.jpg
blog.alphaloan.co/wp-content/uploads/2022/04/
142 KB
142 KB
Image
General
Full URL
https://blog.alphaloan.co/wp-content/uploads/2022/04/%E4%BF%A1%E8%B2%B8%E6%A1%88%E4%BE%8B67.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/a7d82y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.236 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
c83e7e8767d3bab7cb3e6fb0245b8d4db298f1a27dfc4949f07e3a8d1c5832dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:11 GMT
x-ac
2.hhn _atomic_ams
last-modified
Thu, 07 Apr 2022 04:50:14 GMT
server
nginx
etag
"624e6d86-23615"
strict-transport-security
max-age=31536000
access-control-allow-methods
GET, HEAD
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
144917
expires
Tue, 19 Jul 2022 21:55:11 GMT
renews-title1.png
re-news.tw/images/
24 KB
24 KB
Image
General
Full URL
https://re-news.tw/images/renews-title1.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/a7d82y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.136.122 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
122.136.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e9b96bc538ceb220fc5caff0d0a67916b74cf07b2bada0b3296a17b1b99c9990

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:11 GMT
last-modified
Sun, 28 Nov 2021 04:19:19 GMT
server
nginx/1.18.0 (Ubuntu)
accept-ranges
bytes
etag
"61a30347-5fad"
content-length
24493
content-type
image/png
file.png
static.wixstatic.com/media/8d2acb_fdb46ac5354548829f23a46cc4d4a954~mv2.jpeg/v1/fit/w_1000,h_720,al_c,q_80/
1 MB
1 MB
Image
General
Full URL
https://static.wixstatic.com/media/8d2acb_fdb46ac5354548829f23a46cc4d4a954~mv2.jpeg/v1/fit/w_1000,h_720,al_c,q_80/file.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/a7d82y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.176.152 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
152.176.102.34.bc.googleusercontent.com
Software
openresty/1.19.9.1 /
Resource Hash
42176dd8bba6d2b3043429bc0f0401f069e2c8e3e2642fa3f2cfef58cad0071b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 07:55:39 GMT
via
1.1 google
server
openresty/1.19.9.1
age
136771
etag
""
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
content-length
1235774
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
wix-tracer
2Bmze0BoXJjhbHHpINBrcpcQ5tS
x-seen-by
image-manipulator-556498cf55-8252z
drawV2.js
cdn.holmesmind.com/js/ Frame E8AA
10 KB
10 KB
Script
General
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13848&rf=https%3A%2F%2Freurl.cc%2Fa7d82y&n=763&o=1&d=1&b=2&ts=1&ii=3&FPCK=5644-nHLgNnuMUZqx1UfsTsNykm1bfVCVrumL&initver=210830P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218d:d600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 ee4db0d243ceb0d1993e5f46ad6c0f00.cloudfront.net (CloudFront)
last-modified
Fri, 16 Oct 2020 09:58:46 GMT
server
AmazonS3
age
23
etag
"84d8b1a745228113e60f5e62f0eff6d3"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Tue, 12 Jul 2022 21:54:49 GMT
x-amz-cf-pop
CDG50-P2
accept-ranges
bytes
content-length
10359
x-amz-cf-id
b6E1bFgOxxv_Q4uAAG54Kg7b9k6fv_GAwAG61fcNub7YiQx8HpbMHg==
/
t.ssp.hinet.net/ Frame 3712
37 B
409 B
XHR
General
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
b8026cc5e944381830a07bd220d8385850841fae567bca91021010b19357c3bf
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:11 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
/
t.ssp.hinet.net/ Frame E8AA
37 B
402 B
XHR
General
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
b026983cdee458bafc6481c3ca2d40ef2349f249df3942994035858ed411bca2
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:11 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
/
t.ssp.hinet.net/ Frame DECF
37 B
401 B
XHR
General
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
099233cede9f2428629b92d0782f0c511969080a651671346c20cc2bcb9a0878
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:11 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
/
t.ssp.hinet.net/ Frame 8869
37 B
402 B
XHR
General
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
dd16456eeaba982565909b762ecc6d320a7ccad78255428dfb5222b71ab58cf6
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:11 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
rec.js
img.scupio.com/js/ Frame 7832
Redirect Chain
  • https://rec.scupio.com/recweb/js/rec.js
  • https://img.scupio.com/js/rec.js
21 KB
8 KB
Script
General
Full URL
https://img.scupio.com/js/rec.js
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.63
Protocol
H2
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
09533e9658b31fcb79764178f8e7e9df7e1c36a7dc7bd22b5fa87e2da89a56d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:12 GMT
content-encoding
gzip
last-modified
Wed, 03 Nov 2021 03:30:07 GMT
server
nginx/1.12.1
age
58
etag
W/"6182023f-5429"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront)
cache-control
max-age=10800
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
gaj_6k_6_23vVeO_C6-fwcz7EsgFMqnjje_33laKJYoYsr7VdNL4dw==
expires
Wed, 13 Jul 2022 00:54:13 GMT

Redirect headers

Location
https://img.scupio.com/js/rec.js
Date
Tue, 12 Jul 2022 21:55:11 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Content-Length
155
Content-Type
text/html; charset=UTF-8
bidinfo.aspx
bw.scupio.com/adpinline/ Frame D698
2 KB
2 KB
XHR
General
Full URL
https://bw.scupio.com/adpinline/bidinfo.aspx?cb=0.4371076788248849
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.180 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
322af644072938b342012b3fdcbe4b9e2763ee4e180948c35958f3fbfa7ce170

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Tue, 12 Jul 2022 21:55:11 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
P3P
CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin
https://img.scupio.com
Cache-Control
private
Access-Control-Allow-Credentials
true
Content-Type
application/javascript; charset=utf-8
Content-Length
1478
truncated
/ Frame D698
762 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4ce81ecccefb27ce0f347ef564114da2ba450a9e1d9a7260b4597e62b1f71a72

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/svg+xml
drawV2.js
cdn.holmesmind.com/js/ Frame 8869
10 KB
10 KB
Script
General
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13856&rf=https%3A%2F%2Freurl.cc%2Fa7d82y&n=316&o=1&d=1&b=2&ts=1&ii=3&FPCK=5644-nHLgNnuMUZqx1UfsTsNykm1bfVCVrumL&initver=210830P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218d:d600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 ee4db0d243ceb0d1993e5f46ad6c0f00.cloudfront.net (CloudFront)
last-modified
Fri, 16 Oct 2020 09:58:46 GMT
server
AmazonS3
age
23
etag
"84d8b1a745228113e60f5e62f0eff6d3"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Tue, 12 Jul 2022 21:54:49 GMT
x-amz-cf-pop
CDG50-P2
accept-ranges
bytes
content-length
10359
x-amz-cf-id
vmagwlSSP9nqbbM-YV4IcDngBvpzrTe9ZKBdOFDsA26Jpjv-R1pKZQ==
emome2
t.ssp.hinet.net/ Frame 3712
30 B
278 B
XHR
General
Full URL
https://t.ssp.hinet.net/emome2?u=6b24dc3c-1f59-468a-98b2-8af7361060b2
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:11 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
emome2
t.ssp.hinet.net/ Frame E8AA
30 B
271 B
XHR
General
Full URL
https://t.ssp.hinet.net/emome2?u=f67f7ece-c05e-440b-b1ee-6544db77157b
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:11 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
emome2
t.ssp.hinet.net/ Frame DECF
30 B
271 B
XHR
General
Full URL
https://t.ssp.hinet.net/emome2?u=f67f7ece-c05e-440b-b1ee-6544db77157b
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:11 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
emome2
t.ssp.hinet.net/ Frame 8869
30 B
271 B
XHR
General
Full URL
https://t.ssp.hinet.net/emome2?u=f67f7ece-c05e-440b-b1ee-6544db77157b
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:11 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
rec.js
img.scupio.com/js/ Frame AAF0
Redirect Chain
  • https://rec.scupio.com/recweb/js/rec.js
  • https://img.scupio.com/js/rec.js
21 KB
8 KB
Script
General
Full URL
https://img.scupio.com/js/rec.js
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.63
Protocol
H2
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
09533e9658b31fcb79764178f8e7e9df7e1c36a7dc7bd22b5fa87e2da89a56d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:12 GMT
content-encoding
gzip
last-modified
Wed, 03 Nov 2021 03:30:07 GMT
server
nginx/1.12.1
age
58
etag
W/"6182023f-5429"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront)
cache-control
max-age=10800
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
fv305ey3ai8H7SVumNgCuzL2ZzGToBKYzwtQcrWrUU-UuSEcFfYj3A==
expires
Wed, 13 Jul 2022 00:54:13 GMT

Redirect headers

Location
https://img.scupio.com/js/rec.js
Date
Tue, 12 Jul 2022 21:55:11 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Content-Length
155
Content-Type
text/html; charset=UTF-8
bidinfo.aspx
bw.scupio.com/adpinline/ Frame 1341
2 KB
2 KB
XHR
General
Full URL
https://bw.scupio.com/adpinline/bidinfo.aspx?cb=0.8433472271206055
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.180 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
f9a1f33e18cb0fdefca2b7cc2a56e81b8dd2910c1734c8363c21d1d3a1eb019f

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Tue, 12 Jul 2022 21:55:11 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
P3P
CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin
https://img.scupio.com
Cache-Control
private
Access-Control-Allow-Credentials
true
Content-Type
application/javascript; charset=utf-8
Content-Length
1474
truncated
/ Frame 1341
762 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4ce81ecccefb27ce0f347ef564114da2ba450a9e1d9a7260b4597e62b1f71a72

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/svg+xml
cm
t.ssp.hinet.net/ Frame E8AA
0
187 B
XHR
General
Full URL
https://t.ssp.hinet.net/cm?c=50ef57&cid=2396-h52HJW4TZUhjRE083FyLZa2PSbzRa3CR&mp=f67f7ece-c05e-440b-b1ee-6544db77157b
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:11 GMT
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
pixel
f67f7ece-c05e-440b-b1ee-6544db77157b.t.ssp.hinet.net/ Frame E8AA
0
80 B
Image
General
Full URL
https://f67f7ece-c05e-440b-b1ee-6544db77157b.t.ssp.hinet.net/pixel?bd=f67f7ece-c05e-440b-b1ee-6544db77157b&t=50ef57
Requested by
Host: reurl.cc
URL: https://reurl.cc/a7d82y
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:13 GMT
server
nginx
content-length
0
strict-transport-security
max-age=0
content-type
image/png
pixel
f67f7ece-c05e-440b-b1ee-6544db77157b.t.ssp.hinet.net/ Frame DECF
0
79 B
Image
General
Full URL
https://f67f7ece-c05e-440b-b1ee-6544db77157b.t.ssp.hinet.net/pixel?bd=f67f7ece-c05e-440b-b1ee-6544db77157b&t=50ef57
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:13 GMT
server
nginx
content-length
0
strict-transport-security
max-age=0
content-type
image/png
cm
t.ssp.hinet.net/ Frame DECF
0
187 B
XHR
General
Full URL
https://t.ssp.hinet.net/cm?c=50ef57&cid=2396-h52HJW4TZUhjRE083FyLZa2PSbzRa3CR&mp=f67f7ece-c05e-440b-b1ee-6544db77157b
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:11 GMT
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
pixel
f67f7ece-c05e-440b-b1ee-6544db77157b.t.ssp.hinet.net/ Frame 8869
0
79 B
Image
General
Full URL
https://f67f7ece-c05e-440b-b1ee-6544db77157b.t.ssp.hinet.net/pixel?bd=f67f7ece-c05e-440b-b1ee-6544db77157b&t=50ef57
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:13 GMT
server
nginx
content-length
0
strict-transport-security
max-age=0
content-type
image/png
cm
t.ssp.hinet.net/ Frame 8869
0
187 B
XHR
General
Full URL
https://t.ssp.hinet.net/cm?c=50ef57&cid=2396-h52HJW4TZUhjRE083FyLZa2PSbzRa3CR&mp=f67f7ece-c05e-440b-b1ee-6544db77157b
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:11 GMT
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
init.js
cdn.holmesmind.com/js/ Frame 50ED
6 KB
7 KB
Script
General
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/a7d82y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218d:d600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
UdwMmUAM2dmZqopCO7YOeMhqjXQRxqvB
via
1.1 ee4db0d243ceb0d1993e5f46ad6c0f00.cloudfront.net (CloudFront)
last-modified
Fri, 04 Mar 2022 10:10:49 GMT
server
AmazonS3
age
48
etag
"439e160b698f1ec2efb45c3b6cd6b265"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Tue, 12 Jul 2022 21:54:25 GMT
x-amz-cf-pop
CDG50-P2
accept-ranges
bytes
content-length
6552
x-amz-cf-id
N0e-0I4ra_gH3WTDqluLVER3WBxA8lK_pue62MMA0D_Qy8HnK8HhPg==
capmapping.htm
cdn.holmesmind.com/js/ Frame 9A28
3 KB
3 KB
Document
General
Full URL
https://cdn.holmesmind.com/js/capmapping.htm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218d:d600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cdb7b46cae42cd81431bbd6892f43d4f84508bf5fb2bde0ae32bc577ce26d275

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
9
content-length
3040
content-type
text/html
date
Tue, 12 Jul 2022 21:55:07 GMT
etag
"1127744b801151c03a119650091819d4"
last-modified
Thu, 30 Jun 2022 11:31:53 GMT
server
AmazonS3
via
1.1 ee4db0d243ceb0d1993e5f46ad6c0f00.cloudfront.net (CloudFront)
x-amz-cf-id
sIkkK-8DxLgaDEwYDed6gcae65DXLQbEyFJ7Gvq3l90brp7UMejF7Q==
x-amz-cf-pop
CDG50-P2
x-amz-version-id
g5VVGnMBETOJxS05mTLHyDLw3VP4V67X
x-cache
Hit from cloudfront
edmp_init.js
cdn.holmesmind.com/js/ Frame 50ED
662 B
1004 B
Script
General
Full URL
https://cdn.holmesmind.com/js/edmp_init.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218d:d600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 ee4db0d243ceb0d1993e5f46ad6c0f00.cloudfront.net (CloudFront)
last-modified
Fri, 12 Mar 2021 02:45:40 GMT
server
AmazonS3
age
48
etag
"f58f8a90686f8ffb3325107e8a788b71"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Tue, 12 Jul 2022 21:54:26 GMT
x-amz-cf-pop
CDG50-P2
accept-ranges
bytes
content-length
662
x-amz-cf-id
QcILYwtA94HiIYSCYx1vwJ1K2MvPg5nL2cSH3guntXicIXYu2gSb7g==
presetfn.js
cdn.holmesmind.com/js/ Frame 54B3
6 KB
6 KB
Script
General
Full URL
https://cdn.holmesmind.com/js/presetfn.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218d:d600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1291c3d774415b830ea3f2c5ce78d160485606386d08a878c87f41ccdbe4a73f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
TffX4.BvLss5nGbaNkDOhki_IqknqyWa
via
1.1 ee4db0d243ceb0d1993e5f46ad6c0f00.cloudfront.net (CloudFront)
last-modified
Fri, 18 Mar 2022 03:26:21 GMT
server
AmazonS3
age
57
etag
"8de5f5c245a6377bb4dc88fbf8c0c6f5"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Tue, 12 Jul 2022 21:54:14 GMT
x-amz-cf-pop
CDG50-P2
accept-ranges
bytes
content-length
6093
x-amz-cf-id
gTx1upy8RJxBmFZ1hRdxF5Di55rf0XzGfQu5fyXJjs1GcEGHNxL32Q==
cm.php
fcm.holmesmind.com/ Frame FE1A
95 B
103 B
Document
General
Full URL
https://fcm.holmesmind.com/cm.php
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.95.67.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
231.67.95.34.bc.googleusercontent.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
b73e6cb22f3ae22bcbe36217e226c082f813a2a8a7961644093d849bcbd30294

Request headers

Referer
https://cdn.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
86
content-type
text/html; charset=UTF-8
date
Tue, 12 Jul 2022 21:55:11 GMT
server
Apache/2.4.29 (Ubuntu)
vary
Accept-Encoding
via
1.1 google
utag.js
t.ssp.hinet.net/ Frame 9A28
5 KB
2 KB
Script
General
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
4ba46bfaca63b059874578152c263e1aaa8618019a1067adfdfcbd00f52339db
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:11 GMT
content-encoding
gzip
last-modified
Mon, 04 Jul 2022 02:05:56 GMT
server
nginx
etag
W/"62c24b04-12ae"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
strict-transport-security
max-age=0
expires
Tue, 12 Jul 2022 22:05:11 GMT
cm
c.holmesmind.com/ Frame 9A28
0
15 B
Image
General
Full URL
https://c.holmesmind.com/cm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:12 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
google
m.holmesmind.com/ml/ Frame 9A28
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=422561-TMH65wljeJha70tf2m9XiR8m4WrDVzqz&uu_m=undefined
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm=&cf_uid=422561-TMH65wljeJha70tf2m9XiR8m4WrDVzqz&uu_m=undefined&google_tc=
  • https://m.holmesmind.com/ml/google?cf_uid=422561-TMH65wljeJha70tf2m9XiR8m4WrDVzqz&uu_m=undefined&google_gid=CAESEHtsGtaCb9FmxqNcNfWd7TU&google_cver=1
0
479 B
Image
General
Full URL
https://m.holmesmind.com/ml/google?cf_uid=422561-TMH65wljeJha70tf2m9XiR8m4WrDVzqz&uu_m=undefined&google_gid=CAESEHtsGtaCb9FmxqNcNfWd7TU&google_cver=1
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Server
35.227.249.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
156.249.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:12 GMT
x-guploader-uploadid
ADPycduWJ6GtnWhBC9utSwmWngbWgszpfgyl3T9yLDmtaqMhRSvm39-kG_elZDOdt-cwko3LwLLFkdEHpEPFQb8iy89Gf8K9Eedk
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
last-modified
Wed, 21 Feb 2018 07:36:41 GMT
server
UploadServer
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-goog-hash
crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
x-goog-generation
1519198601160228
cache-control
public, max-age=3600
x-goog-stored-content-length
0
accept-ranges
bytes
content-type
image/png
expires
Tue, 12 Jul 2022 22:55:12 GMT

Redirect headers

pragma
no-cache
date
Tue, 12 Jul 2022 21:55:11 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://m.holmesmind.com/ml/google?cf_uid=422561-TMH65wljeJha70tf2m9XiR8m4WrDVzqz&uu_m=undefined&google_gid=CAESEHtsGtaCb9FmxqNcNfWd7TU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
358
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Preset.js
adcdn.holmesmind.com/adserver/ Frame 54B3
1 KB
751 B
Script
General
Full URL
https://adcdn.holmesmind.com/adserver/Preset.js?z=13849
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:be00:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
260a38fd6cc5ef58002f66b9a6efcd915c7a2035a626948e5003e5ddf727d9c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:53:22 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
age
109
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
x-amz-cf-pop
FRA60-P2
x-amz-cf-id
7L8Sz97OadEouLb9g67lPWR6HJuRfaR-xbU690LhtUL_igyg-Rh6eQ==
via
1.1 6e8224d5f2990b031ca60a58f18ac908.cloudfront.net (CloudFront)
ads.js
ad.holmesmind.com/adserver/ Frame 54B3
2 KB
1 KB
Script
General
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=13849&rf=https%3A%2F%2Freurl.cc%2Fa7d82y&n=125&o=1&d=1&b=2&ts=1&ii=2&FPCK=5644-nHLgNnuMUZqx1UfsTsNykm1bfVCVrumL&initver=210830P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.69.221.200 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-69-221-200.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
768d26e2f5dcb0b88037421ffb90abb0df7c80e381e61d032f425c485e829aa1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 12 Jul 2022 21:55:11 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame 54B3
3 KB
3 KB
Script
General
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218d:d600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 ee4db0d243ceb0d1993e5f46ad6c0f00.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:10 GMT
server
AmazonS3
age
23
etag
"6a605eea47197fa280f27aaf1fa1521d"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Tue, 12 Jul 2022 21:54:49 GMT
x-amz-cf-pop
CDG50-P2
accept-ranges
bytes
content-length
2773
x-amz-cf-id
4tpyRHzSJ_xXGSY6eSVNhSbcrK1qT34HhxebfG6p-nbChWC8LX6TbQ==
publishertag.js
static.criteo.net/js/ld/ Frame 54B3
119 KB
39 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
c40168707694e0bb9241c2f9f4ef86dfa65513f547b6a37c151babf07fcd7d53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:11 GMT
content-encoding
gzip
last-modified
Wed, 29 Jun 2022 06:23:35 GMT
server
nginx
etag
W/"62bbefe7-1dc0d"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 13 Jul 2022 21:55:11 GMT
criteoV2.js
cdn.holmesmind.com/js/ Frame 54B3
2 KB
3 KB
Script
General
Full URL
https://cdn.holmesmind.com/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218d:d600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 ee4db0d243ceb0d1993e5f46ad6c0f00.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:12 GMT
server
AmazonS3
age
23
etag
"e8f33fcb581483ced4a09b3c8e7550e4"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Tue, 12 Jul 2022 21:54:49 GMT
x-amz-cf-pop
CDG50-P2
accept-ranges
bytes
content-length
2443
x-amz-cf-id
6TzbnEFxRIy10UjtgY58gTG_gS2A8PM6g6WxN6imyEwY3kkt9Ky2jA==
bridgewellV3.js
cdn.holmesmind.com/js/ Frame 54B3
4 KB
5 KB
Script
General
Full URL
https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218d:d600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 ee4db0d243ceb0d1993e5f46ad6c0f00.cloudfront.net (CloudFront)
last-modified
Tue, 20 Apr 2021 06:25:23 GMT
server
AmazonS3
age
14
etag
"c3b948e5a48dd0ec20c265d6d8da7add"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Tue, 12 Jul 2022 21:55:03 GMT
x-amz-cf-pop
CDG50-P2
accept-ranges
bytes
content-length
4530
x-amz-cf-id
Xerxi8ITiQvC3L3CIubQyruY5r2RvUszSXKVegUbNpUyyltradu4Gg==
appierV2.js
cdn.holmesmind.com/js/ Frame 54B3
3 KB
3 KB
Script
General
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218d:d600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 ee4db0d243ceb0d1993e5f46ad6c0f00.cloudfront.net (CloudFront)
last-modified
Thu, 11 Mar 2021 07:54:26 GMT
server
AmazonS3
age
23
etag
"548ed610a8571343fb3022f543174735"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Tue, 12 Jul 2022 21:54:49 GMT
x-amz-cf-pop
CDG50-P2
accept-ranges
bytes
content-length
3177
x-amz-cf-id
GqxwgTnkfduu61ACEYzq2aujQavFOH4toRQzSgIOwVT314BZOOpY2w==
appier_mainV3.js
cdn.holmesmind.com/js/ Frame 54B3
3 KB
3 KB
Script
General
Full URL
https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218d:d600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d541f77dd45df41c827a1c2b2899696c336c7bb3a1a06422d66ca4f37454258e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 ee4db0d243ceb0d1993e5f46ad6c0f00.cloudfront.net (CloudFront)
last-modified
Fri, 15 Oct 2021 07:41:44 GMT
server
AmazonS3
age
23
etag
"adc35fd9401ac04bdb2a47c466e46174"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Tue, 12 Jul 2022 21:54:49 GMT
x-amz-cf-pop
CDG50-P2
accept-ranges
bytes
content-length
2568
x-amz-cf-id
9TcPwW3Ax56HrgCYS-cRhiDdB_lQXmlfprZ1CdOlTmh6sFiUc0zGwg==
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame 54B3
0
170 B
XHR
General
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 12 Jul 2022 21:55:11 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
bid
ad2.apx.appier.net/v1/prebid/ Frame 54B3
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=N-xE0AqSDI-b2ph8v-3NYg
2 B
19 B
XHR
General
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=N-xE0AqSDI-b2ph8v-3NYg
Requested by
Host: reurl.cc
URL: https://reurl.cc/a7d82y
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:12 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Tue, 12 Jul 2022 21:55:12 GMT
server
nginx
access-control-allow-origin
null
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=N-xE0AqSDI-b2ph8v-3NYg
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame 54B3
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=N-xE0AqSDI-b2ph8v-3NYg
2 B
19 B
XHR
General
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=N-xE0AqSDI-b2ph8v-3NYg
Requested by
Host: reurl.cc
URL: https://reurl.cc/a7d82y
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:12 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Tue, 12 Jul 2022 21:55:12 GMT
server
nginx
access-control-allow-origin
null
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=N-xE0AqSDI-b2ph8v-3NYg
cache-control
no-store
access-control-allow-credentials
true
content-length
0
prebid.aspx
prebid.scupio.com/recweb/ Frame 54B3
2 KB
1 KB
XHR
General
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.9194106931513704
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
210.59.219.181 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
26ebea8d19b53f669bb70ccf6d6bc7c23647a0b11c0cff76059bda60d7325330

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 12 Jul 2022 21:55:11 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
https://reurl.cc
cache-control
private
access-control-allow-credentials
true
content-length
1345
cdb
bidder.criteo.com/ Frame 54B3
0
209 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?ptv=124&profileId=184&cb=72252600036
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 12 Jul 2022 21:55:11 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
pixel.gif
static.criteo.net/images/ Frame 54B3
43 B
365 B
Image
General
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:11 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
strict-transport-security
max-age=31536000; preload;
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Fri, 07 Jul 2023 21:55:11 GMT
pixel.gif
static.criteo.net/images/ Frame 54B3
43 B
365 B
Image
General
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:11 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
strict-transport-security
max-age=31536000; preload;
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Fri, 07 Jul 2023 21:55:11 GMT
events
bidder.criteo.com/csm/ Frame 54B3
0
209 B
Ping
General
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 12 Jul 2022 21:55:11 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
init.js
cdn.holmesmind.com/js/ Frame B879
6 KB
7 KB
Script
General
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/a7d82y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218d:d600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
UdwMmUAM2dmZqopCO7YOeMhqjXQRxqvB
via
1.1 ee4db0d243ceb0d1993e5f46ad6c0f00.cloudfront.net (CloudFront)
last-modified
Fri, 04 Mar 2022 10:10:49 GMT
server
AmazonS3
age
48
etag
"439e160b698f1ec2efb45c3b6cd6b265"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Tue, 12 Jul 2022 21:54:25 GMT
x-amz-cf-pop
CDG50-P2
accept-ranges
bytes
content-length
6552
x-amz-cf-id
CTYeP9jCyt_VYg1MNNSYJwXkeQGo2RaIAzyMNZfuffrjlAHxUDIBxA==
capmapping.htm
cdn.holmesmind.com/js/ Frame 7551
3 KB
3 KB
Document
General
Full URL
https://cdn.holmesmind.com/js/capmapping.htm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218d:d600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cdb7b46cae42cd81431bbd6892f43d4f84508bf5fb2bde0ae32bc577ce26d275

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
9
content-length
3040
content-type
text/html
date
Tue, 12 Jul 2022 21:55:07 GMT
etag
"1127744b801151c03a119650091819d4"
last-modified
Thu, 30 Jun 2022 11:31:53 GMT
server
AmazonS3
via
1.1 ee4db0d243ceb0d1993e5f46ad6c0f00.cloudfront.net (CloudFront)
x-amz-cf-id
JFZKQVIdmdNqeiqHpMqATCxyWNAHm3hDfkdr8Tmnd-Pk3Q9eIVVaug==
x-amz-cf-pop
CDG50-P2
x-amz-version-id
g5VVGnMBETOJxS05mTLHyDLw3VP4V67X
x-cache
Hit from cloudfront
edmp_init.js
cdn.holmesmind.com/js/ Frame B879
662 B
1005 B
Script
General
Full URL
https://cdn.holmesmind.com/js/edmp_init.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218d:d600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 ee4db0d243ceb0d1993e5f46ad6c0f00.cloudfront.net (CloudFront)
last-modified
Fri, 12 Mar 2021 02:45:40 GMT
server
AmazonS3
age
48
etag
"f58f8a90686f8ffb3325107e8a788b71"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Tue, 12 Jul 2022 21:54:26 GMT
x-amz-cf-pop
CDG50-P2
accept-ranges
bytes
content-length
662
x-amz-cf-id
SjDsQCw5yuQM5qWGhbP7V4XltJQaVnOuKzrhmCG47w1HLSB4a5VFjQ==
presetfn.js
cdn.holmesmind.com/js/ Frame 3480
6 KB
6 KB
Script
General
Full URL
https://cdn.holmesmind.com/js/presetfn.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218d:d600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1291c3d774415b830ea3f2c5ce78d160485606386d08a878c87f41ccdbe4a73f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
TffX4.BvLss5nGbaNkDOhki_IqknqyWa
via
1.1 ee4db0d243ceb0d1993e5f46ad6c0f00.cloudfront.net (CloudFront)
last-modified
Fri, 18 Mar 2022 03:26:21 GMT
server
AmazonS3
age
57
etag
"8de5f5c245a6377bb4dc88fbf8c0c6f5"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Tue, 12 Jul 2022 21:54:14 GMT
x-amz-cf-pop
CDG50-P2
accept-ranges
bytes
content-length
6093
x-amz-cf-id
QRm0ocRYqz4CWMggJNIcvuyh9qwVrdN-3r5iiSJUU2D99n5hCWdd1w==
cm
c.holmesmind.com/ Frame 7551
0
15 B
Image
General
Full URL
https://c.holmesmind.com/cm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:12 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
utag.js
t.ssp.hinet.net/ Frame 7551
5 KB
2 KB
Script
General
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
4ba46bfaca63b059874578152c263e1aaa8618019a1067adfdfcbd00f52339db
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:12 GMT
content-encoding
gzip
last-modified
Mon, 04 Jul 2022 02:05:56 GMT
server
nginx
etag
W/"62c24b04-12ae"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
strict-transport-security
max-age=0
expires
Tue, 12 Jul 2022 22:05:12 GMT
google
m.holmesmind.com/ml/ Frame 7551
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=422561-TMH65wljeJha70tf2m9XiR8m4WrDVzqz&uu_m=undefined
  • https://m.holmesmind.com/ml/google?cf_uid=422561-TMH65wljeJha70tf2m9XiR8m4WrDVzqz&uu_m=undefined&google_gid=CAESEHtsGtaCb9FmxqNcNfWd7TU&google_cver=1
0
139 B
Image
General
Full URL
https://m.holmesmind.com/ml/google?cf_uid=422561-TMH65wljeJha70tf2m9XiR8m4WrDVzqz&uu_m=undefined&google_gid=CAESEHtsGtaCb9FmxqNcNfWd7TU&google_cver=1
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Server
35.227.249.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
156.249.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:12 GMT
x-guploader-uploadid
ADPycdtQ5vRkPROcX4alTi89IMMCCvb9yPLmTq09ZOoKEwkBLJS8pPVWX_4URR96_v862eTTf2esqsl-7ZQpDF8-0U_PvA
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
last-modified
Wed, 21 Feb 2018 07:36:41 GMT
server
UploadServer
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-goog-hash
crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
x-goog-generation
1519198601160228
cache-control
public, max-age=3600
x-goog-stored-content-length
0
accept-ranges
bytes
content-type
image/png
expires
Tue, 12 Jul 2022 22:55:12 GMT

Redirect headers

pragma
no-cache
date
Tue, 12 Jul 2022 21:55:11 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://m.holmesmind.com/ml/google?cf_uid=422561-TMH65wljeJha70tf2m9XiR8m4WrDVzqz&uu_m=undefined&google_gid=CAESEHtsGtaCb9FmxqNcNfWd7TU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
358
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Preset.js
adcdn.holmesmind.com/adserver/ Frame 3480
1 KB
753 B
Script
General
Full URL
https://adcdn.holmesmind.com/adserver/Preset.js?z=13857
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:be00:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
260a38fd6cc5ef58002f66b9a6efcd915c7a2035a626948e5003e5ddf727d9c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:48:45 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
age
386
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
x-amz-cf-pop
FRA60-P2
x-amz-cf-id
LENXnfoFmQ_n7zjRe_LCTef7RECoxd0pYWEjp-379eOuTGoKqAtlNw==
via
1.1 6e8224d5f2990b031ca60a58f18ac908.cloudfront.net (CloudFront)
ads.js
ad.holmesmind.com/adserver/ Frame 3480
2 KB
1 KB
Script
General
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=13857&rf=https%3A%2F%2Freurl.cc%2Fa7d82y&n=523&o=1&d=1&b=2&ts=1&ii=2&FPCK=5644-nHLgNnuMUZqx1UfsTsNykm1bfVCVrumL&initver=210830P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.69.221.200 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-69-221-200.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
95adedcf40dc8780370925bf9dff6f4e1f54ae41d14c743e009156fd37dc90b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 12 Jul 2022 21:55:12 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame 3480
3 KB
3 KB
Script
General
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218d:d600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 ee4db0d243ceb0d1993e5f46ad6c0f00.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:10 GMT
server
AmazonS3
age
24
etag
"6a605eea47197fa280f27aaf1fa1521d"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Tue, 12 Jul 2022 21:54:49 GMT
x-amz-cf-pop
CDG50-P2
accept-ranges
bytes
content-length
2773
x-amz-cf-id
1NZK3-wzd-BE8Psb3MuvPRJWL0Od8D4QnRkttpKLLgvueemuJkxbsA==
publishertag.js
static.criteo.net/js/ld/ Frame 3480
119 KB
39 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
c40168707694e0bb9241c2f9f4ef86dfa65513f547b6a37c151babf07fcd7d53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:12 GMT
content-encoding
gzip
last-modified
Wed, 29 Jun 2022 06:23:35 GMT
server
nginx
etag
W/"62bbefe7-1dc0d"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 13 Jul 2022 21:55:12 GMT
criteoV2.js
cdn.holmesmind.com/js/ Frame 3480
2 KB
3 KB
Script
General
Full URL
https://cdn.holmesmind.com/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218d:d600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 ee4db0d243ceb0d1993e5f46ad6c0f00.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:12 GMT
server
AmazonS3
age
24
etag
"e8f33fcb581483ced4a09b3c8e7550e4"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Tue, 12 Jul 2022 21:54:49 GMT
x-amz-cf-pop
CDG50-P2
accept-ranges
bytes
content-length
2443
x-amz-cf-id
A6sH5EkTRzh5wNQAsFBDhnc9tqj4AmZMXBjg0YQx_-dJq1fN9mRi0A==
bridgewellV3.js
cdn.holmesmind.com/js/ Frame 3480
4 KB
5 KB
Script
General
Full URL
https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218d:d600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 ee4db0d243ceb0d1993e5f46ad6c0f00.cloudfront.net (CloudFront)
last-modified
Tue, 20 Apr 2021 06:25:23 GMT
server
AmazonS3
age
15
etag
"c3b948e5a48dd0ec20c265d6d8da7add"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Tue, 12 Jul 2022 21:55:03 GMT
x-amz-cf-pop
CDG50-P2
accept-ranges
bytes
content-length
4530
x-amz-cf-id
jYDQXwV7ZZmPb0neKRWaIyTw-XPR8DGMwE4WbK4Ilo1dPlZDP9Od1A==
appierV2.js
cdn.holmesmind.com/js/ Frame 3480
3 KB
3 KB
Script
General
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218d:d600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 ee4db0d243ceb0d1993e5f46ad6c0f00.cloudfront.net (CloudFront)
last-modified
Thu, 11 Mar 2021 07:54:26 GMT
server
AmazonS3
age
24
etag
"548ed610a8571343fb3022f543174735"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Tue, 12 Jul 2022 21:54:49 GMT
x-amz-cf-pop
CDG50-P2
accept-ranges
bytes
content-length
3177
x-amz-cf-id
dRgbMyAO6MWVyiz7MMt4W7sfpChbNAoVc3hjeupS5h8HeTEd4tURZA==
appier_mainV3.js
cdn.holmesmind.com/js/ Frame 3480
3 KB
3 KB
Script
General
Full URL
https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218d:d600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d541f77dd45df41c827a1c2b2899696c336c7bb3a1a06422d66ca4f37454258e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 ee4db0d243ceb0d1993e5f46ad6c0f00.cloudfront.net (CloudFront)
last-modified
Fri, 15 Oct 2021 07:41:44 GMT
server
AmazonS3
age
24
etag
"adc35fd9401ac04bdb2a47c466e46174"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Tue, 12 Jul 2022 21:54:49 GMT
x-amz-cf-pop
CDG50-P2
accept-ranges
bytes
content-length
2568
x-amz-cf-id
TYF77_FYeGSs_kN_1vguxhCmlw4N4nIbqt95tQbKIKAkU7-M9tMSGw==
landing.php
fp.holmesmind.com/ Frame F66E
0
37 B
Document
General
Full URL
https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=2396-h52HJW4TZUhjRE083FyLZa2PSbzRa3CR&CFFPCKUUID=5644-nHLgNnuMUZqx1UfsTsNykm1bfVCVrumL&url=https%3A%2F%2Freurl.cc%2Fa7d82y&maindomain=reurl.cc
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.219.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
39.219.117.34.bc.googleusercontent.com
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
x-requested-with,content-type
access-control-allow-methods
*
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 12 Jul 2022 21:55:12 GMT
server
nginx/1.20.0
vary
Accept-Encoding
via
1.1 google
utag.js
t.ssp.hinet.net/ Frame 54B3
5 KB
2 KB
Script
General
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
4ba46bfaca63b059874578152c263e1aaa8618019a1067adfdfcbd00f52339db
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:12 GMT
content-encoding
gzip
last-modified
Mon, 04 Jul 2022 02:05:56 GMT
server
nginx
etag
W/"62c24b04-12ae"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
strict-transport-security
max-age=0
expires
Tue, 12 Jul 2022 22:05:12 GMT
/
t.ssp.hinet.net/ Frame 9A28
36 B
408 B
XHR
General
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
083df52b1f99bd6b4b366ca3bc7540892e808073bcbc7d1ed033ded5df6a97ec
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:12 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame 3480
0
170 B
XHR
General
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 12 Jul 2022 21:55:12 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
prebid.aspx
prebid.scupio.com/recweb/ Frame 3480
2 KB
1 KB
XHR
General
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.946290764039647
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
210.59.219.181 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
28f2657e810b3a4b91dd9d86393e25c07f3a0af67abf29249683a4dff6045ba7

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 12 Jul 2022 21:55:11 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
https://reurl.cc
cache-control
private
access-control-allow-credentials
true
content-length
1337
bid
ad2.apx.appier.net/v1/prebid/ Frame 3480
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=N-xE0AqSDI-b2ph8v-3NYg
2 B
19 B
XHR
General
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=N-xE0AqSDI-b2ph8v-3NYg
Requested by
Host: reurl.cc
URL: https://reurl.cc/a7d82y
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:12 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Tue, 12 Jul 2022 21:55:12 GMT
server
nginx
access-control-allow-origin
null
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=N-xE0AqSDI-b2ph8v-3NYg
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame 3480
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=N-xE0AqSDI-b2ph8v-3NYg
2 B
19 B
XHR
General
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=N-xE0AqSDI-b2ph8v-3NYg
Requested by
Host: reurl.cc
URL: https://reurl.cc/a7d82y
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:12 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Tue, 12 Jul 2022 21:55:12 GMT
server
nginx
access-control-allow-origin
null
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=N-xE0AqSDI-b2ph8v-3NYg
cache-control
no-store
access-control-allow-credentials
true
content-length
0
cdb
bidder.criteo.com/ Frame 3480
0
209 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?ptv=124&profileId=184&cb=58971925804
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 12 Jul 2022 21:55:11 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
pixel.gif
static.criteo.net/images/ Frame 3480
43 B
365 B
Image
General
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:12 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
strict-transport-security
max-age=31536000; preload;
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Fri, 07 Jul 2023 21:55:12 GMT
pixel.gif
static.criteo.net/images/ Frame 3480
43 B
365 B
Image
General
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:12 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
strict-transport-security
max-age=31536000; preload;
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Fri, 07 Jul 2023 21:55:12 GMT
events
bidder.criteo.com/csm/ Frame 3480
0
209 B
Ping
General
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 12 Jul 2022 21:55:11 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
drawV2.js
cdn.holmesmind.com/js/ Frame 54B3
10 KB
10 KB
Script
General
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13849&rf=https%3A%2F%2Freurl.cc%2Fa7d82y&n=125&o=1&d=1&b=2&ts=1&ii=2&FPCK=5644-nHLgNnuMUZqx1UfsTsNykm1bfVCVrumL&initver=210830P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218d:d600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 ee4db0d243ceb0d1993e5f46ad6c0f00.cloudfront.net (CloudFront)
last-modified
Fri, 16 Oct 2020 09:58:46 GMT
server
AmazonS3
age
24
etag
"84d8b1a745228113e60f5e62f0eff6d3"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Tue, 12 Jul 2022 21:54:49 GMT
x-amz-cf-pop
CDG50-P2
accept-ranges
bytes
content-length
10359
x-amz-cf-id
VVoilZMLm7EK3Ts2HpDRakUXuEZ9RKtBYISmZBOAjP_pGnjgPJdATQ==
chtmp.php
ccm.holmesmind.com/ Frame 50ED
0
215 B
Image
General
Full URL
https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D422561-TMH65wljeJha70tf2m9XiR8m4WrDVzqz%26SID%3D44161%26Tags%3D2010%2C2009%2C2005%2C2004%2C2003%2C2002
Requested by
Host: reurl.cc
URL: https://reurl.cc/a7d82y
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.112.127.33 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-127-33.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 12 Jul 2022 21:55:12 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
publishertag.prebid.117.js
static.criteo.net/js/ld/ Frame D698
87 KB
28 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:12 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 13 Jul 2022 21:55:12 GMT
publishertag.prebid.117.js
static.criteo.net/js/ld/ Frame 1341
87 KB
28 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:12 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 13 Jul 2022 21:55:12 GMT
syncframe
gum.criteo.com/ Frame 415A
15 KB
6 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
5e5c9149be229df7c934f8cd1acf1b3cc9e04e29cbbe6cbe0e2d726e79930cff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://img.scupio.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
6144
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 12 Jul 2022 21:55:11 GMT
server-processing-duration-in-ticks
2335
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ Frame D698
87 KB
28 KB
XHR
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
4c2ce8d360f61186e0ba56478c0bc8e848e2ad5958fd08900e13bb0981541a64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:12 GMT
content-encoding
gzip
last-modified
Wed, 29 Jun 2022 06:23:33 GMT
server
nginx
etag
W/"62bbefe5-15b58"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 13 Jul 2022 21:55:12 GMT
syncframe
gum.criteo.com/ Frame D019
15 KB
6 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
5e5c9149be229df7c934f8cd1acf1b3cc9e04e29cbbe6cbe0e2d726e79930cff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://img.scupio.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
6144
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 12 Jul 2022 21:55:11 GMT
server-processing-duration-in-ticks
2187
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 1341
87 KB
28 KB
XHR
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
4c2ce8d360f61186e0ba56478c0bc8e848e2ad5958fd08900e13bb0981541a64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:12 GMT
content-encoding
gzip
last-modified
Wed, 29 Jun 2022 06:23:33 GMT
server
nginx
etag
W/"62bbefe5-15b58"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 13 Jul 2022 21:55:12 GMT
jquery-1.7.2.min.js
code.jquery.com/ Frame 7832
93 KB
33 KB
Script
General
Full URL
https://code.jquery.com/jquery-1.7.2.min.js
Requested by
Host: rec.scupio.com
URL: https://rec.scupio.com/recweb/js/rec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:12 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-17278"
vary
Accept-Encoding
x-hw
1657662912.dop053.fr8.t,1657662912.cds139.fr8.hn,1657662912.cds153.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
33626
ls.html
img.scupio.com/html/ Frame ED0D
1 KB
1 KB
Document
General
Full URL
https://img.scupio.com/html/ls.html
Requested by
Host: reurl.cc
URL: https://reurl.cc/a7d82y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce

Request headers

Referer
https://img.scupio.com/html/ad.html?v=1.0.63
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
3321
cache-control
max-age=604800
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 12 Jul 2022 21:01:03 GMT
etag
W/"583295c9-4dc"
expires
Tue, 19 Jul 2022 20:59:50 GMT
last-modified
Mon, 21 Nov 2016 06:35:53 GMT
server
nginx/1.12.1
vary
Origin
via
1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront)
x-amz-cf-id
KHyfKhS3L2t4FtDagEccVLihGu9ZTzAbIlPM_EahpBtasnQFgFP-1A==
x-amz-cf-pop
FRA2-C1
x-cache
Hit from cloudfront
ggid.aspx
rec.scupio.com/recweb/ Frame FBC5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q1hBMjAyMjA3MTMwNTU1MTE5NDMzNjA%3d&layout=js
  • https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEGhblmCxaRD24Em7acA07ho&google_cver=1&google_ula=3918219,0
0
551 B
Script
General
Full URL
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEGhblmCxaRD24Em7acA07ho&google_cver=1&google_ula=3918219,0
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.63
Protocol
HTTP/1.1
Server
210.59.219.175 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 12 Jul 2022 21:55:11 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
P3P
CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control
private
Content-Type
text/javascript
Content-Length
0

Redirect headers

pragma
no-cache
date
Tue, 12 Jul 2022 21:55:12 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEGhblmCxaRD24Em7acA07ho&google_cver=1&google_ula=3918219,0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame DA9A
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac
  • https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Requested by
Host: reurl.cc
URL: https://reurl.cc/a7d82y
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.89.20.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-20-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://img.scupio.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 12 Jul 2022 21:55:12 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 12 Jul 2022 21:55:12 GMT
location
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
server
AkamaiGHost
/
www.facebook.com/tr/ Frame FBC5
44 B
91 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1588263144793165&ev=ViewContent&dl=https%3A%2F%2Fimg.scupio.com%2Fhtml%2Fad.html%3Fv%3D1.0.63&rl=&if=true&ts=1657662912171&cd[SBST]=17&cd[PuID]=reurl
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.63
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:12 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Tue, 12 Jul 2022 21:55:12 GMT
generic
match.adsrvr.org/track/cmf/ Frame FBC5
Redirect Chain
  • https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CXA20220713055511943360
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/f7ec386a-9b9b-45d8-bc34-9de591d01056?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-hlpai59E2oVQIQhLmCaRdSGVpnJcM0VQm_I5HaA-~A&redirect=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
70 B
265 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.63
Protocol
H2
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Jul 2022 21:55:13 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Date
Tue, 12 Jul 2022 21:55:13 GMT
Connection
close
Content-Length
111
Vary
Accept, Accept-Encoding
Content-Type
text/plain; charset=utf-8
landing.php
fp.holmesmind.com/ Frame DF95
0
37 B
Document
General
Full URL
https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=2396-h52HJW4TZUhjRE083FyLZa2PSbzRa3CR&CFFPCKUUID=5644-nHLgNnuMUZqx1UfsTsNykm1bfVCVrumL&url=https%3A%2F%2Freurl.cc%2Fa7d82y&maindomain=reurl.cc
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.219.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
39.219.117.34.bc.googleusercontent.com
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
x-requested-with,content-type
access-control-allow-methods
*
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 12 Jul 2022 21:55:12 GMT
server
nginx/1.20.0
vary
Accept-Encoding
via
1.1 google
utag.js
t.ssp.hinet.net/ Frame 3480
5 KB
2 KB
Script
General
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
4ba46bfaca63b059874578152c263e1aaa8618019a1067adfdfcbd00f52339db
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:12 GMT
content-encoding
gzip
last-modified
Mon, 04 Jul 2022 02:05:56 GMT
server
nginx
etag
W/"62c24b04-12ae"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
strict-transport-security
max-age=0
expires
Tue, 12 Jul 2022 22:05:12 GMT
ls.html
img.scupio.com/html/ Frame 1A20
1 KB
1 KB
Document
General
Full URL
https://img.scupio.com/html/ls.html?mid=52
Requested by
Host: rec.scupio.com
URL: https://rec.scupio.com/recweb/js/rec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce

Request headers

Referer
https://img.scupio.com/html/ad.html?v=1.0.63
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
614
cache-control
max-age=604800
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 12 Jul 2022 21:55:12 GMT
etag
W/"583295c9-4dc"
expires
Tue, 19 Jul 2022 21:44:58 GMT
last-modified
Mon, 21 Nov 2016 06:35:53 GMT
server
nginx/1.12.1
vary
Origin
via
1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront)
x-amz-cf-id
12pm1d0_ACb6748Bd0gBBiERPSI1mq9crI2oHLXZoT74dF3F0zIOiw==
x-amz-cf-pop
FRA2-C1
x-cache
Hit from cloudfront
rec.aspx
rec.scupio.com/recweb/ Frame 7832
3 KB
2 KB
XHR
General
Full URL
https://rec.scupio.com/recweb/rec.aspx?cb=0.6376922730362626
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.7.2.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.175 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
2bbc9b0a970786726b570f1470a785d8a1950483f78d860d785db5ce963785b9

Request headers

Accept
*/*
Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Tue, 12 Jul 2022 21:55:11 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
P3P
CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin
https://img.scupio.com
Cache-Control
private
Access-Control-Allow-Credentials
true
Content-Type
text/javascript; charset=utf-8
Content-Length
1782
/
t.ssp.hinet.net/ Frame 7551
36 B
408 B
XHR
General
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
083df52b1f99bd6b4b366ca3bc7540892e808073bcbc7d1ed033ded5df6a97ec
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:12 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
sid
mug.criteo.com/ Frame 415A
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=Snako3xqM0Y4KzFhSUdqc2p4Mkc4WUZKdUdoa05FNFBJNmM3TlVDV3FwaEJuV3ZGS2l2Z1IxM1ZLdytPUHNJKy9WOGhFTW1jb0dWWGIvVjlEQm9iLzA2SC9Xc1V4Qkp4SUZMeEtJN3JuZFJXeXRDd3BGN2dLM29jTkpoUU...
431 B
635 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=Snako3xqM0Y4KzFhSUdqc2p4Mkc4WUZKdUdoa05FNFBJNmM3TlVDV3FwaEJuV3ZGS2l2Z1IxM1ZLdytPUHNJKy9WOGhFTW1jb0dWWGIvVjlEQm9iLzA2SC9Xc1V4Qkp4SUZMeEtJN3JuZFJXeXRDd3BGN2dLM29jTkpoUUkvM3FhMC9oQWNoTGhLeTJ5MkJUT1lPNzY2SG9CWUNOZTJna09UT25aV0JOZ25LcWo2Zk5TSm1LbTFHT0xHcjA1U3ZDMUcybnVNUkYrQXZvSGFiWEVwWWh3Y1VsK01HSktEcVlWVzRqMHc5U25VNEVzb3haclVqZW05eWNTdEZvamc0MEV3SzZwbEluMWpjWEx6dEUyTFdVVXY4MVpPKytFQmVRdVVHZHZpckQvd1hOeUxBWT18&cppv=2
Requested by
Host: reurl.cc
URL: https://reurl.cc/a7d82y
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
44147710073140bbb578e4d824a1a5ab3294904b15c8911340329dcc58bd75f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Jul 2022 21:55:12 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
4198
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Tue, 12 Jul 2022 21:55:11 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=Snako3xqM0Y4KzFhSUdqc2p4Mkc4WUZKdUdoa05FNFBJNmM3TlVDV3FwaEJuV3ZGS2l2Z1IxM1ZLdytPUHNJKy9WOGhFTW1jb0dWWGIvVjlEQm9iLzA2SC9Xc1V4Qkp4SUZMeEtJN3JuZFJXeXRDd3BGN2dLM29jTkpoUUkvM3FhMC9oQWNoTGhLeTJ5MkJUT1lPNzY2SG9CWUNOZTJna09UT25aV0JOZ25LcWo2Zk5TSm1LbTFHT0xHcjA1U3ZDMUcybnVNUkYrQXZvSGFiWEVwWWh3Y1VsK01HSktEcVlWVzRqMHc5U25VNEVzb3haclVqZW05eWNTdEZvamc0MEV3SzZwbEluMWpjWEx6dEUyTFdVVXY4MVpPKytFQmVRdVVHZHZpckQvd1hOeUxBWT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1527
content-length
567
expires
0
sid
mug.criteo.com/ Frame D019
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=K_vNznxubEdHMTlubFVRZmZ3SUpWQnJUa1lMMldVODh3ZVVjZ0VubUxCcU9CeitQN0plYmVIVjZ3NjUxNUkxT3pEN0pkUDR1dlF4Qkc2QXlzVUszSG1EaWxqaVNQbTYrZFcwNjduZW04d2VOY3JqQVNSeFFaaHl0dFEzMV...
433 B
632 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=K_vNznxubEdHMTlubFVRZmZ3SUpWQnJUa1lMMldVODh3ZVVjZ0VubUxCcU9CeitQN0plYmVIVjZ3NjUxNUkxT3pEN0pkUDR1dlF4Qkc2QXlzVUszSG1EaWxqaVNQbTYrZFcwNjduZW04d2VOY3JqQVNSeFFaaHl0dFEzMVZ6S2l6MS81Y3BvSU14L0Ewb2s4RmJFWXRES2hLdkdNR2RsSTdrbStGdXhkL2Z0dlBSNGxOUUozblUwSVZadmErUkRaK0hlVVM4RFpLVi91WEdvdGVqeXhEaGVuWGlWUVk2S2ZMUEFRMUxrcnZZa0dMYzBUVUpDR3Q2aWowZU93Nm5hN3hJWXVuTVJmeXA0M00xRFE2aHF5M0tHb3JGemlBZUltUzB4RkpzMS9LLyswNEN1UT18&cppv=2
Requested by
Host: reurl.cc
URL: https://reurl.cc/a7d82y
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
25bad7552b09639334d7482dc4822ec5b88f3d345f2223e0b106555a27f21f90
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Jul 2022 21:55:12 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
4524
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Tue, 12 Jul 2022 21:55:12 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=K_vNznxubEdHMTlubFVRZmZ3SUpWQnJUa1lMMldVODh3ZVVjZ0VubUxCcU9CeitQN0plYmVIVjZ3NjUxNUkxT3pEN0pkUDR1dlF4Qkc2QXlzVUszSG1EaWxqaVNQbTYrZFcwNjduZW04d2VOY3JqQVNSeFFaaHl0dFEzMVZ6S2l6MS81Y3BvSU14L0Ewb2s4RmJFWXRES2hLdkdNR2RsSTdrbStGdXhkL2Z0dlBSNGxOUUozblUwSVZadmErUkRaK0hlVVM4RFpLVi91WEdvdGVqeXhEaGVuWGlWUVk2S2ZMUEFRMUxrcnZZa0dMYzBUVUpDR3Q2aWowZU93Nm5hN3hJWXVuTVJmeXA0M00xRFE2aHF5M0tHb3JGemlBZUltUzB4RkpzMS9LLyswNEN1UT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
2178
content-length
567
expires
0
/
t.ssp.hinet.net/ Frame 54B3
36 B
401 B
XHR
General
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
083df52b1f99bd6b4b366ca3bc7540892e808073bcbc7d1ed033ded5df6a97ec
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:12 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
emome2
t.ssp.hinet.net/ Frame 9A28
30 B
278 B
XHR
General
Full URL
https://t.ssp.hinet.net/emome2?u=218cad15-6387-4941-93c3-f36fad2a39e0
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:12 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
drawV2.js
cdn.holmesmind.com/js/ Frame 3480
10 KB
10 KB
Script
General
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13857&rf=https%3A%2F%2Freurl.cc%2Fa7d82y&n=523&o=1&d=1&b=2&ts=1&ii=2&FPCK=5644-nHLgNnuMUZqx1UfsTsNykm1bfVCVrumL&initver=210830P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218d:d600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 ee4db0d243ceb0d1993e5f46ad6c0f00.cloudfront.net (CloudFront)
last-modified
Fri, 16 Oct 2020 09:58:46 GMT
server
AmazonS3
age
24
etag
"84d8b1a745228113e60f5e62f0eff6d3"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Tue, 12 Jul 2022 21:54:49 GMT
x-amz-cf-pop
CDG50-P2
accept-ranges
bytes
content-length
10359
x-amz-cf-id
VqzEiDw-5zUei5snjN2tTWJy4yt90j2Of2ITv6Chfn7IdqYFdL3sPA==
chtmp.php
ccm.holmesmind.com/ Frame B879
0
214 B
Image
General
Full URL
https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D422561-TMH65wljeJha70tf2m9XiR8m4WrDVzqz%26SID%3D44161%26Tags%3D2010%2C2009%2C2005%2C2004%2C2003%2C2002
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.112.127.33 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-127-33.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 12 Jul 2022 21:55:12 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
usync.js
eus.rubiconproject.com/ Frame DA9A
31 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.89.20.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-20-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
8d9fd04b0c4d42a58f7b00d5427d9f2ec293d329f41a4b22e37b6d18a1117679

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 12 Jul 2022 21:55:12 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Jun 2022 17:17:26 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=23775
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9457
Expires
Wed, 13 Jul 2022 04:31:27 GMT
khaos.jpg
token.rubiconproject.com/ Frame DA9A
284 B
536 B
Image
General
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
611afce88997db6fdd35eb213e662871
Content-Type
image/jpg
jquery-1.7.2.min.js
code.jquery.com/ Frame AAF0
93 KB
33 KB
Script
General
Full URL
https://code.jquery.com/jquery-1.7.2.min.js
Requested by
Host: rec.scupio.com
URL: https://rec.scupio.com/recweb/js/rec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:12 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-17278"
vary
Accept-Encoding
x-hw
1657662912.dop053.fr8.t,1657662912.cds139.fr8.hn,1657662912.cds153.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
33626
ls.html
img.scupio.com/html/ Frame 8B13
1 KB
1 KB
Document
General
Full URL
https://img.scupio.com/html/ls.html
Requested by
Host: reurl.cc
URL: https://reurl.cc/a7d82y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce

Request headers

Referer
https://img.scupio.com/html/ad.html?v=1.0.63
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
3321
cache-control
max-age=604800
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 12 Jul 2022 21:01:03 GMT
etag
W/"583295c9-4dc"
expires
Tue, 19 Jul 2022 20:59:50 GMT
last-modified
Mon, 21 Nov 2016 06:35:53 GMT
server
nginx/1.12.1
vary
Origin
via
1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront)
x-amz-cf-id
jFGHmE201yRIyeJizOVNweEMQ6G0IoAABE8dqkFHsHc-B_lNf7jxdw==
x-amz-cf-pop
FRA2-C1
x-cache
Hit from cloudfront
ggid.aspx
rec.scupio.com/recweb/ Frame 141E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q0tBMjAyMjA3MTMwNTU1MTI4NTg4NTI%3d&layout=js
  • https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEGhblmCxaRD24Em7acA07ho&google_cver=1&google_ula=3918219,0
0
551 B
Script
General
Full URL
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEGhblmCxaRD24Em7acA07ho&google_cver=1&google_ula=3918219,0
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.63
Protocol
HTTP/1.1
Server
210.59.219.175 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 12 Jul 2022 21:55:11 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
P3P
CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control
private
Content-Type
text/javascript
Content-Length
0

Redirect headers

pragma
no-cache
date
Tue, 12 Jul 2022 21:55:12 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEGhblmCxaRD24Em7acA07ho&google_cver=1&google_ula=3918219,0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame BCFA
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac
  • https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Requested by
Host: reurl.cc
URL: https://reurl.cc/a7d82y
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.89.20.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-20-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://img.scupio.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 12 Jul 2022 21:55:12 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 12 Jul 2022 21:55:12 GMT
location
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
server
AkamaiGHost
/
www.facebook.com/tr/ Frame 141E
44 B
88 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1588263144793165&ev=ViewContent&dl=https%3A%2F%2Fimg.scupio.com%2Fhtml%2Fad.html%3Fv%3D1.0.63&rl=&if=true&ts=1657662912406&cd[SBST]=17&cd[PuID]=reurl
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.63
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:12 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Tue, 12 Jul 2022 21:55:12 GMT
generic
match.adsrvr.org/track/cmf/ Frame 141E
Redirect Chain
  • https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CKA20220713055512858852
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/f7ec386a-9b9b-45d8-bc34-9de591d01056?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-G8vaLyxE2oWyJye815s.9aJssHSrmaANd3Qtrfo-~A&redirect=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.63
Protocol
H2
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Jul 2022 21:55:13 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Date
Tue, 12 Jul 2022 21:55:13 GMT
Connection
close
Content-Length
111
Vary
Accept, Accept-Encoding
Content-Type
text/plain; charset=utf-8
usync.js
eus.rubiconproject.com/ Frame BCFA
31 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.89.20.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-20-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
8d9fd04b0c4d42a58f7b00d5427d9f2ec293d329f41a4b22e37b6d18a1117679

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 12 Jul 2022 21:55:12 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Jun 2022 17:17:26 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=23775
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9457
Expires
Wed, 13 Jul 2022 04:31:27 GMT
sync.php
pixel-apac.rubiconproject.com/exchange/ Frame DA9A
0
239 B
Image
General
Full URL
https://pixel-apac.rubiconproject.com/exchange/sync.php?p=xapi-bridgewell
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
0ed95c36ed1932be3ba76fc523a6e179
Content-Type
image/gif
khaos.jpg
token.rubiconproject.com/ Frame BCFA
284 B
536 B
Image
General
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
611afce88997db6fdd35eb213e662871
Content-Type
image/jpg
emome2
t.ssp.hinet.net/ Frame 7551
30 B
278 B
XHR
General
Full URL
https://t.ssp.hinet.net/emome2?u=218cad15-6387-4941-93c3-f36fad2a39e0
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:12 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
rec.aspx
rec.scupio.com/recweb/ Frame AAF0
18 KB
4 KB
XHR
General
Full URL
https://rec.scupio.com/recweb/rec.aspx?cb=0.46059143323417184
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.7.2.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.175 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
73db7f6514ed3961fe6df3916b73fc86066df9d18313ceccaf82dc879b6fd53a

Request headers

Accept
*/*
Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Tue, 12 Jul 2022 21:55:12 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
P3P
CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin
https://img.scupio.com
Cache-Control
private
Access-Control-Allow-Credentials
true
Content-Type
text/javascript; charset=utf-8
Content-Length
4095
cm
t.ssp.hinet.net/ Frame 9A28
0
194 B
XHR
General
Full URL
https://t.ssp.hinet.net/cm?c=cf&cid=422561-TMH65wljeJha70tf2m9XiR8m4WrDVzqz&mp=218cad15-6387-4941-93c3-f36fad2a39e0
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:12 GMT
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
pixel
218cad15-6387-4941-93c3-f36fad2a39e0.t.ssp.hinet.net/ Frame 9A28
0
79 B
Image
General
Full URL
https://218cad15-6387-4941-93c3-f36fad2a39e0.t.ssp.hinet.net/pixel?bd=218cad15-6387-4941-93c3-f36fad2a39e0&t=cf
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:13 GMT
server
nginx
content-length
0
strict-transport-security
max-age=0
content-type
image/png
adimg.js
img.scupio.com/staticfiles/35d2d29dcbf36499d88c2aa19816ff1a24ee2fed/scripts/adbanner/build/ Frame 7832
3 KB
2 KB
XHR
General
Full URL
https://img.scupio.com/staticfiles/35d2d29dcbf36499d88c2aa19816ff1a24ee2fed/scripts/adbanner/build/adimg.js
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.7.2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
82850c11ef4b04bd1ec2b3f27d2f0ee21f633286999a6d41eb55eb8205c6295a

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://img.scupio.com/html/ad.html?v=1.0.63
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 06:55:20 GMT
content-encoding
gzip
last-modified
Wed, 22 Jun 2022 06:47:32 GMT
server
nginx/1.12.1
age
1781991
etag
W/"62b2bb04-b7b"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
Zvz8Q9duFJiY1nh_AKgF19UXDGsbUs350mjbNwvU6F-I5rxLnO7XHw==
via
1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront)
expires
Thu, 22 Jun 2023 06:55:20 GMT
CoverImage.js
img.scupio.com/staticfiles/35d2d29dcbf36499d88c2aa19816ff1a24ee2fed/scripts/adbanner/build/ Frame 7832
1 KB
1 KB
XHR
General
Full URL
https://img.scupio.com/staticfiles/35d2d29dcbf36499d88c2aa19816ff1a24ee2fed/scripts/adbanner/build/CoverImage.js
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.7.2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
9ee1b5f0991caed05a8149e2e2d86f43a8a0d8600d5c83d2799601714a8af3c6

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://img.scupio.com/html/ad.html?v=1.0.63
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 06:54:14 GMT
content-encoding
gzip
last-modified
Wed, 22 Jun 2022 06:47:32 GMT
server
nginx/1.12.1
age
1782058
etag
W/"62b2bb04-54d"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
whc-kPtLoaj7vxN4HHaivZJ8jLaBDeHaeasY5Wxm1ZUxJYAGOg3RBA==
via
1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront)
expires
Thu, 22 Jun 2023 06:54:14 GMT
81738860-25b2-48d3-967e-b358a4cb6769.jpg
img.scupio.com/dsp/ad-image/931/8/ Frame 7832
41 KB
41 KB
Image
General
Full URL
https://img.scupio.com/dsp/ad-image/931/8/81738860-25b2-48d3-967e-b358a4cb6769.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/a7d82y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
0e02373f8984a70815328ab27d6f40bb4cae033cb6e0e37b288cecf81682ddb9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/html/ad.html?v=1.0.63
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:31:39 GMT
via
1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront)
last-modified
Fri, 24 Jun 2022 07:31:42 GMT
server
nginx/1.12.1
age
1413
etag
"62b5685e-a412"
vary
Origin
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=21600
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
42002
x-amz-cf-id
tpQUDjesFM_0IK9LQPUHXrNs_ivj-WmB9yeWq6DHiQih2a6_AybxPg==
expires
Wed, 13 Jul 2022 03:31:39 GMT
sdk
cdn.aralego.net/ucfad/sdk/us-east/ Frame 4608
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
42 KB
43 KB
Script
General
Full URL
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by
Host: reurl.cc
URL: https://reurl.cc/a7d82y
Protocol
H2
Server
2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ea014dbd2141838e64f839656dd6eec7e513ebac16b0b811430b3a81b777a58

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:13 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6523
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43274
last-modified
Thu, 10 Feb 2022 09:21:22 GMT
server
cloudflare
etag
"6204d912-a90a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BMs9TYUM%2FHWJne%2FllpMH91Mt%2FwkNQwHTjZgK7yhANz5RtaOpM78OvbotHhT5II3xdpOps4JEg7SyK4c%2BKSN85dG0FXBfzEomxtDXnxtnigZJrvEg5bvRXgpg%2FbKqFi%2FPxuGb38CQDr2Iu2rrLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
729d059719319b86-FRA

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection
close
Content-length
0
pixel
218cad15-6387-4941-93c3-f36fad2a39e0.t.ssp.hinet.net/ Frame 7551
0
79 B
Image
General
Full URL
https://218cad15-6387-4941-93c3-f36fad2a39e0.t.ssp.hinet.net/pixel?bd=218cad15-6387-4941-93c3-f36fad2a39e0&t=cf
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:13 GMT
server
nginx
content-length
0
strict-transport-security
max-age=0
content-type
image/png
cm
t.ssp.hinet.net/ Frame 7551
0
194 B
XHR
General
Full URL
https://t.ssp.hinet.net/cm?c=cf&cid=422561-TMH65wljeJha70tf2m9XiR8m4WrDVzqz&mp=218cad15-6387-4941-93c3-f36fad2a39e0
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:12 GMT
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
cm
t.ssp.hinet.net/ Frame 54B3
0
187 B
XHR
General
Full URL
https://t.ssp.hinet.net/cm?c=50ef57&cid=2396-h52HJW4TZUhjRE083FyLZa2PSbzRa3CR&mp=218cad15-6387-4941-93c3-f36fad2a39e0
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:12 GMT
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
pixel
218cad15-6387-4941-93c3-f36fad2a39e0.t.ssp.hinet.net/ Frame 54B3
0
79 B
Image
General
Full URL
https://218cad15-6387-4941-93c3-f36fad2a39e0.t.ssp.hinet.net/pixel?bd=218cad15-6387-4941-93c3-f36fad2a39e0&t=50ef57
Requested by
Host: reurl.cc
URL: https://reurl.cc/a7d82y
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:13 GMT
server
nginx
content-length
0
strict-transport-security
max-age=0
content-type
image/png
ad340.js
img.scupio.com/staticfiles/35d2d29dcbf36499d88c2aa19816ff1a24ee2fed/scripts/adbanner/build/ Frame AAF0
23 KB
9 KB
XHR
General
Full URL
https://img.scupio.com/staticfiles/35d2d29dcbf36499d88c2aa19816ff1a24ee2fed/scripts/adbanner/build/ad340.js
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.7.2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
305a5c5f545fc12468eaeb02877c6a7bde72bc6a96caceed2cf797c0a0938f62

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://img.scupio.com/html/ad.html?v=1.0.63
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 06:58:57 GMT
content-encoding
gzip
last-modified
Wed, 22 Jun 2022 06:47:32 GMT
server
nginx/1.12.1
age
1781775
etag
W/"62b2bb04-5d46"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
obgT6GNS_ZrEEN2NVTEuMmUUN5hqvW1_VoDNHAndL0EXfmjBCbWu4g==
via
1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront)
expires
Thu, 22 Jun 2023 06:58:57 GMT
CoverImage.js
img.scupio.com/staticfiles/35d2d29dcbf36499d88c2aa19816ff1a24ee2fed/scripts/adbanner/build/ Frame AAF0
1 KB
1 KB
XHR
General
Full URL
https://img.scupio.com/staticfiles/35d2d29dcbf36499d88c2aa19816ff1a24ee2fed/scripts/adbanner/build/CoverImage.js
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.7.2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
9ee1b5f0991caed05a8149e2e2d86f43a8a0d8600d5c83d2799601714a8af3c6

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://img.scupio.com/html/ad.html?v=1.0.63
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 06:54:14 GMT
content-encoding
gzip
last-modified
Wed, 22 Jun 2022 06:47:32 GMT
server
nginx/1.12.1
age
1782058
etag
W/"62b2bb04-54d"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
F17ks72h-sQhemXgYdhWKB_5mZ7hwpa_WMSUt8mSJkIn1OUVE5u7lQ==
via
1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront)
expires
Thu, 22 Jun 2023 06:54:14 GMT
0ff49497-b2c6-4016-b429-dca9ecaa8e8d.jpg
img.scupio.com/dsp/ad-image/931/0/ Frame AAF0
5 KB
5 KB
Image
General
Full URL
https://img.scupio.com/dsp/ad-image/931/0/0ff49497-b2c6-4016-b429-dca9ecaa8e8d.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/a7d82y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
e77ecf627b2b47580e771d54ff3cd92d41bd44c785d50ef78f95cfbe6be05417

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/html/ad.html?v=1.0.63
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:54:16 GMT
via
1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront)
last-modified
Tue, 22 Jun 2021 08:52:45 GMT
server
nginx/1.12.1
age
56
etag
"60d1a4dd-13c5"
vary
Origin
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=21600
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
5061
x-amz-cf-id
p-2Er53GQarSNir-mFJ17rJWcokci2mVDN6NrF46LKIl4VlSjx1llw==
expires
Wed, 13 Jul 2022 03:54:16 GMT
7322764.jpg
img.scupio.com/ec/x/931/250/764/ Frame AAF0
9 KB
9 KB
Image
General
Full URL
https://img.scupio.com/ec/x/931/250/764/7322764.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/a7d82y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
340e881821542693dbadb77ea7045af2d968ef1c8bfc22fecb320d603492940a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/html/ad.html?v=1.0.63
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:12 GMT
via
1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront)
last-modified
Tue, 12 Jul 2022 05:54:47 GMT
server
nginx/1.12.1
age
20246
etag
"62cd0ca7-23da"
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=21600
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
9178
x-amz-cf-id
inWkBsiUZn6KluWT9xt2b00LcA5e3qQWOACWueb92z9-o0UnpqK-MQ==
expires
Tue, 12 Jul 2022 22:17:46 GMT
7614616.jpg
img.scupio.com/ec/x/931/250/616/ Frame AAF0
6 KB
6 KB
Image
General
Full URL
https://img.scupio.com/ec/x/931/250/616/7614616.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/a7d82y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
355d7dd4feb018eaacf0f66eb95a8b090fc2a0e9e75d90f848c16cb38d340595

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/html/ad.html?v=1.0.63
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:12 GMT
via
1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront)
last-modified
Tue, 12 Jul 2022 07:20:56 GMT
server
nginx/1.12.1
age
4707
etag
"62cd20d8-1731"
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=21600
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
5937
x-amz-cf-id
ZP_72UJiY2PX-E2xNUUKw5DQlueADZhUMcsSBJjkZ9CZNDaPsjKa_A==
expires
Wed, 13 Jul 2022 02:36:45 GMT
7517479.jpg
img.scupio.com/ec/x/931/250/479/ Frame AAF0
8 KB
8 KB
Image
General
Full URL
https://img.scupio.com/ec/x/931/250/479/7517479.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/a7d82y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
dd60dc06bb34207c6def6eb81ae497f1cf0a43d4e31304748f821ed811884be7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/html/ad.html?v=1.0.63
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 17:12:57 GMT
via
1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront)
last-modified
Tue, 12 Jul 2022 05:36:48 GMT
server
nginx/1.12.1
age
16935
etag
"62cd0870-1e63"
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=21600
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
7779
x-amz-cf-id
rxCKssAc2AswshamkYHZNIFV_Edys_JsYoNMT3aBk4EDNT1nDk-3pQ==
expires
Tue, 12 Jul 2022 23:12:57 GMT
7334467.jpg
img.scupio.com/ec/x/931/250/467/ Frame AAF0
10 KB
11 KB
Image
General
Full URL
https://img.scupio.com/ec/x/931/250/467/7334467.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/a7d82y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
835567069e081d5912a752e75e9f8507d2621bee0b97a88730a0fd3608505e8e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/html/ad.html?v=1.0.63
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 18:21:59 GMT
via
1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront)
last-modified
Tue, 12 Jul 2022 03:22:45 GMT
server
nginx/1.12.1
age
12793
etag
"62cce905-292f"
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=21600
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
10543
x-amz-cf-id
CSHB_DQsf2KBxSwNmoVoH_E9t-oOJAVEjNzgl2Zsn6wlTpw5uFYMTQ==
expires
Wed, 13 Jul 2022 00:21:59 GMT
7614455.jpg
img.scupio.com/ec/x/931/250/455/ Frame AAF0
8 KB
9 KB
Image
General
Full URL
https://img.scupio.com/ec/x/931/250/455/7614455.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/a7d82y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
a61200307498420cdd828a12c0eba145bb05d9c207b2ec880bb86f6d6c3186d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/html/ad.html?v=1.0.63
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 19:46:32 GMT
via
1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront)
last-modified
Tue, 12 Jul 2022 05:06:46 GMT
server
nginx/1.12.1
age
7720
etag
"62cd0166-2100"
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=21600
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
8448
x-amz-cf-id
W2_W6o1q5sqbZtOCpwLP5_zSDppLkI2uyBP2xqTbVVZl-NVNl8UtMg==
expires
Wed, 13 Jul 2022 01:46:32 GMT
7092117.jpg
img.scupio.com/ec/x/931/250/117/ Frame AAF0
9 KB
9 KB
Image
General
Full URL
https://img.scupio.com/ec/x/931/250/117/7092117.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/a7d82y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
649bb51c7988e50a72ba3202a01713b60c3ca192847bc878e1505203418a207c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/html/ad.html?v=1.0.63
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:12 GMT
via
1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront)
last-modified
Tue, 12 Jul 2022 04:47:45 GMT
server
nginx/1.12.1
age
14603
etag
"62ccfcf1-22ba"
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=21600
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
8890
x-amz-cf-id
-97aJ2kuZjPX8AnzPd6AGDKdrhEVCGC0yxysSfmhQtFfT1DLXNtTIw==
expires
Tue, 12 Jul 2022 23:51:49 GMT
7637814.jpg
img.scupio.com/ec/x/931/250/814/ Frame AAF0
7 KB
7 KB
Image
General
Full URL
https://img.scupio.com/ec/x/931/250/814/7637814.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/a7d82y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
6f641d761d4966b3e68b83db6558800066470040a24a4ba5145ca1ddfa48c1a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/html/ad.html?v=1.0.63
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 18:51:08 GMT
via
1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront)
last-modified
Tue, 12 Jul 2022 07:19:51 GMT
server
nginx/1.12.1
age
11044
etag
"62cd2097-1ade"
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=21600
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
6878
x-amz-cf-id
4Ycqq07ejFl7CXW9oV00Fr3zWxTpoF_p6rmzRHLh9OmpM9XFOHuiPg==
expires
Wed, 13 Jul 2022 00:51:08 GMT
7469666.jpg
img.scupio.com/ec/x/931/250/666/ Frame AAF0
7 KB
7 KB
Image
General
Full URL
https://img.scupio.com/ec/x/931/250/666/7469666.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/a7d82y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
98b187cd6f87ad20035894c988231d6ef4ed2f384405f129ff44f1a46c458347

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/html/ad.html?v=1.0.63
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:13 GMT
via
1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront)
last-modified
Tue, 12 Jul 2022 06:08:41 GMT
server
nginx/1.12.1
x-amz-cf-pop
FRA2-C1
etag
"62cd0fe9-1a9c"
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=21600
accept-ranges
bytes
content-length
6812
x-amz-cf-id
359Vt0CoqenaynTB7BzvVtbzwac0bRq061vvazFzrNgwOuV-hBzdxw==
expires
Wed, 13 Jul 2022 03:55:13 GMT
css2
fonts.googleapis.com/ Frame AAF0
469 KB
131 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Noto+Sans+TC:wght@100;400;500;700&display=swap
Requested by
Host: reurl.cc
URL: https://reurl.cc/a7d82y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
530ca1614d792b7d61b12d107ba9caaefa679118ff79904fc5f5c0009ae194ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 12 Jul 2022 21:55:12 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 12 Jul 2022 21:55:12 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 12 Jul 2022 21:55:12 GMT
pixel
f67f7ece-c05e-440b-b1ee-6544db77157b.t.ssp.hinet.net/ Frame 3480
0
79 B
Image
General
Full URL
https://f67f7ece-c05e-440b-b1ee-6544db77157b.t.ssp.hinet.net/pixel?bd=f67f7ece-c05e-440b-b1ee-6544db77157b&t=50ef57
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:13 GMT
server
nginx
content-length
0
strict-transport-security
max-age=0
content-type
image/png
cm
t.ssp.hinet.net/ Frame 3480
0
187 B
XHR
General
Full URL
https://t.ssp.hinet.net/cm?c=50ef57&cid=2396-h52HJW4TZUhjRE083FyLZa2PSbzRa3CR&mp=f67f7ece-c05e-440b-b1ee-6544db77157b
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:13 GMT
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
sdk
cdn.aralego.net/ucfad/sdk/us-east/ Frame 4309
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
42 KB
43 KB
Script
General
Full URL
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by
Host: reurl.cc
URL: https://reurl.cc/a7d82y
Protocol
H3
Server
2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ea014dbd2141838e64f839656dd6eec7e513ebac16b0b811430b3a81b777a58

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:13 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5417
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43274
last-modified
Thu, 10 Feb 2022 09:21:22 GMT
server
cloudflare
etag
"6204d912-a90a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hQiZ7ACZ%2BT%2BsAWEH3V7nmXV6A3Aim7wq%2FoDezavjAB6z6LrGgtr%2F7AH6561Nt9SiNs7ZxSs1rpCSzUxf%2BTFr%2BPT%2Bxy2qg1HfOfqzUaFIyGV4%2Fn1mMj29SOuegiCucE1EHj8Wq8eS7Ep9iPxNdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
729d0597cdd55c9e-FRA

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection
close
Content-length
0
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.119.woff2
fonts.gstatic.com/s/notosanstc/v26/ Frame AAF0
24 KB
24 KB
Font
General
Full URL
https://fonts.gstatic.com/s/notosanstc/v26/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.119.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+TC:wght@100;400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96066d1cc1ca8875144cff6eca4e259c921e68668cb37e296b26df339e483564
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://img.scupio.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 19:46:03 GMT
x-content-type-options
nosniff
age
94150
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24936
x-xss-protection
0
last-modified
Mon, 09 May 2022 18:57:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 11 Jul 2023 19:46:03 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.115.woff2
fonts.gstatic.com/s/notosanstc/v26/ Frame AAF0
51 KB
51 KB
Font
General
Full URL
https://fonts.gstatic.com/s/notosanstc/v26/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.115.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+TC:wght@100;400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc79c0dd36835b0227e3a48c34c756790039c0f1b47b2569eff1e423298e0738
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://img.scupio.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 17:04:35 GMT
x-content-type-options
nosniff
age
103838
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52128
x-xss-protection
0
last-modified
Mon, 09 May 2022 18:57:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 11 Jul 2023 17:04:35 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.118.woff2
fonts.gstatic.com/s/notosanstc/v26/ Frame AAF0
42 KB
42 KB
Font
General
Full URL
https://fonts.gstatic.com/s/notosanstc/v26/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.118.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+TC:wght@100;400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e1e2d61455e368f6e46c9cb5e66d1e329bbfae474e057f871e08da62fd7a8f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://img.scupio.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 11:26:20 GMT
x-content-type-options
nosniff
age
124133
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43280
x-xss-protection
0
last-modified
Mon, 09 May 2022 18:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 11 Jul 2023 11:26:20 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.117.woff2
fonts.gstatic.com/s/notosanstc/v26/ Frame AAF0
46 KB
46 KB
Font
General
Full URL
https://fonts.gstatic.com/s/notosanstc/v26/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.117.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+TC:wght@100;400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c9eacd4f7c4b2e26233432b0a1812431c97f2a9e24aa06da0d29298c08a1b470
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://img.scupio.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 20:07:21 GMT
x-content-type-options
nosniff
age
92872
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46916
x-xss-protection
0
last-modified
Mon, 09 May 2022 18:58:11 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 11 Jul 2023 20:07:21 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.116.woff2
fonts.gstatic.com/s/notosanstc/v26/ Frame AAF0
50 KB
50 KB
Font
General
Full URL
https://fonts.gstatic.com/s/notosanstc/v26/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.116.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+TC:wght@100;400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89367760ff3ae97bf0929c541d6735607a7d94c31f5d8adf588d5f14210eb175
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://img.scupio.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 11:00:53 GMT
x-content-type-options
nosniff
age
125660
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51388
x-xss-protection
0
last-modified
Mon, 09 May 2022 18:58:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 11 Jul 2023 11:00:53 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.106.woff2
fonts.gstatic.com/s/notosanstc/v26/ Frame AAF0
51 KB
52 KB
Font
General
Full URL
https://fonts.gstatic.com/s/notosanstc/v26/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.106.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+TC:wght@100;400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
13e55095a5b249ac897016c8bbd10a1f1c3b1762dc6f299b63d001d540f5705e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://img.scupio.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 21:11:46 GMT
x-content-type-options
nosniff
age
89007
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52348
x-xss-protection
0
last-modified
Mon, 09 May 2022 19:09:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 11 Jul 2023 21:11:46 GMT
ucfad-formats.css
cdn.aralego.net/css/dev/ Frame 4608
975 B
887 B
Stylesheet
General
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5023
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aoGEj6B%2FEX5SSj9kvKbLWLG9xIBhD3C2Zg6ijj7u%2Fh%2Bm0gV8BARYqWavc8hGAdR%2FVCbCpAlbb0cy%2FvzNwl%2BzziHB2RRqAkd1RLQ%2F2Uhmx7tVbY3%2Bf8AGodf80QwNNNPeafq22UnAiICiyd1mhw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
729d05975d4f5c9e-FRA
cf-bgj
minify
idRequest
sync.aralego.com/ Frame 4608
46 B
486 B
XHR
General
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.115.117.82 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
3fd25805746226bb2040e0361cb5ffcf84d67e25fea260d5ea19e5d279153efb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 12 Jul 2022 21:55:13 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://reurl.cc
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
ad_request
ads.aralego.com/ Frame 4608
555 B
1 KB
XHR
General
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=reurl.cc&u=https%3A%2F%2Freurl.cc%2Fa7d82y&adid=ad-BE78DB396979B34E17BE3B66A3E7D76B&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.8034422018015739&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B&ao=https%3A%2F%2Freurl.cc&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.115.117.82 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
fdfa393e5fb39c4ab607d817e8d0b5fe3573a4a2e3e8554131fbade8d615bcbf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 12 Jul 2022 21:55:13 GMT
X-Width
300
X-Height
250
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://reurl.cc
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
X-AdSource
PSA
X-SspId
f7ec386a-9b9b-45d8-bc34-9de591d01056
Connection
close
Access-Control-Allow-Credentials
true
Content-Length
555
X-AdStyle
banner
X-Adtype
html
ucfad-formats.css
cdn.aralego.net/css/dev/ Frame 4309
975 B
853 B
Stylesheet
General
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5023
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=438grEBvG%2Fvb0E5h%2B7Y9FT7%2FqxtjGB5%2BwZkpRBsM1TRLSwsCOJjjwGFLXiUSFhPG7J7x5sPS17h36PU3BIOXnH36%2F3JfGpx77E8c7wwKlcu6elpn582M1%2BNgSN%2BjdFmJxPqtKERD2b%2Fu3kjusA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
729d05980e155c9e-FRA
cf-bgj
minify
idRequest
sync.aralego.com/ Frame 4309
46 B
486 B
XHR
General
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.115.117.82 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
3fd25805746226bb2040e0361cb5ffcf84d67e25fea260d5ea19e5d279153efb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 12 Jul 2022 21:55:13 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://reurl.cc
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
ad_request
ads.aralego.com/ Frame 4309
552 B
1 KB
XHR
General
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=reurl.cc&u=https%3A%2F%2Freurl.cc%2Fa7d82y&adid=ad-BE7A8D43E47B3D23C77A9993A9B8A778&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.4449172989151431&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B&ao=https%3A%2F%2Freurl.cc&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.115.117.82 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
99ec1b27528b2883154fd166e11c3fa740d28609937a1a0287d95674ea99c2bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 12 Jul 2022 21:55:13 GMT
X-Width
300
X-Height
250
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://reurl.cc
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
X-AdSource
PSA
X-SspId
f7ec386a-9b9b-45d8-bc34-9de591d01056
Connection
close
Access-Control-Allow-Credentials
true
Content-Length
552
X-AdStyle
banner
X-Adtype
html
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame B8C4
714 B
842 B
Document
General
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
age
690
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
729d05991f345c9e-FRA
content-encoding
br
content-type
text/html
date
Tue, 12 Jul 2022 21:55:13 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8PqsI0IZy4I%2B92dkn252FKSH7TCrbH4fNUVpFg8jqoP9jCNXTCoFkZsXKiRKTTdxp6ogVwi2pQQZTA8va7PGYX3uDY3kaFyBmACSPMj%2FXZ4GzZhX%2FpJ8nMbvIXbS5Fbz%2FGFm1cQm7oqmeV4w9A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
idsync
sync.aralego.com/ Frame 4309
35 B
384 B
Image
General
Full URL
https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by
Host: reurl.cc
URL: https://reurl.cc/a7d82y
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.115.117.82 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 12 Jul 2022 21:55:13 GMT
Connection
close
Content-Length
35
Content-Type
image/gif
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame D828
714 B
841 B
Document
General
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
age
690
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
729d05991f3b5c9e-FRA
content-encoding
br
content-type
text/html
date
Tue, 12 Jul 2022 21:55:13 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XUHA%2BbYXxKHcYjDB1OEgq8hPmhV4f0VD6eHp1yShY6pk0U3sppgzB9n4XiVI8pjvetvy3%2B0oCcIl2QmjyQL%2FiDeTPsms%2BF4CZNpeUu8vxYJtwaOxgWdL3xpYWWIj51sJmMcVp%2FcA83NHOnnt3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
idsync
sync.aralego.com/ Frame 4608
35 B
384 B
Image
General
Full URL
https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.115.117.82 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 12 Jul 2022 21:55:13 GMT
Connection
close
Content-Length
35
Content-Type
image/gif
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame B8C4
81 KB
28 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
sffe /
Resource Hash
e2f0526568e13d6479532be33a4d1940d2d26b3fb97d7eb59c2896caffcf7283
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28014
x-xss-protection
0
server
sffe
etag
"1272 / 460 of 1000 / last-modified: 1657623928"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 12 Jul 2022 21:55:13 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame D828
81 KB
27 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
sffe /
Resource Hash
e2f0526568e13d6479532be33a4d1940d2d26b3fb97d7eb59c2896caffcf7283
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28014
x-xss-protection
0
server
sffe
etag
"1272 / 971 of 1000 / last-modified: 1657623928"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 12 Jul 2022 21:55:13 GMT
pubads_impl_2022070701.js
securepubads.g.doubleclick.net/gpt/ Frame B8C4
374 KB
128 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022070701.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
sffe /
Resource Hash
31918f5f4ce49eaa63265c0b72b9a22886ed6eb95081772a3fbc1a0151a6e63c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:52:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
167
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
130611
x-xss-protection
0
last-modified
Thu, 07 Jul 2022 08:36:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 12 Jul 2023 21:52:26 GMT
pubads_impl_2022070701.js
securepubads.g.doubleclick.net/gpt/ Frame D828
374 KB
128 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022070701.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
sffe /
Resource Hash
31918f5f4ce49eaa63265c0b72b9a22886ed6eb95081772a3fbc1a0151a6e63c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:52:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
167
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
130611
x-xss-protection
0
last-modified
Thu, 07 Jul 2022 08:36:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 12 Jul 2023 21:52:26 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 8928
118 KB
40 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c9f8306437593bfffa77914fde4d7334e943c0c3689ef36f68e77e748db8f18d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39938
x-xss-protection
0
server
cafe
etag
3496411090422084889
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 12 Jul 2022 21:55:13 GMT
integrator.js
adservice.google.de/adsid/ Frame D828
107 B
792 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022070701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 12 Jul 2022 21:55:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame D828
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022070701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 12 Jul 2022 21:55:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame D828
307 B
158 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=366649011051637&correlator=1423512196769601&eid=44768683%2C31060888%2C42531605&output=ldjh&gdfp_req=1&vrg=2022070701&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-38&ecs=20220712&fsapi=false&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1657662913678&lmt=1644386353&dlt=1657662913489&idt=168&biw=-12245933&bih=-12245933&adxs=-12245933&adys=-12245933&ucis=v4hsp4lwlfwc&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&nhd=5&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Freurl.cc%2F&top=https%3A%2F%2Freurl.cc%2F&frm=8&vis=1&scr_x=-12245933&scr_y=-12245933&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1541884397.1657662914&ga_sid=1657662914&ga_hid=1261126834&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022070701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
d121eba58f832e8cd45826fd2d7b969acedfda2f1a96c34b602ba5d64cebf1a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:13 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
129
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
a2a5736ec106467a63cf005083d1428b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 477B
6 KB
4 KB
Document
General
Full URL
https://a2a5736ec106467a63cf005083d1428b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=5
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022070701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 12 Jul 2022 21:55:13 GMT
expires
Wed, 12 Jul 2023 21:55:13 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame B8C4
107 B
165 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022070701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 12 Jul 2022 21:55:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame B8C4
107 B
165 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022070701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 12 Jul 2022 21:55:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame B8C4
307 B
156 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4221218155780829&correlator=2231011893666860&eid=31068033%2C31068159%2C44768683%2C31060888%2C42531607%2C44764002&output=ldjh&gdfp_req=1&vrg=2022070701&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-38&ecs=20220712&fsapi=false&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1657662913698&lmt=1644386353&dlt=1657662913475&idt=216&biw=-12245933&bih=-12245933&adxs=-12245933&adys=-12245933&ucis=92wn7kff3vw4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&nhd=5&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Freurl.cc%2F&top=https%3A%2F%2Freurl.cc%2F&frm=8&vis=1&scr_x=-12245933&scr_y=-12245933&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=692651099.1657662914&ga_sid=1657662914&ga_hid=195072804&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022070701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
057c2a27aebfcd01f396e450f72b0b1d27670d82271ed662da9542fbe72dedc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:13 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
0bdff4dca86cb93601122d0736e65d6b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9651
6 KB
4 KB
Document
General
Full URL
https://0bdff4dca86cb93601122d0736e65d6b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=5
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022070701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 12 Jul 2022 21:55:13 GMT
expires
Wed, 12 Jul 2023 21:55:13 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 20CB
118 KB
39 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e9019ed1fd1ba9aba6b6a70e90f5aa2942069f027562cc216d474aa634b0049a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39956
x-xss-protection
0
server
cafe
etag
17347116133234087595
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 12 Jul 2022 21:55:13 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207070101/ Frame 8928
337 KB
118 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=reurl.cc
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
efd6f8f589304ffc61c1311d5249ff861286d6d09de7e2a9e8f775d2fc87301d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
121253
x-xss-protection
0
server
cafe
etag
10563044997656359479
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 12 Jul 2022 21:55:13 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207110101/ Frame 20CB
337 KB
119 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=reurl.cc&bust=31068381
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f8001c082d899150c59b339286316009cbd79bd92e3f01cd6d777cd7a3514f9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
121346
x-xss-protection
0
server
cafe
etag
6845186757540861378
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 12 Jul 2022 21:55:13 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame D828
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022070701&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022070701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6d33294f7ec1ca914eb692a244ee9fd71158ac9cfb9c225053edea975fce8ad6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 12 Jul 2022 21:55:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10865
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame B8C4
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022070701&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022070701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c08282bd0bea653137202471bf63aac6c84ec826405c9d9a80845a197ccb6d30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 12 Jul 2022 21:55:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11035
x-xss-protection
0
syncframe
gum.criteo.com/ Frame 0AAF
15 KB
6 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
5e5c9149be229df7c934f8cd1acf1b3cc9e04e29cbbe6cbe0e2d726e79930cff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
6144
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 12 Jul 2022 21:55:13 GMT
server-processing-duration-in-ticks
4349
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
cookie.js
partner.googleadservices.com/gampad/ Frame 8928
212 B
414 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=reurl.cc&callback=_gfp_s_&client=ca-pub-4485239425924787
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=reurl.cc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
7d770dd0312d980b1c50b891bb8760fe02ee14084f9dd7c4799172f55d7802f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
198
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 8928
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=reurl.cc
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=reurl.cc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 12 Jul 2022 21:55:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 8928
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=reurl.cc
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=reurl.cc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 12 Jul 2022 21:55:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame CCE8
24 KB
11 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242781&pi=t.ma~as.2784%2F12679&w=300&url=https%3A%2F%2Freurl.cc%2Fa7d82y&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657662913708&bpp=12&bdt=551&idt=102&shv=r20220707&mjsv=m202207070101&ptt=5&saldr=sa&correlator=8080358364842&frm=23&ife=1&pv=2&ga_vid=506623428.1657662910&ga_sid=1657662914&ga_hid=1049140368&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=622&biw=1600&bih=1200&isw=300&ish=250&ifk=292260424&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31068196%2C42531606%2C44764002&oid=2&pvsid=211708314825957&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.79slkodixdb3&fsb=1&dtd=120
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=reurl.cc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
929b41bcf001a8cbc7ad1065665b28ac38ead638e275a9f51aaa6d63e0c08182
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
11039
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Jul 2022 21:55:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame D828
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022070701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 12 Jul 2022 21:55:13 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame B8C4
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022070701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 12 Jul 2022 21:55:13 GMT
sid
mug.criteo.com/ Frame 0AAF
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=jD4v-XwzZVQvRk1UcXM1NDRTdVE3amxPUlVycXB1Lzd3clpLMFBxWnkxb250WWhaTExTTlEybEtkZDJlR05lV05ZV2F3MlVPRVdpUnJsZmZKZkpRMFBDTmJoN1R2b2ZSS0cwVmdnRndlNklvd2doNUxoaGUrQUc2QlBob0...
441 B
630 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=jD4v-XwzZVQvRk1UcXM1NDRTdVE3amxPUlVycXB1Lzd3clpLMFBxWnkxb250WWhaTExTTlEybEtkZDJlR05lV05ZV2F3MlVPRVdpUnJsZmZKZkpRMFBDTmJoN1R2b2ZSS0cwVmdnRndlNklvd2doNUxoaGUrQUc2QlBob0F2SmY4bFZvbTRTby9FMFRlTzdDK2FDMkd3TzlXazVoYkViY05GbVI5UUdzbU82VjQ0Z0F6cW9EanQ1V3pjb1JTQWNlWVVzQWZkRDBlOUdoR3dFUjNqQmN3Ym9kWlhNbDVoS2tkYmVXYzZVa2lZMVQ5Z2VjL1FCN1ZWa0RxVUZ1SDRnOHdvekE1RmVNMk14R3pBQ0F5T1JOUmp4NU9oZz09fA&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
83b8c12cb68a94e936c0fddbf17bdb48f0d2bbe95790e005fcc2e775c617dc24
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Jul 2022 21:55:13 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3232
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Tue, 12 Jul 2022 21:55:13 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=jD4v-XwzZVQvRk1UcXM1NDRTdVE3amxPUlVycXB1Lzd3clpLMFBxWnkxb250WWhaTExTTlEybEtkZDJlR05lV05ZV2F3MlVPRVdpUnJsZmZKZkpRMFBDTmJoN1R2b2ZSS0cwVmdnRndlNklvd2doNUxoaGUrQUc2QlBob0F2SmY4bFZvbTRTby9FMFRlTzdDK2FDMkd3TzlXazVoYkViY05GbVI5UUdzbU82VjQ0Z0F6cW9EanQ1V3pjb1JTQWNlWVVzQWZkRDBlOUdoR3dFUjNqQmN3Ym9kWlhNbDVoS2tkYmVXYzZVa2lZMVQ5Z2VjL1FCN1ZWa0RxVUZ1SDRnOHdvekE1RmVNMk14R3pBQ0F5T1JOUmp4NU9oZz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1572
content-length
541
expires
0
cookie.js
partner.googleadservices.com/gampad/ Frame 20CB
12 B
53 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=reurl.cc&callback=_gfp_s_&client=ca-pub-4485239425924787&cookie=ID%3D3cc102208e27bde4-225cf021cccd008f%3AT%3D1657662913%3ART%3D1657662913%3AS%3DALNI_MZUNffKHyNVxFLyrTiuCNybFQLiyQ
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=reurl.cc&bust=31068381
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 20CB
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=reurl.cc
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=reurl.cc&bust=31068381
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 12 Jul 2022 21:55:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 20CB
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=reurl.cc
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=reurl.cc&bust=31068381
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 12 Jul 2022 21:55:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 463C
25 KB
11 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242780&pi=t.ma~as.2784%2F13801&w=300&url=https%3A%2F%2Freurl.cc%2Fa7d82y&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657662913760&bpp=15&bdt=478&idt=121&shv=r20220707&mjsv=m202207110101&ptt=5&saldr=sa&cookie=ID%3D3cc102208e27bde4-225cf021cccd008f%3AT%3D1657662913%3ART%3D1657662913%3AS%3DALNI_MZUNffKHyNVxFLyrTiuCNybFQLiyQ&correlator=8080358364842&frm=23&ife=1&pv=1&ga_vid=506623428.1657662910&ga_sid=1657662914&ga_hid=1848984361&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=622&biw=1600&bih=1200&isw=300&ish=250&ifk=1249474335&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44768326%2C44766558%2C31068381%2C42531606%2C42531607&oid=2&pvsid=4177307337193708&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.cawfm9i5ivpc&fsb=1&dtd=137
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=reurl.cc&bust=31068381
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7bdac8b4ebc3b5ca04c134d8b2582b09133a77e2aeddbaaeb3695afe911b3f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
11528
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Jul 2022 21:55:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C9D0
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
9208
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 12 Jul 2022 19:21:45 GMT
expires
Wed, 12 Jul 2023 19:21:45 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame A5FD
783 B
535 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
cc94d938dc746568368a1c75eb7b0776a3e28a591d18796dcd85714d322030d7
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-HEjzCr5-19_I3dQyrySH3w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-HEjzCr5-19_I3dQyrySH3w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 12 Jul 2022 21:55:13 GMT
expires
Tue, 12 Jul 2022 21:55:13 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
syncframe
gum.criteo.com/ Frame ADFF
15 KB
6 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
5e5c9149be229df7c934f8cd1acf1b3cc9e04e29cbbe6cbe0e2d726e79930cff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
6144
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 12 Jul 2022 21:55:13 GMT
server-processing-duration-in-ticks
3721
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
syncframe
gum.criteo.com/ Frame FC2A
15 KB
6 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
5e5c9149be229df7c934f8cd1acf1b3cc9e04e29cbbe6cbe0e2d726e79930cff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
6144
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 12 Jul 2022 21:55:13 GMT
server-processing-duration-in-ticks
3568
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
syncframe
gum.criteo.com/ Frame 7A2D
15 KB
6 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
5e5c9149be229df7c934f8cd1acf1b3cc9e04e29cbbe6cbe0e2d726e79930cff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
6144
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 12 Jul 2022 21:55:13 GMT
server-processing-duration-in-ticks
3602
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 04A3
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
9208
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 12 Jul 2022 19:21:45 GMT
expires
Wed, 12 Jul 2023 19:21:45 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 101C
783 B
536 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
034799beff3138996bea9f5581e7b5e115db284153f6f02b182d7bfeda60119f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-RHA6Fgwl09jOrSJgo5oDVQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-RHA6Fgwl09jOrSJgo5oDVQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 12 Jul 2022 21:55:13 GMT
expires
Tue, 12 Jul 2022 21:55:13 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sid
mug.criteo.com/ Frame ADFF
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=mSE2_F8xS0N2UVZDWXdyNnU0d1ByYnlIY3U2NmVJU1N3JTJCJTJGcXNmN0VtVXc0bCUyRjhPMUJhJTJCZV...
  • https://mug.criteo.com/sid?cpp=5Rhx83xpTlA3d0l5T1ZQbUx4N3RpbytGRTdQZ2M4RlNKV0VlMHZ5WVlTRUtRa1ZWMFJTcFpBaUpuMGFMbXNOTEV0Visxc1JLVk9la1J2QXF4elp2RXVXdUcxUDFwV1lEbTR1eUxUTURRdE93V1ZpT1BjT0tEaldJR2s1TS...
431 B
628 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=5Rhx83xpTlA3d0l5T1ZQbUx4N3RpbytGRTdQZ2M4RlNKV0VlMHZ5WVlTRUtRa1ZWMFJTcFpBaUpuMGFMbXNOTEV0Visxc1JLVk9la1J2QXF4elp2RXVXdUcxUDFwV1lEbTR1eUxUTURRdE93V1ZpT1BjT0tEaldJR2s1TS9Jdy9jeEZlaEF4RjFYMUYxRGRRNXNXblA3dk9DOTEwcnNEdG9vdS9JTWNPRmV5SkZISkpGdEdlbXVqWFlyTWV0bUR6dldkbmd4NXc3OGwyOEN2Mnh5cmVENVc0QXlIQzRFaHkybWMzK283d241KzFDcmsxWWRBTEZqeFl5Ly81UmN4ZjY3eE4wY1YzZ2NIRjRtVHFrMUx5dnpubi9Ec3hSajlhM2M3M0RYL1Eyd0MxVHlCZz18&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
22fed8464a37b0a94a7bc227d742be06449647ea714c7b70a659f07c662e2f8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Jul 2022 21:55:13 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3704
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Tue, 12 Jul 2022 21:55:13 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=5Rhx83xpTlA3d0l5T1ZQbUx4N3RpbytGRTdQZ2M4RlNKV0VlMHZ5WVlTRUtRa1ZWMFJTcFpBaUpuMGFMbXNOTEV0Visxc1JLVk9la1J2QXF4elp2RXVXdUcxUDFwV1lEbTR1eUxUTURRdE93V1ZpT1BjT0tEaldJR2s1TS9Jdy9jeEZlaEF4RjFYMUYxRGRRNXNXblA3dk9DOTEwcnNEdG9vdS9JTWNPRmV5SkZISkpGdEdlbXVqWFlyTWV0bUR6dldkbmd4NXc3OGwyOEN2Mnh5cmVENVc0QXlIQzRFaHkybWMzK283d241KzFDcmsxWWRBTEZqeFl5Ly81UmN4ZjY3eE4wY1YzZ2NIRjRtVHFrMUx5dnpubi9Ec3hSajlhM2M3M0RYL1Eyd0MxVHlCZz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1881
content-length
567
expires
0
sid
mug.criteo.com/ Frame FC2A
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=mSE2_F8xS0N2UVZDWXdyNnU0d1ByYnlIY3U2NmVJU1N3JTJCJTJGcXNmN0VtVXc0bCUyRjhPMUJhJTJCZV...
  • https://mug.criteo.com/sid?cpp=9sY5cXxEVm40SHk1ZSsxcStaY3JXVUgwTlg4Zkc4SXVyTmpoR2xIZ1JIa2xJNVhtd3dGT3FVdGVYNWoybGFPVForMnViTjF3Q3dLY1RGTC9kZHZWOWtIUEo5SFgrZDFhMW5LcnJHMjQrTEF0OGMrdnEvRGdLYitpRFR6Tl...
425 B
626 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=9sY5cXxEVm40SHk1ZSsxcStaY3JXVUgwTlg4Zkc4SXVyTmpoR2xIZ1JIa2xJNVhtd3dGT3FVdGVYNWoybGFPVForMnViTjF3Q3dLY1RGTC9kZHZWOWtIUEo5SFgrZDFhMW5LcnJHMjQrTEF0OGMrdnEvRGdLYitpRFR6TlZaUHdvN2lMelJEdzlGb05rbFdyMUZQSHJjZk10dmpnUHpHOFVWQ21oOU1yWTl2MDQ5dnNLcVI1emxsQkd5SStWR2R3RGZ3aFBzOGhUUVRvY3dyZ2RYejZNWDQ1b05XWnltVzQwcU1VelFNTmkxMG45SkQ0dmRxaEdjaU55Y2RTeWNyWGVJbXJhZlhZTE83S0VILzBDQTBmUm5TV2VJcFQvT3BxSGtCakt4Z09ZT3ZyVUxTZz18&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
c36d8a2309a9e38e7e3672f4374a1a43a5d6ac15e33b5e7784d374b9deda3899
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Jul 2022 21:55:13 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3765
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Tue, 12 Jul 2022 21:55:13 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=9sY5cXxEVm40SHk1ZSsxcStaY3JXVUgwTlg4Zkc4SXVyTmpoR2xIZ1JIa2xJNVhtd3dGT3FVdGVYNWoybGFPVForMnViTjF3Q3dLY1RGTC9kZHZWOWtIUEo5SFgrZDFhMW5LcnJHMjQrTEF0OGMrdnEvRGdLYitpRFR6TlZaUHdvN2lMelJEdzlGb05rbFdyMUZQSHJjZk10dmpnUHpHOFVWQ21oOU1yWTl2MDQ5dnNLcVI1emxsQkd5SStWR2R3RGZ3aFBzOGhUUVRvY3dyZ2RYejZNWDQ1b05XWnltVzQwcU1VelFNTmkxMG45SkQ0dmRxaEdjaU55Y2RTeWNyWGVJbXJhZlhZTE83S0VILzBDQTBmUm5TV2VJcFQvT3BxSGtCakt4Z09ZT3ZyVUxTZz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1623
content-length
567
expires
0
sid
mug.criteo.com/ Frame 7A2D
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=mSE2_F8xS0N2UVZDWXdyNnU0d1ByYnlIY3U2NmVJU1N3JTJCJTJGcXNmN0VtVXc0bCUyRjhPMUJhJTJCZV...
  • https://mug.criteo.com/sid?cpp=Rwt-THxrVEphRTRXbnVPaG9WaHZuc1pTWCtPOWcyd2Vsc0IvbERVdjRPdE5XdWtkWWUyMGV2dm04akhkanIyRFAxdllrUjdTRDVHZkYrVFdSOU5jQ1RpTDB0SkovaHo3RlVsZDhXa3dUS1JyWjF1QXRUSGtoWkFZU3hsUn...
430 B
631 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=Rwt-THxrVEphRTRXbnVPaG9WaHZuc1pTWCtPOWcyd2Vsc0IvbERVdjRPdE5XdWtkWWUyMGV2dm04akhkanIyRFAxdllrUjdTRDVHZkYrVFdSOU5jQ1RpTDB0SkovaHo3RlVsZDhXa3dUS1JyWjF1QXRUSGtoWkFZU3hsUnpzcmpCVlhpeGhKQW1OMFBKL2p4aXBtZHV6UC9QcjM4aU9SZ2U2bll5ZGtmMVRRbk85b2ErTnYxaS9PaTdkYngxZDlYOHBQU0FjRmFjaWpPNE5lRkNDZlpMdmZXbFM1U0ExMXJ4WjBEUU1NNnNWYytKRk1CQ2xLUklreEs5bmhhUXJWaEVhZ2dDUTdGcmZPSWVsYmYramlicWErd29GdVRXbDJmM3NZM0twc3B6R2VvRjVrWT18&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
2f98df60367c67102212d8bff64f64d9e20f69cc2dcd81c833df644b9961304f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Jul 2022 21:55:13 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3281
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Tue, 12 Jul 2022 21:55:13 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=Rwt-THxrVEphRTRXbnVPaG9WaHZuc1pTWCtPOWcyd2Vsc0IvbERVdjRPdE5XdWtkWWUyMGV2dm04akhkanIyRFAxdllrUjdTRDVHZkYrVFdSOU5jQ1RpTDB0SkovaHo3RlVsZDhXa3dUS1JyWjF1QXRUSGtoWkFZU3hsUnpzcmpCVlhpeGhKQW1OMFBKL2p4aXBtZHV6UC9QcjM4aU9SZ2U2bll5ZGtmMVRRbk85b2ErTnYxaS9PaTdkYngxZDlYOHBQU0FjRmFjaWpPNE5lRkNDZlpMdmZXbFM1U0ExMXJ4WjBEUU1NNnNWYytKRk1CQ2xLUklreEs5bmhhUXJWaEVhZ2dDUTdGcmZPSWVsYmYramlicWErd29GdVRXbDJmM3NZM0twc3B6R2VvRjVrWT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1596
content-length
567
expires
0
sodar
pagead2.googlesyndication.com/pagead/ Frame A5FD
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022070701&jk=366649011051637&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

sodar
pagead2.googlesyndication.com/pagead/ Frame 101C
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022070701&jk=4221218155780829&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

k_X99N4Bu7LAEiAV5XH-2E-AmSxVmuYLUAxNMPpeAtI.js
pagead2.googlesyndication.com/bg/ Frame 04A3
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/k_X99N4Bu7LAEiAV5XH-2E-AmSxVmuYLUAxNMPpeAtI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93f5fdf4de01bbb2c0122015e571fed84f80992c559ae60b500c4d30fa5e02d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 05:56:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
57497
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13978
x-xss-protection
0
last-modified
Fri, 01 Jul 2022 16:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 12 Jul 2023 05:56:57 GMT
k_X99N4Bu7LAEiAV5XH-2E-AmSxVmuYLUAxNMPpeAtI.js
pagead2.googlesyndication.com/bg/ Frame C9D0
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/k_X99N4Bu7LAEiAV5XH-2E-AmSxVmuYLUAxNMPpeAtI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93f5fdf4de01bbb2c0122015e571fed84f80992c559ae60b500c4d30fa5e02d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 05:56:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
57497
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13978
x-xss-protection
0
last-modified
Fri, 01 Jul 2022 16:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 12 Jul 2023 05:56:57 GMT
generate_204
tpc.googlesyndication.com/ Frame C9D0
0
9 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?xaWM9g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:14 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 04A3
0
9 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?niRxjg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:14 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame CCE8
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242781&pi=t.ma~as.2784%2F12679&w=300&url=https%3A%2F%2Freurl.cc%2Fa7d82y&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657662913708&bpp=12&bdt=551&idt=102&shv=r20220707&mjsv=m202207070101&ptt=5&saldr=sa&correlator=8080358364842&frm=23&ife=1&pv=2&ga_vid=506623428.1657662910&ga_sid=1657662914&ga_hid=1049140368&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=622&biw=1600&bih=1200&isw=300&ish=250&ifk=292260424&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31068196%2C42531606%2C44764002&oid=2&pvsid=211708314825957&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.79slkodixdb3&fsb=1&dtd=120
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:44:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
670
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Jul 2022 21:44:04 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CCE8
138 KB
43 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242781&pi=t.ma~as.2784%2F12679&w=300&url=https%3A%2F%2Freurl.cc%2Fa7d82y&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657662913708&bpp=12&bdt=551&idt=102&shv=r20220707&mjsv=m202207070101&ptt=5&saldr=sa&correlator=8080358364842&frm=23&ife=1&pv=2&ga_vid=506623428.1657662910&ga_sid=1657662914&ga_hid=1049140368&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=622&biw=1600&bih=1200&isw=300&ish=250&ifk=292260424&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31068196%2C42531606%2C44764002&oid=2&pvsid=211708314825957&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.79slkodixdb3&fsb=1&dtd=120
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94bb701b663858b8e7a5ddc1e26d2cae7e41834df854b2af83de6eafc9eaaec7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43266
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1657539323716025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 12 Jul 2022 21:55:14 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame CCE8
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242781&pi=t.ma~as.2784%2F12679&w=300&url=https%3A%2F%2Freurl.cc%2Fa7d82y&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657662913708&bpp=12&bdt=551&idt=102&shv=r20220707&mjsv=m202207070101&ptt=5&saldr=sa&correlator=8080358364842&frm=23&ife=1&pv=2&ga_vid=506623428.1657662910&ga_sid=1657662914&ga_hid=1049140368&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=622&biw=1600&bih=1200&isw=300&ish=250&ifk=292260424&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31068196%2C42531606%2C44764002&oid=2&pvsid=211708314825957&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.79slkodixdb3&fsb=1&dtd=120
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:54:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7309
x-xss-protection
0
server
cafe
etag
16921397534319471551
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Jul 2022 21:54:59 GMT
l
www.google.com/ads/measurement/ Frame CCE8
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTIfERB0TRLOOfCeUQHjJ-Lz3dFSgAZv5WNIeumGVtf7HnH3A1NNqsuubBPbKIxglid-QrSHTmrpPkMn4wdvZeB0z8eiw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242781&pi=t.ma~as.2784%2F12679&w=300&url=https%3A%2F%2Freurl.cc%2Fa7d82y&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657662913708&bpp=12&bdt=551&idt=102&shv=r20220707&mjsv=m202207070101&ptt=5&saldr=sa&correlator=8080358364842&frm=23&ife=1&pv=2&ga_vid=506623428.1657662910&ga_sid=1657662914&ga_hid=1049140368&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=622&biw=1600&bih=1200&isw=300&ish=250&ifk=292260424&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31068196%2C42531606%2C44764002&oid=2&pvsid=211708314825957&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.79slkodixdb3&fsb=1&dtd=120
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

json
gum.criteo.com/sid/ Frame
0
0
Preflight
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://img.scupio.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://img.scupio.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 12 Jul 2022 21:55:13 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1169
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame D698
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=-1xt53xwS2ZqaWExQ0FuM09PckwxbHUwZGdNbm9hNUdhTGZaRGw0WmdsNnM3TmFCVTRmOUNjR0NwNW9lN2Z0ZDFPTExtZEprVzZ4bEJ4VVo2MU9vY3hteWMyMWJ4TlR5L1gvZi9tR3NlbEh5ckdIY2VvWFlQN1kxVGlaT1...
406 B
660 B
XHR
General
Full URL
https://mug.criteo.com/sid?cpp=-1xt53xwS2ZqaWExQ0FuM09PckwxbHUwZGdNbm9hNUdhTGZaRGw0WmdsNnM3TmFCVTRmOUNjR0NwNW9lN2Z0ZDFPTExtZEprVzZ4bEJ4VVo2MU9vY3hteWMyMWJ4TlR5L1gvZi9tR3NlbEh5ckdIY2VvWFlQN1kxVGlaT1BGbE1TS0NwdjZXaEJyR29CNjE0aEFWSFkrL1NyUVRldk1mMUJ6SjF2bXQwTi9ZMjFkL1AzY1F4K3FwdzdaL3B6VkQ1emQ1K2NERTAwSUpiRjdPYW1pQS81SWFRSjQvRGxOdHlJbVZRS0dackVwYUlXcWw5WC9MWWFiY041S1QxVWhXOXlDdUI5OG5yaXdZZE1wYjQvSHVybW5raXVYdmdFWGxCekNkblZaUnU2KzZiU3VIVT18&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
a24e1c0a3422c528d6b56e8e0ee84760ae1ab49e80332f431ab606a73f552b95
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Jul 2022 21:55:13 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3177
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Tue, 12 Jul 2022 21:55:13 GMT
location
https://mug.criteo.com/sid?cpp=-1xt53xwS2ZqaWExQ0FuM09PckwxbHUwZGdNbm9hNUdhTGZaRGw0WmdsNnM3TmFCVTRmOUNjR0NwNW9lN2Z0ZDFPTExtZEprVzZ4bEJ4VVo2MU9vY3hteWMyMWJ4TlR5L1gvZi9tR3NlbEh5ckdIY2VvWFlQN1kxVGlaT1BGbE1TS0NwdjZXaEJyR29CNjE0aEFWSFkrL1NyUVRldk1mMUJ6SjF2bXQwTi9ZMjFkL1AzY1F4K3FwdzdaL3B6VkQ1emQ1K2NERTAwSUpiRjdPYW1pQS81SWFRSjQvRGxOdHlJbVZRS0dackVwYUlXcWw5WC9MWWFiY041S1QxVWhXOXlDdUI5OG5yaXdZZE1wYjQvSHVybW5raXVYdmdFWGxCekNkblZaUnU2KzZiU3VIVT18&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://img.scupio.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1325
content-length
567
expires
0
adview
googleads.g.doubleclick.net/pagead/ Frame CCE8
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cw86Twe3NYoOTNoPMYZ2BjfAOyZ7SsVzVnZH3cMCNtwEQASAAYJWCsYK4B4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJygqnEJ-SwPqgDAaoEqAFP0PfSaHoXs9t1VkHokGNMw0ul7ebAu8DFo3hHo0vYmPTo6GzsIqIl7WP6OQ0YLbXm0HnR73GA5Ebx1xiXlYnaqQInq3q4JS2slCFK4cYPnYLxVNWuAIJq2ccuGYZgY0iqmTECEzwiw6wyeSfIw-vZA_14IGUjJTCg0DghBtLQUqLn-IE1N9DzzTkk-Cp4O7XXjH7-Fd8tz7Mc8uak3ugOTXjZD79QeBaABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNDQ4NTIzOTQyNTkyNDc4NxjizBk&sigh=uYIvGLdmxEA&uach_m=[UACH]&cid=CAQSKQCNIrLMOlAlunDLRuiuhjzBcdwwPe-jrvHtmRrHVLsw7jOFka-qzbgXGAE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242781&pi=t.ma~as.2784%2F12679&w=300&url=https%3A%2F%2Freurl.cc%2Fa7d82y&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657662913708&bpp=12&bdt=551&idt=102&shv=r20220707&mjsv=m202207070101&ptt=5&saldr=sa&correlator=8080358364842&frm=23&ife=1&pv=2&ga_vid=506623428.1657662910&ga_sid=1657662914&ga_hid=1049140368&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=622&biw=1600&bih=1200&isw=300&ish=250&ifk=292260424&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31068196%2C42531606%2C44764002&oid=2&pvsid=211708314825957&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.79slkodixdb3&fsb=1&dtd=120
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242781&pi=t.ma~as.2784%2F12679&w=300&url=https%3A%2F%2Freurl.cc%2Fa7d82y&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657662913708&bpp=12&bdt=551&idt=102&shv=r20220707&mjsv=m202207070101&ptt=5&saldr=sa&correlator=8080358364842&frm=23&ife=1&pv=2&ga_vid=506623428.1657662910&ga_sid=1657662914&ga_hid=1049140368&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=622&biw=1600&bih=1200&isw=300&ish=250&ifk=292260424&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31068196%2C42531606%2C44764002&oid=2&pvsid=211708314825957&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.79slkodixdb3&fsb=1&dtd=120
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Tue, 12 Jul 2022 21:55:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
notify
rtb.fr.eu.criteo.com/google/auction/ Frame CCE8
0
0
Fetch
General
Full URL
https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=k-b8EMc1rAL6AZ2DYgICAAAAITkBDAJb7ojm5PwhZTckQRDB7c1iCwBBRA1RZ52qlEYAEgAA&wp=Ys3twQANiYMKGGYDAANAnd6tmykkqPeBV6Jsxg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242781&pi=t.ma~as.2784%2F12679&w=300&url=https%3A%2F%2Freurl.cc%2Fa7d82y&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657662913708&bpp=12&bdt=551&idt=102&shv=r20220707&mjsv=m202207070101&ptt=5&saldr=sa&correlator=8080358364842&frm=23&ife=1&pv=2&ga_vid=506623428.1657662910&ga_sid=1657662914&ga_hid=1049140368&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=622&biw=1600&bih=1200&isw=300&ish=250&ifk=292260424&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31068196%2C42531606%2C44764002&oid=2&pvsid=211708314825957&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.79slkodixdb3&fsb=1&dtd=120
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:13 GMT
server
Kestrel
server-processing-duration-in-ticks
230526
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame 7F64
210 KB
60 KB
Document
General
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Ys3twQANiYMKGGYDAANAnd6tmykkqPeBV6Jsxg&u=%7CCmiiIZhd23Q9I9MUulsxggyO4M061lOUfBwyQk3FmD8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZetDT5vPMn_ZEttGy6HYLo44Q7wBABmby2W-T5O746N8P0q9kq_L8VKQv5jVSCUz2AXuPgoFJHy2jZu8sbvMU7Gm30qtzpVR-sYccEkLs8MP3noKBk1Cfb1UDI85EcCKZ6s7kNMzNCP0p3EUBr8OHjd3LDoL7zVXHF1PYfxP7ZRc66BNlSlPPnYfwkvHYwgRMLsr1Wyl0vn2yTacQy7_IvYUmj5ZT9QVK3ydcQ_XjW7E6xnXCSRDTQ8QCsbiMHz8WEtkYydXsvFlXlT93DZrDRGTHyOoJ8khucJVuc7iBLo4zHgmIAJcJ7ORVXOztnaxEOC4DbKHrCRXPEBLwwmQpBpiaifqs7BKIsPyHPpzSAciZT4r9ifcTOIXUWnY9sbRmNw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtG8Bwe3NYoOTNoPMYZ2BjfAOyZ7SsVzVnZH3cMCNtwEQASAAYJWCsYK4B4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJygqnEJ-SwPqgDAaoEqwFP0PfSaHoXs9t1VkHokGNMw0ul7ebAu8DFo3hHo0vYmPTo6GzsIqIl7WP6OQ0YLbXm0HnR73GA5Ebx1xiXlYnaqQInq3q4JS2slCFK4cYPnYLxVNWuAIJq2ccuGYZgY0iqmTECEzwiw6wyeSfIw-vZA_14IGUjJTCg0DghBtLQUqLnuoMUpVd8USqbZD7b64hxdHfqH2kn4aueRi6ZeBqxU1TBihXUa6n-CtWABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0nzf1e3139oPOub3_K1ts4m9Jokw%26client%3Dca-pub-4485239425924787%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242781&pi=t.ma~as.2784%2F12679&w=300&url=https%3A%2F%2Freurl.cc%2Fa7d82y&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657662913708&bpp=12&bdt=551&idt=102&shv=r20220707&mjsv=m202207070101&ptt=5&saldr=sa&correlator=8080358364842&frm=23&ife=1&pv=2&ga_vid=506623428.1657662910&ga_sid=1657662914&ga_hid=1049140368&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=622&biw=1600&bih=1200&isw=300&ish=250&ifk=292260424&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31068196%2C42531606%2C44764002&oid=2&pvsid=211708314825957&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.79slkodixdb3&fsb=1&dtd=120
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
bd5029a12ba03aa7db6189edf7cc2c33a008aaec1e3b10fce29d453e61124e9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Tue, 12 Jul 2022 21:55:13 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=W-8ZNwcullyWXfF__Qx3xT0pfJ2Wrhlv6CeGs975tkzmstFZf0Twxp9D7jjvmr-l6pflNnwha5mnvf7scL37w2X1XDvQMaqkxvaxnwVKi1bZFMfezdL8WSr0F4ktyrr5zGIY_jKdxPboVyjrxMRy-T26jCuWlPg9cd0RKsJ-R3blFeFszzdMGuGkoqIzDuWYfWwR4JczfY4wridNzxUV9fcYCkmaHSJm_b9J-6CvvCf-EDj-8rEoyaz2PUSU2F4hhrsc0g"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
138888431
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 2BC7
1 KB
749 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242781&pi=t.ma~as.2784%2F12679&w=300&url=https%3A%2F%2Freurl.cc%2Fa7d82y&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657662913708&bpp=12&bdt=551&idt=102&shv=r20220707&mjsv=m202207070101&ptt=5&saldr=sa&correlator=8080358364842&frm=23&ife=1&pv=2&ga_vid=506623428.1657662910&ga_sid=1657662914&ga_hid=1049140368&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=622&biw=1600&bih=1200&isw=300&ish=250&ifk=292260424&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31068196%2C42531606%2C44764002&oid=2&pvsid=211708314825957&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.79slkodixdb3&fsb=1&dtd=120
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
57690
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Jul 2022 05:53:44 GMT
etag
48472445140208031
expires
Wed, 13 Jul 2022 05:53:44 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cm
c.holmesmind.com/ Frame D698
0
13 B
Image
General
Full URL
https://c.holmesmind.com/cm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:14 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
idSync
sync.aralego.com/ Frame D698
35 B
266 B
Image
General
Full URL
https://sync.aralego.com/idSync
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.115.117.82 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 12 Jul 2022 21:55:14 GMT
Connection
close
Content-Length
35
Content-Type
image/gif
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame 463C
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242780&pi=t.ma~as.2784%2F13801&w=300&url=https%3A%2F%2Freurl.cc%2Fa7d82y&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657662913760&bpp=15&bdt=478&idt=121&shv=r20220707&mjsv=m202207110101&ptt=5&saldr=sa&cookie=ID%3D3cc102208e27bde4-225cf021cccd008f%3AT%3D1657662913%3ART%3D1657662913%3AS%3DALNI_MZUNffKHyNVxFLyrTiuCNybFQLiyQ&correlator=8080358364842&frm=23&ife=1&pv=1&ga_vid=506623428.1657662910&ga_sid=1657662914&ga_hid=1848984361&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=622&biw=1600&bih=1200&isw=300&ish=250&ifk=1249474335&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44768326%2C44766558%2C31068381%2C42531606%2C42531607&oid=2&pvsid=4177307337193708&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.cawfm9i5ivpc&fsb=1&dtd=137
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:44:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
670
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Jul 2022 21:44:04 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 463C
138 KB
42 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242780&pi=t.ma~as.2784%2F13801&w=300&url=https%3A%2F%2Freurl.cc%2Fa7d82y&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657662913760&bpp=15&bdt=478&idt=121&shv=r20220707&mjsv=m202207110101&ptt=5&saldr=sa&cookie=ID%3D3cc102208e27bde4-225cf021cccd008f%3AT%3D1657662913%3ART%3D1657662913%3AS%3DALNI_MZUNffKHyNVxFLyrTiuCNybFQLiyQ&correlator=8080358364842&frm=23&ife=1&pv=1&ga_vid=506623428.1657662910&ga_sid=1657662914&ga_hid=1848984361&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=622&biw=1600&bih=1200&isw=300&ish=250&ifk=1249474335&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44768326%2C44766558%2C31068381%2C42531606%2C42531607&oid=2&pvsid=4177307337193708&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.cawfm9i5ivpc&fsb=1&dtd=137
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94bb701b663858b8e7a5ddc1e26d2cae7e41834df854b2af83de6eafc9eaaec7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43266
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1657539323716025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 12 Jul 2022 21:55:14 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame 463C
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242780&pi=t.ma~as.2784%2F13801&w=300&url=https%3A%2F%2Freurl.cc%2Fa7d82y&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657662913760&bpp=15&bdt=478&idt=121&shv=r20220707&mjsv=m202207110101&ptt=5&saldr=sa&cookie=ID%3D3cc102208e27bde4-225cf021cccd008f%3AT%3D1657662913%3ART%3D1657662913%3AS%3DALNI_MZUNffKHyNVxFLyrTiuCNybFQLiyQ&correlator=8080358364842&frm=23&ife=1&pv=1&ga_vid=506623428.1657662910&ga_sid=1657662914&ga_hid=1848984361&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=622&biw=1600&bih=1200&isw=300&ish=250&ifk=1249474335&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44768326%2C44766558%2C31068381%2C42531606%2C42531607&oid=2&pvsid=4177307337193708&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.cawfm9i5ivpc&fsb=1&dtd=137
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:54:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7309
x-xss-protection
0
server
cafe
etag
16921397534319471551
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Jul 2022 21:54:59 GMT
l
www.google.com/ads/measurement/ Frame 463C
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQJu4MPJBu0krcC5uNsFu4TdmFmZF7PYCPGn5_43UxYjJskpvAznDnb4g5_VgqAgnEezBqgI_kan8LybozBUDo9q5E4Lw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242780&pi=t.ma~as.2784%2F13801&w=300&url=https%3A%2F%2Freurl.cc%2Fa7d82y&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657662913760&bpp=15&bdt=478&idt=121&shv=r20220707&mjsv=m202207110101&ptt=5&saldr=sa&cookie=ID%3D3cc102208e27bde4-225cf021cccd008f%3AT%3D1657662913%3ART%3D1657662913%3AS%3DALNI_MZUNffKHyNVxFLyrTiuCNybFQLiyQ&correlator=8080358364842&frm=23&ife=1&pv=1&ga_vid=506623428.1657662910&ga_sid=1657662914&ga_hid=1848984361&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=622&biw=1600&bih=1200&isw=300&ish=250&ifk=1249474335&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44768326%2C44766558%2C31068381%2C42531606%2C42531607&oid=2&pvsid=4177307337193708&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.cawfm9i5ivpc&fsb=1&dtd=137
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

adview
googleads.g.doubleclick.net/pagead/ Frame 463C
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CiO-0we3NYs7jOI7XYuq7h1DJntKxXNWdkfdwwI23ARABIABglYKxgrgHggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODegAdW20uoDyAEJqQJygqnEJ-SwPqgDAaoEpwFP0AGoAj1zAVYbAoIVoKqosOFduvsoLZfSqu3q9Wn4AdgmdCSV3Dc3RQtZf9sUzdcAtGfib-VAjPQmVfYcjCI5web3Aw0Q3gUxyXxJ15BFI2Z9sUhUfTtYbbY_gDgHuxhvt2XZc1HR99H17_NVXRLAceB3eJxRYJ1d3TgqIQRgPHKm8iEm36Q9OSQDgYbmKPe6_eTeaoaHohItlqqLcLglelQ-Y9rmwIAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi00NDg1MjM5NDI1OTI0Nzg3GOLMGQ&sigh=YKZZD6iLO6E&uach_m=[UACH]&cid=CAQSOwCNIrLM0nnHPvWIdyhnACjQri6NHlHqzXzClMoAlAOJaAVp6RmtpRY1R61DZ2lsxir8iv9fMiE0-S_iGAE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242780&pi=t.ma~as.2784%2F13801&w=300&url=https%3A%2F%2Freurl.cc%2Fa7d82y&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657662913760&bpp=15&bdt=478&idt=121&shv=r20220707&mjsv=m202207110101&ptt=5&saldr=sa&cookie=ID%3D3cc102208e27bde4-225cf021cccd008f%3AT%3D1657662913%3ART%3D1657662913%3AS%3DALNI_MZUNffKHyNVxFLyrTiuCNybFQLiyQ&correlator=8080358364842&frm=23&ife=1&pv=1&ga_vid=506623428.1657662910&ga_sid=1657662914&ga_hid=1848984361&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=622&biw=1600&bih=1200&isw=300&ish=250&ifk=1249474335&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44768326%2C44766558%2C31068381%2C42531606%2C42531607&oid=2&pvsid=4177307337193708&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.cawfm9i5ivpc&fsb=1&dtd=137
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242780&pi=t.ma~as.2784%2F13801&w=300&url=https%3A%2F%2Freurl.cc%2Fa7d82y&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657662913760&bpp=15&bdt=478&idt=121&shv=r20220707&mjsv=m202207110101&ptt=5&saldr=sa&cookie=ID%3D3cc102208e27bde4-225cf021cccd008f%3AT%3D1657662913%3ART%3D1657662913%3AS%3DALNI_MZUNffKHyNVxFLyrTiuCNybFQLiyQ&correlator=8080358364842&frm=23&ife=1&pv=1&ga_vid=506623428.1657662910&ga_sid=1657662914&ga_hid=1848984361&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=622&biw=1600&bih=1200&isw=300&ish=250&ifk=1249474335&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44768326%2C44766558%2C31068381%2C42531606%2C42531607&oid=2&pvsid=4177307337193708&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.cawfm9i5ivpc&fsb=1&dtd=137
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Tue, 12 Jul 2022 21:55:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
notify
rtb.nl.eu.criteo.com/google/auction/ Frame 463C
0
0
Fetch
General
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=k-b8EMc1rAL6AZ2DYgICAAAAITkBDAJb7ojm5PwhZTckQRDB7c1iY28n_HZA6B2Rw4UAEgAA&wp=Ys3twQAOMc4KGKuOAAHd6nG_7PjkNBaOQzHBbg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242780&pi=t.ma~as.2784%2F13801&w=300&url=https%3A%2F%2Freurl.cc%2Fa7d82y&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657662913760&bpp=15&bdt=478&idt=121&shv=r20220707&mjsv=m202207110101&ptt=5&saldr=sa&cookie=ID%3D3cc102208e27bde4-225cf021cccd008f%3AT%3D1657662913%3ART%3D1657662913%3AS%3DALNI_MZUNffKHyNVxFLyrTiuCNybFQLiyQ&correlator=8080358364842&frm=23&ife=1&pv=1&ga_vid=506623428.1657662910&ga_sid=1657662914&ga_hid=1848984361&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=622&biw=1600&bih=1200&isw=300&ish=250&ifk=1249474335&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44768326%2C44766558%2C31068381%2C42531606%2C42531607&oid=2&pvsid=4177307337193708&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.cawfm9i5ivpc&fsb=1&dtd=137
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:13 GMT
server
Kestrel
server-processing-duration-in-ticks
155922
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame 3301
209 KB
59 KB
Document
General
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Ys3twQAOMc4KGKuOAAHd6nG_7PjkNBaOQzHBbg&u=%7CgbXvUnTIjmxYqnIea1h%2B17RO7HQ%2BjkhQWVywWO5NG%2Bo%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZetDT5vPMn_ZEttGy6HYLo44Be4v-TrJ1I3cJAqZSbGfWkBfS_sQD7RDB88qACK3RrnT-i6XPEFsN42VcrRTa2HTcUsNQbqFa3Bx0xF9KzDm2MF3HxQAYlgbwIrlB5WBJzyPjJhx0dfU8NBJU2qEQ3Dt9y8O0ZeE6BVuIHmwUwmaGRZBgs-OXouzNhpdwfAlD7eJ1uXAEIuzk73GxY0Y6jwGcdbkG8qhe9fwSy3ae0qP6Y4eARky9py1cZzalDkWJa8nW-G-8ncdr0ycoF3GFXxjIBOt3hr3KFx3gQZNHfISgBQ6epj2ZN5BC5xU25PTxr1fMYk7CwgWDmtKvJa7_ObPda-1dEiLiBZrt47BeOep4dGM-7i9YXsat3ofYhPLhQNfEGmp9S-NG-6HO-hzRkB0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5xYAwe3NYs7jOI7XYuq7h1DJntKxXNWdkfdwwI23ARABIABglYKxgrgHggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODegAdW20uoDyAEJqQJygqnEJ-SwPqgDAaoEqgFP0AGoAj1zAVYbAoIVoKqosOFduvsoLZfSqu3q9Wn4AdgmdCSV3Dc3RQtZf9sUzdcAtGfib-VAjPQmVfYcjCI5web3Aw0Q3gUxyXxJ15BFI2Z9sUhUfTtYbbY_gDgHuxhvt2XZc1HR99H17_NVXRLAceB3eJxRYJ1d3TgqIQRgPHLk8AC0WCuhKpuflSU2FVFC9PDU3IypupCZXpctggc7Vky7yV71f4_Vr4AG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0HR42ql9YGLkrwSw0OfwXfqnkVEw%26client%3Dca-pub-4485239425924787%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242780&pi=t.ma~as.2784%2F13801&w=300&url=https%3A%2F%2Freurl.cc%2Fa7d82y&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657662913760&bpp=15&bdt=478&idt=121&shv=r20220707&mjsv=m202207110101&ptt=5&saldr=sa&cookie=ID%3D3cc102208e27bde4-225cf021cccd008f%3AT%3D1657662913%3ART%3D1657662913%3AS%3DALNI_MZUNffKHyNVxFLyrTiuCNybFQLiyQ&correlator=8080358364842&frm=23&ife=1&pv=1&ga_vid=506623428.1657662910&ga_sid=1657662914&ga_hid=1848984361&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=622&biw=1600&bih=1200&isw=300&ish=250&ifk=1249474335&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44768326%2C44766558%2C31068381%2C42531606%2C42531607&oid=2&pvsid=4177307337193708&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.cawfm9i5ivpc&fsb=1&dtd=137
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ec03eae12ae1d3aa7eafbb764b7104e8f85b946bb7b241ab54ca34c1f0106139
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Tue, 12 Jul 2022 21:55:13 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=lD7sEQcullyWXfF_i-IY_m-Oz0nIH1LER-mfsEnKsEPREMzTi3fabsx6Pu2NVtfUaLvg8pG4dAGBJho4loCWyoPC-OlfQeaA1vH7sw0oL16NvORv52zg9F-iYiLbYs_-YmIIY8MqF_b5yFRR_3zDIjve3BzUAx4-357ecvUw7ba9JYshWdEoxqs49iWKlS1CNo4kY_UDs54BBMPNEa4wwjPnsv92cj-cvuuKL8JAZ37rjdXP5Cwo_1atbZ8Zv-ZGeLJB-A"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
134916116
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 379F
1 KB
749 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242780&pi=t.ma~as.2784%2F13801&w=300&url=https%3A%2F%2Freurl.cc%2Fa7d82y&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657662913760&bpp=15&bdt=478&idt=121&shv=r20220707&mjsv=m202207110101&ptt=5&saldr=sa&cookie=ID%3D3cc102208e27bde4-225cf021cccd008f%3AT%3D1657662913%3ART%3D1657662913%3AS%3DALNI_MZUNffKHyNVxFLyrTiuCNybFQLiyQ&correlator=8080358364842&frm=23&ife=1&pv=1&ga_vid=506623428.1657662910&ga_sid=1657662914&ga_hid=1848984361&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=622&biw=1600&bih=1200&isw=300&ish=250&ifk=1249474335&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44768326%2C44766558%2C31068381%2C42531606%2C42531607&oid=2&pvsid=4177307337193708&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.cawfm9i5ivpc&fsb=1&dtd=137
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
57690
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Jul 2022 05:53:44 GMT
etag
48472445140208031
expires
Wed, 13 Jul 2022 05:53:44 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 2BC7
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELSRRGyPPH6Ra5SKomWwrrM&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELSRRGyPPH6Ra5SKomWwrrM&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aDBEMU95M3gxT2JuUUM1&google_gid=CAESELSRRGyPPH6Ra5SKomWwrrM&google_cver=1&google_push=AehlK4Cjpt5QCEau0te2s9zwaF_OVdeEjGh-IzgI3NEgomi...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aDBEMU95M3gxT2JuUUM1&google_gid=CAESELSRRGyPPH6Ra5SKomWwrrM&google_cver=1&google_push=AehlK4Cjpt5QCEau0te2s9zwaF_OVdeEjGh-IzgI3NEgomiwk81K2bzfZa3hZdcheWsRIlt8VUEinqbwQTBs_OFpAZCuqLyaQJE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242781&pi=t.ma~as.2784%2F12679&w=300&url=https%3A%2F%2Freurl.cc%2Fa7d82y&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657662913708&bpp=12&bdt=551&idt=102&shv=r20220707&mjsv=m202207070101&ptt=5&saldr=sa&correlator=8080358364842&frm=23&ife=1&pv=2&ga_vid=506623428.1657662910&ga_sid=1657662914&ga_hid=1049140368&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=622&biw=1600&bih=1200&isw=300&ish=250&ifk=292260424&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31068196%2C42531606%2C44764002&oid=2&pvsid=211708314825957&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.79slkodixdb3&fsb=1&dtd=120
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Jul 2022 21:55:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 12 Jul 2022 21:55:14 GMT
Server
PingMatch/658332f#658332fc5aaa95d8a9be88d89d84d3c319923363 i-0e0b7d4089fc3e73e@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aDBEMU95M3gxT2JuUUM1&google_gid=CAESELSRRGyPPH6Ra5SKomWwrrM&google_cver=1&google_push=AehlK4Cjpt5QCEau0te2s9zwaF_OVdeEjGh-IzgI3NEgomiwk81K2bzfZa3hZdcheWsRIlt8VUEinqbwQTBs_OFpAZCuqLyaQJE
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2BC7
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEH9fOF7oxFXcWOZl-Zk2-ZA&google_cver=1&google_push=AehlK4CdqveX4NIy79nDVfKwvTPRlQN43zFnyy05BieeUcBZroD5xNQUCPutzfR2uWOU_JrOJChVjj8afYVDMInKsA_mvBsmIQ
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0D83A353B7FB49278E551B318752CD43&google_push=AehlK4CdqveX4NIy79nDVfKwvTPRlQN43zFnyy05BieeUcBZroD5xNQUCPutzfR2uWOU_JrOJChVjj8afYVDMIn...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0D83A353B7FB49278E551B318752CD43&google_push=AehlK4CdqveX4NIy79nDVfKwvTPRlQN43zFnyy05BieeUcBZroD5xNQUCPutzfR2uWOU_JrOJChVjj8afYVDMInKsA_mvBsmIQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242781&pi=t.ma~as.2784%2F12679&w=300&url=https%3A%2F%2Freurl.cc%2Fa7d82y&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657662913708&bpp=12&bdt=551&idt=102&shv=r20220707&mjsv=m202207070101&ptt=5&saldr=sa&correlator=8080358364842&frm=23&ife=1&pv=2&ga_vid=506623428.1657662910&ga_sid=1657662914&ga_hid=1049140368&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=622&biw=1600&bih=1200&isw=300&ish=250&ifk=292260424&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31068196%2C42531606%2C44764002&oid=2&pvsid=211708314825957&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.79slkodixdb3&fsb=1&dtd=120
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Jul 2022 21:55:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 12 Jul 2022 21:55:14 GMT
x-content-type-options
nosniff
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0D83A353B7FB49278E551B318752CD43&google_push=AehlK4CdqveX4NIy79nDVfKwvTPRlQN43zFnyy05BieeUcBZroD5xNQUCPutzfR2uWOU_JrOJChVjj8afYVDMInKsA_mvBsmIQ
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Mon, 11 Jul 2022 21:55:14 GMT
google
match.adsrvr.org/track/cmf/ Frame 2BC7
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESECG3FS6hDchGj1FnlYztwZk&google_cver=1&google_push=AehlK4CfeitoQI3c2ENBGHCeo6WFEzXSYNk9TiZqSxLweFP5xSUvjLR8bORZAqQJxU16vQEsxREKHanSAUiuvZ-r9IzbRoh8Tck
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242781&pi=t.ma~as.2784%2F12679&w=300&url=https%3A%2F%2Freurl.cc%2Fa7d82y&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657662913708&bpp=12&bdt=551&idt=102&shv=r20220707&mjsv=m202207070101&ptt=5&saldr=sa&correlator=8080358364842&frm=23&ife=1&pv=2&ga_vid=506623428.1657662910&ga_sid=1657662914&ga_hid=1049140368&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=622&biw=1600&bih=1200&isw=300&ish=250&ifk=292260424&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31068196%2C42531606%2C44764002&oid=2&pvsid=211708314825957&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.79slkodixdb3&fsb=1&dtd=120
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Jul 2022 21:55:14 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 2BC7
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESENYpUJQKFIQ2Dku8t6Manc0&google_cver=1&google_push=AehlK4C8O9pLTNsJa-bOfVy7Z2SJ4aWwnlfOc7_ojRbEHqhfWwxsJ74s3xwZCdL_n5Vq6-pf815T3daNpeC...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AehlK4C8O9pLTNsJa-bOfVy7Z2SJ4aWwnlfOc7_ojRbEHqhfWwxsJ74s3xwZCdL_n5Vq6-pf815T3daNpeCXcuS5w0dPdLxEP8w&google_hm=OK8_VrFUSCGADt70lNj1r4Y
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AehlK4C8O9pLTNsJa-bOfVy7Z2SJ4aWwnlfOc7_ojRbEHqhfWwxsJ74s3xwZCdL_n5Vq6-pf815T3daNpeCXcuS5w0dPdLxEP8w&google_hm=OK8_VrFUSCGADt70lNj1r4Y
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242781&pi=t.ma~as.2784%2F12679&w=300&url=https%3A%2F%2Freurl.cc%2Fa7d82y&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657662913708&bpp=12&bdt=551&idt=102&shv=r20220707&mjsv=m202207070101&ptt=5&saldr=sa&correlator=8080358364842&frm=23&ife=1&pv=2&ga_vid=506623428.1657662910&ga_sid=1657662914&ga_hid=1049140368&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=622&biw=1600&bih=1200&isw=300&ish=250&ifk=292260424&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31068196%2C42531606%2C44764002&oid=2&pvsid=211708314825957&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.79slkodixdb3&fsb=1&dtd=120
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Jul 2022 21:55:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 12 Jul 2022 21:55:13 GMT
via
1.1 google
server
Apache-Coyote/1.1
status
302
p3p
CP="NOI DSP COR NID CUR OUR NOR"
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AehlK4C8O9pLTNsJa-bOfVy7Z2SJ4aWwnlfOc7_ojRbEHqhfWwxsJ74s3xwZCdL_n5Vq6-pf815T3daNpeCXcuS5w0dPdLxEP8w&google_hm=OK8_VrFUSCGADt70lNj1r4Y
cache-control
no-cache, must-revalidate
content-type
text/html;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
dot.gif
s0.2mdn.net/ Frame 2BC7
43 B
577 B
Image
General
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEI7TUJTGVPeVA2z7tNdhPEA&google_cver=1&google_push=AehlK4Ab8n6RLi67cBupchwyUfiB999vv6wh0rrS7ElqjCE81bFa_WLck4BEW1ejzs4fsNL5sNOTQjC7uORDqEXU3csuESWpqg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242781&pi=t.ma~as.2784%2F12679&w=300&url=https%3A%2F%2Freurl.cc%2Fa7d82y&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657662913708&bpp=12&bdt=551&idt=102&shv=r20220707&mjsv=m202207070101&ptt=5&saldr=sa&correlator=8080358364842&frm=23&ife=1&pv=2&ga_vid=506623428.1657662910&ga_sid=1657662914&ga_hid=1049140368&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=622&biw=1600&bih=1200&isw=300&ish=250&ifk=292260424&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31068196%2C42531606%2C44764002&oid=2&pvsid=211708314825957&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.79slkodixdb3&fsb=1&dtd=120
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Jul 2022 21:55:14 GMT
pixel
cm.g.doubleclick.net/ Frame 2BC7
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELqww80i5VorKFaX3iaY-J0&google_cver=1&google_push=AehlK4CZm6Iji95uBNoOX9NJ2dAWHFcxLfteGu7aMdKD93_Ymh2STp0UeDtCwaRBWEc9DJyX-th1K6ei...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESELqww80i5VorKFaX3iaY-J0&google_cver=1&google_push=AehlK4CZm6Iji95uBNoOX9NJ2dAWHFcxLfteGu7aMdKD93_Ymh2STp0UeDtCwaRBWEc9DJyX-th...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjAyMTkyODkzNzQ4MDk5MjU1MQ&google_push=AehlK4CZm6Iji95uBNoOX9NJ2dAWHFcxLfteGu7aMdKD93_Ymh2STp0UeDtCwaRBWEc9DJyX-th1K6...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjAyMTkyODkzNzQ4MDk5MjU1MQ&google_push=AehlK4CZm6Iji95uBNoOX9NJ2dAWHFcxLfteGu7aMdKD93_Ymh2STp0UeDtCwaRBWEc9DJyX-th1K6ei022dbNsU0VEkgeV2ATo
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242781&pi=t.ma~as.2784%2F12679&w=300&url=https%3A%2F%2Freurl.cc%2Fa7d82y&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657662913708&bpp=12&bdt=551&idt=102&shv=r20220707&mjsv=m202207070101&ptt=5&saldr=sa&correlator=8080358364842&frm=23&ife=1&pv=2&ga_vid=506623428.1657662910&ga_sid=1657662914&ga_hid=1049140368&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=622&biw=1600&bih=1200&isw=300&ish=250&ifk=292260424&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31068196%2C42531606%2C44764002&oid=2&pvsid=211708314825957&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.79slkodixdb3&fsb=1&dtd=120
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Jul 2022 21:55:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 12 Jul 2022 21:55:14 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjAyMTkyODkzNzQ4MDk5MjU1MQ&google_push=AehlK4CZm6Iji95uBNoOX9NJ2dAWHFcxLfteGu7aMdKD93_Ymh2STp0UeDtCwaRBWEc9DJyX-th1K6ei022dbNsU0VEkgeV2ATo
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 2BC7
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELqww80i5VorKFaX3iaY-J0&google_cver=1&google_push=AehlK4DIjIbH9U0Rxut04aQxKLWUkhZrVhUjuJxxlCgqpiYck7B7Dgpu6Q6gL6Xoh7eCCnWLFKVYzqYg...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESELqww80i5VorKFaX3iaY-J0&google_cver=1&google_push=AehlK4DIjIbH9U0Rxut04aQxKLWUkhZrVhUjuJxxlCgqpiYck7B7Dgpu6Q6gL6Xoh7eCCnWLFKV...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzkzMjYyMjk2Mzc2MTI1MTc2Ng&google_push=AehlK4DIjIbH9U0Rxut04aQxKLWUkhZrVhUjuJxxlCgqpiYck7B7Dgpu6Q6gL6Xoh7eCCnWLFKVYzq...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzkzMjYyMjk2Mzc2MTI1MTc2Ng&google_push=AehlK4DIjIbH9U0Rxut04aQxKLWUkhZrVhUjuJxxlCgqpiYck7B7Dgpu6Q6gL6Xoh7eCCnWLFKVYzqYgc3Uzk3mFQDikUwZtcX0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242781&pi=t.ma~as.2784%2F12679&w=300&url=https%3A%2F%2Freurl.cc%2Fa7d82y&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657662913708&bpp=12&bdt=551&idt=102&shv=r20220707&mjsv=m202207070101&ptt=5&saldr=sa&correlator=8080358364842&frm=23&ife=1&pv=2&ga_vid=506623428.1657662910&ga_sid=1657662914&ga_hid=1049140368&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=622&biw=1600&bih=1200&isw=300&ish=250&ifk=292260424&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31068196%2C42531606%2C44764002&oid=2&pvsid=211708314825957&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.79slkodixdb3&fsb=1&dtd=120
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Jul 2022 21:55:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 12 Jul 2022 21:55:14 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzkzMjYyMjk2Mzc2MTI1MTc2Ng&google_push=AehlK4DIjIbH9U0Rxut04aQxKLWUkhZrVhUjuJxxlCgqpiYck7B7Dgpu6Q6gL6Xoh7eCCnWLFKVYzqYgc3Uzk3mFQDikUwZtcX0
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame 2BC7
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K3FfHP7ZispZGO2Rhwodqk1O56XDIjFu8K0NmgQeLCqN5-LdMTfFR3t0EYyXpKTpgaHZr6
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242781&pi=t.ma~as.2784%2F12679&w=300&url=https%3A%2F%2Freurl.cc%2Fa7d82y&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657662913708&bpp=12&bdt=551&idt=102&shv=r20220707&mjsv=m202207070101&ptt=5&saldr=sa&correlator=8080358364842&frm=23&ife=1&pv=2&ga_vid=506623428.1657662910&ga_sid=1657662914&ga_hid=1049140368&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=622&biw=1600&bih=1200&isw=300&ish=250&ifk=292260424&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31068196%2C42531606%2C44764002&oid=2&pvsid=211708314825957&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.79slkodixdb3&fsb=1&dtd=120
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:14 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
/
google2waycm.netmng.com/cm/ Frame 379F
0
0

pixel
cm.g.doubleclick.net/ Frame 379F
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELSRRGyPPH6Ra5SKomWwrrM&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELSRRGyPPH6Ra5SKomWwrrM&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aDBEMU95M3gxT2JuUUM1&google_gid=CAESELSRRGyPPH6Ra5SKomWwrrM&google_cver=1&google_push=AehlK4D-MuGGDGexbMa47TedX4DsF_q4XuRb16r8VndzTYU...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aDBEMU95M3gxT2JuUUM1&google_gid=CAESELSRRGyPPH6Ra5SKomWwrrM&google_cver=1&google_push=AehlK4D-MuGGDGexbMa47TedX4DsF_q4XuRb16r8VndzTYUynqYmJ0k2cm1T_ciPgwGEB7QLCdYzVuvgvpS2xicfX4Bkq8uUk_w5
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242780&pi=t.ma~as.2784%2F13801&w=300&url=https%3A%2F%2Freurl.cc%2Fa7d82y&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657662913760&bpp=15&bdt=478&idt=121&shv=r20220707&mjsv=m202207110101&ptt=5&saldr=sa&cookie=ID%3D3cc102208e27bde4-225cf021cccd008f%3AT%3D1657662913%3ART%3D1657662913%3AS%3DALNI_MZUNffKHyNVxFLyrTiuCNybFQLiyQ&correlator=8080358364842&frm=23&ife=1&pv=1&ga_vid=506623428.1657662910&ga_sid=1657662914&ga_hid=1848984361&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=622&biw=1600&bih=1200&isw=300&ish=250&ifk=1249474335&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44768326%2C44766558%2C31068381%2C42531606%2C42531607&oid=2&pvsid=4177307337193708&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.cawfm9i5ivpc&fsb=1&dtd=137
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Jul 2022 21:55:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 12 Jul 2022 21:55:13 GMT
Server
PingMatch/658332f#658332fc5aaa95d8a9be88d89d84d3c319923363 i-046b02221141da501@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aDBEMU95M3gxT2JuUUM1&google_gid=CAESELSRRGyPPH6Ra5SKomWwrrM&google_cver=1&google_push=AehlK4D-MuGGDGexbMa47TedX4DsF_q4XuRb16r8VndzTYUynqYmJ0k2cm1T_ciPgwGEB7QLCdYzVuvgvpS2xicfX4Bkq8uUk_w5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 379F
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEM4Zqtcg3JJOAaKFGfs6rx4&google_cver=1&google_push=AehlK4B1zZsBUoN8luYfMWb_zJCHOd8GG2LdXKezHwXP5K2h9dNLAfUi-82q7rKMCADfDLLTRWrmgs_...
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=8&google_gid=CAESEM4Zqtcg3JJOAaKFGfs6rx4&google_cver=1&google_push=AehlK4B1zZsBUoN8luYfMWb_zJCHOd8GG2LdXKezHwXP5K2h9dNLAfUi-82q7rKMCADfD...
  • https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=aqIGR98jTI68VVTLTYqT-GLN7cI
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=aqIGR98jTI68VVTLTYqT-GLN7cI
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Jul 2022 21:55:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 12 Jul 2022 21:55:13 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=aqIGR98jTI68VVTLTYqT-GLN7cI
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame 379F
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Oe0NcKP3TOWQcf6gNpj0PA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Oe0NcKP3TOWQcf6gNpj0PA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AehlK4CbpiUYSFVt-ojv2qT8jHPB_EkNgsv_58flWzLV_iP8O3eZm585jPgRomFxJt-WP4a_o8VKD40edY0rTM5PawwdhATtoECl
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242780&pi=t.ma~as.2784%2F13801&w=300&url=https%3A%2F%2Freurl.cc%2Fa7d82y&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657662913760&bpp=15&bdt=478&idt=121&shv=r20220707&mjsv=m202207110101&ptt=5&saldr=sa&cookie=ID%3D3cc102208e27bde4-225cf021cccd008f%3AT%3D1657662913%3ART%3D1657662913%3AS%3DALNI_MZUNffKHyNVxFLyrTiuCNybFQLiyQ&correlator=8080358364842&frm=23&ife=1&pv=1&ga_vid=506623428.1657662910&ga_sid=1657662914&ga_hid=1848984361&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=622&biw=1600&bih=1200&isw=300&ish=250&ifk=1249474335&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44768326%2C44766558%2C31068381%2C42531606%2C42531607&oid=2&pvsid=4177307337193708&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.cawfm9i5ivpc&fsb=1&dtd=137
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Jul 2022 21:55:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Oe0NcKP3TOWQcf6gNpj0PA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AehlK4CbpiUYSFVt-ojv2qT8jHPB_EkNgsv_58flWzLV_iP8O3eZm585jPgRomFxJt-WP4a_o8VKD40edY0rTM5PawwdhATtoECl
date
Tue, 12 Jul 2022 21:55:14 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 379F
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPDgFHrCtpobYmVWnUj1Wbk&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEPDgFHrCtpobYmVWnUj1Wbk&google_push=Ae...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPDgFHrCtpobYmVWnUj1Wbk&google_hm=Ys3twjC9DFAk__CfUb-uvQAABLMAAAIB&google_nid=index&google_push=AehlK4A6UGx6iafkZeQh0iNe0I6sVP3Etonp-...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPDgFHrCtpobYmVWnUj1Wbk&google_hm=Ys3twjC9DFAk__CfUb-uvQAABLMAAAIB&google_nid=index&google_push=AehlK4A6UGx6iafkZeQh0iNe0I6sVP3Etonp-_WnbFaLn_gUNfk_taLgAqzBjTQhnJ4Oio7tBSJ4wUur0h-OWYrJTcswSWT83qSw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242780&pi=t.ma~as.2784%2F13801&w=300&url=https%3A%2F%2Freurl.cc%2Fa7d82y&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657662913760&bpp=15&bdt=478&idt=121&shv=r20220707&mjsv=m202207110101&ptt=5&saldr=sa&cookie=ID%3D3cc102208e27bde4-225cf021cccd008f%3AT%3D1657662913%3ART%3D1657662913%3AS%3DALNI_MZUNffKHyNVxFLyrTiuCNybFQLiyQ&correlator=8080358364842&frm=23&ife=1&pv=1&ga_vid=506623428.1657662910&ga_sid=1657662914&ga_hid=1848984361&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=622&biw=1600&bih=1200&isw=300&ish=250&ifk=1249474335&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44768326%2C44766558%2C31068381%2C42531606%2C42531607&oid=2&pvsid=4177307337193708&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.cawfm9i5ivpc&fsb=1&dtd=137
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Jul 2022 21:55:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 12 Jul 2022 21:55:14 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WmqcntP9QhgJgSiLc6OozCXbJ6vQTJhItZrU84s9FYilqDBRdtnGtcb%2F36UradjPjNlMAYnYCT52rn3qnU0oUhD9S5Kpp6cKVx6umXae5skD9yx9sDoc0Xb0OGO2j0prg08MvVqzkqxvVw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPDgFHrCtpobYmVWnUj1Wbk&google_hm=Ys3twjC9DFAk__CfUb-uvQAABLMAAAIB&google_nid=index&google_push=AehlK4A6UGx6iafkZeQh0iNe0I6sVP3Etonp-_WnbFaLn_gUNfk_taLgAqzBjTQhnJ4Oio7tBSJ4wUur0h-OWYrJTcswSWT83qSw
cache-control
no-cache
cf-ray
729d059e7ae5903d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 379F
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESECN3snThleedYZEahO-DW_0&google_cver=1&google_push=AehlK4AnoUVZj5FfHdUvXXZreP8nosEesmL7tDfwa0zfD26qpoGQ70ns81xecV2FKE_uSfBE4Z5a-JOvGTCjW0bb...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AehlK4AnoUVZj5FfHdUvXXZreP8nosEesmL7tDfwa0zfD26qpoGQ70ns81xecV2FKE_uSfBE4Z5a-JOvGTCjW0bbz4Ho9QoKH-YB
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AehlK4AnoUVZj5FfHdUvXXZreP8nosEesmL7tDfwa0zfD26qpoGQ70ns81xecV2FKE_uSfBE4Z5a-JOvGTCjW0bbz4Ho9QoKH-YB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242780&pi=t.ma~as.2784%2F13801&w=300&url=https%3A%2F%2Freurl.cc%2Fa7d82y&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657662913760&bpp=15&bdt=478&idt=121&shv=r20220707&mjsv=m202207110101&ptt=5&saldr=sa&cookie=ID%3D3cc102208e27bde4-225cf021cccd008f%3AT%3D1657662913%3ART%3D1657662913%3AS%3DALNI_MZUNffKHyNVxFLyrTiuCNybFQLiyQ&correlator=8080358364842&frm=23&ife=1&pv=1&ga_vid=506623428.1657662910&ga_sid=1657662914&ga_hid=1848984361&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=622&biw=1600&bih=1200&isw=300&ish=250&ifk=1249474335&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44768326%2C44766558%2C31068381%2C42531606%2C42531607&oid=2&pvsid=4177307337193708&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.cawfm9i5ivpc&fsb=1&dtd=137
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Jul 2022 21:55:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 12 Jul 2022 21:55:14 GMT
via
1.1 cf2071a2896a4f71dbfdbc521d554362.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P5
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AehlK4AnoUVZj5FfHdUvXXZreP8nosEesmL7tDfwa0zfD26qpoGQ70ns81xecV2FKE_uSfBE4Z5a-JOvGTCjW0bbz4Ho9QoKH-YB
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
5PaIOL014x3tASVNgQx2MEbvjwud1P56JtPYSE53WuwJ-IkF3e4xMQ==
pixel
cm.g.doubleclick.net/ Frame 379F
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEFRQ13DT0zcRq-I5P-aAvg4&google_cver=1&google_push=AehlK4B2EDHZhZ-lRp-4lj4-5IOpaLoSCPRukVdsaS0_HfLiXgYLeQgzqKe_Hhf44Sa15Mb-qMjR3BOVjb1W...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4B2EDHZhZ-lRp-4lj4-5IOpaLoSCPRukVdsaS0_HfLiXgYLeQgzqKe_Hhf44Sa15Mb-qMjR3BOVjb1WX4kwR4moF1_9SHw3
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4B2EDHZhZ-lRp-4lj4-5IOpaLoSCPRukVdsaS0_HfLiXgYLeQgzqKe_Hhf44Sa15Mb-qMjR3BOVjb1WX4kwR4moF1_9SHw3
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242780&pi=t.ma~as.2784%2F13801&w=300&url=https%3A%2F%2Freurl.cc%2Fa7d82y&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657662913760&bpp=15&bdt=478&idt=121&shv=r20220707&mjsv=m202207110101&ptt=5&saldr=sa&cookie=ID%3D3cc102208e27bde4-225cf021cccd008f%3AT%3D1657662913%3ART%3D1657662913%3AS%3DALNI_MZUNffKHyNVxFLyrTiuCNybFQLiyQ&correlator=8080358364842&frm=23&ife=1&pv=1&ga_vid=506623428.1657662910&ga_sid=1657662914&ga_hid=1848984361&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=622&biw=1600&bih=1200&isw=300&ish=250&ifk=1249474335&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44768326%2C44766558%2C31068381%2C42531606%2C42531607&oid=2&pvsid=4177307337193708&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.cawfm9i5ivpc&fsb=1&dtd=137
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Jul 2022 21:55:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4B2EDHZhZ-lRp-4lj4-5IOpaLoSCPRukVdsaS0_HfLiXgYLeQgzqKe_Hhf44Sa15Mb-qMjR3BOVjb1WX4kwR4moF1_9SHw3
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
attr
cm.g.doubleclick.net/pixel/ Frame 379F
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JxG19-YqrfBtatvcRDKCKkFGW2iPSJySn0ZZi72l8L1pnW_ZaL7tL5-Im5hUjm0emK6NYN
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242780&pi=t.ma~as.2784%2F13801&w=300&url=https%3A%2F%2Freurl.cc%2Fa7d82y&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657662913760&bpp=15&bdt=478&idt=121&shv=r20220707&mjsv=m202207110101&ptt=5&saldr=sa&cookie=ID%3D3cc102208e27bde4-225cf021cccd008f%3AT%3D1657662913%3ART%3D1657662913%3AS%3DALNI_MZUNffKHyNVxFLyrTiuCNybFQLiyQ&correlator=8080358364842&frm=23&ife=1&pv=1&ga_vid=506623428.1657662910&ga_sid=1657662914&ga_hid=1848984361&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=622&biw=1600&bih=1200&isw=300&ish=250&ifk=1249474335&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44768326%2C44766558%2C31068381%2C42531606%2C42531607&oid=2&pvsid=4177307337193708&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.cawfm9i5ivpc&fsb=1&dtd=137
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:14 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
sid
mug.criteo.com/ Frame
0
0
Preflight
General
Full URL
https://mug.criteo.com/sid?cpp=-1xt53xwS2ZqaWExQ0FuM09PckwxbHUwZGdNbm9hNUdhTGZaRGw0WmdsNnM3TmFCVTRmOUNjR0NwNW9lN2Z0ZDFPTExtZEprVzZ4bEJ4VVo2MU9vY3hteWMyMWJ4TlR5L1gvZi9tR3NlbEh5ckdIY2VvWFlQN1kxVGlaT1BGbE1TS0NwdjZXaEJyR29CNjE0aEFWSFkrL1NyUVRldk1mMUJ6SjF2bXQwTi9ZMjFkL1AzY1F4K3FwdzdaL3B6VkQ1emQ1K2NERTAwSUpiRjdPYW1pQS81SWFRSjQvRGxOdHlJbVZRS0dackVwYUlXcWw5WC9MWWFiY041S1QxVWhXOXlDdUI5OG5yaXdZZE1wYjQvSHVybW5raXVYdmdFWGxCekNkblZaUnU2KzZiU3VIVT18&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 12 Jul 2022 21:55:13 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1273
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
truncated
/ Frame CCE8
211 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e115e9eb61b6fa5adad7280b1c90a8a37a1ceeba1b729054f1468c8f6568edec

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 463C
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453f8b19c1a77907150736487838aba59d0374fef638eb4b99f02fbf0f856856

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/png
privacy_small.svg
static.criteo.net/flash/icon/ Frame 3301
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ys3twQAOMc4KGKuOAAHd6nG_7PjkNBaOQzHBbg&u=%7CgbXvUnTIjmxYqnIea1h%2B17RO7HQ%2BjkhQWVywWO5NG%2Bo%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZetDT5vPMn_ZEttGy6HYLo44Be4v-TrJ1I3cJAqZSbGfWkBfS_sQD7RDB88qACK3RrnT-i6XPEFsN42VcrRTa2HTcUsNQbqFa3Bx0xF9KzDm2MF3HxQAYlgbwIrlB5WBJzyPjJhx0dfU8NBJU2qEQ3Dt9y8O0ZeE6BVuIHmwUwmaGRZBgs-OXouzNhpdwfAlD7eJ1uXAEIuzk73GxY0Y6jwGcdbkG8qhe9fwSy3ae0qP6Y4eARky9py1cZzalDkWJa8nW-G-8ncdr0ycoF3GFXxjIBOt3hr3KFx3gQZNHfISgBQ6epj2ZN5BC5xU25PTxr1fMYk7CwgWDmtKvJa7_ObPda-1dEiLiBZrt47BeOep4dGM-7i9YXsat3ofYhPLhQNfEGmp9S-NG-6HO-hzRkB0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5xYAwe3NYs7jOI7XYuq7h1DJntKxXNWdkfdwwI23ARABIABglYKxgrgHggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODegAdW20uoDyAEJqQJygqnEJ-SwPqgDAaoEqgFP0AGoAj1zAVYbAoIVoKqosOFduvsoLZfSqu3q9Wn4AdgmdCSV3Dc3RQtZf9sUzdcAtGfib-VAjPQmVfYcjCI5web3Aw0Q3gUxyXxJ15BFI2Z9sUhUfTtYbbY_gDgHuxhvt2XZc1HR99H17_NVXRLAceB3eJxRYJ1d3TgqIQRgPHLk8AC0WCuhKpuflSU2FVFC9PDU3IypupCZXpctggc7Vky7yV71f4_Vr4AG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0HR42ql9YGLkrwSw0OfwXfqnkVEw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:14 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 07 Jul 2023 21:55:14 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 3301
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ys3twQAOMc4KGKuOAAHd6nG_7PjkNBaOQzHBbg&u=%7CgbXvUnTIjmxYqnIea1h%2B17RO7HQ%2BjkhQWVywWO5NG%2Bo%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZetDT5vPMn_ZEttGy6HYLo44Be4v-TrJ1I3cJAqZSbGfWkBfS_sQD7RDB88qACK3RrnT-i6XPEFsN42VcrRTa2HTcUsNQbqFa3Bx0xF9KzDm2MF3HxQAYlgbwIrlB5WBJzyPjJhx0dfU8NBJU2qEQ3Dt9y8O0ZeE6BVuIHmwUwmaGRZBgs-OXouzNhpdwfAlD7eJ1uXAEIuzk73GxY0Y6jwGcdbkG8qhe9fwSy3ae0qP6Y4eARky9py1cZzalDkWJa8nW-G-8ncdr0ycoF3GFXxjIBOt3hr3KFx3gQZNHfISgBQ6epj2ZN5BC5xU25PTxr1fMYk7CwgWDmtKvJa7_ObPda-1dEiLiBZrt47BeOep4dGM-7i9YXsat3ofYhPLhQNfEGmp9S-NG-6HO-hzRkB0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5xYAwe3NYs7jOI7XYuq7h1DJntKxXNWdkfdwwI23ARABIABglYKxgrgHggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODegAdW20uoDyAEJqQJygqnEJ-SwPqgDAaoEqgFP0AGoAj1zAVYbAoIVoKqosOFduvsoLZfSqu3q9Wn4AdgmdCSV3Dc3RQtZf9sUzdcAtGfib-VAjPQmVfYcjCI5web3Aw0Q3gUxyXxJ15BFI2Z9sUhUfTtYbbY_gDgHuxhvt2XZc1HR99H17_NVXRLAceB3eJxRYJ1d3TgqIQRgPHLk8AC0WCuhKpuflSU2FVFC9PDU3IypupCZXpctggc7Vky7yV71f4_Vr4AG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0HR42ql9YGLkrwSw0OfwXfqnkVEw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:14 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 07 Jul 2023 21:55:14 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 3301
308 B
636 B
Image
General
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ys3twQAOMc4KGKuOAAHd6nG_7PjkNBaOQzHBbg&u=%7CgbXvUnTIjmxYqnIea1h%2B17RO7HQ%2BjkhQWVywWO5NG%2Bo%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZetDT5vPMn_ZEttGy6HYLo44Be4v-TrJ1I3cJAqZSbGfWkBfS_sQD7RDB88qACK3RrnT-i6XPEFsN42VcrRTa2HTcUsNQbqFa3Bx0xF9KzDm2MF3HxQAYlgbwIrlB5WBJzyPjJhx0dfU8NBJU2qEQ3Dt9y8O0ZeE6BVuIHmwUwmaGRZBgs-OXouzNhpdwfAlD7eJ1uXAEIuzk73GxY0Y6jwGcdbkG8qhe9fwSy3ae0qP6Y4eARky9py1cZzalDkWJa8nW-G-8ncdr0ycoF3GFXxjIBOt3hr3KFx3gQZNHfISgBQ6epj2ZN5BC5xU25PTxr1fMYk7CwgWDmtKvJa7_ObPda-1dEiLiBZrt47BeOep4dGM-7i9YXsat3ofYhPLhQNfEGmp9S-NG-6HO-hzRkB0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5xYAwe3NYs7jOI7XYuq7h1DJntKxXNWdkfdwwI23ARABIABglYKxgrgHggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODegAdW20uoDyAEJqQJygqnEJ-SwPqgDAaoEqgFP0AGoAj1zAVYbAoIVoKqosOFduvsoLZfSqu3q9Wn4AdgmdCSV3Dc3RQtZf9sUzdcAtGfib-VAjPQmVfYcjCI5web3Aw0Q3gUxyXxJ15BFI2Z9sUhUfTtYbbY_gDgHuxhvt2XZc1HR99H17_NVXRLAceB3eJxRYJ1d3TgqIQRgPHLk8AC0WCuhKpuflSU2FVFC9PDU3IypupCZXpctggc7Vky7yV71f4_Vr4AG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0HR42ql9YGLkrwSw0OfwXfqnkVEw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:14 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Fri, 07 Jul 2023 21:55:14 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 3301
293 B
621 B
Image
General
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ys3twQAOMc4KGKuOAAHd6nG_7PjkNBaOQzHBbg&u=%7CgbXvUnTIjmxYqnIea1h%2B17RO7HQ%2BjkhQWVywWO5NG%2Bo%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZetDT5vPMn_ZEttGy6HYLo44Be4v-TrJ1I3cJAqZSbGfWkBfS_sQD7RDB88qACK3RrnT-i6XPEFsN42VcrRTa2HTcUsNQbqFa3Bx0xF9KzDm2MF3HxQAYlgbwIrlB5WBJzyPjJhx0dfU8NBJU2qEQ3Dt9y8O0ZeE6BVuIHmwUwmaGRZBgs-OXouzNhpdwfAlD7eJ1uXAEIuzk73GxY0Y6jwGcdbkG8qhe9fwSy3ae0qP6Y4eARky9py1cZzalDkWJa8nW-G-8ncdr0ycoF3GFXxjIBOt3hr3KFx3gQZNHfISgBQ6epj2ZN5BC5xU25PTxr1fMYk7CwgWDmtKvJa7_ObPda-1dEiLiBZrt47BeOep4dGM-7i9YXsat3ofYhPLhQNfEGmp9S-NG-6HO-hzRkB0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5xYAwe3NYs7jOI7XYuq7h1DJntKxXNWdkfdwwI23ARABIABglYKxgrgHggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODegAdW20uoDyAEJqQJygqnEJ-SwPqgDAaoEqgFP0AGoAj1zAVYbAoIVoKqosOFduvsoLZfSqu3q9Wn4AdgmdCSV3Dc3RQtZf9sUzdcAtGfib-VAjPQmVfYcjCI5web3Aw0Q3gUxyXxJ15BFI2Z9sUhUfTtYbbY_gDgHuxhvt2XZc1HR99H17_NVXRLAceB3eJxRYJ1d3TgqIQRgPHLk8AC0WCuhKpuflSU2FVFC9PDU3IypupCZXpctggc7Vky7yV71f4_Vr4AG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0HR42ql9YGLkrwSw0OfwXfqnkVEw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:14 GMT
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Fri, 07 Jul 2023 21:55:14 GMT
m
secure-gl.imrworldwide.com/cgi-bin/ Frame 3301
0
688 B
Image
General
Full URL
https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1657662914
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ys3twQAOMc4KGKuOAAHd6nG_7PjkNBaOQzHBbg&u=%7CgbXvUnTIjmxYqnIea1h%2B17RO7HQ%2BjkhQWVywWO5NG%2Bo%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZetDT5vPMn_ZEttGy6HYLo44Be4v-TrJ1I3cJAqZSbGfWkBfS_sQD7RDB88qACK3RrnT-i6XPEFsN42VcrRTa2HTcUsNQbqFa3Bx0xF9KzDm2MF3HxQAYlgbwIrlB5WBJzyPjJhx0dfU8NBJU2qEQ3Dt9y8O0ZeE6BVuIHmwUwmaGRZBgs-OXouzNhpdwfAlD7eJ1uXAEIuzk73GxY0Y6jwGcdbkG8qhe9fwSy3ae0qP6Y4eARky9py1cZzalDkWJa8nW-G-8ncdr0ycoF3GFXxjIBOt3hr3KFx3gQZNHfISgBQ6epj2ZN5BC5xU25PTxr1fMYk7CwgWDmtKvJa7_ObPda-1dEiLiBZrt47BeOep4dGM-7i9YXsat3ofYhPLhQNfEGmp9S-NG-6HO-hzRkB0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5xYAwe3NYs7jOI7XYuq7h1DJntKxXNWdkfdwwI23ARABIABglYKxgrgHggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODegAdW20uoDyAEJqQJygqnEJ-SwPqgDAaoEqgFP0AGoAj1zAVYbAoIVoKqosOFduvsoLZfSqu3q9Wn4AdgmdCSV3Dc3RQtZf9sUzdcAtGfib-VAjPQmVfYcjCI5web3Aw0Q3gUxyXxJ15BFI2Z9sUhUfTtYbbY_gDgHuxhvt2XZc1HR99H17_NVXRLAceB3eJxRYJ1d3TgqIQRgPHLk8AC0WCuhKpuflSU2FVFC9PDU3IypupCZXpctggc7Vky7yV71f4_Vr4AG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0HR42ql9YGLkrwSw0OfwXfqnkVEw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:800:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Jul 2022 21:55:14 GMT
via
1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA56-P2
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
x-cache
Miss from cloudfront
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-length
0
x-amz-cf-id
3KinLi0Y1JtU8MN8u8hwfASEP_Rz7Wc7xoNgojQKh3oUwaluiNBiJw==
expires
Thu, 01 Dec 1994 16:00:00 GMT
lg.php
cat.fr.eu.criteo.com/delivery/ Frame 3301
43 B
348 B
Image
General
Full URL
https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=rAkR70GEYIJjSSRV2tkyQhnrUj42MfGUbxln5IzNJMZJfsh86_bpCaGa5DHozTEHJkW7Qu7ukhOpCxMJeHNk3vE5yEH-Ir6d7E8i4BWN4IlT_BPdoI9KB3EJ6iENIAZ_Y4lefEa21Nki90fvFpDMpOUe_1cEzJIrIb7PIgTFfj20mI5bYDWSgN--MQRZzoCTikZM54TlMCwcUveYBLIwwPOZJrdgfXqzhevatZnj9GfVYJZpWDiXTI40IPSmlPGhVZI7zpKhsNHrcU-Bgho0lYbkjKnTZE_6WSnIqKYPl1P6iOUMzuJFg39PXXusrIMNOHM_q0oCXe1pHLkm94_H0N19Z2tjolYldztQuVnoWlR8vZHmdPc8pj4VlvX6oW84Hge5wro8mXuJuuteAzpDehVVoxVsE0KJAlfmDLzQyfiLxOvY_I5jwJ3YcWqkJG386Jq3Mg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ys3twQAOMc4KGKuOAAHd6nG_7PjkNBaOQzHBbg&u=%7CgbXvUnTIjmxYqnIea1h%2B17RO7HQ%2BjkhQWVywWO5NG%2Bo%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZetDT5vPMn_ZEttGy6HYLo44Be4v-TrJ1I3cJAqZSbGfWkBfS_sQD7RDB88qACK3RrnT-i6XPEFsN42VcrRTa2HTcUsNQbqFa3Bx0xF9KzDm2MF3HxQAYlgbwIrlB5WBJzyPjJhx0dfU8NBJU2qEQ3Dt9y8O0ZeE6BVuIHmwUwmaGRZBgs-OXouzNhpdwfAlD7eJ1uXAEIuzk73GxY0Y6jwGcdbkG8qhe9fwSy3ae0qP6Y4eARky9py1cZzalDkWJa8nW-G-8ncdr0ycoF3GFXxjIBOt3hr3KFx3gQZNHfISgBQ6epj2ZN5BC5xU25PTxr1fMYk7CwgWDmtKvJa7_ObPda-1dEiLiBZrt47BeOep4dGM-7i9YXsat3ofYhPLhQNfEGmp9S-NG-6HO-hzRkB0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5xYAwe3NYs7jOI7XYuq7h1DJntKxXNWdkfdwwI23ARABIABglYKxgrgHggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODegAdW20uoDyAEJqQJygqnEJ-SwPqgDAaoEqgFP0AGoAj1zAVYbAoIVoKqosOFduvsoLZfSqu3q9Wn4AdgmdCSV3Dc3RQtZf9sUzdcAtGfib-VAjPQmVfYcjCI5web3Aw0Q3gUxyXxJ15BFI2Z9sUhUfTtYbbY_gDgHuxhvt2XZc1HR99H17_NVXRLAceB3eJxRYJ1d3TgqIQRgPHLk8AC0WCuhKpuflSU2FVFC9PDU3IypupCZXpctggc7Vky7yV71f4_Vr4AG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0HR42ql9YGLkrwSw0OfwXfqnkVEw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Jul 2022 21:55:13 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
6000647
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
animejs.js
static.criteo.net/animejs/ Frame 3301
12 KB
6 KB
Script
General
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ys3twQAOMc4KGKuOAAHd6nG_7PjkNBaOQzHBbg&u=%7CgbXvUnTIjmxYqnIea1h%2B17RO7HQ%2BjkhQWVywWO5NG%2Bo%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZetDT5vPMn_ZEttGy6HYLo44Be4v-TrJ1I3cJAqZSbGfWkBfS_sQD7RDB88qACK3RrnT-i6XPEFsN42VcrRTa2HTcUsNQbqFa3Bx0xF9KzDm2MF3HxQAYlgbwIrlB5WBJzyPjJhx0dfU8NBJU2qEQ3Dt9y8O0ZeE6BVuIHmwUwmaGRZBgs-OXouzNhpdwfAlD7eJ1uXAEIuzk73GxY0Y6jwGcdbkG8qhe9fwSy3ae0qP6Y4eARky9py1cZzalDkWJa8nW-G-8ncdr0ycoF3GFXxjIBOt3hr3KFx3gQZNHfISgBQ6epj2ZN5BC5xU25PTxr1fMYk7CwgWDmtKvJa7_ObPda-1dEiLiBZrt47BeOep4dGM-7i9YXsat3ofYhPLhQNfEGmp9S-NG-6HO-hzRkB0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5xYAwe3NYs7jOI7XYuq7h1DJntKxXNWdkfdwwI23ARABIABglYKxgrgHggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODegAdW20uoDyAEJqQJygqnEJ-SwPqgDAaoEqgFP0AGoAj1zAVYbAoIVoKqosOFduvsoLZfSqu3q9Wn4AdgmdCSV3Dc3RQtZf9sUzdcAtGfib-VAjPQmVfYcjCI5web3Aw0Q3gUxyXxJ15BFI2Z9sUhUfTtYbbY_gDgHuxhvt2XZc1HR99H17_NVXRLAceB3eJxRYJ1d3TgqIQRgPHLk8AC0WCuhKpuflSU2FVFC9PDU3IypupCZXpctggc7Vky7yV71f4_Vr4AG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0HR42ql9YGLkrwSw0OfwXfqnkVEw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:14 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 07 Jul 2023 21:55:14 GMT
img
pix.eu.criteo.net/img/ Frame 3301
11 KB
11 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?h=76&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F8d6bc06124f044d4973e0db21c495799_logo.png&v=3&w=596&s=CxRtjByjbRtf0nK6cmCwL0fZ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ys3twQAOMc4KGKuOAAHd6nG_7PjkNBaOQzHBbg&u=%7CgbXvUnTIjmxYqnIea1h%2B17RO7HQ%2BjkhQWVywWO5NG%2Bo%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZetDT5vPMn_ZEttGy6HYLo44Be4v-TrJ1I3cJAqZSbGfWkBfS_sQD7RDB88qACK3RrnT-i6XPEFsN42VcrRTa2HTcUsNQbqFa3Bx0xF9KzDm2MF3HxQAYlgbwIrlB5WBJzyPjJhx0dfU8NBJU2qEQ3Dt9y8O0ZeE6BVuIHmwUwmaGRZBgs-OXouzNhpdwfAlD7eJ1uXAEIuzk73GxY0Y6jwGcdbkG8qhe9fwSy3ae0qP6Y4eARky9py1cZzalDkWJa8nW-G-8ncdr0ycoF3GFXxjIBOt3hr3KFx3gQZNHfISgBQ6epj2ZN5BC5xU25PTxr1fMYk7CwgWDmtKvJa7_ObPda-1dEiLiBZrt47BeOep4dGM-7i9YXsat3ofYhPLhQNfEGmp9S-NG-6HO-hzRkB0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5xYAwe3NYs7jOI7XYuq7h1DJntKxXNWdkfdwwI23ARABIABglYKxgrgHggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODegAdW20uoDyAEJqQJygqnEJ-SwPqgDAaoEqgFP0AGoAj1zAVYbAoIVoKqosOFduvsoLZfSqu3q9Wn4AdgmdCSV3Dc3RQtZf9sUzdcAtGfib-VAjPQmVfYcjCI5web3Aw0Q3gUxyXxJ15BFI2Z9sUhUfTtYbbY_gDgHuxhvt2XZc1HR99H17_NVXRLAceB3eJxRYJ1d3TgqIQRgPHLk8AC0WCuhKpuflSU2FVFC9PDU3IypupCZXpctggc7Vky7yV71f4_Vr4AG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0HR42ql9YGLkrwSw0OfwXfqnkVEw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
093da471f5256cc2c4143fef0a012c247888761f0d398659582dc56da5769a16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:14 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=29389153
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
10911
expires
Sun, 18 Jun 2023 01:34:28 GMT
all
csm.eu.criteo.net/ Frame 3301
0
128 B
Ping
General
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=lD7sEQcullyWXfF_i-IY_m-Oz0nIH1LER-mfsEnKsEPREMzTi3fabsx6Pu2NVtfUaLvg8pG4dAGBJho4loCWyoPC-OlfQeaA1vH7sw0oL16NvORv52zg9F-iYiLbYs_-YmIIY8MqF_b5yFRR_3zDIjve3BzUAx4-357ecvUw7ba9JYshWdEoxqs49iWKlS1CNo4kY_UDs54BBMPNEa4wwjPnsv92cj-cvuuKL8JAZ37rjdXP5Cwo_1atbZ8Zv-ZGeLJB-A&sds=2&rev=82042&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ys3twQAOMc4KGKuOAAHd6nG_7PjkNBaOQzHBbg&u=%7CgbXvUnTIjmxYqnIea1h%2B17RO7HQ%2BjkhQWVywWO5NG%2Bo%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZetDT5vPMn_ZEttGy6HYLo44Be4v-TrJ1I3cJAqZSbGfWkBfS_sQD7RDB88qACK3RrnT-i6XPEFsN42VcrRTa2HTcUsNQbqFa3Bx0xF9KzDm2MF3HxQAYlgbwIrlB5WBJzyPjJhx0dfU8NBJU2qEQ3Dt9y8O0ZeE6BVuIHmwUwmaGRZBgs-OXouzNhpdwfAlD7eJ1uXAEIuzk73GxY0Y6jwGcdbkG8qhe9fwSy3ae0qP6Y4eARky9py1cZzalDkWJa8nW-G-8ncdr0ycoF3GFXxjIBOt3hr3KFx3gQZNHfISgBQ6epj2ZN5BC5xU25PTxr1fMYk7CwgWDmtKvJa7_ObPda-1dEiLiBZrt47BeOep4dGM-7i9YXsat3ofYhPLhQNfEGmp9S-NG-6HO-hzRkB0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5xYAwe3NYs7jOI7XYuq7h1DJntKxXNWdkfdwwI23ARABIABglYKxgrgHggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODegAdW20uoDyAEJqQJygqnEJ-SwPqgDAaoEqgFP0AGoAj1zAVYbAoIVoKqosOFduvsoLZfSqu3q9Wn4AdgmdCSV3Dc3RQtZf9sUzdcAtGfib-VAjPQmVfYcjCI5web3Aw0Q3gUxyXxJ15BFI2Z9sUhUfTtYbbY_gDgHuxhvt2XZc1HR99H17_NVXRLAceB3eJxRYJ1d3TgqIQRgPHLk8AC0WCuhKpuflSU2FVFC9PDU3IypupCZXpctggc7Vky7yV71f4_Vr4AG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0HR42ql9YGLkrwSw0OfwXfqnkVEw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 12 Jul 2022 21:55:13 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 3301
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ys3twQAOMc4KGKuOAAHd6nG_7PjkNBaOQzHBbg&u=%7CgbXvUnTIjmxYqnIea1h%2B17RO7HQ%2BjkhQWVywWO5NG%2Bo%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZetDT5vPMn_ZEttGy6HYLo44Be4v-TrJ1I3cJAqZSbGfWkBfS_sQD7RDB88qACK3RrnT-i6XPEFsN42VcrRTa2HTcUsNQbqFa3Bx0xF9KzDm2MF3HxQAYlgbwIrlB5WBJzyPjJhx0dfU8NBJU2qEQ3Dt9y8O0ZeE6BVuIHmwUwmaGRZBgs-OXouzNhpdwfAlD7eJ1uXAEIuzk73GxY0Y6jwGcdbkG8qhe9fwSy3ae0qP6Y4eARky9py1cZzalDkWJa8nW-G-8ncdr0ycoF3GFXxjIBOt3hr3KFx3gQZNHfISgBQ6epj2ZN5BC5xU25PTxr1fMYk7CwgWDmtKvJa7_ObPda-1dEiLiBZrt47BeOep4dGM-7i9YXsat3ofYhPLhQNfEGmp9S-NG-6HO-hzRkB0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5xYAwe3NYs7jOI7XYuq7h1DJntKxXNWdkfdwwI23ARABIABglYKxgrgHggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODegAdW20uoDyAEJqQJygqnEJ-SwPqgDAaoEqgFP0AGoAj1zAVYbAoIVoKqosOFduvsoLZfSqu3q9Wn4AdgmdCSV3Dc3RQtZf9sUzdcAtGfib-VAjPQmVfYcjCI5web3Aw0Q3gUxyXxJ15BFI2Z9sUhUfTtYbbY_gDgHuxhvt2XZc1HR99H17_NVXRLAceB3eJxRYJ1d3TgqIQRgPHLk8AC0WCuhKpuflSU2FVFC9PDU3IypupCZXpctggc7Vky7yV71f4_Vr4AG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0HR42ql9YGLkrwSw0OfwXfqnkVEw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:14 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 07 Jul 2023 21:55:14 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 3301
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ys3twQAOMc4KGKuOAAHd6nG_7PjkNBaOQzHBbg&u=%7CgbXvUnTIjmxYqnIea1h%2B17RO7HQ%2BjkhQWVywWO5NG%2Bo%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZetDT5vPMn_ZEttGy6HYLo44Be4v-TrJ1I3cJAqZSbGfWkBfS_sQD7RDB88qACK3RrnT-i6XPEFsN42VcrRTa2HTcUsNQbqFa3Bx0xF9KzDm2MF3HxQAYlgbwIrlB5WBJzyPjJhx0dfU8NBJU2qEQ3Dt9y8O0ZeE6BVuIHmwUwmaGRZBgs-OXouzNhpdwfAlD7eJ1uXAEIuzk73GxY0Y6jwGcdbkG8qhe9fwSy3ae0qP6Y4eARky9py1cZzalDkWJa8nW-G-8ncdr0ycoF3GFXxjIBOt3hr3KFx3gQZNHfISgBQ6epj2ZN5BC5xU25PTxr1fMYk7CwgWDmtKvJa7_ObPda-1dEiLiBZrt47BeOep4dGM-7i9YXsat3ofYhPLhQNfEGmp9S-NG-6HO-hzRkB0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5xYAwe3NYs7jOI7XYuq7h1DJntKxXNWdkfdwwI23ARABIABglYKxgrgHggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODegAdW20uoDyAEJqQJygqnEJ-SwPqgDAaoEqgFP0AGoAj1zAVYbAoIVoKqosOFduvsoLZfSqu3q9Wn4AdgmdCSV3Dc3RQtZf9sUzdcAtGfib-VAjPQmVfYcjCI5web3Aw0Q3gUxyXxJ15BFI2Z9sUhUfTtYbbY_gDgHuxhvt2XZc1HR99H17_NVXRLAceB3eJxRYJ1d3TgqIQRgPHLk8AC0WCuhKpuflSU2FVFC9PDU3IypupCZXpctggc7Vky7yV71f4_Vr4AG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0HR42ql9YGLkrwSw0OfwXfqnkVEw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:14 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 07 Jul 2023 21:55:14 GMT
json
gum.criteo.com/sid/ Frame
0
0
Preflight
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://img.scupio.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://img.scupio.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 12 Jul 2022 21:55:14 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1055
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 1341
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=VkUMdHxlQ01NR0psbjk3Smt5bFZ5T0F6emxOSE1GbHh0Q2tuNEk3KzkzczdIY3RnTm9IWUZrMlo0Q1NHb28xUm1VZ3FPZTlDUmJCQW1ydkNGcWFBcnhRdERhcmQwa1ZzZE5qNzZGYWt4SDR6UTlkcE9DUG5rYkdwYXFNZC...
416 B
660 B
XHR
General
Full URL
https://mug.criteo.com/sid?cpp=VkUMdHxlQ01NR0psbjk3Smt5bFZ5T0F6emxOSE1GbHh0Q2tuNEk3KzkzczdIY3RnTm9IWUZrMlo0Q1NHb28xUm1VZ3FPZTlDUmJCQW1ydkNGcWFBcnhRdERhcmQwa1ZzZE5qNzZGYWt4SDR6UTlkcE9DUG5rYkdwYXFNZC94NE85Z0trNklleW92MWxsSzBDWUJEUHRQT3MyVEE1ZHM2elY5SGRUVlRoYnM2Nm4xV1M1UlFuQzhvU1hiS2FDRW5LejhWOVFxMlVXTEpPUEFBbFVkYjEvTW14UFRHUURkcE02NmFQVFlYMkF2N1NRRnc3SWlwMmc1emNXVEZIMm1XdDF6NTdITHpKbE5GaWJINmZaTjZqNkpITjJmL0F1dk8rMWhKeGhHdlh2VDhTTkR3WT18&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
2c4a47acfb593b64c07cc4da1329cf201774efa5a0bda66f4798dc44a6aac374
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Jul 2022 21:55:14 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3788
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Tue, 12 Jul 2022 21:55:14 GMT
location
https://mug.criteo.com/sid?cpp=VkUMdHxlQ01NR0psbjk3Smt5bFZ5T0F6emxOSE1GbHh0Q2tuNEk3KzkzczdIY3RnTm9IWUZrMlo0Q1NHb28xUm1VZ3FPZTlDUmJCQW1ydkNGcWFBcnhRdERhcmQwa1ZzZE5qNzZGYWt4SDR6UTlkcE9DUG5rYkdwYXFNZC94NE85Z0trNklleW92MWxsSzBDWUJEUHRQT3MyVEE1ZHM2elY5SGRUVlRoYnM2Nm4xV1M1UlFuQzhvU1hiS2FDRW5LejhWOVFxMlVXTEpPUEFBbFVkYjEvTW14UFRHUURkcE02NmFQVFlYMkF2N1NRRnc3SWlwMmc1emNXVEZIMm1XdDF6NTdITHpKbE5GaWJINmZaTjZqNkpITjJmL0F1dk8rMWhKeGhHdlh2VDhTTkR3WT18&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://img.scupio.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1480
content-length
567
expires
0
idSync
sync.aralego.com/ Frame 1341
35 B
266 B
Image
General
Full URL
https://sync.aralego.com/idSync
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.115.117.82 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 12 Jul 2022 21:55:14 GMT
Connection
close
Content-Length
35
Content-Type
image/gif
cm
c.holmesmind.com/ Frame 1341
0
13 B
Image
General
Full URL
https://c.holmesmind.com/cm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:14 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
privacy_small.svg
static.criteo.net/flash/icon/ Frame 7F64
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ys3twQANiYMKGGYDAANAnd6tmykkqPeBV6Jsxg&u=%7CCmiiIZhd23Q9I9MUulsxggyO4M061lOUfBwyQk3FmD8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZetDT5vPMn_ZEttGy6HYLo44Q7wBABmby2W-T5O746N8P0q9kq_L8VKQv5jVSCUz2AXuPgoFJHy2jZu8sbvMU7Gm30qtzpVR-sYccEkLs8MP3noKBk1Cfb1UDI85EcCKZ6s7kNMzNCP0p3EUBr8OHjd3LDoL7zVXHF1PYfxP7ZRc66BNlSlPPnYfwkvHYwgRMLsr1Wyl0vn2yTacQy7_IvYUmj5ZT9QVK3ydcQ_XjW7E6xnXCSRDTQ8QCsbiMHz8WEtkYydXsvFlXlT93DZrDRGTHyOoJ8khucJVuc7iBLo4zHgmIAJcJ7ORVXOztnaxEOC4DbKHrCRXPEBLwwmQpBpiaifqs7BKIsPyHPpzSAciZT4r9ifcTOIXUWnY9sbRmNw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtG8Bwe3NYoOTNoPMYZ2BjfAOyZ7SsVzVnZH3cMCNtwEQASAAYJWCsYK4B4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJygqnEJ-SwPqgDAaoEqwFP0PfSaHoXs9t1VkHokGNMw0ul7ebAu8DFo3hHo0vYmPTo6GzsIqIl7WP6OQ0YLbXm0HnR73GA5Ebx1xiXlYnaqQInq3q4JS2slCFK4cYPnYLxVNWuAIJq2ccuGYZgY0iqmTECEzwiw6wyeSfIw-vZA_14IGUjJTCg0DghBtLQUqLnuoMUpVd8USqbZD7b64hxdHfqH2kn4aueRi6ZeBqxU1TBihXUa6n-CtWABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0nzf1e3139oPOub3_K1ts4m9Jokw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:14 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 07 Jul 2023 21:55:14 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 7F64
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ys3twQANiYMKGGYDAANAnd6tmykkqPeBV6Jsxg&u=%7CCmiiIZhd23Q9I9MUulsxggyO4M061lOUfBwyQk3FmD8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZetDT5vPMn_ZEttGy6HYLo44Q7wBABmby2W-T5O746N8P0q9kq_L8VKQv5jVSCUz2AXuPgoFJHy2jZu8sbvMU7Gm30qtzpVR-sYccEkLs8MP3noKBk1Cfb1UDI85EcCKZ6s7kNMzNCP0p3EUBr8OHjd3LDoL7zVXHF1PYfxP7ZRc66BNlSlPPnYfwkvHYwgRMLsr1Wyl0vn2yTacQy7_IvYUmj5ZT9QVK3ydcQ_XjW7E6xnXCSRDTQ8QCsbiMHz8WEtkYydXsvFlXlT93DZrDRGTHyOoJ8khucJVuc7iBLo4zHgmIAJcJ7ORVXOztnaxEOC4DbKHrCRXPEBLwwmQpBpiaifqs7BKIsPyHPpzSAciZT4r9ifcTOIXUWnY9sbRmNw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtG8Bwe3NYoOTNoPMYZ2BjfAOyZ7SsVzVnZH3cMCNtwEQASAAYJWCsYK4B4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJygqnEJ-SwPqgDAaoEqwFP0PfSaHoXs9t1VkHokGNMw0ul7ebAu8DFo3hHo0vYmPTo6GzsIqIl7WP6OQ0YLbXm0HnR73GA5Ebx1xiXlYnaqQInq3q4JS2slCFK4cYPnYLxVNWuAIJq2ccuGYZgY0iqmTECEzwiw6wyeSfIw-vZA_14IGUjJTCg0DghBtLQUqLnuoMUpVd8USqbZD7b64hxdHfqH2kn4aueRi6ZeBqxU1TBihXUa6n-CtWABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0nzf1e3139oPOub3_K1ts4m9Jokw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:14 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 07 Jul 2023 21:55:14 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 7F64
308 B
636 B
Image
General
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ys3twQANiYMKGGYDAANAnd6tmykkqPeBV6Jsxg&u=%7CCmiiIZhd23Q9I9MUulsxggyO4M061lOUfBwyQk3FmD8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZetDT5vPMn_ZEttGy6HYLo44Q7wBABmby2W-T5O746N8P0q9kq_L8VKQv5jVSCUz2AXuPgoFJHy2jZu8sbvMU7Gm30qtzpVR-sYccEkLs8MP3noKBk1Cfb1UDI85EcCKZ6s7kNMzNCP0p3EUBr8OHjd3LDoL7zVXHF1PYfxP7ZRc66BNlSlPPnYfwkvHYwgRMLsr1Wyl0vn2yTacQy7_IvYUmj5ZT9QVK3ydcQ_XjW7E6xnXCSRDTQ8QCsbiMHz8WEtkYydXsvFlXlT93DZrDRGTHyOoJ8khucJVuc7iBLo4zHgmIAJcJ7ORVXOztnaxEOC4DbKHrCRXPEBLwwmQpBpiaifqs7BKIsPyHPpzSAciZT4r9ifcTOIXUWnY9sbRmNw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtG8Bwe3NYoOTNoPMYZ2BjfAOyZ7SsVzVnZH3cMCNtwEQASAAYJWCsYK4B4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJygqnEJ-SwPqgDAaoEqwFP0PfSaHoXs9t1VkHokGNMw0ul7ebAu8DFo3hHo0vYmPTo6GzsIqIl7WP6OQ0YLbXm0HnR73GA5Ebx1xiXlYnaqQInq3q4JS2slCFK4cYPnYLxVNWuAIJq2ccuGYZgY0iqmTECEzwiw6wyeSfIw-vZA_14IGUjJTCg0DghBtLQUqLnuoMUpVd8USqbZD7b64hxdHfqH2kn4aueRi6ZeBqxU1TBihXUa6n-CtWABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0nzf1e3139oPOub3_K1ts4m9Jokw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:14 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Fri, 07 Jul 2023 21:55:14 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 7F64
293 B
621 B
Image
General
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ys3twQANiYMKGGYDAANAnd6tmykkqPeBV6Jsxg&u=%7CCmiiIZhd23Q9I9MUulsxggyO4M061lOUfBwyQk3FmD8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZetDT5vPMn_ZEttGy6HYLo44Q7wBABmby2W-T5O746N8P0q9kq_L8VKQv5jVSCUz2AXuPgoFJHy2jZu8sbvMU7Gm30qtzpVR-sYccEkLs8MP3noKBk1Cfb1UDI85EcCKZ6s7kNMzNCP0p3EUBr8OHjd3LDoL7zVXHF1PYfxP7ZRc66BNlSlPPnYfwkvHYwgRMLsr1Wyl0vn2yTacQy7_IvYUmj5ZT9QVK3ydcQ_XjW7E6xnXCSRDTQ8QCsbiMHz8WEtkYydXsvFlXlT93DZrDRGTHyOoJ8khucJVuc7iBLo4zHgmIAJcJ7ORVXOztnaxEOC4DbKHrCRXPEBLwwmQpBpiaifqs7BKIsPyHPpzSAciZT4r9ifcTOIXUWnY9sbRmNw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtG8Bwe3NYoOTNoPMYZ2BjfAOyZ7SsVzVnZH3cMCNtwEQASAAYJWCsYK4B4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJygqnEJ-SwPqgDAaoEqwFP0PfSaHoXs9t1VkHokGNMw0ul7ebAu8DFo3hHo0vYmPTo6GzsIqIl7WP6OQ0YLbXm0HnR73GA5Ebx1xiXlYnaqQInq3q4JS2slCFK4cYPnYLxVNWuAIJq2ccuGYZgY0iqmTECEzwiw6wyeSfIw-vZA_14IGUjJTCg0DghBtLQUqLnuoMUpVd8USqbZD7b64hxdHfqH2kn4aueRi6ZeBqxU1TBihXUa6n-CtWABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0nzf1e3139oPOub3_K1ts4m9Jokw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:14 GMT
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Fri, 07 Jul 2023 21:55:14 GMT
m
secure-gl.imrworldwide.com/cgi-bin/ Frame 7F64
0
690 B
Image
General
Full URL
https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1657662913
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ys3twQANiYMKGGYDAANAnd6tmykkqPeBV6Jsxg&u=%7CCmiiIZhd23Q9I9MUulsxggyO4M061lOUfBwyQk3FmD8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZetDT5vPMn_ZEttGy6HYLo44Q7wBABmby2W-T5O746N8P0q9kq_L8VKQv5jVSCUz2AXuPgoFJHy2jZu8sbvMU7Gm30qtzpVR-sYccEkLs8MP3noKBk1Cfb1UDI85EcCKZ6s7kNMzNCP0p3EUBr8OHjd3LDoL7zVXHF1PYfxP7ZRc66BNlSlPPnYfwkvHYwgRMLsr1Wyl0vn2yTacQy7_IvYUmj5ZT9QVK3ydcQ_XjW7E6xnXCSRDTQ8QCsbiMHz8WEtkYydXsvFlXlT93DZrDRGTHyOoJ8khucJVuc7iBLo4zHgmIAJcJ7ORVXOztnaxEOC4DbKHrCRXPEBLwwmQpBpiaifqs7BKIsPyHPpzSAciZT4r9ifcTOIXUWnY9sbRmNw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtG8Bwe3NYoOTNoPMYZ2BjfAOyZ7SsVzVnZH3cMCNtwEQASAAYJWCsYK4B4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJygqnEJ-SwPqgDAaoEqwFP0PfSaHoXs9t1VkHokGNMw0ul7ebAu8DFo3hHo0vYmPTo6GzsIqIl7WP6OQ0YLbXm0HnR73GA5Ebx1xiXlYnaqQInq3q4JS2slCFK4cYPnYLxVNWuAIJq2ccuGYZgY0iqmTECEzwiw6wyeSfIw-vZA_14IGUjJTCg0DghBtLQUqLnuoMUpVd8USqbZD7b64hxdHfqH2kn4aueRi6ZeBqxU1TBihXUa6n-CtWABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0nzf1e3139oPOub3_K1ts4m9Jokw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:800:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Jul 2022 21:55:14 GMT
via
1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA56-P2
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
x-cache
Miss from cloudfront
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-length
0
x-amz-cf-id
UJnJmVt7hglg9CmE-UNSQFDEVxx-UvgDYDdP6Wt6UWbrPA1kCBGPQA==
expires
Thu, 01 Dec 1994 16:00:00 GMT
lg.php
cat.fr.eu.criteo.com/delivery/ Frame 7F64
43 B
347 B
Image
General
Full URL
https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=4jGQu0GEYIJjSSRV2tkyQhnrUj4Yyr0DfsSHSEjSFnM3UW3dujXGaw270vCFGMUN4a_ybP77wGOQTXfWSbIUEvb70Wr4DsO9Xyq03n3LBA42JD3P6gkKx8KrZy4jzpYSr0lPhBLDMESbI0knTwcssjQ2kLRwy32_JRl3KCjrt00erx5_Oh1v-eF1pHmhfVGZ9EliGtqnoDDFRIzHYcDkkX6tt_xVcaUvLzahpvU958kBdpSEZiVr2_kFd2kRgQjS65aZZ72FCuIKamuuBul2K2e-HQbOlHj2-_QZxjNJZEmnTs4C20fX_b8KHKGLybvgongk5tEAPtHquzaColiSX9d7MKW4SdyGuDh37aWT4tZOvnWhIi1ZR7dT_u846ju5Mo2t3gvpWAfoejOZv5JeXCjxig1rHMpqCKlBgHxf68WTTX0BPIiMMZogATQlRARg5ZWkBQ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ys3twQANiYMKGGYDAANAnd6tmykkqPeBV6Jsxg&u=%7CCmiiIZhd23Q9I9MUulsxggyO4M061lOUfBwyQk3FmD8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZetDT5vPMn_ZEttGy6HYLo44Q7wBABmby2W-T5O746N8P0q9kq_L8VKQv5jVSCUz2AXuPgoFJHy2jZu8sbvMU7Gm30qtzpVR-sYccEkLs8MP3noKBk1Cfb1UDI85EcCKZ6s7kNMzNCP0p3EUBr8OHjd3LDoL7zVXHF1PYfxP7ZRc66BNlSlPPnYfwkvHYwgRMLsr1Wyl0vn2yTacQy7_IvYUmj5ZT9QVK3ydcQ_XjW7E6xnXCSRDTQ8QCsbiMHz8WEtkYydXsvFlXlT93DZrDRGTHyOoJ8khucJVuc7iBLo4zHgmIAJcJ7ORVXOztnaxEOC4DbKHrCRXPEBLwwmQpBpiaifqs7BKIsPyHPpzSAciZT4r9ifcTOIXUWnY9sbRmNw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtG8Bwe3NYoOTNoPMYZ2BjfAOyZ7SsVzVnZH3cMCNtwEQASAAYJWCsYK4B4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJygqnEJ-SwPqgDAaoEqwFP0PfSaHoXs9t1VkHokGNMw0ul7ebAu8DFo3hHo0vYmPTo6GzsIqIl7WP6OQ0YLbXm0HnR73GA5Ebx1xiXlYnaqQInq3q4JS2slCFK4cYPnYLxVNWuAIJq2ccuGYZgY0iqmTECEzwiw6wyeSfIw-vZA_14IGUjJTCg0DghBtLQUqLnuoMUpVd8USqbZD7b64hxdHfqH2kn4aueRi6ZeBqxU1TBihXUa6n-CtWABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0nzf1e3139oPOub3_K1ts4m9Jokw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Jul 2022 21:55:14 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
4828678
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
animejs.js
static.criteo.net/animejs/ Frame 7F64
12 KB
6 KB
Script
General
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ys3twQANiYMKGGYDAANAnd6tmykkqPeBV6Jsxg&u=%7CCmiiIZhd23Q9I9MUulsxggyO4M061lOUfBwyQk3FmD8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZetDT5vPMn_ZEttGy6HYLo44Q7wBABmby2W-T5O746N8P0q9kq_L8VKQv5jVSCUz2AXuPgoFJHy2jZu8sbvMU7Gm30qtzpVR-sYccEkLs8MP3noKBk1Cfb1UDI85EcCKZ6s7kNMzNCP0p3EUBr8OHjd3LDoL7zVXHF1PYfxP7ZRc66BNlSlPPnYfwkvHYwgRMLsr1Wyl0vn2yTacQy7_IvYUmj5ZT9QVK3ydcQ_XjW7E6xnXCSRDTQ8QCsbiMHz8WEtkYydXsvFlXlT93DZrDRGTHyOoJ8khucJVuc7iBLo4zHgmIAJcJ7ORVXOztnaxEOC4DbKHrCRXPEBLwwmQpBpiaifqs7BKIsPyHPpzSAciZT4r9ifcTOIXUWnY9sbRmNw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtG8Bwe3NYoOTNoPMYZ2BjfAOyZ7SsVzVnZH3cMCNtwEQASAAYJWCsYK4B4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJygqnEJ-SwPqgDAaoEqwFP0PfSaHoXs9t1VkHokGNMw0ul7ebAu8DFo3hHo0vYmPTo6GzsIqIl7WP6OQ0YLbXm0HnR73GA5Ebx1xiXlYnaqQInq3q4JS2slCFK4cYPnYLxVNWuAIJq2ccuGYZgY0iqmTECEzwiw6wyeSfIw-vZA_14IGUjJTCg0DghBtLQUqLnuoMUpVd8USqbZD7b64hxdHfqH2kn4aueRi6ZeBqxU1TBihXUa6n-CtWABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0nzf1e3139oPOub3_K1ts4m9Jokw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:14 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 07 Jul 2023 21:55:14 GMT
img
pix.eu.criteo.net/img/ Frame 7F64
11 KB
11 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?h=76&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F8d6bc06124f044d4973e0db21c495799_logo.png&v=3&w=596&s=CxRtjByjbRtf0nK6cmCwL0fZ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ys3twQANiYMKGGYDAANAnd6tmykkqPeBV6Jsxg&u=%7CCmiiIZhd23Q9I9MUulsxggyO4M061lOUfBwyQk3FmD8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZetDT5vPMn_ZEttGy6HYLo44Q7wBABmby2W-T5O746N8P0q9kq_L8VKQv5jVSCUz2AXuPgoFJHy2jZu8sbvMU7Gm30qtzpVR-sYccEkLs8MP3noKBk1Cfb1UDI85EcCKZ6s7kNMzNCP0p3EUBr8OHjd3LDoL7zVXHF1PYfxP7ZRc66BNlSlPPnYfwkvHYwgRMLsr1Wyl0vn2yTacQy7_IvYUmj5ZT9QVK3ydcQ_XjW7E6xnXCSRDTQ8QCsbiMHz8WEtkYydXsvFlXlT93DZrDRGTHyOoJ8khucJVuc7iBLo4zHgmIAJcJ7ORVXOztnaxEOC4DbKHrCRXPEBLwwmQpBpiaifqs7BKIsPyHPpzSAciZT4r9ifcTOIXUWnY9sbRmNw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtG8Bwe3NYoOTNoPMYZ2BjfAOyZ7SsVzVnZH3cMCNtwEQASAAYJWCsYK4B4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJygqnEJ-SwPqgDAaoEqwFP0PfSaHoXs9t1VkHokGNMw0ul7ebAu8DFo3hHo0vYmPTo6GzsIqIl7WP6OQ0YLbXm0HnR73GA5Ebx1xiXlYnaqQInq3q4JS2slCFK4cYPnYLxVNWuAIJq2ccuGYZgY0iqmTECEzwiw6wyeSfIw-vZA_14IGUjJTCg0DghBtLQUqLnuoMUpVd8USqbZD7b64hxdHfqH2kn4aueRi6ZeBqxU1TBihXUa6n-CtWABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0nzf1e3139oPOub3_K1ts4m9Jokw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
093da471f5256cc2c4143fef0a012c247888761f0d398659582dc56da5769a16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:13 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=29389153
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
10911
expires
Sun, 18 Jun 2023 01:34:28 GMT
all
csm.eu.criteo.net/ Frame 7F64
0
127 B
Ping
General
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=W-8ZNwcullyWXfF__Qx3xT0pfJ2Wrhlv6CeGs975tkzmstFZf0Twxp9D7jjvmr-l6pflNnwha5mnvf7scL37w2X1XDvQMaqkxvaxnwVKi1bZFMfezdL8WSr0F4ktyrr5zGIY_jKdxPboVyjrxMRy-T26jCuWlPg9cd0RKsJ-R3blFeFszzdMGuGkoqIzDuWYfWwR4JczfY4wridNzxUV9fcYCkmaHSJm_b9J-6CvvCf-EDj-8rEoyaz2PUSU2F4hhrsc0g&sds=2&rev=82042&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ys3twQANiYMKGGYDAANAnd6tmykkqPeBV6Jsxg&u=%7CCmiiIZhd23Q9I9MUulsxggyO4M061lOUfBwyQk3FmD8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZetDT5vPMn_ZEttGy6HYLo44Q7wBABmby2W-T5O746N8P0q9kq_L8VKQv5jVSCUz2AXuPgoFJHy2jZu8sbvMU7Gm30qtzpVR-sYccEkLs8MP3noKBk1Cfb1UDI85EcCKZ6s7kNMzNCP0p3EUBr8OHjd3LDoL7zVXHF1PYfxP7ZRc66BNlSlPPnYfwkvHYwgRMLsr1Wyl0vn2yTacQy7_IvYUmj5ZT9QVK3ydcQ_XjW7E6xnXCSRDTQ8QCsbiMHz8WEtkYydXsvFlXlT93DZrDRGTHyOoJ8khucJVuc7iBLo4zHgmIAJcJ7ORVXOztnaxEOC4DbKHrCRXPEBLwwmQpBpiaifqs7BKIsPyHPpzSAciZT4r9ifcTOIXUWnY9sbRmNw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtG8Bwe3NYoOTNoPMYZ2BjfAOyZ7SsVzVnZH3cMCNtwEQASAAYJWCsYK4B4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJygqnEJ-SwPqgDAaoEqwFP0PfSaHoXs9t1VkHokGNMw0ul7ebAu8DFo3hHo0vYmPTo6GzsIqIl7WP6OQ0YLbXm0HnR73GA5Ebx1xiXlYnaqQInq3q4JS2slCFK4cYPnYLxVNWuAIJq2ccuGYZgY0iqmTECEzwiw6wyeSfIw-vZA_14IGUjJTCg0DghBtLQUqLnuoMUpVd8USqbZD7b64hxdHfqH2kn4aueRi6ZeBqxU1TBihXUa6n-CtWABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0nzf1e3139oPOub3_K1ts4m9Jokw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 12 Jul 2022 21:55:14 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 7F64
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ys3twQANiYMKGGYDAANAnd6tmykkqPeBV6Jsxg&u=%7CCmiiIZhd23Q9I9MUulsxggyO4M061lOUfBwyQk3FmD8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZetDT5vPMn_ZEttGy6HYLo44Q7wBABmby2W-T5O746N8P0q9kq_L8VKQv5jVSCUz2AXuPgoFJHy2jZu8sbvMU7Gm30qtzpVR-sYccEkLs8MP3noKBk1Cfb1UDI85EcCKZ6s7kNMzNCP0p3EUBr8OHjd3LDoL7zVXHF1PYfxP7ZRc66BNlSlPPnYfwkvHYwgRMLsr1Wyl0vn2yTacQy7_IvYUmj5ZT9QVK3ydcQ_XjW7E6xnXCSRDTQ8QCsbiMHz8WEtkYydXsvFlXlT93DZrDRGTHyOoJ8khucJVuc7iBLo4zHgmIAJcJ7ORVXOztnaxEOC4DbKHrCRXPEBLwwmQpBpiaifqs7BKIsPyHPpzSAciZT4r9ifcTOIXUWnY9sbRmNw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtG8Bwe3NYoOTNoPMYZ2BjfAOyZ7SsVzVnZH3cMCNtwEQASAAYJWCsYK4B4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJygqnEJ-SwPqgDAaoEqwFP0PfSaHoXs9t1VkHokGNMw0ul7ebAu8DFo3hHo0vYmPTo6GzsIqIl7WP6OQ0YLbXm0HnR73GA5Ebx1xiXlYnaqQInq3q4JS2slCFK4cYPnYLxVNWuAIJq2ccuGYZgY0iqmTECEzwiw6wyeSfIw-vZA_14IGUjJTCg0DghBtLQUqLnuoMUpVd8USqbZD7b64hxdHfqH2kn4aueRi6ZeBqxU1TBihXUa6n-CtWABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0nzf1e3139oPOub3_K1ts4m9Jokw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:14 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 07 Jul 2023 21:55:14 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 7F64
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ys3twQANiYMKGGYDAANAnd6tmykkqPeBV6Jsxg&u=%7CCmiiIZhd23Q9I9MUulsxggyO4M061lOUfBwyQk3FmD8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZetDT5vPMn_ZEttGy6HYLo44Q7wBABmby2W-T5O746N8P0q9kq_L8VKQv5jVSCUz2AXuPgoFJHy2jZu8sbvMU7Gm30qtzpVR-sYccEkLs8MP3noKBk1Cfb1UDI85EcCKZ6s7kNMzNCP0p3EUBr8OHjd3LDoL7zVXHF1PYfxP7ZRc66BNlSlPPnYfwkvHYwgRMLsr1Wyl0vn2yTacQy7_IvYUmj5ZT9QVK3ydcQ_XjW7E6xnXCSRDTQ8QCsbiMHz8WEtkYydXsvFlXlT93DZrDRGTHyOoJ8khucJVuc7iBLo4zHgmIAJcJ7ORVXOztnaxEOC4DbKHrCRXPEBLwwmQpBpiaifqs7BKIsPyHPpzSAciZT4r9ifcTOIXUWnY9sbRmNw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtG8Bwe3NYoOTNoPMYZ2BjfAOyZ7SsVzVnZH3cMCNtwEQASAAYJWCsYK4B4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJygqnEJ-SwPqgDAaoEqwFP0PfSaHoXs9t1VkHokGNMw0ul7ebAu8DFo3hHo0vYmPTo6GzsIqIl7WP6OQ0YLbXm0HnR73GA5Ebx1xiXlYnaqQInq3q4JS2slCFK4cYPnYLxVNWuAIJq2ccuGYZgY0iqmTECEzwiw6wyeSfIw-vZA_14IGUjJTCg0DghBtLQUqLnuoMUpVd8USqbZD7b64hxdHfqH2kn4aueRi6ZeBqxU1TBihXUa6n-CtWABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0nzf1e3139oPOub3_K1ts4m9Jokw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:14 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 07 Jul 2023 21:55:14 GMT
sid
mug.criteo.com/ Frame
0
0
Preflight
General
Full URL
https://mug.criteo.com/sid?cpp=VkUMdHxlQ01NR0psbjk3Smt5bFZ5T0F6emxOSE1GbHh0Q2tuNEk3KzkzczdIY3RnTm9IWUZrMlo0Q1NHb28xUm1VZ3FPZTlDUmJCQW1ydkNGcWFBcnhRdERhcmQwa1ZzZE5qNzZGYWt4SDR6UTlkcE9DUG5rYkdwYXFNZC94NE85Z0trNklleW92MWxsSzBDWUJEUHRQT3MyVEE1ZHM2elY5SGRUVlRoYnM2Nm4xV1M1UlFuQzhvU1hiS2FDRW5LejhWOVFxMlVXTEpPUEFBbFVkYjEvTW14UFRHUURkcE02NmFQVFlYMkF2N1NRRnc3SWlwMmc1emNXVEZIMm1XdDF6NTdITHpKbE5GaWJINmZaTjZqNkpITjJmL0F1dk8rMWhKeGhHdlh2VDhTTkR3WT18&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 12 Jul 2022 21:55:14 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1365
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
img
pix.eu.criteo.net/img/ Frame 3301
11 KB
11 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?h=76&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F8d6bc06124f044d4973e0db21c495799_logo.png&v=3&w=596&s=CxRtjByjbRtf0nK6cmCwL0fZ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ys3twQAOMc4KGKuOAAHd6nG_7PjkNBaOQzHBbg&u=%7CgbXvUnTIjmxYqnIea1h%2B17RO7HQ%2BjkhQWVywWO5NG%2Bo%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZetDT5vPMn_ZEttGy6HYLo44Be4v-TrJ1I3cJAqZSbGfWkBfS_sQD7RDB88qACK3RrnT-i6XPEFsN42VcrRTa2HTcUsNQbqFa3Bx0xF9KzDm2MF3HxQAYlgbwIrlB5WBJzyPjJhx0dfU8NBJU2qEQ3Dt9y8O0ZeE6BVuIHmwUwmaGRZBgs-OXouzNhpdwfAlD7eJ1uXAEIuzk73GxY0Y6jwGcdbkG8qhe9fwSy3ae0qP6Y4eARky9py1cZzalDkWJa8nW-G-8ncdr0ycoF3GFXxjIBOt3hr3KFx3gQZNHfISgBQ6epj2ZN5BC5xU25PTxr1fMYk7CwgWDmtKvJa7_ObPda-1dEiLiBZrt47BeOep4dGM-7i9YXsat3ofYhPLhQNfEGmp9S-NG-6HO-hzRkB0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5xYAwe3NYs7jOI7XYuq7h1DJntKxXNWdkfdwwI23ARABIABglYKxgrgHggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODegAdW20uoDyAEJqQJygqnEJ-SwPqgDAaoEqgFP0AGoAj1zAVYbAoIVoKqosOFduvsoLZfSqu3q9Wn4AdgmdCSV3Dc3RQtZf9sUzdcAtGfib-VAjPQmVfYcjCI5web3Aw0Q3gUxyXxJ15BFI2Z9sUhUfTtYbbY_gDgHuxhvt2XZc1HR99H17_NVXRLAceB3eJxRYJ1d3TgqIQRgPHLk8AC0WCuhKpuflSU2FVFC9PDU3IypupCZXpctggc7Vky7yV71f4_Vr4AG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0HR42ql9YGLkrwSw0OfwXfqnkVEw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
093da471f5256cc2c4143fef0a012c247888761f0d398659582dc56da5769a16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:14 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=29389153
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
10911
expires
Sun, 18 Jun 2023 01:34:28 GMT
img
pix.eu.criteo.net/img/ Frame 7F64
11 KB
11 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?h=76&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F8d6bc06124f044d4973e0db21c495799_logo.png&v=3&w=596&s=CxRtjByjbRtf0nK6cmCwL0fZ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ys3twQANiYMKGGYDAANAnd6tmykkqPeBV6Jsxg&u=%7CCmiiIZhd23Q9I9MUulsxggyO4M061lOUfBwyQk3FmD8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZetDT5vPMn_ZEttGy6HYLo44Q7wBABmby2W-T5O746N8P0q9kq_L8VKQv5jVSCUz2AXuPgoFJHy2jZu8sbvMU7Gm30qtzpVR-sYccEkLs8MP3noKBk1Cfb1UDI85EcCKZ6s7kNMzNCP0p3EUBr8OHjd3LDoL7zVXHF1PYfxP7ZRc66BNlSlPPnYfwkvHYwgRMLsr1Wyl0vn2yTacQy7_IvYUmj5ZT9QVK3ydcQ_XjW7E6xnXCSRDTQ8QCsbiMHz8WEtkYydXsvFlXlT93DZrDRGTHyOoJ8khucJVuc7iBLo4zHgmIAJcJ7ORVXOztnaxEOC4DbKHrCRXPEBLwwmQpBpiaifqs7BKIsPyHPpzSAciZT4r9ifcTOIXUWnY9sbRmNw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtG8Bwe3NYoOTNoPMYZ2BjfAOyZ7SsVzVnZH3cMCNtwEQASAAYJWCsYK4B4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJygqnEJ-SwPqgDAaoEqwFP0PfSaHoXs9t1VkHokGNMw0ul7ebAu8DFo3hHo0vYmPTo6GzsIqIl7WP6OQ0YLbXm0HnR73GA5Ebx1xiXlYnaqQInq3q4JS2slCFK4cYPnYLxVNWuAIJq2ccuGYZgY0iqmTECEzwiw6wyeSfIw-vZA_14IGUjJTCg0DghBtLQUqLnuoMUpVd8USqbZD7b64hxdHfqH2kn4aueRi6ZeBqxU1TBihXUa6n-CtWABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0nzf1e3139oPOub3_K1ts4m9Jokw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
093da471f5256cc2c4143fef0a012c247888761f0d398659582dc56da5769a16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:14 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=29389153
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
10911
expires
Sun, 18 Jun 2023 01:34:28 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 20CB
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220707&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=reurl.cc&bust=31068381
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9af0e26e57be3ee3bbabe5c13f9cf8ba252f07a8bf7a58ea3a8ad715d7b336ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 12 Jul 2022 21:55:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11163
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 8928
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220707&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=reurl.cc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a9f0836945707aab782c7a8b3a039cd5ce8ef793a05cbe9b0005056a470d6a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 12 Jul 2022 21:55:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11060
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 8928
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=reurl.cc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 12 Jul 2022 21:55:14 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 20CB
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=reurl.cc&bust=31068381
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 12 Jul 2022 21:55:14 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4901
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
9209
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 12 Jul 2022 19:21:45 GMT
expires
Wed, 12 Jul 2023 19:21:45 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 08EF
783 B
534 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1afa71979c8c15e58371150835ea5c86d096351efe62bba199c7dc12bb9ffd7e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Gtf8H4sopsPXQSDK1Ohgcg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-Gtf8H4sopsPXQSDK1Ohgcg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 12 Jul 2022 21:55:14 GMT
expires
Tue, 12 Jul 2022 21:55:14 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BFC7
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
9209
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 12 Jul 2022 19:21:45 GMT
expires
Wed, 12 Jul 2023 19:21:45 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 26DC
783 B
535 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
19a9f5d1109a378373958f2ac8337af1177c21f11bb215cada012f2d233e324b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-DJiGZiXtpiATEkjY1RWKhQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-DJiGZiXtpiATEkjY1RWKhQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 12 Jul 2022 21:55:14 GMT
expires
Tue, 12 Jul 2022 21:55:14 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
k_X99N4Bu7LAEiAV5XH-2E-AmSxVmuYLUAxNMPpeAtI.js
pagead2.googlesyndication.com/bg/ Frame 4901
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/k_X99N4Bu7LAEiAV5XH-2E-AmSxVmuYLUAxNMPpeAtI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93f5fdf4de01bbb2c0122015e571fed84f80992c559ae60b500c4d30fa5e02d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 05:56:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
57497
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13978
x-xss-protection
0
last-modified
Fri, 01 Jul 2022 16:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 12 Jul 2023 05:56:57 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame D828
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022070701&jk=366649011051637&bg=!4uGl4aXNAAaYcLjmuHA7ACkAdvg8WqGGiV_NmiJayl_-X7BXluBkgYMWS5RK9WZDQoQfAPanUYoNCgIAAABtUgAAAAJoAQcKACaU83jc_aTIEogdd5I27hcEJpPzf5706bReSYdOaosldxSfokPrQZkDAHIqHekDP5ftY0yeW5X9WVk1cCpz7FSJhyN06rJcPnEmmgZ-yp835bLQztR4Oegr6jadWv4K8EVC7mKGhC0jJIFfYaQMkiuAG2kadv2U2DZ4XQu51_HKFRxoQLBcVo6Yw8eRp9GzhD3qx4I4Pql7Jf_Equ0tePizGxpapaSNb6NPttppCjRwJGLxGOVYYVxfS65HmYyPyj3aH27NKsNkLfQh9-dc2L_i_2kstSq-Oazd7cIMP3MAyP4FwTz-ovJ4uXfprewv6XxdrRJIhBxTQh6SCQOEkZHh9o2cVMbJ3zA5D1K-w_8ECSLhJ2JCbtzlJsLbeXcdbHnEfXaUSrq80THwV7MIAejuduocp3WVEk3-K1e-0HbM7u85pDb7-CGGIHOhHV74pHeAsm9B2ECCVYcoXS_1FMe2S97xlL9sjGLMANYzJ2A4_g9c4cKIfVH34fGN6yHJesWA68B-6zjMY5u-KJywInKu0PYvr5cpWBgRCRDNvOiqevDHEIwB4a1AKK-a_o2DzugWjHhkTgdl5F8fF2xcjkvYz8feqjCdLtCgaOU7sPxanOEVswmgA-k96vidb87beZA3pN2No-bmLHrqz9pfxsBIP_ZnH5ddL7vTrPU-PfT33TXCdyBtaj59iF7uJJdd-GJgBT_ddxnkDwmZyvsiF_T4W-pE0ZGX28aPtgoy26ZCKzpbSpzlLv40SbQu04IYLxSBMluBFaJCEVoBHPDUrYo4tLUOFk8nLnTbIaUEGYRA5-CBV-M9HHODPg_VPk6-sJJtrw6gfy32kHbBckH7nlqn_VRbtMT5DDcqnFlS6kxrxu1K3gTytgC2ABAQFMqoO0X3BnRWrjCzUzR7uoqvEeNhpsPxZ3djKSh6Cps4JgPqOmSHKGU1CG3plu37l32AZQZ9337pfqRPkmn3Ok0nP1j_frrfZb5OaLXcYWcVMjtHNfZuGkMJeWdPAQ3mNzJ8OWbD0MuiGbazTdnp8FTCQEwTPpZXYJLip96TnGOneVao49ArdI-9s3HowA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

sodar
pagead2.googlesyndication.com/pagead/ Frame B8C4
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022070701&jk=4221218155780829&bg=!Hh2lHVnNAAaYcLjmuHA7ACkAdvg8WukKG1O9AQWYunxOUPlwMb9vFGXMjtfR1th4KUHNa8XkMDPOvQIAAABmUgAAAAJoAQeZAvkEsluGk-FlMVtqys0eOSIz2b_tqzxm2XRy7eJ7gRfruZmZ8T1Kg3qUR3iBoZE4AFNhM9pxMHFJU8KMdfSTrCNoxZ2bCZGyVYf8mu173HwXKVpSq7_HhPXRsrcCn5X4NPK6i29GDEryFjX-wha_UyW0oKryNXmqwgs5-CvNSTRTPc29hTOLyshGmElLSWFy5t8iJmfiYz9_ShTrRENiSsZvnixAChk__2N3Sr27Kc1T801BWMyw1WatKAx-VmkXgG5I73vvyELMwUqF713TGGM1EWr4jcf2sCsLwizJfGHu5yAlWyAE9KApkck9IciAVYz-RYPImos2htjiSoeLDKcUAT6XQoDd0UG-4kY2LYwLIYiQkKY6L-njZ48BiL9UgISae-aVXmdLQ13b0c2GkkHuGmxnaKM38ZBcKM8dGNU3dbQBHnPxWAxh1X9xkzTHAzWv2ud0a6ONmq5UXhlBd9xDN1F4WcyHbjxhQHvhjeebbMr1NBUovTn7qVddc1zf_gaL_BsoYnjhWgppkwuzbEbL4JGR_fBJO1BaeuDd0kw-qvym8O8U_HdxT_-ZmQ0uFBVvdCOb_JrEE6U5YWMhl-sFo5okO0yaC6zVUCduxNgbbQsnEVtMhtB3jqe7slJU07g19M8zh8lM_4MIjTPeVxGX93zHcry6UO3xLSEknLexDvVnixakOXdHi7_sM_rsiMFGYXSI8QJr7E3X1iIrZpHKRqJRH8LXM-_w68KaCJ009gyJJ-iLtOPDY4tyr5ZoCD420aCx7V2zuAJY7Q7KxmrEYzDGgyojfnt0jQXOh6a984NMJ89U8Yq-L1a05lLplxjBc-rOqCRkFzCoU4lVWpyUAoyiWUGAetoI8oUKDdOkmsl-LxVF0RElSxZlcLP6I9HiJn0s9ncnoCGmxBPiudR5gHwzD2VNLorYvI8UfZz6WclL2JGV_V31ivK8ZjBWJTuiaQ-LqdhxTkumXBO2kGq_Xnkd4bKsF1tx1pHzqrvm2oumCh2JFpjaFg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

sodar
pagead2.googlesyndication.com/pagead/ Frame 08EF
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220707&jk=211708314825957&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

sodar
pagead2.googlesyndication.com/pagead/ Frame 26DC
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220707&jk=4177307337193708&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

k_X99N4Bu7LAEiAV5XH-2E-AmSxVmuYLUAxNMPpeAtI.js
pagead2.googlesyndication.com/bg/ Frame BFC7
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/k_X99N4Bu7LAEiAV5XH-2E-AmSxVmuYLUAxNMPpeAtI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93f5fdf4de01bbb2c0122015e571fed84f80992c559ae60b500c4d30fa5e02d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 05:56:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
57497
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13978
x-xss-protection
0
last-modified
Fri, 01 Jul 2022 16:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 12 Jul 2023 05:56:57 GMT
generate_204
tpc.googlesyndication.com/ Frame 4901
0
9 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?dkxyjQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:14 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame BFC7
0
9 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?lVnALw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:14 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame CCE8
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstf4l-AOj69DkW6K6SPIN_VWSI7ZVTLHseSrYUGFUaxJ5Pg-IMPQ-LDCaF8R74pJUmvG1usTNLuKgv20w9ZHi3ptVM&sig=Cg0ArKJSzLA4v7dPvs53EAE&cid=CAASF-Ro5vAUbNTNdsDDMhRELWC31dFW4w98&id=lidar2&mcvt=1001&p=0,0,250,300&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220711&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3645501049&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1657662913829&rpt=437&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Jul 2022 21:55:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 463C
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvHoYvNgTTzVQ5p2kUal_2S__6CrmqWv9JQLnaSqjTlP7-rM5EA4Sr8U23Y6ytEPGRDzSRxBv-OImQ7QV1jSVijGE0&sig=Cg0ArKJSzB5wOSdGNTyDEAE&cid=CAASF-RoRdCc2X_kyoHJRh6qOmeuCyvvBmy-&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220711&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=727071374&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1657662913899&rpt=396&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Jul 2022 21:55:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 8928
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220707&jk=211708314825957&bg=!qaqlqu7NAAaYcLjmuHA7ACkAdvg8WgkMUwqBrSFYbJmsK2aLIxq-1pn3kZVyi4k0UMyr3GVB7v9QbAIAAAB1UgAAAAJoAQeZAuWUtA8FSqZ3-3a5alRehjJhE7czZWgylKw4Ec6luv7VHxE52wPmbSVjtS-euHO-BpyLFbvrHLsW7omHuUzOQvIxuQQ46j1fFp4JqSha-AEXi4sRr_9V6Wc9bTlA37Gm08_YmDedHjDSv5BZOKAizmn22O7GL3w_8eube47cPakfmKNa-RyYNQw7zoZWvztqfMbt6MVTc9XF75_IT6TqIKRY3dhm0UH16Hao821Lgqlj6JK5fWnHeMkULXS9uwybZTstBShKhT5lwOohVKsKOhYhbPBV5aH3x4Ln3BHbkbsg77QC0y0738UZL5or8ySoR5dLLl3f4y2Fj4n7BDunqtXutdWu4sY2RQhyVWnTMWzhfTdpPbbPBIkI0LznWJ7soT9hPytEi4c1p0dppNGWZz7Wr29vMuy3lO3o-txp3Ok_uMft3Mf3GAwwolXMlMtZS4GWzAhaIPM5X-ycTMjoHYoSp-boAlzBmBTfRjyuohQkS_1Uc8GG5UZWLLQrCczs_R4rbbcf-NK5Jv8odTF-cV1SToAUDsAnko_yGfFESVULOxUH7ccU5Ri2nbZRbJ1DYFzM3Ihq4yVpomzzZwYmoMiXfaM-QmeHM2iSEqi00mvcL2iS89QEqDLkCEfc6RqRc3bYQ0bQnGL7gXobR5kou1n4KzklcQUK90Et-jq_rGLv-mCdRYXtAB9sVff0hwuAel48FEsTdeDI5kuw0IQdVmrN6Xa-Z2Bw0jp-q_tfnkd23oWfqX0YgBtFJ0P8m-6nzgDfIPHxd8HN_ccLp0PcUeQ2Q-fYQZZRgnkxRlLM643nUsYWQKTS1NBoeJsSaaLfDqgP2lqB8a-7_7INCENukhHJWSWqz1Bs0Ai_T53fJL3JmjxvBeAjZXVr2u0XH2PClWVJy4uYKep0nIMMIfuhWqfxR8GkHyWuKogc-IiJkIyR-8XjUcp0_toMz1lhMLrN1bMyeoNgjmrPk_AepigRqj7C-yVMuL0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

sodar
pagead2.googlesyndication.com/pagead/ Frame 20CB
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220707&jk=4177307337193708&bg=!zM-lz4vNAAaYcLjmuHA7ACkAdvg8Wi56jlXEgcnPM6C9J-Y-J6kKn35VxNpKtGO0rOC4TomGkFOVmgIAAAB2UgAAAAFoAQcKAIYcIqZLlmk_vAypEp9AV7VWpuYyaL8pDdMlx1z8ekctxv5AllvkJEWK5xsvWE-IHfmcdNFTaIcWjHhy3eOQwSglkLWXXpr9D9-LAXupKtlwNGRVyAkcT9AEnZpS2dSoyU5ncfLCcnHYRLxFUTZXgV0Jvb3w2WEOzfXWN7psYCdBXdhlYNjT_pkC-ZQzj3ofQHtN47p1dP7MoyuUOtgrsSv96zwlTp1hVS0S-QSnvSf1-7djLoBmHtPdwjIF-syV9hrWXxiB3UMYpB2lUG1o05ZVLVHh768ko-P0NJ0g4gklGslFf8rOMSXHF4M0C1djR5RpwI1axd5wQNxQWi71c6JAlAwonvoFhiezfNI8zW-PqANAJF_AG5sg-ZYyaA01C27fqhHQKmW-sCyOzFEKuepd2gvcFIkza29s1FbzHKLO0orydDuU3a79pbXaHgQ11t4v1_7euKomEUMNGCk_vBgy4PS4F9XilWDNcBB0I8v39FfWx9Qs8LSMSnkxR5ZYTGHy3moUMRK4C3iVMnIT28rQt461Gc4BSPlqLZ041EE_rDsZQUK_pQhLUHTIPawP3XEzIrx8o1_hdOLDjTx9_kRpbCaI-OK_oAwFir2HJtCg7VgpWJRBUQxeMLuZxUD8hoLtJH-VzpsFnqOVPVmMubVde9Sla6FHJ0v9YxtifYfYi_LeTbJLaNb2dGlKlTJeLNwZAK9r6YbRKPcDIwp0yZQKMUJpNseDCirFD26e1EuX7WdtD4_eRowkXn_K8_D-xvHD4wfzV7mOCh1iGRNHiulZXc2iiSeIZP37n-0UlsjH_zLqnWDDTvK6anq8t4TDenw4PNARUmu-A5xJhQSykpngMoPxwvqaKmbf2gdvXjz3ET6uXq1FwkZGzA5QtnSTZdnWv-gz9GlwpRofjn3-knWEwSVZ90kSE4yhWfSMu9Itp7hhHVc18kdyGoEdsH7K_rCyBquM1ga0ZezM8L4DUTyHPXYN2ZjQntjARAnAydEQAWAjdMDq8YL84GrZ2R75HPggfF6LNAVgsg36jiLticG718cE6iPNelboE3Gck3Q11cBFKStT82l8JgmnDQPeDsyweUIDLK6Ulsq8YS6_N2luJ3U7SjT3sKLNpcAjlbSA1HH_4LXOMPu12bi0euXtlfG8ZmmLorhjDJwQphUqf8h8lm8CfDXuW4Y0lI4NXXBNBHIb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

7614616.jpg
img.scupio.com/ec/x/931/250/616/ Frame AAF0
6 KB
6 KB
Image
General
Full URL
https://img.scupio.com/ec/x/931/250/616/7614616.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/a7d82y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
355d7dd4feb018eaacf0f66eb95a8b090fc2a0e9e75d90f848c16cb38d340595

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/html/ad.html?v=1.0.63
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 21:55:12 GMT
via
1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront)
last-modified
Tue, 12 Jul 2022 07:20:56 GMT
server
nginx/1.12.1
age
4710
etag
"62cd20d8-1731"
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=21600
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
5937
x-amz-cf-id
jhT6wD5LLneuOEIUo8vT-MjvK6t0noHgkP5SyIiaJLoxnXM9ewWrZA==
expires
Wed, 13 Jul 2022 02:36:45 GMT
all
csm.eu.criteo.net/ Frame 3301
0
127 B
Ping
General
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=lD7sEQcullyWXfF_i-IY_m-Oz0nIH1LER-mfsEnKsEPREMzTi3fabsx6Pu2NVtfUaLvg8pG4dAGBJho4loCWyoPC-OlfQeaA1vH7sw0oL16NvORv52zg9F-iYiLbYs_-YmIIY8MqF_b5yFRR_3zDIjve3BzUAx4-357ecvUw7ba9JYshWdEoxqs49iWKlS1CNo4kY_UDs54BBMPNEa4wwjPnsv92cj-cvuuKL8JAZ37rjdXP5Cwo_1atbZ8Zv-ZGeLJB-A&sds=2&rev=82042&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ys3twQAOMc4KGKuOAAHd6nG_7PjkNBaOQzHBbg&u=%7CgbXvUnTIjmxYqnIea1h%2B17RO7HQ%2BjkhQWVywWO5NG%2Bo%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZetDT5vPMn_ZEttGy6HYLo44Be4v-TrJ1I3cJAqZSbGfWkBfS_sQD7RDB88qACK3RrnT-i6XPEFsN42VcrRTa2HTcUsNQbqFa3Bx0xF9KzDm2MF3HxQAYlgbwIrlB5WBJzyPjJhx0dfU8NBJU2qEQ3Dt9y8O0ZeE6BVuIHmwUwmaGRZBgs-OXouzNhpdwfAlD7eJ1uXAEIuzk73GxY0Y6jwGcdbkG8qhe9fwSy3ae0qP6Y4eARky9py1cZzalDkWJa8nW-G-8ncdr0ycoF3GFXxjIBOt3hr3KFx3gQZNHfISgBQ6epj2ZN5BC5xU25PTxr1fMYk7CwgWDmtKvJa7_ObPda-1dEiLiBZrt47BeOep4dGM-7i9YXsat3ofYhPLhQNfEGmp9S-NG-6HO-hzRkB0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5xYAwe3NYs7jOI7XYuq7h1DJntKxXNWdkfdwwI23ARABIABglYKxgrgHggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODegAdW20uoDyAEJqQJygqnEJ-SwPqgDAaoEqgFP0AGoAj1zAVYbAoIVoKqosOFduvsoLZfSqu3q9Wn4AdgmdCSV3Dc3RQtZf9sUzdcAtGfib-VAjPQmVfYcjCI5web3Aw0Q3gUxyXxJ15BFI2Z9sUhUfTtYbbY_gDgHuxhvt2XZc1HR99H17_NVXRLAceB3eJxRYJ1d3TgqIQRgPHLk8AC0WCuhKpuflSU2FVFC9PDU3IypupCZXpctggc7Vky7yV71f4_Vr4AG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0HR42ql9YGLkrwSw0OfwXfqnkVEw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 12 Jul 2022 21:55:14 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
all
csm.eu.criteo.net/ Frame 7F64
0
127 B
Ping
General
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=W-8ZNwcullyWXfF__Qx3xT0pfJ2Wrhlv6CeGs975tkzmstFZf0Twxp9D7jjvmr-l6pflNnwha5mnvf7scL37w2X1XDvQMaqkxvaxnwVKi1bZFMfezdL8WSr0F4ktyrr5zGIY_jKdxPboVyjrxMRy-T26jCuWlPg9cd0RKsJ-R3blFeFszzdMGuGkoqIzDuWYfWwR4JczfY4wridNzxUV9fcYCkmaHSJm_b9J-6CvvCf-EDj-8rEoyaz2PUSU2F4hhrsc0g&sds=2&rev=82042&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ys3twQANiYMKGGYDAANAnd6tmykkqPeBV6Jsxg&u=%7CCmiiIZhd23Q9I9MUulsxggyO4M061lOUfBwyQk3FmD8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZetDT5vPMn_ZEttGy6HYLo44Q7wBABmby2W-T5O746N8P0q9kq_L8VKQv5jVSCUz2AXuPgoFJHy2jZu8sbvMU7Gm30qtzpVR-sYccEkLs8MP3noKBk1Cfb1UDI85EcCKZ6s7kNMzNCP0p3EUBr8OHjd3LDoL7zVXHF1PYfxP7ZRc66BNlSlPPnYfwkvHYwgRMLsr1Wyl0vn2yTacQy7_IvYUmj5ZT9QVK3ydcQ_XjW7E6xnXCSRDTQ8QCsbiMHz8WEtkYydXsvFlXlT93DZrDRGTHyOoJ8khucJVuc7iBLo4zHgmIAJcJ7ORVXOztnaxEOC4DbKHrCRXPEBLwwmQpBpiaifqs7BKIsPyHPpzSAciZT4r9ifcTOIXUWnY9sbRmNw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtG8Bwe3NYoOTNoPMYZ2BjfAOyZ7SsVzVnZH3cMCNtwEQASAAYJWCsYK4B4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJygqnEJ-SwPqgDAaoEqwFP0PfSaHoXs9t1VkHokGNMw0ul7ebAu8DFo3hHo0vYmPTo6GzsIqIl7WP6OQ0YLbXm0HnR73GA5Ebx1xiXlYnaqQInq3q4JS2slCFK4cYPnYLxVNWuAIJq2ccuGYZgY0iqmTECEzwiw6wyeSfIw-vZA_14IGUjJTCg0DghBtLQUqLnuoMUpVd8USqbZD7b64hxdHfqH2kn4aueRi6ZeBqxU1TBihXUa6n-CtWABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0nzf1e3139oPOub3_K1ts4m9Jokw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 12 Jul 2022 21:55:15 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
google2waycm.netmng.com
URL
https://google2waycm.netmng.com/cm/?google_gid=CAESELRYx7gnsARlH9aY5-sbbII&google_cver=1&google_push=AehlK4Anunmc7ddAALb4VSni7MpwAhaMh8R0D2VRwVg_Z5PBBIyXCzTQlvzEWVD7VM33Jyo7T7IANId3rKExM9dXbESxof7vgK4

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| fbq function| _fbq function| Vue object| renews function| getRenewsFeeds string| labelToken string| category string| GoogleAnalyticsObject function| ga object| SD object| device function| sitemajiDebugger string| adUnitType object| Scupioads function| hasOwnProperty object| scupiosdk number| edmpvct number| edmpcct function| c_tag_mk number| cftkn function| chktkn object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| ElandTracker function| stfpjs function| cookie_mapping object| criteo_syncframe_state object| google_reactive_ads_global_state object| google_ad_modifications number| google_global_correlator object| google_prev_clients object| googletag

47 Cookies

Domain/Path Name / Value
.reurl.cc/ Name: _fbp
Value: fb.1.1657662910159.257589389
.reurl.cc/ Name: _ga
Value: GA1.2.506623428.1657662910
.reurl.cc/ Name: _gid
Value: GA1.2.208939267.1657662910
.reurl.cc/ Name: _gat
Value: 1
reurl.cc/ Name: CFFPCKUUID
Value: 5644-nHLgNnuMUZqx1UfsTsNykm1bfVCVrumL
.reurl.cc/ Name: CFFPCKUUIDMAIN
Value: 2396-h52HJW4TZUhjRE083FyLZa2PSbzRa3CR
.holmesmind.com/ Name: P
Value: 422561-TMH65wljeJha70tf2m9XiR8m4WrDVzqz
.holmesmind.com/ Name: Vision
Value: 20220713-23:59,20220713-08,20220713-08,20220713-23:59
.holmesmind.com/ Name: C
Value: null
.holmesmind.com/ Name: RK
Value: null
.aralego.com/ Name: sspid
Value: f7ec386a-9b9b-45d8-bc34-9de591d01056
.hinet.net/ Name: uuid
Value: 218cad15-6387-4941-93c3-f36fad2a39e0
.c.appier.net/ Name: _auid
Value: N-xE0AqSDI-b2ph8v-3NYg
.reurl.cc/ Name: _ht_em
Value: 1
.reurl.cc/ Name: _ht_50ef57
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUncarDIzwD9oTJGn_pwLRVlRjfPGNHde3kJyGNGVC9n0D6FW9GrA7l1sf3oGbw
.holmesmind.com/ Name: fcm
Value: 1
.scupio.com/ Name: fxc
Value: 1
.criteo.com/ Name: uid
Value: e318b7aa-b491-469f-8465-f2e53f30e8c3
.reurl.cc/ Name: _ht_hi
Value: 1
.scupio.com/ Name: gx
Value: H4sIAEBezmIA%2fxNmYGDg4uZY8m%2fTsufTPlkJsAqxcNgLMAEAYq%2ffWhcAAAA%3d
.scupio.com/ Name: gxc
Value: 1
.holmesmind.com/ Name: R
Value: null
.holmesmind.com/ Name: G
Value: we3u7ZGJymKY5J47cKd8kQ==
.holmesmind.com/ Name: d
Value: /jHzqDFxfoBZ4WTyQK3MPaD5j7NQOgUkv1Txfycvr2ReudB2dm6t0KDrpHJuqax6WjAFQ16PJy71RxDiXPBzgA==
.reurl.cc/ Name: __htid
Value: 218cad15-6387-4941-93c3-f36fad2a39e0
.scupio.com/ Name: OrgKeyValue
Value: CKA20220713055512858852
.yahoo.com/ Name: A3
Value: d=AQABBMHtzWICED1LbTN6T2ft24GOBY9Wd_YFEgEBAQE_z2LXYgAAAAAA_eMAAA&S=AQAAAl57fYJ4srX04ZrCuCMxurc
.aralego.com/ Name: euconsent-v2
Value:
.aralego.com/ Name: gdpr
Value: 1
.reurl.cc/ Name: __gads
Value: ID=3cc102208e27bde4-225cf021cccd008f:T=1657662913:RT=1657662913:S=ALNI_MZUNffKHyNVxFLyrTiuCNybFQLiyQ
.reurl.cc/ Name: cto_bundle
Value: byD8H18xS0N2UVZDWXdyNnU0d1ByYnlIY3U4ekZSVHAlMkZIazNuRmhOSWdBTW05UnVUMVcxaW4lMkZsaWl4S1Nsbldtb2F2aGx6V1ZmUDh6UjZ0djRWb1dLQVlKUlduWkN5SzdYQnVZTG1RY3NQRXV3OUslMkZsJTJGZ2hJYlRtMmRuU2VqSVN4ZXQ5YXFYbFBUUGFVMjdUJTJCYkVDV1g4UkFBJTNEJTNE
.w55c.net/ Name: wfivefivec
Value: h0D1Oy3x1ObnQC5
.ctnsnet.com/ Name: cid_38af3f56b1544821800edef494d8f5af
Value: 1
.ctnsnet.com/ Name: gid_CAESENYpUJQKFIQ2Dku8t6Manc0
Value: 1
.simpli.fi/ Name: suid
Value: 0D83A353B7FB49278E551B318752CD43
.adform.net/ Name: C
Value: 1
.w55c.net/ Name: matchgoogle
Value: 5
.casalemedia.com/ Name: CMID
Value: Ys3twjC9DFAk--CfUb.uvQAA
.casalemedia.com/ Name: CMPS
Value: 1203
.casalemedia.com/ Name: CMPRO
Value: 1203
.adform.net/ Name: uid
Value: 7932622963761251766
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 39ED0D70-A3F7-4CE5-9071-FEA03698F43C
.casalemedia.com/ Name: CMTS
Value: 5176
.sitescout.com/ Name: ssi
Value: 6aa20647-df23-4c8e-bc55-54cb4d8a93f8#1657662914481
.sitescout.com/ Name: _ssuma
Value: e30

1 Console Messages

Source Level URL
Text
other warning URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242781&pi=t.ma~as.2784%2F12679&w=300&url=https%3A%2F%2Freurl.cc%2Fa7d82y&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657662913708&bpp=12&bdt=551&idt=102&shv=r20220707&mjsv=m202207070101&ptt=5&saldr=sa&correlator=8080358364842&frm=23&ife=1&pv=2&ga_vid=506623428.1657662910&ga_sid=1657662914&ga_hid=1049140368&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=622&biw=1600&bih=1200&isw=300&ish=250&ifk=292260424&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31068196%2C42531606%2C44764002&oid=2&pvsid=211708314825957&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.79slkodixdb3&fsb=1&dtd=120
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0bdff4dca86cb93601122d0736e65d6b.safeframe.googlesyndication.com
218cad15-6387-4941-93c3-f36fad2a39e0.t.ssp.hinet.net
a2a5736ec106467a63cf005083d1428b.safeframe.googlesyndication.com
ad.holmesmind.com
ad.sitemaji.com
ad2.apx.appier.net
adcdn.holmesmind.com
ads.aralego.com
ads.eu.criteo.com
ads.yap.yahoo.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
bidder.criteo.com
blog.alphaloan.co
bw.scupio.com
c.holmesmind.com
c1.adform.net
cat.fr.eu.criteo.com
ccm.holmesmind.com
cdn.aralego.net
cdn.holmesmind.com
cdn.jsdelivr.net
cm.g.doubleclick.net
code.jquery.com
connect.facebook.net
creditcards.com.tw
csm.eu.criteo.net
eus.rubiconproject.com
f67f7ece-c05e-440b-b1ee-6544db77157b.t.ssp.hinet.net
fcm.holmesmind.com
fonts.googleapis.com
fonts.gstatic.com
fp.holmesmind.com
gcm.ctnsnet.com
geo.yahoo.com
gocm.c.appier.net
google2waycm.netmng.com
googleads.g.doubleclick.net
gum.criteo.com
hb.aralego.com
image6.pubmatic.com
img.gbyhn.com.tw
img.racingcharger.tw
img.scupio.com
m.holmesmind.com
match.adsrvr.org
mug.criteo.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
pixel-apac.rubiconproject.com
pixel-sync.sitescout.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-asia.creativecdn.com
prebid.scupio.com
re-news.tw
rec.scupio.com
reurl.cc
rtb.fr.eu.criteo.com
rtb.nl.eu.criteo.com
s.ad.smaato.net
s.yimg.com
s0.2mdn.net
secure-assets.rubiconproject.com
secure-gl.imrworldwide.com
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static.criteo.net
static.wixstatic.com
static.xx.fbcdn.net
stats.g.doubleclick.net
storage.re-news.tw
storage.reurl.cc
sync.aralego.com
t.ssp.hinet.net
token.rubiconproject.com
tpc.googlesyndication.com
um.simpli.fi
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
google2waycm.netmng.com
103.132.192.30
104.18.18.126
104.89.20.125
13.112.127.33
13.224.189.97
142.250.185.162
142.250.186.34
15.197.193.217
159.122.14.34
162.210.196.208
172.105.213.147
178.250.0.160
178.250.0.162
178.250.0.165
178.250.2.135
178.250.2.146
18.194.91.60
185.64.190.78
192.0.78.236
192.0.78.244
199.115.117.82
2001:4de0:ac18::1:a:2a
203.75.214.136
207.198.113.89
210.59.219.175
210.59.219.180
210.59.219.181
212.82.100.146
23.75.240.210
2600:9000:218d:d600:0:e06c:e940:93a1
2600:9000:223c:800:1e:a43d:b640:93a1
2600:9000:223f:a800:1b:5138:8a40:93a1
2600:9000:2250:be00:3:1794:2540:93a1
2606:4700:20::681a:467
2606:4700::6810:5914
2a00:1288:110:c204::b000
2a00:1288:80:807::2
2a00:1450:4001:801::2002
2a00:1450:4001:806::200a
2a00:1450:4001:809::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::200a
2a00:1450:4001:811::2003
2a00:1450:4001:813::2003
2a00:1450:4001:813::2006
2a00:1450:4001:827::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2002
2a00:1450:400c:c1b::9c
2a02:2638:1::2
2a02:2638::1c
2a02:2638::2
2a02:2638::3
2a02:2638::b
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:d018:d29:3602:4891:fff1:1f1e:1d30
2a06:98c1:3120::3
2a06:98c1:3121::3
34.102.176.152
34.117.219.39
34.149.98.30
34.95.67.231
34.96.119.68
35.185.130.121
35.185.136.122
35.186.193.173
35.186.215.140
35.201.76.93
35.227.249.156
35.244.196.223
37.157.2.236
51.89.9.252
52.69.221.200
69.173.144.139
69.173.158.64
034799beff3138996bea9f5581e7b5e115db284153f6f02b182d7bfeda60119f
057c2a27aebfcd01f396e450f72b0b1d27670d82271ed662da9542fbe72dedc2
083df52b1f99bd6b4b366ca3bc7540892e808073bcbc7d1ed033ded5df6a97ec
093da471f5256cc2c4143fef0a012c247888761f0d398659582dc56da5769a16
09533e9658b31fcb79764178f8e7e9df7e1c36a7dc7bd22b5fa87e2da89a56d4
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
099233cede9f2428629b92d0782f0c511969080a651671346c20cc2bcb9a0878
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c0ae7c9ae24fb1960ea23003b63d33ab70816afdde5a003c8f5d7ac970ebdc5
0e02373f8984a70815328ab27d6f40bb4cae033cb6e0e37b288cecf81682ddb9
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1115213a7ea75b8482906dc8a9407cb2406ef1271bcd2eb2580c9ea21aed010b
1291c3d774415b830ea3f2c5ce78d160485606386d08a878c87f41ccdbe4a73f
12e46b645dde5408be7fc6f4ce9647addac5d09c5f27dc8e3ffe9e07e6c9a935
13e55095a5b249ac897016c8bbd10a1f1c3b1762dc6f299b63d001d540f5705e
19a9f5d1109a378373958f2ac8337af1177c21f11bb215cada012f2d233e324b
1afa71979c8c15e58371150835ea5c86d096351efe62bba199c7dc12bb9ffd7e
1b128b6e32f4f6a2c659651afefe338808de869d4e6194c5ee0067bece38644b
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce
22d4fe7a41e1b5ac442faeccace387a6e59c4f056bc35b71f1b65cf42e7a6721
22fed8464a37b0a94a7bc227d742be06449647ea714c7b70a659f07c662e2f8a
25bad7552b09639334d7482dc4822ec5b88f3d345f2223e0b106555a27f21f90
260a38fd6cc5ef58002f66b9a6efcd915c7a2035a626948e5003e5ddf727d9c8
26ebea8d19b53f669bb70ccf6d6bc7c23647a0b11c0cff76059bda60d7325330
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c
28f2657e810b3a4b91dd9d86393e25c07f3a0af67abf29249683a4dff6045ba7
2b4367e75feb243dba0e0d384cd6282e35e266d69e3af0c1fd86e1af6242e6bd
2bbc9b0a970786726b570f1470a785d8a1950483f78d860d785db5ce963785b9
2c4a47acfb593b64c07cc4da1329cf201774efa5a0bda66f4798dc44a6aac374
2d9541a5b91ebb4cd6d495bade576413a965fcbae3e1f4ec91e4202143baf0cc
2f98df60367c67102212d8bff64f64d9e20f69cc2dcd81c833df644b9961304f
304ae1911a663654a9df33b95b1c0326c573ea07ca97ed0691b2dd6909659b87
305a5c5f545fc12468eaeb02877c6a7bde72bc6a96caceed2cf797c0a0938f62
31918f5f4ce49eaa63265c0b72b9a22886ed6eb95081772a3fbc1a0151a6e63c
322af644072938b342012b3fdcbe4b9e2763ee4e180948c35958f3fbfa7ce170
340e881821542693dbadb77ea7045af2d968ef1c8bfc22fecb320d603492940a
355d7dd4feb018eaacf0f66eb95a8b090fc2a0e9e75d90f848c16cb38d340595
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6
37f7cb504e24d04c0a0ad415ed8612013957406bceb5dc53e21ce7480ecbe46d
3fd25805746226bb2040e0361cb5ffcf84d67e25fea260d5ea19e5d279153efb
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42176dd8bba6d2b3043429bc0f0401f069e2c8e3e2642fa3f2cfef58cad0071b
44147710073140bbb578e4d824a1a5ab3294904b15c8911340329dcc58bd75f3
453f8b19c1a77907150736487838aba59d0374fef638eb4b99f02fbf0f856856
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4a9f0836945707aab782c7a8b3a039cd5ce8ef793a05cbe9b0005056a470d6a7
4ba46bfaca63b059874578152c263e1aaa8618019a1067adfdfcbd00f52339db
4c2ce8d360f61186e0ba56478c0bc8e848e2ad5958fd08900e13bb0981541a64
4ce81ecccefb27ce0f347ef564114da2ba450a9e1d9a7260b4597e62b1f71a72
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
530ca1614d792b7d61b12d107ba9caaefa679118ff79904fc5f5c0009ae194ee
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5e5c9149be229df7c934f8cd1acf1b3cc9e04e29cbbe6cbe0e2d726e79930cff
5f2a50fa61507a697e6351c572eaca77410ad3fb9c14f9d55663b5761b2101dd
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
649bb51c7988e50a72ba3202a01713b60c3ca192847bc878e1505203418a207c
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d33294f7ec1ca914eb692a244ee9fd71158ac9cfb9c225053edea975fce8ad6
6e9ab8ab1d57a0695a66577e348ae4343e1a92f70cb4835a52c4863f11114037
6f641d761d4966b3e68b83db6558800066470040a24a4ba5145ca1ddfa48c1a2
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72d627d926c01db0ba03d55b27f0ae4ba5b1cf1e14e0e598c6b410963dbd582c
73db7f6514ed3961fe6df3916b73fc86066df9d18313ceccaf82dc879b6fd53a
7671f552a264a5685e787335eeb2633dcf569d4e19dda8d601efdd09ba45e313
768d26e2f5dcb0b88037421ffb90abb0df7c80e381e61d032f425c485e829aa1
7bdac8b4ebc3b5ca04c134d8b2582b09133a77e2aeddbaaeb3695afe911b3f48
7d770dd0312d980b1c50b891bb8760fe02ee14084f9dd7c4799172f55d7802f2
7ea014dbd2141838e64f839656dd6eec7e513ebac16b0b811430b3a81b777a58
826f2141bd81e119934e346f1e6334bceaab96089d5530609f7e641b6afeff90
82850c11ef4b04bd1ec2b3f27d2f0ee21f633286999a6d41eb55eb8205c6295a
8290d97b04510b940ddca9f2aea802eaafb36fc7a8f52e4466ed2b77db35c632
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
835567069e081d5912a752e75e9f8507d2621bee0b97a88730a0fd3608505e8e
83b8c12cb68a94e936c0fddbf17bdb48f0d2bbe95790e005fcc2e775c617dc24
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89367760ff3ae97bf0929c541d6735607a7d94c31f5d8adf588d5f14210eb175
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d9fd04b0c4d42a58f7b00d5427d9f2ec293d329f41a4b22e37b6d18a1117679
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
9106df425157d837db9798b2b26f25f27f9a4e803f2fb0b2851c88492bec14fd
929b41bcf001a8cbc7ad1065665b28ac38ead638e275a9f51aaa6d63e0c08182
93f5fdf4de01bbb2c0122015e571fed84f80992c559ae60b500c4d30fa5e02d2
94bb701b663858b8e7a5ddc1e26d2cae7e41834df854b2af83de6eafc9eaaec7
95adedcf40dc8780370925bf9dff6f4e1f54ae41d14c743e009156fd37dc90b2
96066d1cc1ca8875144cff6eca4e259c921e68668cb37e296b26df339e483564
97a8ac3778e546a6f181085011be6050889e44dd212ac3e9782389f0b853c23d
981b5026eca755bc7879d27636e982449c88b5a4bbbb44d3741a52f7c1a729f4
98b187cd6f87ad20035894c988231d6ef4ed2f384405f129ff44f1a46c458347
99ec1b27528b2883154fd166e11c3fa740d28609937a1a0287d95674ea99c2bc
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9af0e26e57be3ee3bbabe5c13f9cf8ba252f07a8bf7a58ea3a8ad715d7b336ef
9c8c0ac19964706e18280f35973180a896d74c52c760c2d7047d6a94c1329a6f
9e0156dd49c03744e79bbea60eebbbb94b5811c1b71b91f5fb38a8270dedfbaf
9e1e2d61455e368f6e46c9cb5e66d1e329bbfae474e057f871e08da62fd7a8f2
9ee1b5f0991caed05a8149e2e2d86f43a8a0d8600d5c83d2799601714a8af3c6
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a19902458ab4a5513642a87b381b9183a2fc725849b581fd953e22d824d1c5a7
a24e1c0a3422c528d6b56e8e0ee84760ae1ab49e80332f431ab606a73f552b95
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a61200307498420cdd828a12c0eba145bb05d9c207b2ec880bb86f6d6c3186d5
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b026983cdee458bafc6481c3ca2d40ef2349f249df3942994035858ed411bca2
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b73e6cb22f3ae22bcbe36217e226c082f813a2a8a7961644093d849bcbd30294
b8026cc5e944381830a07bd220d8385850841fae567bca91021010b19357c3bf
bd2a94ff5c153ca5ae90b45c6f4a7a5256a151661dabee3e69dd15d5b49ddaf1
bd5029a12ba03aa7db6189edf7cc2c33a008aaec1e3b10fce29d453e61124e9b
c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b
c08282bd0bea653137202471bf63aac6c84ec826405c9d9a80845a197ccb6d30
c19ff2da6f784dfbbcd1cb0c8305c7e52f69a56041b3016dbdf2bf60bf3c234b
c2ba19f4fb01b2a985eba903cd73db6685d4a430fd76a715491e702e7551c8a9
c36d8a2309a9e38e7e3672f4374a1a43a5d6ac15e33b5e7784d374b9deda3899
c40168707694e0bb9241c2f9f4ef86dfa65513f547b6a37c151babf07fcd7d53
c83e7e8767d3bab7cb3e6fb0245b8d4db298f1a27dfc4949f07e3a8d1c5832dd
c9eacd4f7c4b2e26233432b0a1812431c97f2a9e24aa06da0d29298c08a1b470
c9f8306437593bfffa77914fde4d7334e943c0c3689ef36f68e77e748db8f18d
cc79c0dd36835b0227e3a48c34c756790039c0f1b47b2569eff1e423298e0738
cc94d938dc746568368a1c75eb7b0776a3e28a591d18796dcd85714d322030d7
cdb7b46cae42cd81431bbd6892f43d4f84508bf5fb2bde0ae32bc577ce26d275
ce1e17725c0565bbdb0d7342bd669fea135d89a610c5f1c9ae7d0eed5e118267
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d121eba58f832e8cd45826fd2d7b969acedfda2f1a96c34b602ba5d64cebf1a5
d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795
d541f77dd45df41c827a1c2b2899696c336c7bb3a1a06422d66ca4f37454258e
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
dd16456eeaba982565909b762ecc6d320a7ccad78255428dfb5222b71ab58cf6
dd60dc06bb34207c6def6eb81ae497f1cf0a43d4e31304748f821ed811884be7
e115e9eb61b6fa5adad7280b1c90a8a37a1ceeba1b729054f1468c8f6568edec
e1167ff91904a91dea56b3fa14d7af416e140055a0729a45b8ed8dd4e012d859
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32
e2f0526568e13d6479532be33a4d1940d2d26b3fb97d7eb59c2896caffcf7283
e32272da242ceb6ecfad754975bc09782c6229a7a46c58e46cec347aab22be64
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e77ecf627b2b47580e771d54ff3cd92d41bd44c785d50ef78f95cfbe6be05417
e9019ed1fd1ba9aba6b6a70e90f5aa2942069f027562cc216d474aa634b0049a
e9b96bc538ceb220fc5caff0d0a67916b74cf07b2bada0b3296a17b1b99c9990
eb2400b93c441daad3ebd6ec5283d8a42257ac3dda43afb79628a7f651533f64
ec03eae12ae1d3aa7eafbb764b7104e8f85b946bb7b241ab54ca34c1f0106139
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd6f8f589304ffc61c1311d5249ff861286d6d09de7e2a9e8f775d2fc87301d
f29279f9b11af9a9932ff0475e5922bd0b15642591a3d88ebcad2be5a96c32c0
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032
f58fac2d17d320aa75b2d76b7be9e417be61a18da69939917bc2fc5dfa976425
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5fe2878371b1a634bbc0baa7db8e5b66e985639ef292bfadce901342dacfd65
f7a8e9ba173126956cea416f7d8039002d47e39abd29f782ac164884ed216c5e
f8001c082d899150c59b339286316009cbd79bd92e3f01cd6d777cd7a3514f9b
f8bdb531d36caf4bb43071d1be58a2d1b153d3a403f4b8f4e6a919dd46213f47
f9a1f33e18cb0fdefca2b7cc2a56e81b8dd2910c1734c8363c21d1d3a1eb019f
fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818
fdfa393e5fb39c4ab607d817e8d0b5fe3573a4a2e3e8554131fbade8d615bcbf