urlscan.io logo urlscan.io
SecurityTrails logo

reurl.cc Open in urlscan Pro
35.185.130.121  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://s.id/yEtKk
Effective URL: https://reurl.cc/l0y1OA?001
Submission: On October 31 via api from LU — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 33 IPs in 10 countries across 32 domains to perform 61 HTTP transactions. The main IP is 35.185.130.121, located in Taipei, Taiwan and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is reurl.cc. The Cisco Umbrella rank of the primary domain is 253061.
TLS certificate: Issued by R10 on September 14th 2024. Valid for: 3 months.
This is the only time reurl.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 193.84.85.178 59796 (STORMWALL-AS)
1 35.185.130.121 396982 (GOOGLE-CL...)
2 151.101.1.229 54113 (FASTLY)
3 34.149.98.30 396982 (GOOGLE-CL...)
1 216.58.206.40 15169 (GOOGLE)
3 142.250.185.194 15169 (GOOGLE)
3 222.230.178.143 2519 (VECTANT A...)
2 168.95.245.2 131660 (CHTCDN Da...)
13 172.217.18.14 15169 (GOOGLE)
2 216.239.32.181 15169 (GOOGLE)
1 108.177.15.156 15169 (GOOGLE)
1 172.217.16.194 15169 (GOOGLE)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 65.9.66.104 16509 (AMAZON-02)
1 178.250.1.3 44788 (ASN-CRITE...)
1 172.64.152.89 13335 (CLOUDFLAR...)
1 34.96.70.87 396982 (GOOGLE-CL...)
4 107.178.241.176 15169 (GOOGLE)
1 157.240.0.35 32934 (FACEBOOK)
2 34.160.26.175 396982 (GOOGLE-CL...)
1 178.250.1.11 44788 (ASN-CRITE...)
1 172.217.16.130 15169 (GOOGLE)
1 222.230.178.141 2519 (VECTANT A...)
1 142.250.185.129 15169 (GOOGLE)
1 188.114.97.3 13335 (CLOUDFLAR...)
1 104.17.238.194 13335 (CLOUDFLAR...)
1 103.1.220.9 131149 (YUANJHEN-...)
1 192.0.78.24 2635 (AUTOMATTIC)
1 192.0.77.48 2635 (AUTOMATTIC)
1 99.86.4.79 16509 (AMAZON-02)
1 2 87.248.119.251 34010 (YAHOO-IRD)
1 1 52.49.89.142 16509 (AMAZON-02)
1 3.33.220.150 16509 (AMAZON-02)
1 3.122.214.165 16509 (AMAZON-02)
1 1 151.101.65.44 54113 (FASTLY)
61 33
1    193.84.85.178 (Russian Federation)

ASN59796 (STORMWALL-AS, SK)
s.id
1    35.185.130.121 (Taipei, Taiwan)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 121.130.185.35.bc.googleusercontent.com
reurl.cc
2    151.101.1.229 (San Francisco, United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
3    34.149.98.30 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 30.98.149.34.bc.googleusercontent.com
storage.reurl.cc
1    216.58.206.40 (United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f8.1e100.net
www.googletagmanager.com
3    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
securepubads.g.doubleclick.net
3    222.230.178.143 (Chiyoda-ku, Japan)

ASN2519 (VECTANT ARTERIA Networks Corporation, JP)
cpt.geniee.jp
2    168.95.245.2 (Palo Alto, United States)

ASN131660 (CHTCDN Data Communication Business Group, TW)
PTR: 168-95-245-2.hinet-ip.hinet.net
ad-specs.guoshipartners.com
13    172.217.18.14 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f14.1e100.net
www.google-analytics.com
fundingchoicesmessages.google.com
2    216.239.32.181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
1    108.177.15.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wr-in-f156.1e100.net
stats.g.doubleclick.net
1    172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net
td.doubleclick.net
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    65.9.66.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-104.fra56.r.cloudfront.net
tags.crwdcntrl.net
1    178.250.1.3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    172.64.152.89 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
4    107.178.241.176 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 176.241.178.107.bc.googleusercontent.com
onead.onevision.com.tw
1    157.240.0.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra3.facebook.com
www.facebook.com
2    34.160.26.175 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 175.26.160.34.bc.googleusercontent.com
re-news.tw
1    178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net
pagead2.googlesyndication.com
1    222.230.178.141 (Chiyoda-ku, Japan)

ASN2519 (VECTANT ARTERIA Networks Corporation, JP)
js.genieessp.com
1    142.250.185.129 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f1.1e100.net
ad6c1d081e331e483a51678e6013f626.safeframe.googlesyndication.com
1    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
img.gbyhn.com.tw
1    104.17.238.194 (None, )

ASN13335 (CLOUDFLARENET, US)
mma.prnasia.com
1    103.1.220.9 (Taiwan)

ASN131149 (YUANJHEN-AS-TW Yuan-Jhen Info., Co., Ltd, TW)
PTR: 103-1-220-9.static.ip.net.tw
img.racingcharger.tw
1    192.0.78.24 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
creditcards.com.tw
1    192.0.77.48 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org
s.w.org
1    99.86.4.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-79.fra6.r.cloudfront.net
static.wixstatic.com
2    87.248.119.251 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
PTR: e1-bmr.ycpi.vip.deb.yahoo.com
cms.analytics.yahoo.com
ups.analytics.yahoo.com
1    52.49.89.142 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-89-142.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
1    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    3.122.214.165 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-214-165.eu-central-1.compute.amazonaws.com
ps.eyeota.net
1    151.101.65.44 (San Francisco, United States)

ASN54113 (FASTLY, US)
trc.taboola.com
Apex Domain
Subdomains		 Transfer
12 google.com
analytics.google.com — Cisco Umbrella Rank: 147
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 682
77 KB
5 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 215
stats.g.doubleclick.net — Cisco Umbrella Rank: 136
td.doubleclick.net — Cisco Umbrella Rank: 192
184 KB
4 onevision.com.tw
onead.onevision.com.tw — Cisco Umbrella Rank: 156204
2 KB
4 reurl.cc
reurl.cc — Cisco Umbrella Rank: 253061
storage.reurl.cc — Cisco Umbrella Rank: 363225
6 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 34
22 KB
3 geniee.jp
cpt.geniee.jp — Cisco Umbrella Rank: 39537
60 KB
2 yahoo.com
cms.analytics.yahoo.com — Cisco Umbrella Rank: 1830
ups.analytics.yahoo.com — Cisco Umbrella Rank: 495
509 B
2 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 116
ad6c1d081e331e483a51678e6013f626.safeframe.googlesyndication.com
15 KB
2 re-news.tw
re-news.tw
31 KB
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1011
bcp.crwdcntrl.net — Cisco Umbrella Rank: 976
13 KB
2 guoshipartners.com
ad-specs.guoshipartners.com — Cisco Umbrella Rank: 162165
23 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 311
58 KB
1 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 686
269 B
1 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 1074
344 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 373
149 B
1 wixstatic.com
static.wixstatic.com — Cisco Umbrella Rank: 6375
1 MB
1 w.org
s.w.org — Cisco Umbrella Rank: 4537
731 B
1 creditcards.com.tw
creditcards.com.tw
58 KB
1 racingcharger.tw
img.racingcharger.tw
114 KB
1 prnasia.com
mma.prnasia.com — Cisco Umbrella Rank: 642433
82 KB
1 gbyhn.com.tw
img.gbyhn.com.tw
115 KB
1 genieessp.com
js.genieessp.com — Cisco Umbrella Rank: 54462
159 B
1 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 461
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
1 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 2648
1 KB
1 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1183
7 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 776
13 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 2261
8 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
132 KB
1 s.id
s.id — Cisco Umbrella Rank: 104103
159 B
0 alphaloan.co Failed
blog.alphaloan.co Failed
0 yimg.jp Failed
yads.c.yimg.jp Failed
61 32
Domain Requested by
10 fundingchoicesmessages.google.com securepubads.g.doubleclick.net
4 onead.onevision.com.tw ad-specs.guoshipartners.com
reurl.cc
3 www.google-analytics.com storage.reurl.cc
www.google-analytics.com
reurl.cc
3 cpt.geniee.jp reurl.cc
cpt.geniee.jp
3 securepubads.g.doubleclick.net reurl.cc
securepubads.g.doubleclick.net
3 storage.reurl.cc reurl.cc
2 re-news.tw storage.reurl.cc
reurl.cc
2 analytics.google.com www.googletagmanager.com
2 ad-specs.guoshipartners.com reurl.cc
2 cdn.jsdelivr.net reurl.cc
1 trc.taboola.com 1 redirects
1 ps.eyeota.net reurl.cc
1 match.adsrvr.org reurl.cc
1 bcp.crwdcntrl.net 1 redirects
1 ups.analytics.yahoo.com reurl.cc
1 cms.analytics.yahoo.com 1 redirects
1 static.wixstatic.com reurl.cc
1 s.w.org reurl.cc
1 creditcards.com.tw reurl.cc
1 img.racingcharger.tw reurl.cc
1 mma.prnasia.com reurl.cc
1 img.gbyhn.com.tw reurl.cc
1 ad6c1d081e331e483a51678e6013f626.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 js.genieessp.com cpt.geniee.jp
1 pagead2.googlesyndication.com
1 gum.criteo.com static.criteo.net
1 www.facebook.com reurl.cc
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 cdn-ima.33across.com securepubads.g.doubleclick.net
1 static.criteo.net securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 td.doubleclick.net www.googletagmanager.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 www.googletagmanager.com reurl.cc
1 reurl.cc
1 s.id 1 redirects
0 blog.alphaloan.co Failed reurl.cc
0 yads.c.yimg.jp Failed cpt.geniee.jp
61 39

This site contains links to these domains. Also see Links.

Domain
re-news.tw
youtils.cc
www.comptw.com
stockinfo.tw
Subject Issuer Validity Valid
reurl.cc
R10		 2024-09-14 -
2024-12-13		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2024 Q3		 2024-07-30 -
2025-08-31		 a year crt.sh
storage.reurl.cc
WR3		 2024-09-22 -
2024-12-21		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.geniee.jp
GeoTrust TLS RSA CA G1		 2024-07-30 -
2025-08-30		 a year crt.sh
ad-specs.guoshipartners.com
Go Daddy Secure Certificate Authority - G2		 2024-01-02 -
2025-01-21		 a year crt.sh
*.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.doubleclick.net
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
oa.openxcdn.net
WR3		 2024-09-16 -
2024-12-15		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M02		 2024-09-07 -
2025-10-07		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-09-24 -
2024-12-21		 3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2024-09-05 -
2025-09-30		 a year crt.sh
invstatic101.creativecdn.com
WR3		 2024-10-15 -
2025-01-13		 3 months crt.sh
onead.onevision.com.tw
R10		 2024-09-18 -
2024-12-17		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-08-10 -
2024-11-08		 3 months crt.sh
wp.re-news.tw
WR3		 2024-09-06 -
2024-12-05		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-09-24 -
2024-12-25		 3 months crt.sh
*.genieessp.com
Sectigo RSA Domain Validation Secure Server CA		 2023-11-16 -
2024-11-26		 a year crt.sh
gbyhn.com.tw
WE1		 2024-09-10 -
2024-12-09		 3 months crt.sh
*.prnasia.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-25 -
2024-11-24		 a year crt.sh
img.racingcharger.tw
cPanel, Inc. Certification Authority		 2024-08-22 -
2024-11-20		 3 months crt.sh
tls.automattic.com
E6		 2024-10-13 -
2025-01-11		 3 months crt.sh
*.w.org
Sectigo ECC Domain Validation Secure Server CA		 2023-12-18 -
2025-01-17		 a year crt.sh
*.wixstatic.com
R11		 2024-09-09 -
2024-12-08		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2024-04-23 -
2025-05-25		 a year crt.sh
eyeota.net
GoGetSSL RSA DV CA		 2024-04-02 -
2025-04-07		 a year crt.sh

This page contains 7 frames:

Primary Page: https://reurl.cc/l0y1OA?001
Frame ID: C23D9B1DEC768FC8261A196C02B81E3E
Requests: 55 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-N394QBRGC0&gacid=723090709.1730411394&gtm=45je4au0v897965293za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101533422~101823848~101878899~101878944~101899378~101925629&z=1616157405
Frame ID: 51FD7FB2467BBF539FCE9C5C81B9C795
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: 1D77F661E22A6A4CEEA5025D7E37FCB1
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Frame ID: A4D2221649E0B3F4AC211A9B51A355E1
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=reurl.cc&gdpr=0&gdpr_consent=
Frame ID: CBBE752FC5381FE38D8BFCAD446B28DA
Requests: 1 HTTP requests in this frame

Frame: https://js.genieessp.com/t/562/614/a1562614.js
Frame ID: AF9F239DBD22061740579CBF9A0668D7
Requests: 1 HTTP requests in this frame

Frame: https://ad6c1d081e331e483a51678e6013f626.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5412440AAF6B93868101F8AF8B434AD4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

縮短網址產生器 - reurl

Page URL History Show full URLs

  1. http://s.id/yEtKk HTTP 307
    https://s.id/yEtKk HTTP 302
    https://reurl.cc/l0y1OA?001 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/vue(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

61
Requests

89 %
HTTPS

0 %
IPv6

32
Domains

39
Subdomains

33
IPs

10
Countries

2075 kB
Transfer

3364 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://s.id/yEtKk HTTP 307
    https://s.id/yEtKk HTTP 302
    https://reurl.cc/l0y1OA?001 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 50
  • https://cms.analytics.yahoo.com/cms?partner_id=OneDATA HTTP 302
  • https://ups.analytics.yahoo.com/ups/58791/cms?partner_id=OneDATA
Request Chain 51
  • https://bcp.crwdcntrl.net/map/c=15135/tp=ONEA/?https://onead.onevision.com.tw/v2/pixel/ltm?id=${profile_id} HTTP 302
  • https://onead.onevision.com.tw/v2/pixel/ltm?id=
Request Chain 54
  • https://trc.taboola.com/sg/onedata/1/cm HTTP 302
  • https://onead.onevision.com.tw/v2/pixel/taboola?id=d74c014b-57dd-4c28-9dc8-2553e81c3cb9-tucte1d8105

61 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request l0y1OA
reurl.cc/
Redirect Chain
  • http://s.id/yEtKk
  • https://s.id/yEtKk
  • https://reurl.cc/l0y1OA?001
12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/l0y1OA?001
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
8d4f5366aec3c23302eb6db9462cfa37a10cfce55b8ef47f1132db1458db4ddd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
*, Authorization, X-Authorization
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 31 Oct 2024 21:49:53 GMT
referrer-policy
no-referrer-when-downgrade
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding Origin
x-request-id
629b2f8e-063d-4a49-b18c-eacf40c5063a

Redirect headers

cache-control
private, max-age=3
content-length
0
date
Thu, 31 Oct 2024 21:49:52 GMT
location
https://reurl.cc/l0y1OA?001
server
nginx
strict-transport-security
max-age=15724800; includeSubDomains
x-robots-tag
noindex
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/ 		152 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/bootstrap.min.css
Requested by
Host: reurl.cc
URL: https://reurl.cc/l0y1OA?001
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.229 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Referer
https://reurl.cc/l0y1OA?001

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"2606e-bhA1SChFSJj9qA9V897LNH/Z7SE"
age
3568501
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Thu, 31 Oct 2024 21:49:53 GMT
content-type
text/css; charset=utf-8
x-served-by
cache-fra-eddf8230028-FRA, cache-mxp6972-MXP
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
25648
x-jsd-version
4.3.1
style.css
storage.reurl.cc/stylesheets/rwd/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://storage.reurl.cc/stylesheets/rwd/style.css?v=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/l0y1OA?001
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.98.30 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
30.98.149.34.bc.googleusercontent.com
Software
/
Resource Hash
749079c4e18ad34ac381e98d3fa23e070937ae17b73e27bb066eae5350ed667d

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Referer
https://reurl.cc/l0y1OA?001

Response headers

x-request-id
493f0d96-439e-44ef-82f2-af2ba3f73c60
access-control-expose-headers
*, Authorization, X-Authorization
content-encoding
gzip
age
14345
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 31 Oct 2024 17:50:48 GMT
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
public,max-age=28800
access-control-allow-credentials
true
referrer-policy
no-referrer-when-downgrade
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
content-length
904
ga2.js
storage.reurl.cc/javascripts/ 		536 B
637 B 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.reurl.cc/javascripts/ga2.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/l0y1OA?001
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.98.30 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
30.98.149.34.bc.googleusercontent.com
Software
/
Resource Hash
16cf673198b29bb08e83f5d8f74182d97d9c6dfa729c60f90f6195e739de9d20

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Referer
https://reurl.cc/l0y1OA?001

Response headers

x-request-id
f711655c-ac4c-4db6-8204-6423fa7aa974
access-control-expose-headers
*, Authorization, X-Authorization
cache-control
public,max-age=28800
age
18442
access-control-allow-credentials
true
referrer-policy
no-referrer-when-downgrade
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
536
date
Thu, 31 Oct 2024 16:42:31 GMT
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
content-type
text/javascript; charset=utf-8
vary
Origin
js
www.googletagmanager.com/gtag/ 		407 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Requested by
Host: reurl.cc
URL: https://reurl.cc/l0y1OA?001
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.40 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
ca5e6d74d9555db69e4ca97dfe95693d753bc1d9c5c9a62d38855ab6c6d4a76b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Referer
https://reurl.cc/l0y1OA?001

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Thu, 31 Oct 2024 21:49:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 31 Oct 2024 21:49:54 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
134590
x-xss-protection
0
server
Google Tag Manager
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		107 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/l0y1OA?001
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
de6a85e529e849fe2d1ca4d7c3747742564145c2595352af34f98ee4b79f0f3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Referer
https://reurl.cc/l0y1OA?001

Response headers

content-encoding
br
etag
914 / 20027 / m202410280101 / config-hash: 6054405138366823639
x-content-type-options
nosniff
expires
Thu, 31 Oct 2024 21:49:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Thu, 31 Oct 2024 21:49:54 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
34169
x-xss-protection
0
server
cafe
wrapper.min.js
cpt.geniee.jp/hb/v1/219632/1441/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cpt.geniee.jp/hb/v1/219632/1441/wrapper.min.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/l0y1OA?001
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
222.230.178.143 Chiyoda-ku, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
Software
nginx /
Resource Hash
019f52ca21eb116613dd1cc2e03defa2e5171dbdb1427c0474b826175ba0cddb

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Referer
https://reurl.cc/l0y1OA?001

Response headers

cache-control
max-age=3600, private
content-encoding
gzip
etag
W/"672372bc-2afb"
cross-origin-resource-policy
cross-origin
expires
Thu, 31 Oct 2024 22:49:54 GMT
date
Thu, 31 Oct 2024 21:49:54 GMT
content-type
application/javascript
last-modified
Thu, 31 Oct 2024 12:06:20 GMT
server
nginx
ad-serv.min.js
ad-specs.guoshipartners.com/static/js/ 		48 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad-specs.guoshipartners.com/static/js/ad-serv.min.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/l0y1OA?001
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
168.95.245.2 Palo Alto, United States, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
168-95-245-2.hinet-ip.hinet.net
Software
HiNetCDN / OneAD
Resource Hash
83c51e0b9cbe44fde3954195f94ccf5b57278cf5f7cc519dbba8c8dff1861985

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Referer
https://reurl.cc/l0y1OA?001

Response headers

content-encoding
br
etag
W/"67204d3b-c023"
age
0
x-varnish
28421796
x-cache
HIT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date
Thu, 31 Oct 2024 21:49:55 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified
Tue, 29 Oct 2024 02:49:31 GMT
cache-control
public, max-age=360
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
*
x-powered-by
OneAD
server
HiNetCDN
onead-lib.min.js
ad-specs.guoshipartners.com/static/js/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad-specs.guoshipartners.com/static/js/onead-lib.min.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/l0y1OA?001
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
168.95.245.2 Palo Alto, United States, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
168-95-245-2.hinet-ip.hinet.net
Software
HiNetCDN / OneAD
Resource Hash
ad2cb9e471fc4180c2d8454487bd2da9f66564e74136111694186a24eda2e89b

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Referer
https://reurl.cc/l0y1OA?001

Response headers

content-encoding
br
etag
W/"6715fb65-5ba1"
age
0
x-varnish
29628756
x-cache
HIT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date
Thu, 31 Oct 2024 21:49:55 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified
Mon, 21 Oct 2024 06:57:41 GMT
cache-control
public, max-age=360
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
*
x-powered-by
OneAD
server
HiNetCDN
vue.min.js
cdn.jsdelivr.net/npm/vue@2.5.16/dist/ 		84 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/vue@2.5.16/dist/vue.min.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/l0y1OA?001
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.229 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Referer
https://reurl.cc/l0y1OA?001

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"151b4-KLsckeN7U/TrtIzkgtzLJAAD4Hg"
age
768848
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Thu, 31 Oct 2024 21:49:53 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-eddf8230020-FRA, cache-mxp6972-MXP
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
33184
x-jsd-version
2.5.16
renews.js
storage.reurl.cc/javascripts/ 		404 B
423 B 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.reurl.cc/javascripts/renews.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/l0y1OA?001
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.98.30 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
30.98.149.34.bc.googleusercontent.com
Software
/
Resource Hash
22743d9dc93a38d7096ec7c9a02146da7a721ada15192d87e81d78ff53cb2f2a

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Referer
https://reurl.cc/l0y1OA?001

Response headers

x-request-id
ce001f7c-f563-41dd-ae38-5e07b18ba592
access-control-expose-headers
*, Authorization, X-Authorization
content-encoding
gzip
age
9364
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 31 Oct 2024 19:13:49 GMT
last-modified
Tue, 09 Jul 2024 09:45:35 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public,max-age=28800
access-control-allow-credentials
true
referrer-policy
no-referrer-when-downgrade
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
content-length
282
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: storage.reurl.cc
URL: https://storage.reurl.cc/javascripts/ga2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Referer
https://reurl.cc/l0y1OA?001

Response headers

content-encoding
gzip
age
1419
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Thu, 31 Oct 2024 23:26:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 31 Oct 2024 21:26:15 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
collect
www.google-analytics.com/j/ 		3 B
354 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1464258602&t=pageview&_s=1&dl=https%3A%2F%2Freurl.cc%2Fl0y1OA%3F001&ul=it-it&de=UTF-8&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=479469912&gjid=292720565&cid=723090709.1730411394&tid=UA-102456694-1&_gid=1763618998.1730411394&_r=1&_slc=1&z=1412557170
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type
text/plain
Referer
https://reurl.cc/l0y1OA?001

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 31 Oct 2024 21:49:54 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://reurl.cc
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
3
server
Golfe2
collect
www.google-analytics.com/ 		35 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1464258602&t=event&_s=2&dl=https%3A%2F%2Freurl.cc%2Fl0y1OA%3F001&ul=it-it&de=UTF-8&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=pause&ea=&el=&ev=1&_u=IEBAAEABAAAAACAAI~&jid=&gjid=&cid=723090709.1730411394&tid=UA-102456694-1&_gid=1763618998.1730411394&z=1194016803
Requested by
Host: reurl.cc
URL: https://reurl.cc/l0y1OA?001
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Referer
https://reurl.cc/l0y1OA?001

Response headers

age
24625
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 31 Oct 2024 14:59:29 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
35
server
Golfe2
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410280101/ 		483 KB
150 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410280101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
346c66e4f479f4a17ed1401f493c41c4c36b694580749098da5224e7707ed994
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Referer
https://reurl.cc/l0y1OA?001

Response headers

content-encoding
br
etag
2396380646379452942
age
27764
x-content-type-options
nosniff
expires
Fri, 31 Oct 2025 14:07:10 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Thu, 31 Oct 2024 14:07:10 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
153075
x-xss-protection
0
server
cafe
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-N394QBRGC0&gtm=45je4au0v897965293za200&_p=1730411393837&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101533422~101823848~101878899~101878944~101899378~101925629&cid=723090709.1730411394&ul=it-it&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1730411394&sct=1&seg=0&dl=https%3A%2F%2Freurl.cc%2Fl0y1OA%3F001&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&en=page_view&_fv=1&_ss=1&_ee=1&tfd=3463
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Referer
https://reurl.cc/l0y1OA?001

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://reurl.cc
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 31 Oct 2024 21:49:55 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
549 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-N394QBRGC0&cid=723090709.1730411394&gtm=45je4au0v897965293za200&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101533422~101823848~101878899~101878944~101899378~101925629
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.177.15.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wr-in-f156.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Referer
https://reurl.cc/l0y1OA?001

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://reurl.cc
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 31 Oct 2024 21:49:55 GMT
content-type
text/plain
server
Golfe2
rul
td.doubleclick.net/td/ga/ Frame 51FD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-N394QBRGC0&gacid=723090709.1730411394&gtm=45je4au0v897965293za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101533422~101823848~101878899~101878944~101899378~101925629&z=1616157405
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/l0y1OA?001
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 31 Oct 2024 21:49:55 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
yads-async.js
yads.c.yimg.jp/js/ 		0
0
gnshbrequest-v4.6.6.js
cpt.geniee.jp/hb/v1/lib/ 		154 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cpt.geniee.jp/hb/v1/lib/gnshbrequest-v4.6.6.js
Requested by
Host: cpt.geniee.jp
URL: https://cpt.geniee.jp/hb/v1/219632/1441/wrapper.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
222.230.178.143 Chiyoda-ku, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
Software
nginx /
Resource Hash
7c741d8c72a9e2def60f2898fac17bb5cb04d629f17228590ad0b13481c31cf4

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Referer
https://reurl.cc/l0y1OA?001

Response headers

cache-control
max-age=86400, private
content-encoding
gzip
etag
W/"671a1476-268e9"
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Nov 2024 21:49:54 GMT
date
Thu, 31 Oct 2024 21:49:54 GMT
content-type
application/javascript
last-modified
Thu, 24 Oct 2024 09:33:42 GMT
server
nginx
128002626
fundingchoicesmessages.google.com/i/ 		196 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/128002626?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410280101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f14.1e100.net
Software
ESF /
Resource Hash
e607f6886e6ba44979975dc954230def06cb6eb7943187a8fe4b6fcbd1e10c38
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-42gLfXGEMzDRbwcs8JiaGA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Referer
https://reurl.cc/l0y1OA?001

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 31 Oct 2024 21:49:55 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmJw05BikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgdte6yOoPxIYKl1idgdix6BKrJxCr9lxiNQfi--susT4H4iKJK6wtQHy76QrrYyBm-HqFlQOIhXg4mr_372QTOLD6ez-jkkZSfmF8cn5eSVFmUmlJflFaclpqcWpRWWpRvJGBkYmhgbGBnoFBfIEBAIiCQAY"
content-security-policy
script-src 'report-sample' 'nonce-42gLfXGEMzDRbwcs8JiaGA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
policy-check
cpt.geniee.jp/hb/v1/ 		12 B
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cpt.geniee.jp/hb/v1/policy-check?loc=https%3A%2F%2Freurl.cc%2Fl0y1OA%3F001&list_id=mid-219632&gam_id=gam-424536528%2Cgam-0
Requested by
Host: cpt.geniee.jp
URL: https://cpt.geniee.jp/hb/v1/lib/gnshbrequest-v4.6.6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
222.230.178.143 Chiyoda-ku, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
Software
nginx /
Resource Hash
3108e15dfc911f1a730106ee1e44c941639e0b7add838d095680425e86d086c3

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Referer
https://reurl.cc/l0y1OA?001

Response headers

access-control-allow-origin
*
cache-control
max-age=10800, private
content-length
12
date
Thu, 31 Oct 2024 21:49:56 GMT
content-type
application/json
server
nginx
cross-origin-resource-policy
cross-origin
AGSKWxVNWTMyeZm2-1Dz1cPy0LmPf2gFwtXq4LfYD5t7pGvc7F8SZzGtncbWCEO331fBqI4_Ig6i7qTlSwnLrMu3aqtX73PUj_qIqj31n7DSKlSJp_vkHOFmq5y77hQFClTG-TTjkh7Z-w==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVNWTMyeZm2-1Dz1cPy0LmPf2gFwtXq4LfYD5t7pGvc7F8SZzGtncbWCEO331fBqI4_Ig6i7qTlSwnLrMu3aqtX73PUj_qIqj31n7DSKlSJp_vkHOFmq5y77hQFClTG-TTjkh7Z-w==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMwNDExMzk1LDU1NzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9yZXVybC5jYy9sMHkxT0EiLG51bGwsW1s4LCJZc2dPT2N0dWtySSJdLFs5LCJpdCJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.it.YsgOOctukrI.es5.O/am=DAY/d=1/rs=AJlcJMyHXTpfTepiah7Gkkg96izkHa2J-w/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f14.1e100.net
Software
ESF /
Resource Hash
b492f33670309d314046994ab3366e276cce4a8b8cd83ff0e5b88bcd1f8156fa
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-DfPy-TwAldbbS2b_vfxsig' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Referer
https://reurl.cc/l0y1OA?001

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 31 Oct 2024 21:49:55 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmLw0pBikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgdte6yOoPxIYKl1idgdix6BKrJxCr9lxiNQfi--susT4H4iKJK6wtQHy76QrrYyBm-HqFlQOIhXg4mr_372QTOLBu1wImJY2k_ML45Py8kqLMpNKS_KK05LTU4tSistSieCMDIxNDA2MDPQOD-AIDAIPaP-I"
content-security-policy
script-src 'report-sample' 'nonce-DfPy-TwAldbbS2b_vfxsig' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 1D77 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410280101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/l0y1OA?001
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

accept-ranges
bytes
age
571
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000, stale-while-revalidate=3600
content-encoding
br
content-length
29488
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 31 Oct 2024 21:40:25 GMT
expires
Thu, 31 Oct 2024 22:30:25 GMT
last-modified
Mon, 28 Oct 2024 19:44:21 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410280101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Referer
https://reurl.cc/l0y1OA?001

Response headers

x-goog-metageneration
1
content-encoding
gzip
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
etag
"df5542b88bc0e368c6999754a5b9e2ba"
age
756479
x-goog-stored-content-encoding
gzip
expires
Thu, 23 Oct 2025 03:41:56 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
7927
date
Wed, 23 Oct 2024 03:41:56 GMT
last-modified
Thu, 27 May 2021 18:30:51 GMT
content-type
application/javascript
x-guploader-uploadid
AHmUCY3U4AVhwADiL4fQs5_f64WzF3fe5uokvESd7tPAvzHh_Qy2huxI07a9_ZRXayrZBjItqyg5DcU50w
cache-control
no-transform
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
bytes
x-goog-generation
1622140251693895
content-length
7927
server
UploadServer
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410280101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-104.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a0996942afd9a0f201960aa9c55af925d0e2382b01e40bfdcdc7c1e4c7b5a089

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Referer
https://reurl.cc/l0y1OA?001

Response headers

vary
Accept-Encoding
cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"4a385df4045c9db00ad295e7c0ca65d1"
age
2388
via
1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
n5LGwJ45by20pk5x5W-mGQZL4GKcS77lYjw1isLelwGbwY0EjvWlvg==
date
Thu, 31 Oct 2024 21:10:08 GMT
content-type
text/javascript
last-modified
Tue, 20 Aug 2024 18:47:43 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
x-amz-server-side-encryption
AES256
publishertag.ids.js
static.criteo.net/js/ld/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410280101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
1635d2075d3343c86490d2229c1fb868ad59d92958ef65e04cb65767c703e9f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Referer
https://reurl.cc/l0y1OA?001

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
max-age=86400, public
timing-allow-origin
*
content-encoding
gzip
etag
W/"670e3454-a69c"
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Nov 2024 21:49:56 GMT
access-control-allow-origin
*
date
Thu, 31 Oct 2024 21:49:56 GMT
content-type
text/javascript
last-modified
Tue, 15 Oct 2024 09:22:28 GMT
server
nginx
ob.js
cdn-ima.33across.com/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ob.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410280101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.89 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ffa45453324362cbc5cc78288e04513100c2d61baf3a969717ea5df3d0dbb39

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Referer
https://reurl.cc/l0y1OA?001

Response headers

cache-control
public, max-age=259200
content-encoding
gzip
cf-cache-status
HIT
etag
W/"671a7174-43df"
age
13374
cf-ray
8db6db972cccbaa0-MXP
expires
Sun, 03 Nov 2024 21:49:55 GMT
date
Thu, 31 Oct 2024 21:49:55 GMT
content-type
application/javascript
last-modified
Thu, 24 Oct 2024 16:10:28 GMT
vary
Accept-Encoding
server
cloudflare
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410280101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
e388e19ca38c825b329e762c79c66bbd41bd334f18312c5e97fde0a8f64bca36

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Referer
https://reurl.cc/l0y1OA?001

Response headers

etag
cd19e0900da0cdbc6697310fd9330fb6
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1195
date
Thu, 31 Oct 2024 21:49:55 GMT
content-type
text/javascript; charset=utf-8
last-modified
Mon, 05 Feb 2024 22:07:56 GMT
server
Google Frontend
x-cloud-trace-context
3ae70476382aebdd03ef6945be381e88
AGSKWxWpS-NMoCS-RHVA5UNWAXMvPvnaB0-bI2fxBWaXq6M6giRNZpwHl5XToC145b-tCLxUFh9kEBfw4EGXMVDWI3zH88DbHulFEs74bQsXkxv3s8dtsaY5-_v0-gdjxhShBnUfkDSQsg==
fundingchoicesmessages.google.com/f/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWpS-NMoCS-RHVA5UNWAXMvPvnaB0-bI2fxBWaXq6M6giRNZpwHl5XToC145b-tCLxUFh9kEBfw4EGXMVDWI3zH88DbHulFEs74bQsXkxv3s8dtsaY5-_v0-gdjxhShBnUfkDSQsg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMwNDExMzk1LDYzNTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsIml0Il0sImh0dHBzOi8vcmV1cmwuY2MvbDB5MU9BIixudWxsLFtbOCwiWXNnT09jdHVrckkiXSxbOSwiaXQiXSxbMTksIjIiXSxbMTcsIlswXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.it.YsgOOctukrI.es5.O/am=DAY/d=1/rs=AJlcJMyHXTpfTepiah7Gkkg96izkHa2J-w/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f14.1e100.net
Software
ESF /
Resource Hash
7f9965977cadbcbf049bf4cd91e55899d0e20588c107915ce5300c82ddbb0f4d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-NaxCTNj1q_C8wC5tWYk3Mg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Referer
https://reurl.cc/l0y1OA?001

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 31 Oct 2024 21:49:55 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmLw15BikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgdte6yOoPxIYKl1idgdix6BKrJxCr9lxiNQfi--susT4H4iKJK6wtQHy76QrrYyBm-HqFlQOIhXg4mr_372QTeLHv7hEmJY2k_ML45Py8kqLMpNKS_KK05LTU4tSistSieCMDIxNDA2MDPQOD-AIDAJ11QGY"
content-security-policy
script-src 'report-sample' 'nonce-NaxCTNj1q_C8wC5tWYk3Mg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
oid
onead.onevision.com.tw/v2/et/ 		372 B
980 B 		Script
General
Check archive.org
Download Go to
Full URL
https://onead.onevision.com.tw/v2/et/oid?cb=window.text_etag_callback_4w6w4
Requested by
Host: ad-specs.guoshipartners.com
URL: https://ad-specs.guoshipartners.com/static/js/ad-serv.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.241.176 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
176.241.178.107.bc.googleusercontent.com
Software
gws / OneAD
Resource Hash
12899e0bc51a75ae5557d58322293bd3618127e4d5652e62132924f62bfad9fa

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Referer
https://reurl.cc/l0y1OA?001

Response headers

x-onead-version
1669ce8e
etag
117656d3-97d2-11ef-921a-0242ac120002
age
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
x-varnish
914832996
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date
Thu, 31 Oct 2024 21:49:56 GMT
content-type
application/javascript
last-modified
Thu, 31 Oct 2024 21:49:56 GMT
cache-control
max-age=600
pragma
no-cache
access-control-allow-credentials
true
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
content-length
372
x-onead-backend
onead-http-event-kh4x-gohttp
server
gws
x-powered-by
OneAD
page.php
www.facebook.com/plugins/ Frame A4D2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Requested by
Host: reurl.cc
URL: https://reurl.cc/l0y1OA?001
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra3.facebook.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/l0y1OA?001
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
zstd
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Thu, 31 Oct 2024 21:49:56 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
pragma
no-cache
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7432060354535876128"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7432060354535876128", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=39, rtx=0, c=10, mss=1288, tbw=2898, tp=-1, tpl=-1, uplat=146, ullat=0
x-fb-debug
MpjuBO/MuXCLGX9+l4vIMb5mLcoKDG8alnmHGV60BHVZVlal67RvubZdiCdE32Aegeaq352bniKvN8LbcRZduw==
x-xss-protection
0
feeds
re-news.tw/ 		6 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://re-news.tw/feeds
Requested by
Host: storage.reurl.cc
URL: https://storage.reurl.cc/javascripts/renews.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.26.175 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
175.26.160.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
8c7a349cb65c12304510df593eefa255d44c2950db757a944d840c0da978154c

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Referer
https://reurl.cc/l0y1OA?001

Response headers

cache-control
public,max-age=3600
etag
W/"1975-KWMBbUS3CHvACT4YoqbgUnljG3s"
age
8467
via
1.1 google
access-control-allow-origin
https://reurl.cc
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6517
date
Thu, 31 Oct 2024 19:28:49 GMT
content-type
text/html; charset=utf-8
x-powered-by
Express
vary
Origin
syncframe
gum.criteo.com/ Frame CBBE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=reurl.cc&gdpr=0&gdpr_consent=
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/l0y1OA?001
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 31 Oct 2024 21:49:56 GMT
server
Kestrel
server-processing-duration-in-ticks
352891
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
virtuagirlhd.
fundingchoicesmessages.google.com/f/AGSKWxUvysF7DASwGCovLX5vfllbDlUuVVBhZ3JaLEBRN63vyW7SPETVn-hOUUyc5YgjEclpxl4qVkV4Mn_MTLvmbx-UevKdALJGIRIVZ0sGeN0fs5wug8Z8wZ1XF_7eo6UP7zOVQAfy376D0j9wJduawG-Bj0Qw-... 		54 B
527 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUvysF7DASwGCovLX5vfllbDlUuVVBhZ3JaLEBRN63vyW7SPETVn-hOUUyc5YgjEclpxl4qVkV4Mn_MTLvmbx-UevKdALJGIRIVZ0sGeN0fs5wug8Z8wZ1XF_7eo6UP7zOVQAfy376D0j9wJduawG-Bj0Qw-z-JHxJzPkiIoJTBQlgUt1efPpIJDLJF/_=adreplacementWrapperReg.-advertisement_&adslot=/slider_ad./virtuagirlhd.
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.it.YsgOOctukrI.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMysc8AiQccFCAB1dk3CDky-gVbrvA/m=ad_blocking_detection_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f14.1e100.net
Software
ESF /
Resource Hash
9699944fbbc6738cf52022007429dd493e34a23f70e348b001a1ac2d7dd9af8a
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-Z3bobwAJ7SyqtDXV7fsq_w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Referer
https://reurl.cc/l0y1OA?001

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 31 Oct 2024 21:49:56 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmLw1pBikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgdte6yOoPxIYKl1idgdix6BKrJxCr9lxiNQfi--susT4H4iKJK6wtQHy76QrrYyBm-HqFlQOIhXg4Wr7372QTOLHswyZGJY2k_ML45Py8kqLMpNKS_KK05LTU4tSistSieCMDIxNDA2MDPQOD-AIDAJEeQCs"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-Z3bobwAJ7SyqtDXV7fsq_w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
show_companion_ad.js
pagead2.googlesyndication.com/pagead/ 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_companion_ad.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.it.YsgOOctukrI.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMysc8AiQccFCAB1dk3CDky-gVbrvA/m=ad_blocking_detection_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
369b0c21906fdd75d4370af92e7f46c9b494a3f7b8c0bde8ef47aaf480a73145
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Referer
https://reurl.cc/l0y1OA?001

Response headers

content-encoding
br
etag
16970699533094014674
age
2567
x-content-type-options
nosniff
expires
Thu, 31 Oct 2024 22:07:09 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Thu, 31 Oct 2024 21:07:09 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
15115
x-xss-protection
0
server
cafe
AGSKWxX_cOhsWae_rku4u_tu1aUQzSyS87jEXkOgJ4ZUJzLROEcGmRnCGFMNgVRjnFhoDKppWSiu3ij8Vx_HBN-nv66kX8chh_PD1HqnKS43HxfBfaXSKq5hORH7TNfb41Frw_sh15OrBw==
fundingchoicesmessages.google.com/el/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxX_cOhsWae_rku4u_tu1aUQzSyS87jEXkOgJ4ZUJzLROEcGmRnCGFMNgVRjnFhoDKppWSiu3ij8Vx_HBN-nv66kX8chh_PD1HqnKS43HxfBfaXSKq5hORH7TNfb41Frw_sh15OrBw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.it.YsgOOctukrI.es5.O/am=DAY/d=1/rs=AJlcJMyHXTpfTepiah7Gkkg96izkHa2J-w/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Pcu3ze90YjBRblxLA39lwg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type
text/plain
Referer
https://reurl.cc/l0y1OA?001

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 31 Oct 2024 21:49:56 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmII1pBicEqfwRoCxO5aF1n9gZjh6xVWDiAW4uFo-d6_k03gw_aDXcxKLkn5hfHJ-XklqXkluokpxbogdlFmUmlJfhEKO7UMpCInPz09My893sjAyMTQwNhAz8A4vsAAAD82KO8"
content-security-policy
script-src 'report-sample' 'nonce-Pcu3ze90YjBRblxLA39lwg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://reurl.cc
content-length
0
x-xss-protection
0
server
ESF
a1562614.js
js.genieessp.com/t/562/614/ Frame AF9F 		0
159 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.genieessp.com/t/562/614/a1562614.js
Requested by
Host: cpt.geniee.jp
URL: https://cpt.geniee.jp/hb/v1/lib/gnshbrequest-v4.6.6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
222.230.178.141 Chiyoda-ku, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Referer
https://reurl.cc/l0y1OA?001

Response headers

content-length
0
warning
199 - "You are prohibited from visiting this website due to GDPR compliance requirements."
date
Thu, 31 Oct 2024 21:49:57 GMT
content-type
text/plain
server
nginx
cross-origin-resource-policy
cross-origin
ads
securepubads.g.doubleclick.net/gampad/ 		0
0
ads
securepubads.g.doubleclick.net/gampad/ 		0
0
container.html
ad6c1d081e331e483a51678e6013f626.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5412 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ad6c1d081e331e483a51678e6013f626.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410280101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/l0y1OA?001
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 31 Oct 2024 21:49:56 GMT
expires
Thu, 31 Oct 2024 21:49:56 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
AGSKWxX_cOhsWae_rku4u_tu1aUQzSyS87jEXkOgJ4ZUJzLROEcGmRnCGFMNgVRjnFhoDKppWSiu3ij8Vx_HBN-nv66kX8chh_PD1HqnKS43HxfBfaXSKq5hORH7TNfb41Frw_sh15OrBw==
fundingchoicesmessages.google.com/el/ 		0
358 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxX_cOhsWae_rku4u_tu1aUQzSyS87jEXkOgJ4ZUJzLROEcGmRnCGFMNgVRjnFhoDKppWSiu3ij8Vx_HBN-nv66kX8chh_PD1HqnKS43HxfBfaXSKq5hORH7TNfb41Frw_sh15OrBw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.it.YsgOOctukrI.es5.O/am=DAY/d=1/rs=AJlcJMyHXTpfTepiah7Gkkg96izkHa2J-w/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-B1qcr6L7smhk2OeRW0T8Ow' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type
text/plain
Referer
https://reurl.cc/l0y1OA?001

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 31 Oct 2024 21:49:56 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw1pBicEqfwRoCxO5aF1n9gZjh6xVWDiAW4uFo-d6_k02gYcaeLmYll6T8wvjk_LyS1LwS3cSUYl0QuygzqbQkvwiFnVoGUpGTn56emZceb2RgZGJoYGygZ2AcX2AAAA0DKEs"
content-security-policy
script-src 'report-sample' 'nonce-B1qcr6L7smhk2OeRW0T8Ow' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://reurl.cc
content-length
0
x-xss-protection
0
server
ESF
adsrv
onead.onevision.com.tw/v2/ 		176 B
474 B 		Script
General
Check archive.org
Download Go to
Full URL
https://onead.onevision.com.tw/v2/adsrv?version=20240208&uid=1000480&category=-1&cookie=true&ip=&guid=117656e7-97d2-11ef-921a-0242ac120002&channel=0&volume=0.5&r=&ad_id=&response_freq_multiple=native-drive.0&web_location=https%3A%2F%2Freurl.cc%2Fl0y1OA%3F001&title=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&fp=d34430425065c05a026b3bbe63cb313b&_t=1730411396539&cb=ONEAD_text_response_4w6w4&pb=0&spid=&bgid=0
Requested by
Host: ad-specs.guoshipartners.com
URL: https://ad-specs.guoshipartners.com/static/js/ad-serv.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.241.176 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
176.241.178.107.bc.googleusercontent.com
Software
gws / OneAD
Resource Hash
03df1555d030231f5f532d789d303f011771ca6194c6b5f509b37237abacd5a3

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Referer
https://reurl.cc/l0y1OA?001

Response headers

x-onead-version
1669ce8e
age
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
x-varnish
439500150
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date
Thu, 31 Oct 2024 21:49:56 GMT
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
x-onead-guid
117656e7-97d2-11ef-921a-0242ac120002
x-onead-force-backend
false
access-control-allow-credentials
true
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
content-length
176
x-onead-hit-counter
1
x-onead-backend
onead-http-query-jt02-gohttp
server
gws
x-powered-by
OneAD
renews-title1.png
re-news.tw/images/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://re-news.tw/images/renews-title1.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/l0y1OA?001
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.26.175 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
175.26.160.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
e9b96bc538ceb220fc5caff0d0a67916b74cf07b2bada0b3296a17b1b99c9990

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Referer
https://reurl.cc/l0y1OA?001

Response headers

cache-control
public,max-age=3600
etag
W/"5fad-191b5b37a20"
age
4270
via
1.1 google
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24493
date
Thu, 31 Oct 2024 20:38:46 GMT
last-modified
Tue, 03 Sep 2024 02:25:24 GMT
x-powered-by
Express
content-type
image/png
1730400168-9f51552b11f9d48d1aa47638aceefcfb-840x525.jpg
img.gbyhn.com.tw/2024/11/ 		114 KB
115 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.gbyhn.com.tw/2024/11/1730400168-9f51552b11f9d48d1aa47638aceefcfb-840x525.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/l0y1OA?001
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62100a652872d1ae8913c30b58033cd84645d1ad8e16d07c07ac1b2fe35fd35b

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Referer
https://reurl.cc/l0y1OA?001

Response headers

cf-cache-status
HIT
age
8757
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OivtREppN5UVubmml2UAqCKrzUnToyvc3n%2FiljAe5OXvmpfVB1O7XGsYUASk0%2FTKIdTtq6ymuH1wHImHm8rwD23rEvsWcrRLejLS%2BIJJ5%2FlyU6YF3ZhUepAbj4LU6RuGc4TM"}],"group":"cf-nel","max_age":604800}
expires
Thu, 07 Nov 2024 19:10:12 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=19035&sent=7&recv=8&lost=0&retrans=0&sent_bytes=3946&recv_bytes=2249&delivery_rate=150749&cwnd=223&unsent_bytes=0&cid=44270cbc1fb7f4ac&ts=202&x=0"
date
Thu, 31 Oct 2024 21:49:57 GMT
content-type
image/jpeg
last-modified
Thu, 31 Oct 2024 18:42:49 GMT
vary
Accept-Encoding
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8db6dba14bd13763-MXP
accept-ranges
bytes
content-length
117066
x-turbo-charged-by
LiteSpeed
server
cloudflare
D32_1.jpg
mma.prnasia.com/media2/2541713/ 		82 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mma.prnasia.com/media2/2541713/D32_1.jpg?p=medium600
Requested by
Host: reurl.cc
URL: https://reurl.cc/l0y1OA?001
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.238.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
708ab5386b21ba412bc86229678bff5793a7750b6a78db1874989bf9eb58a620

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Referer
https://reurl.cc/l0y1OA?001

Response headers

cf-bgj
h2pri
cf-cache-status
HIT
age
22142
access-control-allow-methods
GET, POST, OPTIONS
expires
Thu, 31 Oct 2024 15:01:11 GMT
server-timing
intid;desc=cfa1b09e16672334
date
Thu, 31 Oct 2024 21:49:57 GMT
content-type
image/jpeg
last-modified
Thu, 31 Oct 2024 15:01:10 GMT
vary
*, Accept-Encoding
access-control-allow-headers
Content-Type
cache-control
public, max-age=0
cf-ray
8db6dba14807baa5-MXP
accept-ranges
bytes
access-control-allow-origin
*
content-length
83709
x-powered-by
ASP.NET
server
cloudflare
202410300441124.jpg
img.racingcharger.tw/wp-content/uploads/ 		114 KB
114 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.racingcharger.tw/wp-content/uploads/202410300441124.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/l0y1OA?001
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.1.220.9 , Taiwan, ASN131149 (YUANJHEN-AS-TW Yuan-Jhen Info., Co., Ltd, TW),
Reverse DNS
103-1-220-9.static.ip.net.tw
Software
Apache /
Resource Hash
9a2b5f9dd8e09ea07c8ea2f66713d37a5236063e73c26d4cb9a7f6586aebd3f9

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Referer
https://reurl.cc/l0y1OA?001

Response headers

accept-ranges
bytes
content-length
116891
date
Thu, 31 Oct 2024 21:49:57 GMT
last-modified
Wed, 30 Oct 2024 04:41:17 GMT
content-type
image/jpeg
server
Apache
%E7%8E%89%E5%B1%B1-Unicard%EF%BC%8C%E6%8C%87%E5%AE%9A%E7%99%BE%E5%A4%A7%E9%80%9A%E8%B7%AF%E6%9C%80%E9%AB%98-3-%E5%9B%9E%E9%A5%8B-1080x630.jpg
creditcards.com.tw/wp-content/uploads/2024/08/ 		57 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creditcards.com.tw/wp-content/uploads/2024/08/%E7%8E%89%E5%B1%B1-Unicard%EF%BC%8C%E6%8C%87%E5%AE%9A%E7%99%BE%E5%A4%A7%E9%80%9A%E8%B7%AF%E6%9C%80%E9%AB%98-3-%E5%9B%9E%E9%A5%8B-1080x630.jpg?crop=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/l0y1OA?001
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.24 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
67020d53a6eb93ece55fc99b8f7cbbce497ff4588a15a4f6f3252eb168742dec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Referer
https://reurl.cc/l0y1OA?001

Response headers

etag
"00f02e17b6fd1b29"
x-content-type-options
nosniff
access-control-allow-methods
GET, HEAD
expires
Fri, 30 Oct 2026 21:15:58 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 31 Oct 2024 21:49:56 GMT
content-type
image/webp
last-modified
Wed, 30 Oct 2024 09:15:58 GMT
vary
Accept
strict-transport-security
max-age=31536000
cache-control
public, max-age=63115200
timing-allow-origin
*
x-nc
HIT bur 4
access-control-allow-origin
*
content-length
58520
x-ac
3.mxp _atomic_ams HIT
server
nginx
1f449.png
s.w.org/images/core/emoji/15.0.3/72x72/ 		423 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.w.org/images/core/emoji/15.0.3/72x72/1f449.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/l0y1OA?001
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
s.w.org
Software
nginx /
Resource Hash
9cf1114324a6653750f0f8af7783a744e45adadca47c48844e4ee0f11df269bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Referer
https://reurl.cc/l0y1OA?001

Response headers

cache-control
max-age=315360000
x-nc
HIT mxp 1
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
expires
Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
423
date
Thu, 31 Oct 2024 21:49:56 GMT
content-type
image/png
last-modified
Tue, 30 Jan 2024 01:18:29 GMT
server
nginx
x-frame-options
SAMEORIGIN
file.png
static.wixstatic.com/media/8d2acb_14291b4e7dcf40f1a7a32791a67c437a~mv2.png/v1/fit/w_1000,h_1000,al_c,q_80/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.wixstatic.com/media/8d2acb_14291b4e7dcf40f1a7a32791a67c437a~mv2.png/v1/fit/w_1000,h_1000,al_c,q_80/file.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/l0y1OA?001
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-79.fra6.r.cloudfront.net
Software
openresty/1.21.4.1 /
Resource Hash
b43f6d9c4351cdad9448aa37c154912fefe6e9cf659cfa2efba5913602815b88

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Referer
https://reurl.cc/l0y1OA?001

Response headers

x-amz-cf-id
cli92JwgVnQ92g-sMN0IJYsMQpYnhgSlaPtMecPvB6uHqg27fnu6nw==
cache-control
public, max-age=15552000, immutable
timing-allow-origin
*
age
4434181
via
1.1 google, 1.1 78059242182c195ff7f26013772da09a.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-seen-by
image-manipulator-6648f57487-hc4w5
content-length
1075283
alt-svc
h3=":443"; ma=86400
date
Tue, 10 Sep 2024 14:06:56 GMT
content-type
image/png
x-cache
Hit from cloudfront
server
openresty/1.21.4.1
x-amz-cf-pop
FRA6-C1
wix-tracer
2lsmZt5dnM21OINTQfN0tfd1pyO
%E6%A8%82%E5%A4%A9%E8%B2%B8-%E4%BF%A1%E7%94%A8%E7%AE%A1%E7%90%86%E6%8C%87%E5%8D%97-1.jpg
blog.alphaloan.co/wp-content/uploads/2021/04/ 		0
0
cms
ups.analytics.yahoo.com/ups/58791/
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=OneDATA
  • https://ups.analytics.yahoo.com/ups/58791/cms?partner_id=OneDATA
0
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58791/cms?partner_id=OneDATA
Requested by
Host: reurl.cc
URL: https://reurl.cc/l0y1OA?001
Protocol
H2
Server
87.248.119.251 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
e1-bmr.ycpi.vip.deb.yahoo.com
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Referer
https://reurl.cc/l0y1OA?001

Response headers

strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
date
Thu, 31 Oct 2024 21:49:57 GMT
age
0
content-type
text/html
server
ATS
referrer-policy
no-referrer-when-downgrade

Redirect headers

strict-transport-security
max-age=31536000
cache-control
no-store
location
https://ups.analytics.yahoo.com/ups/58791/cms?partner_id=OneDATA
content-length
257
date
Thu, 31 Oct 2024 21:49:57 GMT
content-type
text/html
content-language
en
server
ATS
ltm
onead.onevision.com.tw/v2/pixel/
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=15135/tp=ONEA/?https://onead.onevision.com.tw/v2/pixel/ltm?id=${profile_id}
  • https://onead.onevision.com.tw/v2/pixel/ltm?id=
170 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onead.onevision.com.tw/v2/pixel/ltm?id=
Requested by
Host: reurl.cc
URL: https://reurl.cc/l0y1OA?001
Protocol
H2
Server
107.178.241.176 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
176.241.178.107.bc.googleusercontent.com
Software
gws / OneAD
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Referer
https://reurl.cc/l0y1OA?001

Response headers

x-onead-version
1669ce8e
x-vendor
ltm
age
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
x-varnish
786031623
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date
Thu, 31 Oct 2024 21:49:57 GMT
content-type
image/png
last-modified
Tue, 27 Oct 2020 13:57:49 GMT
x-status
okay
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
content-length
170
x-onead-backend
onead-http-event-kh4x-gohttp
server
gws
x-powered-by
OneAD

Redirect headers

cache-control
no-cache
location
https://onead.onevision.com.tw/v2/pixel/ltm?id=
pragma
no-cache
expires
0
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length
0
date
Thu, 31 Oct 2024 21:49:57 GMT
x-server
10.45.24.22
server
Jetty(9.4.38.v20210224)
generic
match.adsrvr.org/track/cmf/ 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=r1jlltl&ttd_tpi=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/l0y1OA?001
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Referer
https://reurl.cc/l0y1OA?001

Response headers

content-length
70
date
Thu, 31 Oct 2024 21:49:57 GMT
content-type
image/gif
server
Kestrel
pixel
ps.eyeota.net/ 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/pixel?pid=3m51m51&uid=117656e7-97d2-11ef-921a-0242ac120002&t=ajs
Requested by
Host: reurl.cc
URL: https://reurl.cc/l0y1OA?001
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.122.214.165 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-214-165.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Referer
https://reurl.cc/l0y1OA?001

Response headers

Content-Length
0
Date
Thu, 31 Oct 2024 21:49:57 GMT
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
taboola
onead.onevision.com.tw/v2/pixel/
Redirect Chain
  • https://trc.taboola.com/sg/onedata/1/cm
  • https://onead.onevision.com.tw/v2/pixel/taboola?id=d74c014b-57dd-4c28-9dc8-2553e81c3cb9-tucte1d8105
170 B
322 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onead.onevision.com.tw/v2/pixel/taboola?id=d74c014b-57dd-4c28-9dc8-2553e81c3cb9-tucte1d8105
Requested by
Host: reurl.cc
URL: https://reurl.cc/l0y1OA?001
Protocol
H2
Server
107.178.241.176 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
176.241.178.107.bc.googleusercontent.com
Software
gws / OneAD
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Referer
https://reurl.cc/l0y1OA?001

Response headers

x-onead-version
1669ce8e
x-vendor
taboola
age
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
x-varnish
392930094
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date
Thu, 31 Oct 2024 21:49:57 GMT
content-type
image/png
last-modified
Tue, 27 Oct 2020 13:57:49 GMT
x-vendor-client-id
d74c014b-57dd-4c28-9dc8-2553e81c3cb9-tucte1d8105
x-status
okay
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
content-length
170
x-onead-backend
onead-http-event-sm2l-gohttp
server
gws
x-powered-by
OneAD

Redirect headers

x-fastly-to-nlb-rtt
67624
location
https://onead.onevision.com.tw/v2/pixel/taboola?id=d74c014b-57dd-4c28-9dc8-2553e81c3cb9-tucte1d8105
x-timer
S1730411397.397195,VS0,VE69
x-vcl-time-ms
69
via
1.1 varnish
accept-ranges
bytes
x-cache
MISS
content-length
0
date
Thu, 31 Oct 2024 21:49:57 GMT
x-service-version
v1
server
nginx
x-cache-hits
0
x-served-by
cache-mxp6983-MXP
AGSKWxX_cOhsWae_rku4u_tu1aUQzSyS87jEXkOgJ4ZUJzLROEcGmRnCGFMNgVRjnFhoDKppWSiu3ij8Vx_HBN-nv66kX8chh_PD1HqnKS43HxfBfaXSKq5hORH7TNfb41Frw_sh15OrBw==
fundingchoicesmessages.google.com/el/ 		0
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxX_cOhsWae_rku4u_tu1aUQzSyS87jEXkOgJ4ZUJzLROEcGmRnCGFMNgVRjnFhoDKppWSiu3ij8Vx_HBN-nv66kX8chh_PD1HqnKS43HxfBfaXSKq5hORH7TNfb41Frw_sh15OrBw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.it.YsgOOctukrI.es5.O/am=DAY/d=1/rs=AJlcJMyHXTpfTepiah7Gkkg96izkHa2J-w/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-EGGo8l4G_VMKwR16HFQ37w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type
text/plain
Referer
https://reurl.cc/l0y1OA?001

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 31 Oct 2024 21:49:56 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmII1JBicEqfwRoCxO5aF1n9gZjh6xVWDiAW4uFo-d6_k03gRlvfaWYll6T8wvjk_LyS1LwS3cSUYl0QuygzqbQkvwiFnVoGUpGTn56emZceb2RgZGJoYGygZ2AcX2AAACzhKLI"
content-security-policy
script-src 'report-sample' 'nonce-EGGo8l4G_VMKwR16HFQ37w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://reurl.cc
content-length
0
x-xss-protection
0
server
ESF
AGSKWxX_cOhsWae_rku4u_tu1aUQzSyS87jEXkOgJ4ZUJzLROEcGmRnCGFMNgVRjnFhoDKppWSiu3ij8Vx_HBN-nv66kX8chh_PD1HqnKS43HxfBfaXSKq5hORH7TNfb41Frw_sh15OrBw==
fundingchoicesmessages.google.com/el/ 		0
359 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxX_cOhsWae_rku4u_tu1aUQzSyS87jEXkOgJ4ZUJzLROEcGmRnCGFMNgVRjnFhoDKppWSiu3ij8Vx_HBN-nv66kX8chh_PD1HqnKS43HxfBfaXSKq5hORH7TNfb41Frw_sh15OrBw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.it.YsgOOctukrI.es5.O/am=DAY/d=1/rs=AJlcJMyHXTpfTepiah7Gkkg96izkHa2J-w/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-SB56GB-pwNoNtErIPw2mYA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type
text/plain
Referer
https://reurl.cc/l0y1OA?001

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 31 Oct 2024 21:49:56 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw1ZBicEqfwRoCxO5aF1n9gZjh6xVWDiAW4uFo-d6_k03gQtOa08xKLkn5hfHJ-XklqXkluokpxbogdlFmUmlJfhEKO7UMpCInPz09My893sjAyMTQwNhAz8A4vsAAADAvKMA"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-SB56GB-pwNoNtErIPw2mYA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://reurl.cc
content-length
0
x-xss-protection
0
server
ESF
AGSKWxW10i9pBFg5yeEw_20lu2fbQHuYOubWUpApNIpmXbfKLKYA80745WlLiPP2sXBDzkEag5edDTKdC82dDevNuOxNfNwz71lGSbeML62ZIN56m_yMDSafEcdX6ilQrlJ5nJUDE81doQ==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxW10i9pBFg5yeEw_20lu2fbQHuYOubWUpApNIpmXbfKLKYA80745WlLiPP2sXBDzkEag5edDTKdC82dDevNuOxNfNwz71lGSbeML62ZIN56m_yMDSafEcdX6ilQrlJ5nJUDE81doQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMwNDExMzk2LDkzODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiaXQiLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9yZXVybC5jYy9sMHkxT0EiLG51bGwsW1s4LCJZc2dPT2N0dWtySSJdLFs5LCJpdCJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.it.YsgOOctukrI.es5.O/am=DAY/d=1/rs=AJlcJMyHXTpfTepiah7Gkkg96izkHa2J-w/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f14.1e100.net
Software
ESF /
Resource Hash
65943f153bb2899cabdd042834e66dd8dc495974c1a079081849cd544856f93d
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-htOMVobTFOlVjQvQE5DVBg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Referer
https://reurl.cc/l0y1OA?001

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 31 Oct 2024 21:49:56 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmLw05BiOHnrNtNFIJb4-pJJC4id0mewhgBx681zrNOBOOnfedYSIHbXusjqD8SGCpdYnYHYsegSqycQq_ZcYjUH4vvrLrE-B-IiiSusLUB8u-kK62MgZvh6hZUDiIV4OFq-9-9kE-hobbvFrKSRlF8Yn5yfV1KUmVRakl-UlpyWWpxaVJZaFG9kYGRiaGBsoGdgEF9gAACbiUSd"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-htOMVobTFOlVjQvQE5DVBg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
AGSKWxV39_8Q52jmhZnPZYii6705TMU0K90jUIWugMPb7mvLw1VoU1Hxko4fiFuWUIH2mFJE0Rmg-DpYtx0BMrjaXmleltDZcszhx070kOKjwAMW5inCbCwBjlwKcnaIfO2GsPjqK6VphA==
fundingchoicesmessages.google.com/el/ 		0
356 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxV39_8Q52jmhZnPZYii6705TMU0K90jUIWugMPb7mvLw1VoU1Hxko4fiFuWUIH2mFJE0Rmg-DpYtx0BMrjaXmleltDZcszhx070kOKjwAMW5inCbCwBjlwKcnaIfO2GsPjqK6VphA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.it.YsgOOctukrI.es5.O/am=DAY/d=1/rs=AJlcJMyHXTpfTepiah7Gkkg96izkHa2J-w/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-C1MyrEHCgs5dcO6bdwjFyw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type
text/plain
Referer
https://reurl.cc/l0y1OA?001

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 31 Oct 2024 21:49:57 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw15BicEqfwRoCxO5aF1n9gZjh6xVWDiAW4uZo_d6_k01gxeZ3okouSfmF8cn5eSWpeSW6iSnFuiB2UWZSaUl-EQo7tQykIic_PT0zLz3eyMDIxNDA2EDPwDi-wAAAAw0oVA"
content-security-policy
script-src 'report-sample' 'nonce-C1MyrEHCgs5dcO6bdwjFyw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://reurl.cc
content-length
0
x-xss-protection
0
server
ESF
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-N394QBRGC0&gtm=45je4au0v897965293za200&_p=1730411393837&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101533422~101823848~101878899~101878944~101899378~101925629&cid=723090709.1730411394&ul=it-it&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1730411394&sct=1&seg=0&dl=https%3A%2F%2Freurl.cc%2Fl0y1OA%3F001&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&en=scroll&epn.percent_scrolled=90&_et=8&tfd=8472
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Referer
https://reurl.cc/l0y1OA?001

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://reurl.cc
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 31 Oct 2024 21:49:59 GMT
content-type
text/plain
server
Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
yads.c.yimg.jp
URL
https://yads.c.yimg.jp/js/yads-async.js
Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2158615155466043&correlator=1885466707906091&eid=31086815%2C31088371%2C31088487%2C95345696&output=ldjh&gdfp_req=1&vrg=202410280101&ptt=17&impl=fifs&gdpr=0&iu_parts=424536528%3A23034994296%2C1562610_reurl_300x250_responsive_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C336x250%7C200x200%7C250x250&fluid=height&ifi=1&didk=421691983&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1730411396385&lmt=1730411396&adxs=245&adys=248&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Freurl.cc%2Fl0y1OA%3F001&vis=1&psz=1110x0&msz=1110x0&fws=0&ohw=0&td=1&egid=43987&tdf=2&topics=1&tps=1&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1730411393269&idt=1479&prev_scp=cpt%3Dtrue%26cptver%3D4.6.6%26slotdiv%3D1562610_reurl_300x250_responsive_1%26mini_cpt_type%3Ddirect%26cpt-3pc%3D1&cust_params=geniee_pv%3D7420a9a8-960f-4235-8720-114713eed4af%26cpt_type%3Ddefault%26geniee_type%3D0%26geniee-type%3D0&adks=2208053121&frm=20&eoidce=1
Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2158615155466043&correlator=195583470577383&eid=31086815%2C31088371%2C31088487%2C95345696&output=ldjh&gdfp_req=1&vrg=202410280101&ptt=17&impl=fifs&gdpr=0&iu_parts=424536528%3A23034994296%2C1562615_reurl_overlay_responsive&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x50%7C300x100%7C320x50%7C320x100%7C468x60%7C728x90%7C970x90&fluid=height&ifi=2&didk=707282785&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1730411396393&lmt=1730411396&adxs=1300&adys=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Freurl.cc%2Fl0y1OA%3F001&vis=1&psz=1600x-1&msz=300x-1&fws=512&ohw=0&td=1&egid=43987&tdf=2&topics=1&tps=1&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1730411393269&idt=1479&prev_scp=cpt%3Dtrue%26cptver%3D4.6.6%26slotdiv%3D1562615_reurl_overlay_responsive%26mini_cpt_type%3Ddirect%26cpt-3pc%3D1&cust_params=geniee_pv%3D7420a9a8-960f-4235-8720-114713eed4af%26cpt_type%3Ddefault%26geniee_type%3D0%26geniee-type%3D0&adks=464484753&frm=20&eoidce=1
Domain
blog.alphaloan.co
URL
https://blog.alphaloan.co/wp-content/uploads/2021/04/%E6%A8%82%E5%A4%A9%E8%B2%B8-%E4%BF%A1%E7%94%A8%E7%AE%A1%E7%90%86%E6%8C%87%E5%8D%97-1.jpg

Verdicts & Comments Add Verdict or Comment

202 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 function| gtag object| dataLayer object| gnshbrequest function| custom_call_ND object| ONEAD_TEXT object| ONEAD_text_pubs string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| googletag object| ggeac object| google_js_reporting_queue object| google_tag_manager function| onYouTubeIframeAPIReady boolean| gn_wrapper_executed object| gnpb string| gn_pvid string| gn_native_template object| __gn_config boolean| gnslibincluded boolean| __gnpb_analytics number| __gn_prebid_sampling_rate number| gn_aladdin_vendor_id number| gn_beacon_rate object| google_reactive_ads_global_state object| YJ_YADS function| getGnshbrequestSlots object| gecptparams object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| YTk3NmUzMjkyZTQyZjBlNWxvYWRlcl9qcw== string| YTk3NmUzMjkyZTQyZjBlNWNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| google_tag_topics_state object| _33across function| lotameIsCompatible function| sync16589_aa function| sync16589_c function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ia object| sync16589_ja object| sync16589_s object| sync16589_B object| sync16589_wa function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_ga function| sync16589_ha function| sync16589_t function| sync16589_v function| sync16589_w function| sync16589_x function| sync16589_ka function| sync16589_la function| sync16589_y function| sync16589_ma function| sync16589_z function| sync16589_A function| sync16589_u function| sync16589_C function| sync16589_na function| sync16589_oa function| sync16589_pa function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_qa function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_K function| sync16589_M function| sync16589_L function| sync16589_N function| sync16589_O function| sync16589_J function| sync16589_ra function| sync16589_sa function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_P function| sync16589_Q function| sync16589_xa function| sync16589_R function| sync16589_ya function| sync16589_za function| sync16589_Aa function| sync16589_S function| sync16589_Ba function| sync16589_Ca function| sync16589_Da function| sync16589_Ea function| sync16589_T function| sync16589_Fa function| sync16589_U function| sync16589_V function| sync16589_W function| sync16589_X function| sync16589_Ga function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_1 function| sync16589_2 function| sync16589_Ha function| sync16589_3 function| sync16589_Ja function| sync16589_Ia function| sync16589_4 function| sync16589_La function| sync16589_Ma function| sync16589_Ka function| sync16589_Na function| sync16589_Qa function| sync16589_Pa function| sync16589_Oa function| sync16589_Sa function| sync16589_Ua function| sync16589_Ra function| sync16589_6 function| sync16589_Ta function| sync16589_Xa function| sync16589_Wa function| sync16589_Va function| sync16589_7 function| sync16589_5 function| sync16589_8 function| sync16589_Ya function| sync16589_Za function| sync16589__a function| sync16589_0a function| sync16589_9 function| sync16589_1a function| sync16589_$ function| sync16589_2a function| sync16589_3a function| sync16589_4a object| lotame_sync_16589 object| regeneratorRuntime object| ox_esp function| ONEAD_text_response object| ONEAD_TEXT_INFO function| ONEAD_text_response_4w6w4 function| text_etag_callback_4w6w4 function| custom_call_MIR object| _ONEAD object| ONEAD_pubs function| Vue object| renews function| getRenewsFeeds object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_159 object| Criteo object| Criteo_identitytag_159 number| google_unique_id boolean| 57172096-a9ec-41f7-84ba-176662d71faa number| google_srt function| googleCompanionsServicePresent function| googleGetCompanionAdSlots function| googleSetCompanionAdContents function| google_companion_error

13 Cookies

Domain/Path Name / Value
.reurl.cc/ Name: _gid
Value: GA1.2.1763618998.1730411394
.reurl.cc/ Name: _gat
Value: 1
.reurl.cc/ Name: _ga
Value: GA1.1.723090709.1730411394
.reurl.cc/ Name: _ga_N394QBRGC0
Value: GS1.1.1730411394.1.0.1730411394.60.0.0
.doubleclick.net/ Name: IDE
Value: AHWqTUl5B5wtd2ZFI8Whi0OEPIjcli5mdE9Cum8tQbDXbZErkJMFFeYse6A_swyW
onead.onevision.com.tw/ Name: onevision_guid
Value: 117656e7-97d2-11ef-921a-0242ac120002
onead.onevision.com.tw/ Name: oid
Value: 117656d3-97d2-11ef-921a-0242ac120002
reurl.cc/ Name: oid
Value: %257B%2522oid%2522%253A%2522117656e7-97d2-11ef-921a-0242ac120002%2522%252C%2522ts%2522%253A-62135596800%252C%2522v%2522%253A%252220201117%2522%257D
.criteo.com/ Name: uid
Value: 4df9fa60-1f3f-42a6-a824-112bc9f8fa97
.reurl.cc/ Name: cto_bundle
Value: NFzmCl9BcEZKOTBLSDJ0QlUya2R1cUlUamZ0MUM2ejY0cG95OSUyQllmZktYZkJyYzFicG9sNVFXZSUyQjFWWHlVZW5OdkZGbUVEUjZCNWQlMkJFbVpzTm9nMlNXQkg3TjlOMVBubnFqd3clMkJoNjNoQUZ6a3ZuMjdNJTJGSWttZVRMRGR2djZiM0VrQm5xbVhJWVJHeXBTVzRTS0YzUVlJbnJRJTNEJTNE
.reurl.cc/ Name: FCNEC
Value: %5B%5B%22AKsRol8Ph1aGVHFphgnKBQptNWieH8KY3r_K3n2GO6XOm3oFT5Kq-LPYTJNERdqCQSclgumpNUbRh8yr2sz04u7_tiyluiZyKL1GW1yDT7k_onLQlrJ4eirY2dnfshepRU97W5e80ZKt4pO1nLIAg-uf284LeNShZQ%3D%3D%22%5D%5D
.eyeota.net/ Name: SERVERID
Value: 19134~DM
.prnasia.com/ Name: __cf_bm
Value: 6s63ypfnRECWhyRVMY7VbBUT6Zu73jGpTxLt3xVns3c-1730411397-1.0.1.1-DPZQEfPamoXQcgVpQzySMX3obkHyqJVfNsCSVSwwQewMenAnaazB3dJ71APLjqOHQCDxP9Ah1x0EpOPw3DJvvg

5 Console Messages

Source Level URL
Text
rendering warning URL: https://reurl.cc/l0y1OA?001(Line 32)
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0305712CC330000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
javascript error URL: https://reurl.cc/l0y1OA?001
Message:
Access to fetch at 'https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2158615155466043&correlator=1885466707906091&eid=31086815%2C31088371%2C31088487%2C95345696&output=ldjh&gdfp_req=1&vrg=202410280101&ptt=17&impl=fifs&gdpr=0&iu_parts=424536528%3A23034994296%2C1562610_reurl_300x250_responsive_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C336x250%7C200x200%7C250x250&fluid=height&ifi=1&didk=421691983&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1730411396385&lmt=1730411396&adxs=245&adys=248&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Freurl.cc%2Fl0y1OA%3F001&vis=1&psz=1110x0&msz=1110x0&fws=0&ohw=0&td=1&egid=43987&tdf=2&topics=1&tps=1&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1730411393269&idt=1479&prev_scp=cpt%3Dtrue%26cptver%3D4.6.6%26slotdiv%3D1562610_reurl_300x250_responsive_1%26mini_cpt_type%3Ddirect%26cpt-3pc%3D1&cust_params=geniee_pv%3D7420a9a8-960f-4235-8720-114713eed4af%26cpt_type%3Ddefault%26geniee_type%3D0%26geniee-type%3D0&adks=2208053121&frm=20&eoidce=1' from origin 'https://reurl.cc' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2158615155466043&correlator=1885466707906091&eid=31086815%2C31088371%2C31088487%2C95345696&output=ldjh&gdfp_req=1&vrg=202410280101&ptt=17&impl=fifs&gdpr=0&iu_parts=424536528%3A23034994296%2C1562610_reurl_300x250_responsive_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C336x250%7C200x200%7C250x250&fluid=height&ifi=1&didk=421691983&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1730411396385&lmt=1730411396&adxs=245&adys=248&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Freurl.cc%2Fl0y1OA%3F001&vis=1&psz=1110x0&msz=1110x0&fws=0&ohw=0&td=1&egid=43987&tdf=2&topics=1&tps=1&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1730411393269&idt=1479&prev_scp=cpt%3Dtrue%26cptver%3D4.6.6%26slotdiv%3D1562610_reurl_300x250_responsive_1%26mini_cpt_type%3Ddirect%26cpt-3pc%3D1&cust_params=geniee_pv%3D7420a9a8-960f-4235-8720-114713eed4af%26cpt_type%3Ddefault%26geniee_type%3D0%26geniee-type%3D0&adks=2208053121&frm=20&eoidce=1
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://reurl.cc/l0y1OA?001
Message:
Access to fetch at 'https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2158615155466043&correlator=195583470577383&eid=31086815%2C31088371%2C31088487%2C95345696&output=ldjh&gdfp_req=1&vrg=202410280101&ptt=17&impl=fifs&gdpr=0&iu_parts=424536528%3A23034994296%2C1562615_reurl_overlay_responsive&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x50%7C300x100%7C320x50%7C320x100%7C468x60%7C728x90%7C970x90&fluid=height&ifi=2&didk=707282785&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1730411396393&lmt=1730411396&adxs=1300&adys=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Freurl.cc%2Fl0y1OA%3F001&vis=1&psz=1600x-1&msz=300x-1&fws=512&ohw=0&td=1&egid=43987&tdf=2&topics=1&tps=1&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1730411393269&idt=1479&prev_scp=cpt%3Dtrue%26cptver%3D4.6.6%26slotdiv%3D1562615_reurl_overlay_responsive%26mini_cpt_type%3Ddirect%26cpt-3pc%3D1&cust_params=geniee_pv%3D7420a9a8-960f-4235-8720-114713eed4af%26cpt_type%3Ddefault%26geniee_type%3D0%26geniee-type%3D0&adks=464484753&frm=20&eoidce=1' from origin 'https://reurl.cc' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2158615155466043&correlator=195583470577383&eid=31086815%2C31088371%2C31088487%2C95345696&output=ldjh&gdfp_req=1&vrg=202410280101&ptt=17&impl=fifs&gdpr=0&iu_parts=424536528%3A23034994296%2C1562615_reurl_overlay_responsive&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x50%7C300x100%7C320x50%7C320x100%7C468x60%7C728x90%7C970x90&fluid=height&ifi=2&didk=707282785&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1730411396393&lmt=1730411396&adxs=1300&adys=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Freurl.cc%2Fl0y1OA%3F001&vis=1&psz=1600x-1&msz=300x-1&fws=512&ohw=0&td=1&egid=43987&tdf=2&topics=1&tps=1&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1730411393269&idt=1479&prev_scp=cpt%3Dtrue%26cptver%3D4.6.6%26slotdiv%3D1562615_reurl_overlay_responsive%26mini_cpt_type%3Ddirect%26cpt-3pc%3D1&cust_params=geniee_pv%3D7420a9a8-960f-4235-8720-114713eed4af%26cpt_type%3Ddefault%26geniee_type%3D0%26geniee-type%3D0&adks=464484753&frm=20&eoidce=1
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad-specs.guoshipartners.com
ad6c1d081e331e483a51678e6013f626.safeframe.googlesyndication.com
analytics.google.com
bcp.crwdcntrl.net
blog.alphaloan.co
cdn-ima.33across.com
cdn.jsdelivr.net
cms.analytics.yahoo.com
cpt.geniee.jp
creditcards.com.tw
fundingchoicesmessages.google.com
gum.criteo.com
img.gbyhn.com.tw
img.racingcharger.tw
invstatic101.creativecdn.com
js.genieessp.com
match.adsrvr.org
mma.prnasia.com
oa.openxcdn.net
onead.onevision.com.tw
pagead2.googlesyndication.com
ps.eyeota.net
re-news.tw
reurl.cc
s.id
s.w.org
securepubads.g.doubleclick.net
static.criteo.net
static.wixstatic.com
stats.g.doubleclick.net
storage.reurl.cc
tags.crwdcntrl.net
td.doubleclick.net
trc.taboola.com
ups.analytics.yahoo.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
yads.c.yimg.jp
blog.alphaloan.co
securepubads.g.doubleclick.net
yads.c.yimg.jp
103.1.220.9
104.17.238.194
107.178.241.176
108.177.15.156
142.250.185.129
142.250.185.194
151.101.1.229
151.101.65.44
157.240.0.35
168.95.245.2
172.217.16.130
172.217.16.194
172.217.18.14
172.64.152.89
178.250.1.11
178.250.1.3
188.114.97.3
192.0.77.48
192.0.78.24
193.84.85.178
216.239.32.181
216.58.206.40
222.230.178.141
222.230.178.143
3.122.214.165
3.33.220.150
34.102.146.192
34.149.98.30
34.160.26.175
34.96.70.87
35.185.130.121
52.49.89.142
65.9.66.104
87.248.119.251
99.86.4.79
019f52ca21eb116613dd1cc2e03defa2e5171dbdb1427c0474b826175ba0cddb
03df1555d030231f5f532d789d303f011771ca6194c6b5f509b37237abacd5a3
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
12899e0bc51a75ae5557d58322293bd3618127e4d5652e62132924f62bfad9fa
1635d2075d3343c86490d2229c1fb868ad59d92958ef65e04cb65767c703e9f6
16cf673198b29bb08e83f5d8f74182d97d9c6dfa729c60f90f6195e739de9d20
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
22743d9dc93a38d7096ec7c9a02146da7a721ada15192d87e81d78ff53cb2f2a
3108e15dfc911f1a730106ee1e44c941639e0b7add838d095680425e86d086c3
346c66e4f479f4a17ed1401f493c41c4c36b694580749098da5224e7707ed994
369b0c21906fdd75d4370af92e7f46c9b494a3f7b8c0bde8ef47aaf480a73145
4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
62100a652872d1ae8913c30b58033cd84645d1ad8e16d07c07ac1b2fe35fd35b
65943f153bb2899cabdd042834e66dd8dc495974c1a079081849cd544856f93d
67020d53a6eb93ece55fc99b8f7cbbce497ff4588a15a4f6f3252eb168742dec
708ab5386b21ba412bc86229678bff5793a7750b6a78db1874989bf9eb58a620
749079c4e18ad34ac381e98d3fa23e070937ae17b73e27bb066eae5350ed667d
7c741d8c72a9e2def60f2898fac17bb5cb04d629f17228590ad0b13481c31cf4
7f9965977cadbcbf049bf4cd91e55899d0e20588c107915ce5300c82ddbb0f4d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83c51e0b9cbe44fde3954195f94ccf5b57278cf5f7cc519dbba8c8dff1861985
8c7a349cb65c12304510df593eefa255d44c2950db757a944d840c0da978154c
8d4f5366aec3c23302eb6db9462cfa37a10cfce55b8ef47f1132db1458db4ddd
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9699944fbbc6738cf52022007429dd493e34a23f70e348b001a1ac2d7dd9af8a
9a2b5f9dd8e09ea07c8ea2f66713d37a5236063e73c26d4cb9a7f6586aebd3f9
9cf1114324a6653750f0f8af7783a744e45adadca47c48844e4ee0f11df269bf
9ffa45453324362cbc5cc78288e04513100c2d61baf3a969717ea5df3d0dbb39
a0996942afd9a0f201960aa9c55af925d0e2382b01e40bfdcdc7c1e4c7b5a089
ad2cb9e471fc4180c2d8454487bd2da9f66564e74136111694186a24eda2e89b
b43f6d9c4351cdad9448aa37c154912fefe6e9cf659cfa2efba5913602815b88
b492f33670309d314046994ab3366e276cce4a8b8cd83ff0e5b88bcd1f8156fa
ca5e6d74d9555db69e4ca97dfe95693d753bc1d9c5c9a62d38855ab6c6d4a76b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de6a85e529e849fe2d1ca4d7c3747742564145c2595352af34f98ee4b79f0f3d
e388e19ca38c825b329e762c79c66bbd41bd334f18312c5e97fde0a8f64bca36
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e607f6886e6ba44979975dc954230def06cb6eb7943187a8fe4b6fcbd1e10c38
e9b96bc538ceb220fc5caff0d0a67916b74cf07b2bada0b3296a17b1b99c9990