urlscan.io logo urlscan.io
SecurityTrails logo

reurl.cc Open in urlscan Pro
35.185.130.121  Public Scan

Go To Rescan Add Verdict Report
URL: https://reurl.cc/pMRx4x
Submission: On September 30 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 63 IPs in 12 countries across 49 domains to perform 374 HTTP transactions. The main IP is 35.185.130.121, located in Taipei, Taiwan and belongs to GOOGLE, US. The main domain is reurl.cc. The Cisco Umbrella rank of the primary domain is 237626.
TLS certificate: Issued by R3 on September 23rd 2022. Valid for: 3 months.
This is the only time reurl.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 35.185.130.121 15169 (GOOGLE)
2 2a04:4e42:400... 54113 (FASTLY)
40 203.75.214.136 3462 (HINET Dat...)
2 35.186.215.140 15169 (GOOGLE)
15 13.227.219.8 16509 (AMAZON-02)
40 2600:9000:223... 16509 (AMAZON-02)
3 2a03:2880:f02... 32934 (FACEBOOK)
4 2a03:2880:f12... 32934 (FACEBOOK)
1 35.244.196.223 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1288:f03... 10310 (YAHOO-1)
1 34.95.67.231 ()
1 6 35.201.76.93 15169 (GOOGLE)
5 2600:9000:236... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
4 210.59.219.180 3462 (HINET Dat...)
2 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
7 52.68.234.1 16509 (AMAZON-02)
8 2a02:2638:1::3 44788 (ASN-CRITE...)
1 212.82.100.146 34010 (YAHOO-IRD)
1 2a00:1288:110... 34010 (YAHOO-IRD)
7 103.132.192.30 138552 (RTBHOUSE-...)
10 20 34.96.119.68 396982 (GOOGLE-CL...)
10 10 172.105.220.23 63949 (LINODE-AP...)
7 210.59.219.181 3462 (HINET Dat...)
12 178.250.2.131 44788 (ASN-CRITE...)
1 192.0.78.135 2635 (AUTOMATTIC)
1 34.102.176.152 396982 (GOOGLE-CL...)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 192.0.77.2 2635 (AUTOMATTIC)
1 192.0.78.236 2635 (AUTOMATTIC)
5 34.117.219.39 396982 (GOOGLE-CL...)
2 6 192.96.200.41 30633 (LEASEWEB-...)
12 26 172.217.18.2 15169 (GOOGLE)
2 35.227.249.156 15169 (GOOGLE)
4 8 2a02:2638:1::13 44788 (ASN-CRITE...)
2 210.59.219.175 3462 (HINET Dat...)
2 2 92.123.9.160 16625 (AKAMAI-AS)
4 23.205.235.133 16625 (AKAMAI-AS)
4 10 162.210.196.208 30633 (LEASEWEB-...)
2 2 2a05:d018:d29... 16509 (AMAZON-02)
4 3.33.220.150 16509 (AMAZON-02)
6 178.250.2.146 44788 (ASN-CRITE...)
6 2606:4700:20:... 13335 (CLOUDFLAR...)
2 69.173.144.139 26667 (RUBICONPR...)
1 69.173.158.64 26667 (RUBICONPR...)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
32 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
2 142.251.39.2 15169 (GOOGLE)
18 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
6 10 104.18.18.126 13335 (CLOUDFLAR...)
6 8 37.252.172.250 29990 (ASN-APPNEX)
4 142.250.186.34 15169 (GOOGLE)
22 2a00:1450:400... 15169 (GOOGLE)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 103.229.205.243 30419 (MEDIAMATH...)
2 2 66.155.71.149 13768 (COGECO-PEER1)
1 35.227.252.103 15169 (GOOGLE)
4 4 52.50.55.155 16509 (AMAZON-02)
6 6 213.19.147.45 3356 (LEVEL3)
2 2 18.157.93.190 16509 (AMAZON-02)
1 1 35.204.74.118 396982 (GOOGLE-CL...)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
2 2 3.123.196.183 16509 (AMAZON-02)
374 63
6    35.185.130.121 (Taipei, Taiwan)

ASN15169 (GOOGLE, US)
PTR: 121.130.185.35.bc.googleusercontent.com
reurl.cc
2    2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
40    203.75.214.136 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-75-214-136.hinet-ip.hinet.net
t.ssp.hinet.net
c8a522ee-a7fb-4437-8501-e886795b0a78.t.ssp.hinet.net
7b5615bf-1a35-455a-bdc3-f9e13f83816d.t.ssp.hinet.net
2    35.186.215.140 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 140.215.186.35.bc.googleusercontent.com
ad.sitemaji.com
15    13.227.219.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-8.ams54.r.cloudfront.net
img.scupio.com
40    2600:9000:223c:8200:0:e06c:e940:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.holmesmind.com
3    2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
static.xx.fbcdn.net
4    2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    35.244.196.223 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 223.196.244.35.bc.googleusercontent.com
storage.re-news.tw
3    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1288:f03d:1fa::2000 (United Kingdom)

ASN10310 (YAHOO-1, US)
s.yimg.com
1    34.95.67.231 (None, )

ASN- ()
fcm.holmesmind.com
6    35.201.76.93 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 93.76.201.35.bc.googleusercontent.com
c.holmesmind.com
5    2600:9000:2368:5000:3:1794:2540:93a1 (United States)

ASN16509 (AMAZON-02, US)
adcdn.holmesmind.com
1    2a00:1450:400c:c08::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
4    210.59.219.180 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
bw.scupio.com
2    2a00:1450:400d:804::200a (Ireland)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
6    2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
7    52.68.234.1 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-68-234-1.ap-northeast-1.compute.amazonaws.com
ad.holmesmind.com
8    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    212.82.100.146 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: media-router-flurry71.prod.media.vip.ir2.yahoo.com
ads.yap.yahoo.com
1    2a00:1288:110:c204::b000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
geo.yahoo.com
7    103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net
prebid-asia.creativecdn.com
20    34.96.119.68 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.119.96.34.bc.googleusercontent.com
ad2.apx.appier.net
10    172.105.220.23 (Tokyo, Japan)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1874-23.members.linode.com
gocm.c.appier.net
7    210.59.219.181 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
prebid.scupio.com
12    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
1    192.0.78.135 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
creditcards.com.tw
1    34.102.176.152 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 152.176.102.34.bc.googleusercontent.com
static.wixstatic.com
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
img.gbyhn.com.tw
1    2606:4700::6810:fc04 (United States)

ASN13335 (CLOUDFLARENET, US)
mma.prnasia.com
1    2a06:98c1:3121::c (United States)

ASN13335 (CLOUDFLARENET, US)
img.racingcharger.tw
1    192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i1.wp.com
i0.wp.com
1    192.0.78.236 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
blog.alphaloan.co
5    34.117.219.39 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 39.219.117.34.bc.googleusercontent.com
fp.holmesmind.com
6    192.96.200.41 (Washington, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
hb.aralego.com
ads.aralego.com
26    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net
cm.g.doubleclick.net
2    35.227.249.156 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 156.249.227.35.bc.googleusercontent.com
m.holmesmind.com
8    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    210.59.219.175 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
rec.scupio.com
2    92.123.9.160 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-9-160.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
4    23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
10    162.210.196.208 (Washington, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
sync.aralego.com
2    2a05:d018:d29:3602:870a:9263:699a:3d34 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
4    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
6    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
6    2606:4700:20::681a:567 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
2    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    69.173.158.64 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)
pixel-apac.rubiconproject.com
6    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
4    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2a00:1450:400d:804::2001 (Ireland)

ASN15169 (GOOGLE, US)
0342d0927e7bae31297420a867da69f0.safeframe.googlesyndication.com
d0fd612faf23e498f893d32c99e1ae73.safeframe.googlesyndication.com
32    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
9    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
googleads.g.doubleclick.net
2    142.251.39.2 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s37-in-f2.1e100.net
partner.googleadservices.com
18    2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
10    104.18.18.126 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
8    37.252.172.250 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
4    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
googleads4.g.doubleclick.net
22    2a00:1450:400d:807::2006 (Ireland)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    2a02:fa8:8806:13::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
1    103.229.205.243 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
4    52.50.55.155 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-55-155.eu-west-1.compute.amazonaws.com
match.360yield.com
6    213.19.147.45 (Amsterdam, Netherlands)

ASN3356 (LEVEL3, US)
sync.1rx.io
sync.targeting.unrulymedia.com
2    18.157.93.190 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-93-190.eu-central-1.compute.amazonaws.com
pm.w55c.net
1    35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com
um.simpli.fi
1    85.114.159.93 (Schopfheim, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    3.123.196.183 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-196-183.eu-central-1.compute.amazonaws.com
x.bidswitch.net
Apex Domain
Subdomains		 Transfer
66 holmesmind.com
cdn.holmesmind.com — Cisco Umbrella Rank: 121290
fcm.holmesmind.com
c.holmesmind.com — Cisco Umbrella Rank: 97746
adcdn.holmesmind.com — Cisco Umbrella Rank: 124812
ad.holmesmind.com — Cisco Umbrella Rank: 89668
fp.holmesmind.com — Cisco Umbrella Rank: 126435
m.holmesmind.com — Cisco Umbrella Rank: 220166
224 KB
52 googlesyndication.com
0342d0927e7bae31297420a867da69f0.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
d0fd612faf23e498f893d32c99e1ae73.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 143
579 KB
43 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 79
cm.g.doubleclick.net — Cisco Umbrella Rank: 212
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 180
googleads.g.doubleclick.net — Cisco Umbrella Rank: 42
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 299
402 KB
40 hinet.net
t.ssp.hinet.net — Cisco Umbrella Rank: 80051
c8a522ee-a7fb-4437-8501-e886795b0a78.t.ssp.hinet.net
7b5615bf-1a35-455a-bdc3-f9e13f83816d.t.ssp.hinet.net
29 KB
30 appier.net
ad2.apx.appier.net — Cisco Umbrella Rank: 40715
gocm.c.appier.net — Cisco Umbrella Rank: 2208
4 KB
28 scupio.com
img.scupio.com — Cisco Umbrella Rank: 81655
bw.scupio.com — Cisco Umbrella Rank: 130847
prebid.scupio.com — Cisco Umbrella Rank: 66737
rec.scupio.com — Cisco Umbrella Rank: 133516
357 KB
26 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 728
gum.criteo.com — Cisco Umbrella Rank: 402
mug.criteo.com — Cisco Umbrella Rank: 2810
21 KB
22 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 268
339 KB
16 aralego.com
hb.aralego.com — Cisco Umbrella Rank: 19309
sync.aralego.com — Cisco Umbrella Rank: 2902
ads.aralego.com — Cisco Umbrella Rank: 32100
7 KB
10 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 528
8 KB
10 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 76
3 KB
9 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 903
eus.rubiconproject.com — Cisco Umbrella Rank: 557
token.rubiconproject.com — Cisco Umbrella Rank: 667
pixel-apac.rubiconproject.com — Cisco Umbrella Rank: 30752
22 KB
8 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 229
8 KB
8 criteo.net
static.criteo.net — Cisco Umbrella Rank: 636
272 KB
7 creativecdn.com
prebid-asia.creativecdn.com — Cisco Umbrella Rank: 18676
1 KB
6 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 9124
89 KB
6 reurl.cc
reurl.cc — Cisco Umbrella Rank: 237626
6 KB
5 google.de
www.google.de — Cisco Umbrella Rank: 6301
adservice.google.de — Cisco Umbrella Rank: 8962
2 KB
4 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 530
3 KB
4 360yield.com
match.360yield.com — Cisco Umbrella Rank: 3547
2 KB
4 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 344
1 KB
4 yahoo.com
ads.yap.yahoo.com — Cisco Umbrella Rank: 9426
geo.yahoo.com — Cisco Umbrella Rank: 1451
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 439
2 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 114
9 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 28
20 KB
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 288
2 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 727
2 KB
2 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1165
1 KB
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 573
978 B
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 191
88 KB
2 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 862
902 B
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 284
67 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 151
34 KB
2 sitemaji.com
ad.sitemaji.com — Cisco Umbrella Rank: 98484
11 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 389
54 KB
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1523
583 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 815
714 B
1 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1470
351 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 441
861 B
1 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 2825
104 B
1 alphaloan.co
blog.alphaloan.co
151 KB
1 wp.com
i0.wp.com — Cisco Umbrella Rank: 2877
220 KB
1 racingcharger.tw
img.racingcharger.tw
127 KB
1 prnasia.com
mma.prnasia.com — Cisco Umbrella Rank: 445812
25 KB
1 gbyhn.com.tw
img.gbyhn.com.tw
438 KB
1 wixstatic.com
static.wixstatic.com — Cisco Umbrella Rank: 5308
979 KB
1 creditcards.com.tw
creditcards.com.tw
42 KB
1 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 743
6 KB
1 yimg.com
s.yimg.com — Cisco Umbrella Rank: 490
30 KB
1 re-news.tw
storage.re-news.tw
6 KB
374 49
Domain Requested by
40 cdn.holmesmind.com reurl.cc
cdn.holmesmind.com
ad.holmesmind.com
32 pagead2.googlesyndication.com ads.aralego.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
reurl.cc
tpc.googlesyndication.com
googleads.g.doubleclick.net
s0.2mdn.net
www.googletagservices.com
32 t.ssp.hinet.net reurl.cc
cdn.holmesmind.com
t.ssp.hinet.net
26 cm.g.doubleclick.net 12 redirects googleads.g.doubleclick.net
reurl.cc
22 s0.2mdn.net googleads.g.doubleclick.net
reurl.cc
s0.2mdn.net
20 ad2.apx.appier.net 10 redirects reurl.cc
18 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
reurl.cc
googleads.g.doubleclick.net
pagead2.googlesyndication.com
s0.2mdn.net
15 img.scupio.com reurl.cc
img.scupio.com
12 bidder.criteo.com static.criteo.net
img.scupio.com
10 dsum-sec.casalemedia.com 6 redirects googleads.g.doubleclick.net
10 sync.aralego.com 4 redirects ads.aralego.com
reurl.cc
img.scupio.com
10 gocm.c.appier.net 10 redirects
8 ib.adnxs.com 6 redirects googleads.g.doubleclick.net
8 gum.criteo.com 4 redirects static.criteo.net
8 static.criteo.net cdn.holmesmind.com
img.scupio.com
static.criteo.net
7 prebid.scupio.com cdn.holmesmind.com
img.scupio.com
7 prebid-asia.creativecdn.com cdn.holmesmind.com
img.scupio.com
7 ad.holmesmind.com cdn.holmesmind.com
img.scupio.com
6 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
6 securepubads.g.doubleclick.net cdn.aralego.net
securepubads.g.doubleclick.net
6 cdn.aralego.net reurl.cc
ads.aralego.com
6 mug.criteo.com reurl.cc
6 www.google.com reurl.cc
tpc.googlesyndication.com
googleads.g.doubleclick.net
6 c.holmesmind.com 1 redirects cdn.holmesmind.com
reurl.cc
img.scupio.com
6 reurl.cc reurl.cc
5 c8a522ee-a7fb-4437-8501-e886795b0a78.t.ssp.hinet.net reurl.cc
t.ssp.hinet.net
5 fp.holmesmind.com cdn.holmesmind.com
5 adcdn.holmesmind.com cdn.holmesmind.com
4 sync.1rx.io 4 redirects
4 match.360yield.com 4 redirects
4 googleads4.g.doubleclick.net googleads.g.doubleclick.net
reurl.cc
4 adservice.google.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
4 adservice.google.de securepubads.g.doubleclick.net
pagead2.googlesyndication.com
4 ads.aralego.com 2 redirects ads.aralego.com
4 match.adsrvr.org img.scupio.com
googleads.g.doubleclick.net
4 eus.rubiconproject.com reurl.cc
eus.rubiconproject.com
4 bw.scupio.com img.scupio.com
ajax.googleapis.com
4 www.facebook.com reurl.cc
img.scupio.com
3 7b5615bf-1a35-455a-bdc3-f9e13f83816d.t.ssp.hinet.net cdn.holmesmind.com
t.ssp.hinet.net
reurl.cc
3 www.google-analytics.com reurl.cc
www.google-analytics.com
2 x.bidswitch.net 2 redirects
2 pm.w55c.net 2 redirects
2 sync.targeting.unrulymedia.com 2 redirects
2 pixel-sync.sitescout.com 2 redirects
2 www.googletagservices.com googleads.g.doubleclick.net
2 partner.googleadservices.com pagead2.googlesyndication.com
2 token.rubiconproject.com eus.rubiconproject.com
2 pr-bh.ybp.yahoo.com 2 redirects
2 secure-assets.rubiconproject.com 2 redirects
2 rec.scupio.com img.scupio.com
2 m.holmesmind.com cdn.holmesmind.com
2 hb.aralego.com img.scupio.com
2 ajax.googleapis.com img.scupio.com
2 connect.facebook.net reurl.cc
connect.facebook.net
2 ad.sitemaji.com reurl.cc
ad.sitemaji.com
2 cdn.jsdelivr.net reurl.cc
1 dsp.adfarm1.adition.com 1 redirects
1 um.simpli.fi 1 redirects
1 rtb.openx.net googleads.g.doubleclick.net
1 sync.mathtag.com 1 redirects
1 dclk-match.dotomi.com googleads.g.doubleclick.net
1 d0fd612faf23e498f893d32c99e1ae73.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 0342d0927e7bae31297420a867da69f0.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 pixel-apac.rubiconproject.com eus.rubiconproject.com
1 blog.alphaloan.co reurl.cc
1 i0.wp.com reurl.cc
1 img.racingcharger.tw reurl.cc
1 mma.prnasia.com reurl.cc
1 img.gbyhn.com.tw reurl.cc
1 static.wixstatic.com reurl.cc
1 creditcards.com.tw reurl.cc
1 geo.yahoo.com reurl.cc
1 ads.yap.yahoo.com s.yimg.com
1 www.google.de reurl.cc
1 stats.g.doubleclick.net www.google-analytics.com
1 fcm.holmesmind.com cdn.holmesmind.com
1 static.xx.fbcdn.net www.facebook.com
1 s.yimg.com ad.sitemaji.com
1 storage.re-news.tw reurl.cc
374 79

This site contains links to these domains. Also see Links.

Domain
re-news.tw
youtils.cc
stockinfo.tw
Subject Issuer Validity Valid
reurl.cc
R3		 2022-09-23 -
2022-12-22		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-03-21 -
2023-04-22		 a year crt.sh
*.ssp.hinet.net
 2021-10-12 -
2022-10-12		 a year crt.sh
feebee.com.tw
R3		 2022-08-23 -
2022-11-21		 3 months crt.sh
*.scupio.com
Sectigo RSA Organization Validation Secure Server CA		 2021-10-13 -
2022-11-13		 a year crt.sh
*.holmesmind.com
Go Daddy Secure Certificate Authority - G2		 2022-05-19 -
2023-06-20		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-07-09 -
2022-10-07		 3 months crt.sh
storage.re-news.tw
GTS CA 1D4		 2022-08-26 -
2022-11-24		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.api.fantasysports.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-09-05 -
2022-10-26		 2 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-01 -
2022-11-30		 3 months crt.sh
m.yap.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-07-05 -
2022-12-28		 6 months crt.sh
yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-07-12 -
2023-01-04		 6 months crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-17 -
2023-04-12		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-27 -
2022-11-22		 3 months crt.sh
tls.automattic.com
R3		 2022-09-19 -
2022-12-18		 3 months crt.sh
*.wixstatic.com
Sectigo RSA Domain Validation Secure Server CA		 2022-04-30 -
2022-10-27		 6 months crt.sh
*.gbyhn.com.tw
E1		 2022-08-04 -
2022-11-02		 3 months crt.sh
*.prnasia.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-12-08 -
2022-12-08		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-06 -
2023-08-06		 a year crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-11 -
2023-07-12		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2021-10-21 -
2022-11-20		 a year crt.sh
*.t.ssp.hinet.net
 2022-04-14 -
2023-04-14		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-17 -
2023-04-04		 a year crt.sh
*.google.de
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh

This page contains 57 frames:

Primary Page: https://reurl.cc/pMRx4x
Frame ID: 699001558EAE685B52DFDC72C58F03A6
Requests: 38 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Frame ID: 00F6BE13DDF262CD654C314253EDB547
Requests: 2 HTTP requests in this frame

Frame: https://ad.sitemaji.com/native/reurl_passback.js?s=728x90_pc
Frame ID: DBA29CE37A5A0881D1863A592E4AD871
Requests: 4 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: B8D0C6B8493A77F262EDB6AA63895F19
Requests: 5 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 71084716E1307C3B73EDA41AE4DDE252
Requests: 23 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 542F3FD20FE32A7323D2262E8DB9DCD6
Requests: 12 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 6A45C7EFF80ABFFE54A5D9155DB63B91
Requests: 21 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: D8CC54F36011514816559556CB9DFF82
Requests: 1 HTTP requests in this frame

Frame: https://img.scupio.com/html/ad.html?v=1.0.65
Frame ID: 15C74B98D02EC211386234525A5C6D70
Requests: 16 HTTP requests in this frame

Frame: https://img.scupio.com/html/ad.html?v=1.0.65
Frame ID: A7A54567DCD9DBEFF8C712DA55EC9F50
Requests: 16 HTTP requests in this frame

Frame: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=1930-jGqgaPnqwMamN1K4gQnBQ1rECvZ5GA7l&CFFPCKUUID=7131-l75Sl5nKh15ZycRKJ9nyRNgujcPY6Fff&url=https%3A%2F%2Freurl.cc%2FpMRx4x&maindomain=reurl.cc
Frame ID: 63EDB0165F29FCF66BB53AD1DABEF70B
Requests: 1 HTTP requests in this frame

Frame: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=1930-jGqgaPnqwMamN1K4gQnBQ1rECvZ5GA7l&CFFPCKUUID=7131-l75Sl5nKh15ZycRKJ9nyRNgujcPY6Fff&url=https%3A%2F%2Freurl.cc%2FpMRx4x&maindomain=reurl.cc
Frame ID: A90683F0B2DA90BD3C8811C580DE8772
Requests: 1 HTTP requests in this frame

Frame: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=1930-jGqgaPnqwMamN1K4gQnBQ1rECvZ5GA7l&CFFPCKUUID=7131-l75Sl5nKh15ZycRKJ9nyRNgujcPY6Fff&url=https%3A%2F%2Freurl.cc%2FpMRx4x&maindomain=reurl.cc
Frame ID: F19ABA0116FBFB73C43599583C41F774
Requests: 1 HTTP requests in this frame

Frame: https://img.scupio.com/js/adsbyscupio.js?v=1.0.2
Frame ID: B0DCB58EA9D4204BEA0C08A0827D381B
Requests: 2 HTTP requests in this frame

Frame: https://img.scupio.com/js/adsbyscupio.js?v=1.0.2
Frame ID: A649CF2233D685D8531BAD6861B5059A
Requests: 2 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/init.js
Frame ID: 9E5CB2C91C2A02DDFC312138BCB46706
Requests: 2 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/init.js
Frame ID: 93B114C3F050CB6FBB449EBDB0361E8D
Requests: 2 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 690C245B58CFD9673A61E50BA9A46473
Requests: 8 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 8EB7D0942B21C8069B0FF60D755AF73B
Requests: 21 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 40598D0A471A3FB77E9507CE60B32910
Requests: 8 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: B3EAD49B0D95D79E4487B698F6BF64B9
Requests: 20 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: C778CDE85D43714C3D7888FA8F2976C8
Requests: 1 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: 6C2C1AEC0E3F71F8AE4F3DEC6AB6AB9A
Requests: 1 HTTP requests in this frame

Frame: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=1930-jGqgaPnqwMamN1K4gQnBQ1rECvZ5GA7l&CFFPCKUUID=7131-l75Sl5nKh15ZycRKJ9nyRNgujcPY6Fff&url=https%3A%2F%2Freurl.cc%2FpMRx4x&maindomain=reurl.cc
Frame ID: B92A18BE4BD92CDA8A759312D5E465C1
Requests: 1 HTTP requests in this frame

Frame: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=1930-jGqgaPnqwMamN1K4gQnBQ1rECvZ5GA7l&CFFPCKUUID=7131-l75Sl5nKh15ZycRKJ9nyRNgujcPY6Fff&url=https%3A%2F%2Freurl.cc%2FpMRx4x&maindomain=reurl.cc
Frame ID: 1E68CAA159CAB3975E6A035DA9E7C564
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: ABE50F708E6D68A08EA0C373274077F1
Requests: 2 HTTP requests in this frame

Frame: https://img.scupio.com/html/ls.html
Frame ID: 0A9F20CE11CFAE17E3DC0767F06B4FFC
Requests: 1 HTTP requests in this frame

Frame: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEEkIpBQY-az4VAl9Y5ooS0Y&google_cver=1&google_ula=3918219,0
Frame ID: 9493E6A0EB6B2A8973D7B6DB6351896B
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Frame ID: 625FAD51209C2C86DB5AA581F3878707
Requests: 4 HTTP requests in this frame

Frame: https://img.scupio.com/html/ls.html
Frame ID: FE0CAF3C3ADA99EAFF7E16078F9E2BCC
Requests: 1 HTTP requests in this frame

Frame: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEEkIpBQY-az4VAl9Y5ooS0Y&google_cver=1&google_ula=3918219,0
Frame ID: E6194347B29E99001CF35F31BC97703C
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Frame ID: B0897224BA428D3BE093CAAA36B6D7F1
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: 37615B7A4A785327B56A33F6B13B9342
Requests: 2 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Frame ID: D0E59D41046BD04CA78A5810B295C7BE
Requests: 5 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Frame ID: 69D1B64F3A15E88C2A64A7CE10C5368A
Requests: 5 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: ABCAFB8DF506DD8CDAC58B5119314C15
Requests: 9 HTTP requests in this frame

Frame: https://0342d0927e7bae31297420a867da69f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=5
Frame ID: 10BD46F9C9608ECDAA932AA6D00F18A0
Requests: 1 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: AEC264409DCFE2835D766906697CB75E
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: E252447CD42AB5B419F00CB5DACC2B7F
Requests: 5 HTTP requests in this frame

Frame: https://d0fd612faf23e498f893d32c99e1ae73.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=5
Frame ID: 6B1BC82997348028F438763F66890CEF
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: FA6913DC38A4F022F85EB4B77C6C3A8C
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242783&pi=t.ma~as.2784%2F12679&w=300&lmt=1664525544&url=https%3A%2F%2Freurl.cc%2FpMRx4x&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664525544356&bpp=14&bdt=447&idt=104&shv=r20220928&mjsv=m202209280101&ptt=5&saldr=sa&correlator=8564256091718&frm=23&ife=1&pv=2&ga_vid=697224600.1664525541&ga_sid=1664525544&ga_hid=1569809238&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=185496731&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44760912%2C31070010%2C31069564&oid=2&pvsid=3021857933724103&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ecnxqulzd6eg&fsb=1&dtd=123
Frame ID: 7D8F41F0324DDEA89EEF66C3A17202BB
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242782&pi=t.ma~as.2784%2F13801&w=300&lmt=1664525544&url=https%3A%2F%2Freurl.cc%2FpMRx4x&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664525544380&bpp=15&bdt=490&idt=131&shv=r20220928&mjsv=m202209260101&ptt=5&saldr=sa&correlator=8564256091718&frm=23&ife=1&pv=1&ga_vid=697224600.1664525541&ga_sid=1664525545&ga_hid=1898908164&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=4137765006&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44770881%2C31067826&oid=2&pvsid=3002605275570105&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.6whtjf7nbbic&fsb=1&dtd=148
Frame ID: 994F2FF7D3D88C40EECB4226E5E738C4
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 095893DAC484038FBB3630CD0A994641
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1F2FC9B1BDD74B1445A4CF564EFD8D46
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9F988627F54D672477C13E2917F8BF2D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CFA9DF02466D0CDBD3DAF7176095356F
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGK6lmMcBMAE&v=APEucNWBO2VSf9bVjseWjE_CAlpVqmn670rCI1mL37hiX3vTs4Q3kxUBA40Ok9Xg0e3J6VuFWJ33HIoVQLDsxNANV0HrIqKwEOaifkYNm1pUN5uS1whWxLLQvySAufVTmvJse8k9IVXj4k5tX1HzMqLbt4YLdYD8cBq6TF4A71LthkM226447qM
Frame ID: B39A4433490C70CAA08D5039FB9F4C47
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COCGGxD2waYCGImE28sBMAE&v=APEucNUf3UyAhzDg34JW07gWXSmePpy7WCb0pET71veHNcIgHDZ93sW4fqyp2plyEEpHC-aKAw21q3cbtPtQzqZSuLh8UjCDmBdKQpMwFS59adlhvmD1Bfx3OM2IZmoDUGjKzEarUq6h4W0je_O8kPUO56ygcSP7WHt6-0NVhTtGIA_KseGlQD8
Frame ID: E6A6CD0E09CC099A677B9EC132012387
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 61B099948423E3C0823635EF26280B8E
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D2493805DADB6AEADE263D5A5222E08B
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B50AB62D3CE71F5AA4FACB3F281B2710
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F4C92DD663ED148B4C0B3E14A5AA9CE9
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/5958565599956564489/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Frame ID: F4812476207838D0F3EB6DBF1CFB66F4
Requests: 20 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7D6E439D1B4EB512D018884CC55721C2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 201F3D3AC9854D26677354AE606A8949
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js
Frame ID: 87C7D267E14167C5C44F736503DC7F7D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

縮短網址產生器 - reurl

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/vue(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

374
Requests

89 %
HTTPS

40 %
IPv6

49
Domains

79
Subdomains

63
IPs

12
Countries

4661 kB
Transfer

8299 kB
Size

54
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28
  • https://c.holmesmind.com/cm HTTP 302
  • https://c.holmesmind.com/cm?tc=getIn&
Request Chain 59
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=9nh6OJwEBKuE6HMR5qQ2Yw
Request Chain 62
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=obw3lK6-DlCVgVP15qQ2Yw
Request Chain 100
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=FEhmR3qfCUGec3Bc5qQ2Yw
Request Chain 101
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=oIaPGrwfB22zpdaT5qQ2Yw
Request Chain 145
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=829572-s9wC6KRrJOJv5cMKI3qOOipmMcGOQf3J&uu_m=undefined HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm=&cf_uid=829572-s9wC6KRrJOJv5cMKI3qOOipmMcGOQf3J&uu_m=undefined&google_tc= HTTP 302
  • https://m.holmesmind.com/ml/google?cf_uid=829572-s9wC6KRrJOJv5cMKI3qOOipmMcGOQf3J&uu_m=undefined&google_gid=CAESEJvZouQVM9eK4N40D_pUGrE&google_cver=1
Request Chain 149
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=829572-s9wC6KRrJOJv5cMKI3qOOipmMcGOQf3J&uu_m=undefined HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm=&cf_uid=829572-s9wC6KRrJOJv5cMKI3qOOipmMcGOQf3J&uu_m=undefined&google_tc= HTTP 302
  • https://m.holmesmind.com/ml/google?cf_uid=829572-s9wC6KRrJOJv5cMKI3qOOipmMcGOQf3J&uu_m=undefined&google_gid=CAESEPkFdV6XdPl5nXNHKVL9svg&google_cver=1
Request Chain 169
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=obw3lK6-DlCVgVP15qQ2Yw
Request Chain 171
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=obw3lK6-DlCVgVP15qQ2Yw
Request Chain 172
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=obw3lK6-DlCVgVP15qQ2Yw
Request Chain 173
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=obw3lK6-DlCVgVP15qQ2Yw
Request Chain 174
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=obw3lK6-DlCVgVP15qQ2Yw
Request Chain 175
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=obw3lK6-DlCVgVP15qQ2Yw
Request Chain 196
  • https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q0hBMjAyMjA5MzAxNjEyMjIzODk5MQ%3d%3d&layout=js HTTP 302
  • https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEEkIpBQY-az4VAl9Y5ooS0Y&google_cver=1&google_ula=3918219,0
Request Chain 197
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Request Chain 199
  • https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CHA2022093016122238991 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/3302a3d5-f0ed-3d90-bb38-484021093cb2?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-pq08_K9E2oWeGKLLlSju5aj6IQGfJN1m58euPbY-~A&redirect= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Request Chain 201
  • https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q1pBMjAyMjA5MzAxNjEyMjM5NTc4ODI%3d&layout=js HTTP 302
  • https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEEkIpBQY-az4VAl9Y5ooS0Y&google_cver=1&google_ula=3918219,0
Request Chain 202
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Request Chain 204
  • https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CZA20220930161223957882 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/3302a3d5-f0ed-3d90-bb38-484021093cb2?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-vVgJ.0FE2oXY5FiF883LkdHRt4fjTB3i.oZbKPI-~A&redirect= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Request Chain 209
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=riD66nxVZm5tUFdQL3NGS3l6ZFUrdzhrNjQzaDFBT3dQSFh1d1ZjSE1ndGFVTmEvTm5IcXM0Ty82R2NIZW4xZDhLYWdmUFI2UU8vU0NpTzVUZnJINHZhU3ZCTXN0OVlHUzR4NWZmMjZhWEJmak1NVkM1VjNTaHFmbHV6V1JtbUpleGV5RXV3cVIzY1kzTFYvUEFIMXl1aktYL0JCOWsvUlZCNTVFZW1yRXJvV1NWL2FNWDZROW53VFVtY0JKMjc2VU9pcDVzNFlLT0ZMczY2ZVVnZWNsR3BVM2pFOStKUWw3Yk9iaXBtUG8zNmpxMHIyeGE2NmZpRldLKzFVcFU0cFFURkJPa3Njb290RjJXVXZxNFFLUUFIeEU2L1ZjcGsra3dQUFpkak1Oc3UwMkYvdz18&cppv=2
Request Chain 212
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=kUYNdnx0ZSttLzFKcHBTTnJiVC9BdXZsWTBaK3RwSjZOSHEya3NESy9yRlpDUzhDd0kvM1BvK1dLeGUzQVY5SG5zNTVPU3p5S2x1VmVWSzZYV2xWRzV3WWVMVnR0dXVjaVhVeE5KSU9oMkxROFN0TkZjQWNieklFT0MrZFpiWGF4V21vZVB2YUwyeEsvUGI4ZmNRc0VyTGZJWkJWQTlleGxOdGswalhWT0JFWHVwMFNxcGUrZ3JmV2xjNU16ZkxSVmk5d0NhR1NqRFM1WEVBQ2RQZWRTK3ZOVUZBdkNLQTRvVk13dWpnUW5CNVB6cGQ2UVMwWWJ3dDlkOC9Oay81c2pBN3Rwa3lJYUVUTXVmSzlnNWRKTzVIMWUyQUx3Zml4Y0ZMdFVVNEFJemV5U3pLQT18&cppv=2
Request Chain 213
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Request Chain 214
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Request Chain 286
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENeTiW485ki0BPQxSoYhk20&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENeTiW485ki0BPQxSoYhk20&google_cver=1&C=1
Request Chain 287
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yzak6Cr5vkJRVBzHhc-wEwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENeTiW485ki0BPQxSoYhk20&google_cver=1
Request Chain 288
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELeq3fOZL9Jq6eTZdOaH6-E&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELeq3fOZL9Jq6eTZdOaH6-E%26google_cver%3D1
Request Chain 289
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjE2NzA2MTk5MTU1MzczNjE2NQ%3D%3D
Request Chain 290
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENeTiW485ki0BPQxSoYhk20&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENeTiW485ki0BPQxSoYhk20&google_cver=1&C=1
Request Chain 291
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yzak6Cr5vkJRVBzHhc-wEwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENeTiW485ki0BPQxSoYhk20&google_cver=1
Request Chain 292
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELeq3fOZL9Jq6eTZdOaH6-E&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELeq3fOZL9Jq6eTZdOaH6-E%26google_cver%3D1
Request Chain 293
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjE2NzA2MTk5MTU1MzczNjE2NQ%3D%3D
Request Chain 309
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESENvYlBv-xcUjMbMLVF6lcDY&google_cver=1&google_push=AZmPxg-b4vLlu0SqI505jlQZaSM7j556-WzlbDTiSb9XmxbaraBurnIYsF6lXroW8tlMVSHDyNVTHaMdQN5w5J4vVMjtNSoJw-M HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg-b4vLlu0SqI505jlQZaSM7j556-WzlbDTiSb9XmxbaraBurnIYsF6lXroW8tlMVSHDyNVTHaMdQN5w5J4vVMjtNSoJw-M
Request Chain 311
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEK2SvgWGTKiv4YJ5TxczFAM&google_cver=1&google_push=AZmPxg-Wjo0z-bHcyI2XCdq_iXTD5aK1L7JQwfV-NxOip9TC2E4h8tu8HQKt9R82ztZ2KoLDblIXq8tiOgHCqyOpDyV1LOdz5yAt HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=8&google_gid=CAESEK2SvgWGTKiv4YJ5TxczFAM&google_cver=1&google_push=AZmPxg-Wjo0z-bHcyI2XCdq_iXTD5aK1L7JQwfV-NxOip9TC2E4h8tu8HQKt9R82ztZ2KoLDblIXq8tiOgHCqyOpDyV1LOdz5yAt HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=8Fpg2SriQPymIiuLPoOEhmM2pOk
Request Chain 313
  • https://match.360yield.com/match/ebda?google_gid=CAESEHVPaIcPXnBRGi1F0yfKFck&google_cver=1&google_push=AZmPxg8sVRiRa3PtNGdxl5T_OKxll-_ZofequiZFxUyCunKvfZ4Ga9K80s1NhN5-4gs7u33_0zqxiLmVgHLzbGt0bj5lZdqiyrO6 HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEHVPaIcPXnBRGi1F0yfKFck&google_cver=1&google_push=AZmPxg8sVRiRa3PtNGdxl5T_OKxll-_ZofequiZFxUyCunKvfZ4Ga9K80s1NhN5-4gs7u33_0zqxiLmVgHLzbGt0bj5lZdqiyrO6 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=NcGQ0NFSTEizGNSfg-8Vmg&google_push=AZmPxg8sVRiRa3PtNGdxl5T_OKxll-_ZofequiZFxUyCunKvfZ4Ga9K80s1NhN5-4gs7u33_0zqxiLmVgHLzbGt0bj5lZdqiyrO6
Request Chain 314
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEE7uhdDoL0rCQ1esM6pTjHs&google_cver=1&google_push=AZmPxg9GDttM2Zxv0_nJsRPeAF0IIajIEs1TvPtgpnFKcEJUOxqIFrI4zI45slgjmakQSaf3cZSuFC0MKw_0FP-J0j5Kc3qGZew HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AZmPxg9GDttM2Zxv0_nJsRPeAF0IIajIEs1TvPtgpnFKcEJUOxqIFrI4zI45slgjmakQSaf3cZSuFC0MKw_0FP-J0j5Kc3qGZew&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1664525545157 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-5eb3f4d8-4565-4507-937c-479325d5a50c-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAZmPxg9GDttM2Zxv0_nJsRPeAF0IIajIEs1TvPtgpnFKcEJUOxqIFrI4zI45slgjmakQSaf3cZSuFC0MKw_0FP-J0j5Kc3qGZew%26google_hm%3DA16z9NhFZUUHk3xHkyXVpQw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg9GDttM2Zxv0_nJsRPeAF0IIajIEs1TvPtgpnFKcEJUOxqIFrI4zI45slgjmakQSaf3cZSuFC0MKw_0FP-J0j5Kc3qGZew&google_hm=A16z9NhFZUUHk3xHkyXVpQw
Request Chain 317
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=5vrpbXx5SzZvTkt1b0ZwNTlkelRlZVdsOUlPQTRFOUJUU3ZHUUdXSmdaTDRkTHBLMitrczFhR3JRWlJuOE5VZXQ2Z2dMS2EzVE5KVGo1TU5wMWhtN3VBa1UyV0Ywd1JHUnVUbnYrWFZkWmFTbE1uYjZNSHFaWGw4WHFKUjRkZDZ5OEgyUlFkMlNFVk9NNDJJeXNsTXJhN3JQcTdRZG5KTTd1Y3p2Q2ZRdUlCNzVQRlFqOC9JQ1d1WmgxZVBVSVc4K1NRWmZ0dGlEQ044VVFJMUFSWkRHckN5aTB5ZCs3UU5yQm9zVFBaZ3NVWTdUSnpnSWVGemZqc0gxR3J6QzQ0clI3d29RbTdLbGRWbVhuNk4wZ2tMb2NkVVlocUQzVkxreXZkSENhb2RCZzhRRFNmaz18&cppv=2
Request Chain 322
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEIPAPu9S5L9GWq-vZRbL7ho&google_cver=1&google_push=AZmPxg_DV_ROEKi3tUuZqunzOV7T6M6jl1djaplLPTsjF8S84bHbbJ-47mAHCvPkzW319UWJx8TpYyIicPx2v_ikDzKs10ETr3Gi HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEIPAPu9S5L9GWq-vZRbL7ho&google_cver=1&google_push=AZmPxg_DV_ROEKi3tUuZqunzOV7T6M6jl1djaplLPTsjF8S84bHbbJ-47mAHCvPkzW319UWJx8TpYyIicPx2v_ikDzKs10ETr3Gi HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MjA0elUyeXIxT0ViOGQ1&google_gid=CAESEIPAPu9S5L9GWq-vZRbL7ho&google_cver=1&google_push=AZmPxg_DV_ROEKi3tUuZqunzOV7T6M6jl1djaplLPTsjF8S84bHbbJ-47mAHCvPkzW319UWJx8TpYyIicPx2v_ikDzKs10ETr3Gi
Request Chain 323
  • https://um.simpli.fi/gp_match?google_gid=CAESEDr5x2OyDLUDPl53rA0zNDo&google_cver=1&google_push=AZmPxg_yVesaM1GTbFHfnLfaVDuTzXgWnreX4IAeEHUWVu5PRRRBpR2eGwEyWQogxDRkGOprBkRXAOmXux6n99ynQUhxnvGB2zdx HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2CD3AE38F7C144C2A581515C44B950B5&google_push=AZmPxg_yVesaM1GTbFHfnLfaVDuTzXgWnreX4IAeEHUWVu5PRRRBpR2eGwEyWQogxDRkGOprBkRXAOmXux6n99ynQUhxnvGB2zdx
Request Chain 325
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEORcKqcwHaGPg_1BfRHql7c&google_cver=1&google_push=AZmPxg_zMMrtBJLPIC3uvmcnUXxYUDU9BYeM21kDWglU-ttT8yOITs9CDip9OT05SiQYC4y-OljJUfQfRUZcNwEpUm3f58gnG9g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE0OTA4Mjc3OTEzNzUzODE5NQ%3D%3D&google_push=AZmPxg_zMMrtBJLPIC3uvmcnUXxYUDU9BYeM21kDWglU-ttT8yOITs9CDip9OT05SiQYC4y-OljJUfQfRUZcNwEpUm3f58gnG9g
Request Chain 326
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESED1aAm7gyVctDZ7uQz5MaSs&google_cver=1&google_push=AZmPxg9c4IIJeu62qzA0-DMS6tghoEQMYjoqdlg5rB8TdFVyKol08Kk8ihwOK91-LCVMckn_wmmGO4yRSTZNM0pNKUjRw1hRtlQ HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESED1aAm7gyVctDZ7uQz5MaSs&google_cver=1&google_push=AZmPxg9c4IIJeu62qzA0-DMS6tghoEQMYjoqdlg5rB8TdFVyKol08Kk8ihwOK91-LCVMckn_wmmGO4yRSTZNM0pNKUjRw1hRtlQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg9c4IIJeu62qzA0-DMS6tghoEQMYjoqdlg5rB8TdFVyKol08Kk8ihwOK91-LCVMckn_wmmGO4yRSTZNM0pNKUjRw1hRtlQ&google_hm=mpgFpajzQn-n0jP2cyq-jw==
Request Chain 327
  • https://match.360yield.com/match/ebda?google_gid=CAESEHVPaIcPXnBRGi1F0yfKFck&google_cver=1&google_push=AZmPxg8kOhIsHNM5Q3-fF2kq1GsJR9kfjKlssCaR6lmWG9HD-BmZde_BgrdhCiTfMr27Us2XVUffoO3FWkn2SEtShJw1FzWJ68Ow HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEHVPaIcPXnBRGi1F0yfKFck&google_cver=1&google_push=AZmPxg8kOhIsHNM5Q3-fF2kq1GsJR9kfjKlssCaR6lmWG9HD-BmZde_BgrdhCiTfMr27Us2XVUffoO3FWkn2SEtShJw1FzWJ68Ow HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=NcGQ0NFSTEizGNSfg-8Vmg&google_push=AZmPxg8kOhIsHNM5Q3-fF2kq1GsJR9kfjKlssCaR6lmWG9HD-BmZde_BgrdhCiTfMr27Us2XVUffoO3FWkn2SEtShJw1FzWJ68Ow
Request Chain 328
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEE7uhdDoL0rCQ1esM6pTjHs&google_cver=1&google_push=AZmPxg-E3KBYQVMV6qzhYSK63xsBT-YzbU0DunwxHDo7c1fhNDVjFDtrRDRR8VIujT8J3dI7MK1la0L1tk_GL-9JEVQvaXezAsmV HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AZmPxg-E3KBYQVMV6qzhYSK63xsBT-YzbU0DunwxHDo7c1fhNDVjFDtrRDRR8VIujT8J3dI7MK1la0L1tk_GL-9JEVQvaXezAsmV&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1664525545157 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-5eb3f4d8-4565-4507-937c-479325d5a50c-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAZmPxg-E3KBYQVMV6qzhYSK63xsBT-YzbU0DunwxHDo7c1fhNDVjFDtrRDRR8VIujT8J3dI7MK1la0L1tk_GL-9JEVQvaXezAsmV%26google_hm%3DA16z9NhFZUUHk3xHkyXVpQw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg-E3KBYQVMV6qzhYSK63xsBT-YzbU0DunwxHDo7c1fhNDVjFDtrRDRR8VIujT8J3dI7MK1la0L1tk_GL-9JEVQvaXezAsmV&google_hm=A16z9NhFZUUHk3xHkyXVpQw
Request Chain 334
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=EQaFM3wyei9NNzhXMzJUeGFyRkVUMlhFTDF5M2lWUFd3ZUdJOGhMVVFMdzZzd2JNNGFweHA4SjFWRldoK3lzWDlCazA2QUUwUFg3aHljbEZwRG1mRDFNaC9mNGV6YkFQZUxsRVZoSkdoSlB6VVJIU0xWZmlnemhOT2p1K1Rqc1hqV3FvcW5MZFB2eVdkSXR2cE9qMFV6bnI0Q2VEemM5bWJOeVBGcWF5eXZlSlF4eHpuTDV5bVNkdlZPajdOcWxDUFZEZ2xOZ2JONnhJSHkzUk1RRGJSN2EyS0h0ZSs2UFlTTERuclVuampqb29HNW9jOXJ2ZEZkMXA5ajR5RTBoNHUyZHFiRHk3OU5CUFM0N0JCMTdHaDB3aGtqN1c5cHdMaWViTVpvZW83S3ltcjFyWT18&cppv=2

374 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request pMRx4x
reurl.cc/ 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/pMRx4x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
8403aab754a9cfba5d122568666dd158c2b9fde155059ee4042b9b1e3b4c4eb3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 30 Sep 2022 08:12:19 GMT
server
nginx/1.18.0 (Ubuntu)
target
https://jistki.com
vary
Accept-Encoding
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/ 		152 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/bootstrap.min.css
Requested by
Host: reurl.cc
URL: https://reurl.cc/pMRx4x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 30 Sep 2022 08:12:20 GMT
x-content-type-options
nosniff
content-encoding
gzip
age
1491724
x-jsd-version
4.3.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
23235
x-served-by
cache-fra19141-FRA, cache-hhn4041-HHN
x-jsd-version-type
version
etag
W/"2606e-bhA1SChFSJj9qA9V897LNH/Z7SE"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
style.css
reurl.cc/stylesheets/rwd/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/stylesheets/rwd/style.css?v=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/pMRx4x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
749079c4e18ad34ac381e98d3fa23e070937ae17b73e27bb066eae5350ed667d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/pMRx4x
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:20 GMT
content-encoding
gzip
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"63356adf-9f6"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
expires
Sat, 30 Sep 2023 08:12:20 GMT
pixel.js
reurl.cc/javascripts/ 		470 B
559 B 		Script
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/javascripts/pixel.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/pMRx4x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
6e9ab8ab1d57a0695a66577e348ae4343e1a92f70cb4835a52c4863f11114037

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/pMRx4x
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:20 GMT
content-encoding
gzip
last-modified
Sun, 08 Aug 2021 17:07:38 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"61100f5a-1d6"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
expires
Sat, 30 Sep 2023 08:12:20 GMT
utag.js
t.ssp.hinet.net/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/pMRx4x
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:21 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 06:51:32 GMT
server
nginx
etag
W/"62de3d74-134a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Fri, 30 Sep 2022 08:22:21 GMT
ysm_reurl.js
ad.sitemaji.com/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.sitemaji.com/ysm_reurl.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/pMRx4x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.215.186.35.bc.googleusercontent.com
Software
nginx/1.12.1 (Ubuntu) /
Resource Hash
8290d97b04510b940ddca9f2aea802eaafb36fc7a8f52e4466ed2b77db35c632

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 12:42:49 GMT
content-encoding
br
via
1.1 google
last-modified
Thu, 20 Jun 2019 08:55:05 GMT
server
nginx/1.12.1 (Ubuntu)
age
70171
etag
W/"5d0b49e9-4488"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5880
expires
Fri, 30 Sep 2022 12:42:49 GMT
ad.js
img.scupio.com/js/ 		76 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/ad.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/pMRx4x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.219.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-219-8.ams54.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
0b7c985fafda17e8085fb6ba1cc58444ae9aad39a3f721a627db9e64d4491cea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:11:26 GMT
content-encoding
gzip
via
1.1 4fa61644a4cc2dfcb32e66f7e29f0076.cloudfront.net (CloudFront)
last-modified
Mon, 19 Sep 2022 02:16:55 GMT
server
nginx/1.12.1
x-amz-cf-pop
AMS54-C1
age
65
etag
W/"6327d117-12f95"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=900
x-amz-cf-id
Cn3XIb_TQ5KZdukupdEwKZGRtQ0oFyMfM19mliOL3YQojmB9tJkEDA==
expires
Fri, 30 Sep 2022 08:26:15 GMT
init.js
cdn.holmesmind.com/js/ 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/pMRx4x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:8200:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-amz-version-id
UdwMmUAM2dmZqopCO7YOeMhqjXQRxqvB
date
Fri, 30 Sep 2022 08:11:59 GMT
via
1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified
Fri, 04 Mar 2022 10:10:49 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
22
etag
"439e160b698f1ec2efb45c3b6cd6b265"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
6552
x-amz-cf-id
k2tAPM96IEZz3z70KkE00dMQ4kFEOlSGCjJkh_hy27nguSU9zNlSaA==
vue.min.js
cdn.jsdelivr.net/npm/vue@2.5.16/dist/ 		84 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/vue@2.5.16/dist/vue.min.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/pMRx4x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 30 Sep 2022 08:12:20 GMT
x-content-type-options
nosniff
content-encoding
gzip
age
889086
x-jsd-version
2.5.16
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
31634
x-served-by
cache-fra19175-FRA, cache-hhn4041-HHN
x-jsd-version-type
version
etag
W/"151b4-KLsckeN7U/TrtIzkgtzLJAAD4Hg"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
renews.js
reurl.cc/javascripts/ 		698 B
561 B 		Script
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/javascripts/renews.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/pMRx4x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
12e46b645dde5408be7fc6f4ce9647addac5d09c5f27dc8e3ffe9e07e6c9a935

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/pMRx4x
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:20 GMT
content-encoding
gzip
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"63356adf-2ba"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
expires
Sat, 30 Sep 2023 08:12:20 GMT
loading.js
reurl.cc/javascripts/ 		240 B
370 B 		Script
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/javascripts/loading.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/pMRx4x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
25355805f44af99037c6b951f9afd762f5fd74eb126aba4b2f82cafa563c0f90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/pMRx4x
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:20 GMT
content-encoding
gzip
last-modified
Sun, 08 Aug 2021 17:07:38 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"61100f5a-f0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
expires
Sat, 30 Sep 2023 08:12:20 GMT
ga2.js
reurl.cc/javascripts/ 		618 B
588 B 		Script
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/javascripts/ga2.js?v=2
Requested by
Host: reurl.cc
URL: https://reurl.cc/pMRx4x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
9c8c0ac19964706e18280f35973180a896d74c52c760c2d7047d6a94c1329a6f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/pMRx4x
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:20 GMT
content-encoding
gzip
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"63356adf-26a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
expires
Sat, 30 Sep 2023 08:12:20 GMT
fbevents.js
connect.facebook.net/en_US/ 		101 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/javascripts/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 30 Sep 2022 08:12:20 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26840
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
tqH95w7dUna9Ear2wWF/fG4IE53FV16SW+VVYoMErHWqfRBN7bxgya7XUF7byLB4705nezeGy8FVxHOfU8BDUg==
x-fb-trip-id
917726464
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
page.php
www.facebook.com/plugins/ Frame 00F6 		15 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Requested by
Host: reurl.cc
URL: https://reurl.cc/pMRx4x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6cd0f2763e32559668d4e53ef9f590845d486bb72d5a240c6fa082ed7b389748
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
date
Fri, 30 Sep 2022 08:12:20 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
hYzB/2y+6mFu6I9UEdRgRT3/gmMK1c5ExPKieAnPfv6T0QZ33UWtwCvcKVdLyTW+1apYImNJrmH23pWjLtPjOw==
x-fb-rlafr
0
x-xss-protection
0
feeds
storage.re-news.tw/ 		6 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://storage.re-news.tw/feeds
Requested by
Host: reurl.cc
URL: https://reurl.cc/javascripts/renews.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.196.223 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
223.196.244.35.bc.googleusercontent.com
Software
/ Express
Resource Hash
a99ec75522caf93bb77147885f95a529dedfd129a1739a6224c78a8dd7019de5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:20 GMT
via
1.1 google
x-powered-by
Express
etag
W/"172d-oIr45p7Q+kXoddHwa68aWp+qBMU"
vary
Origin
content-type
text/html; charset=utf-8
access-control-allow-origin
https://reurl.cc
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5933
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/javascripts/ga2.js?v=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 30 Sep 2022 07:15:57 GMT
last-modified
Sun, 11 Sep 2022 13:50:09 GMT
server
Golfe2
age
3383
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19826
expires
Fri, 30 Sep 2022 09:15:57 GMT
reurl_passback.js
ad.sitemaji.com/native/ Frame DBA2 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.sitemaji.com/native/reurl_passback.js?s=728x90_pc
Requested by
Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_reurl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.215.186.35.bc.googleusercontent.com
Software
nginx/1.12.1 (Ubuntu) /
Resource Hash
9106df425157d837db9798b2b26f25f27f9a4e803f2fb0b2851c88492bec14fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 13:27:29 GMT
content-encoding
br
via
1.1 google
last-modified
Thu, 29 Aug 2019 10:21:02 GMT
server
nginx/1.12.1 (Ubuntu)
age
67491
etag
W/"5d67a70e-3bbe"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5256
expires
Fri, 30 Sep 2022 13:27:29 GMT
1675200226052423
connect.facebook.net/signals/config/ 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1675200226052423?v=2.9.84&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
601ee3b6c89032b8db78375d06c726c00d44ba3c19a793accb43713616c0a20f
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 30 Sep 2022 08:12:20 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
7345
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
JcGvkf5EPDEtNBJuGtISMRxlvgdWkiV4jUpSqrOy1CRCjhvMKjPPvbPCWUZMjHOWf2Po6YxuteqrEimBqlACug==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
capmapping.htm
cdn.holmesmind.com/js/ Frame B8D0 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:8200:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cc37fba2e98f49c4d9551f72176d3aff72eacd798e5e85436837847e6b967c36

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
36
content-length
4730
content-type
text/html
date
Fri, 30 Sep 2022 08:11:50 GMT
etag
"c36f5eb091d6195fe8b68f3b263f999b"
last-modified
Mon, 22 Aug 2022 03:00:17 GMT
server
AmazonS3
via
1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
x-amz-cf-id
3y35rELANpjsF6kd2fSfeXr9OJ7_l5GJRrFKOwBRjEkNpBPpSFKYSQ==
x-amz-cf-pop
FRA56-P2
x-amz-version-id
9jVaRQ2pP3sbT47ouwg8zArcPp2ddVmt
x-cache
Hit from cloudfront
edmp_init.js
cdn.holmesmind.com/js/ 		662 B
1013 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/edmp_init.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:8200:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 30 Sep 2022 08:12:10 GMT
via
1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified
Fri, 12 Mar 2021 02:45:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
11
etag
"f58f8a90686f8ffb3325107e8a788b71"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
662
x-amz-cf-id
S6DoyoMzOdEcIuNT_dwfXNWLADe3G9Ns98hfwmyh5uM5J2qWa1_aYg==
presetfn.js
cdn.holmesmind.com/js/ Frame 7108 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:8200:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
83a37c9bbe8dae0a71e95a0e6401bd5d9576a2b0e35295e640c2d807f9b4424e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-amz-version-id
QFAcVwN57aO_RWKPah9bVgfaw1eby0J0
date
Fri, 30 Sep 2022 08:12:07 GMT
via
1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified
Mon, 22 Aug 2022 03:00:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
14
etag
"ddf163a3d8381378b3e35e39339ad7ab"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
9530
x-amz-cf-id
oICeZz2Uu3gnoG591OvAIcCBVLYz9-hBq6A-Bi-Gu3BRzfLNkLoZkg==
presetfn.js
cdn.holmesmind.com/js/ Frame 542F 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:8200:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
83a37c9bbe8dae0a71e95a0e6401bd5d9576a2b0e35295e640c2d807f9b4424e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-amz-version-id
QFAcVwN57aO_RWKPah9bVgfaw1eby0J0
date
Fri, 30 Sep 2022 08:12:07 GMT
via
1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified
Mon, 22 Aug 2022 03:00:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
14
etag
"ddf163a3d8381378b3e35e39339ad7ab"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
9530
x-amz-cf-id
Dv8z5MlDpt8-0FhkM_kADP1utFYwAoJ9Owmc-Ht-WbP2I_v51wBkag==
presetfn.js
cdn.holmesmind.com/js/ Frame 6A45 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:8200:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
83a37c9bbe8dae0a71e95a0e6401bd5d9576a2b0e35295e640c2d807f9b4424e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-amz-version-id
QFAcVwN57aO_RWKPah9bVgfaw1eby0J0
date
Fri, 30 Sep 2022 08:12:07 GMT
via
1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified
Mon, 22 Aug 2022 03:00:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
14
etag
"ddf163a3d8381378b3e35e39339ad7ab"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
9530
x-amz-cf-id
Yp34Zt5bbQ5gy-Sm0AURX7-M2uBkVBH1-_23bXpZ6aNYsdwQP2MZ3w==
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j97&a=10816141&t=pageview&_s=1&dl=https%3A%2F%2Freurl.cc%2FpMRx4x&ul=en-us&de=UTF-8&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1526958204&gjid=797401064&cid=697224600.1664525541&tid=UA-102456694-1&_gid=1867703573.1664525541&_r=1&_slc=1&z=395405933
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 30 Sep 2022 08:12:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j97&a=10816141&t=event&_s=2&dl=https%3A%2F%2Freurl.cc%2FpMRx4x&ul=en-us&de=UTF-8&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=pause&ea=3&el=MTM4LjE5OS4zOC4xMzI&ev=1&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=697224600.1664525541&tid=UA-102456694-1&_gid=1867703573.1664525541&z=486102383
Requested by
Host: reurl.cc
URL: https://reurl.cc/pMRx4x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Sep 2022 16:27:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
56706
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
native.js
s.yimg.com/dy/ads/ Frame DBA2 		78 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/dy/ads/native.js
Requested by
Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/native/reurl_passback.js?s=728x90_pc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),
Reverse DNS
Software
ATS /
Resource Hash
a19902458ab4a5513642a87b381b9183a2fc725849b581fd953e22d824d1c5a7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:08:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000
x-amz-request-id
VD27TP827TJFBZNJ
age
223
x-amz-server-side-encryption
AES256
x-amz-id-2
zyIeOxvd8apIWt4OObHUy0MqUXG1rr8s0crAOV3Tb7VCOYgedO1HuL3q8Zrd2zLnaMQLnLrBowM=
x-amzn-internal-status
304
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 08 Feb 2022 12:02:57 GMT
server
ATS
etag
"7e002e241fddeeb8dd76383206c47a3d-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
accept-ranges
bytes
b0FVkc4yrql.css
static.xx.fbcdn.net/rsrc.php/v3/yh/l/0,cross/ Frame 00F6 		21 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yh/l/0,cross/b0FVkc4yrql.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4ba9f71f94dd3ed2cfeb67bf7f428bd2a2dac31dcd62806805887fcf0c6f2412
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:20 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
XTjZfPb1U9n5S8CeTOIuow==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
5199
x-fb-rlafr
0
x-fb-debug
pmbbinLLgzWx9uyHJJP3P155K3TDK4F9psaapoE76IXStWjKBMMCKIuC4qNujDIAhq+LYksgBFiFars9HFRbFg==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Fri, 29 Sep 2023 15:24:15 GMT
cm.php
fcm.holmesmind.com/ Frame D8CC 		332 B
482 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fcm.holmesmind.com/cm.php
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.67.231 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
8128514a9917b6dcdf20f7ee24d6b00a27b2a6aa0f971acb988f358f25ac4005

Request headers

Referer
https://cdn.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
content-type
text/html; charset=UTF-8
date
Fri, 30 Sep 2022 08:12:26 GMT
referrer-policy
no-referrer
utag.js
t.ssp.hinet.net/ Frame B8D0 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:21 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 06:51:32 GMT
server
nginx
etag
W/"62de3d74-134a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Fri, 30 Sep 2022 08:22:21 GMT
cm
c.holmesmind.com/ Frame B8D0
Redirect Chain
  • https://c.holmesmind.com/cm
  • https://c.holmesmind.com/cm?tc=getIn&
0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm?tc=getIn&
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H3
Server
35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:20 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8

Redirect headers

location
https://c.holmesmind.com/cm?tc=getIn&
date
Fri, 30 Sep 2022 08:12:20 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
Preset.js
adcdn.holmesmind.com/adserver/ Frame 7108 		756 B
689 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adcdn.holmesmind.com/adserver/Preset.js?z=13847
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2368:5000:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ce1e17725c0565bbdb0d7342bd669fea135d89a610c5f1c9ae7d0eed5e118267

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:11:51 GMT
content-encoding
gzip
via
1.1 da638d87f8ab43a61f74ca34a51fd8b8.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
HEL51-P1
age
29
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
x-amz-cf-id
f8ZxR8wSpr_SV6U-pyV0LTaf_0_Mtlix05Djcvd4gG5G8OTvXgGPRQ==
collect
stats.g.doubleclick.net/j/ 		4 B
437 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-102456694-1&cid=697224600.1664525541&jid=1526958204&gjid=797401064&_gid=1867703573.1664525541&_u=IEBAAEAAAAAAAC~&z=1311681653
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 30 Sep 2022 08:12:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1675200226052423&ev=PageView&dl=https%3A%2F%2Freurl.cc%2FpMRx4x&rl=&if=false&ts=1664525540579&sw=1600&sh=1200&v=2.9.84&r=stable&ec=0&o=28&fbp=fb.1.1664525540578.1744440238&it=1664525540430&coo=false&rqm=GET
Requested by
Host: reurl.cc
URL: https://reurl.cc/pMRx4x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 30 Sep 2022 08:12:20 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
priority
u=3,i
17229.json
img.scupio.com/js/config/ 		461 B
869 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/config/17229.json?v=1.0.3839
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.219.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-219-8.ams54.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
3e25ee4fd42b9c3dd0c88da6b82c290f14eb50e640691a0b46e159bc6e27e294

Request headers

Accept
application/json, text/javascript, */*
Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 30 Sep 2022 08:12:20 GMT
via
1.1 c149c6b8a4d6f497cac6f2d9e9e6be40.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS54-C1
age
29
x-cache
Hit from cloudfront
content-length
461
last-modified
Fri, 30 Sep 2022 02:20:46 GMT
server
nginx/1.12.1
etag
"6336527e-1cd"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=10800
accept-ranges
bytes
x-amz-cf-id
7lY9vgcVcHht0jYdNMaZsFZLasZ_T4k78LAmR-PidfkjoQeKftifkA==
expires
Fri, 30 Sep 2022 11:11:51 GMT
adreqlog.aspx
bw.scupio.com/adpinline/ 		0
711 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bw.scupio.com/adpinline/adreqlog.aspx?cid=17229&cb=0.914012125858144
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.180 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*
Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Fri, 30 Sep 2022 08:12:20 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
application/json
Access-Control-Allow-Origin
https://reurl.cc
P3P
CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control
private
Access-Control-Allow-Credentials
true
Content-Length
0
ad.html
img.scupio.com/html/ Frame 15C7 		83 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/html/ad.html?v=1.0.65
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.219.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-219-8.ams54.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
f670c1ad9fafff4387b4474fda0e68b090c975ddc416cf9f2aa64f50e1a4077c

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2164
cache-control
max-age=2592000
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 30 Sep 2022 07:36:37 GMT
etag
W/"62fdf772-14d93"
expires
Sun, 30 Oct 2022 07:36:16 GMT
last-modified
Thu, 18 Aug 2022 08:25:22 GMT
server
nginx/1.12.1
vary
Origin
via
1.1 4fa61644a4cc2dfcb32e66f7e29f0076.cloudfront.net (CloudFront)
x-amz-cf-id
EfvR7FSHIqbZXAlNc84YOWQ1B7cvGlxAQFm3r2ia2xE_2K7pmEFe-w==
x-amz-cf-pop
AMS54-C1
x-cache
Hit from cloudfront
17253.json
img.scupio.com/js/config/ 		461 B
869 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/config/17253.json?v=1.0.3839
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.219.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-219-8.ams54.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
7e44db14ad0b623e7662bf53489cbe60df557cd579eb47aeebdce630e83ba6e9

Request headers

Accept
application/json, text/javascript, */*
Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 30 Sep 2022 08:12:20 GMT
via
1.1 c149c6b8a4d6f497cac6f2d9e9e6be40.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS54-C1
age
225
x-cache
Hit from cloudfront
content-length
461
last-modified
Fri, 30 Sep 2022 02:20:46 GMT
server
nginx/1.12.1
etag
"6336527e-1cd"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=10800
accept-ranges
bytes
x-amz-cf-id
5NTom3FcvhsLdtsjwOISVUsX30SJlCrytGPxGC5cNTJbb_QVY5pBhw==
expires
Fri, 30 Sep 2022 11:08:35 GMT
adreqlog.aspx
bw.scupio.com/adpinline/ 		0
711 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bw.scupio.com/adpinline/adreqlog.aspx?cid=17253&cb=0.5324092598567964
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.180 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*
Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Fri, 30 Sep 2022 08:12:20 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
application/json
Access-Control-Allow-Origin
https://reurl.cc
P3P
CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control
private
Access-Control-Allow-Credentials
true
Content-Length
0
ad.html
img.scupio.com/html/ Frame A7A5 		83 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/html/ad.html?v=1.0.65
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.219.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-219-8.ams54.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
f670c1ad9fafff4387b4474fda0e68b090c975ddc416cf9f2aa64f50e1a4077c

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2164
cache-control
max-age=2592000
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 30 Sep 2022 07:36:37 GMT
etag
W/"62fdf772-14d93"
expires
Sun, 30 Oct 2022 07:36:16 GMT
last-modified
Thu, 18 Aug 2022 08:25:22 GMT
server
nginx/1.12.1
vary
Origin
via
1.1 4fa61644a4cc2dfcb32e66f7e29f0076.cloudfront.net (CloudFront)
x-amz-cf-id
P7Kg04B47KmkHFW_Gd-atIBxYIUSkLH4ZZfLXnHNTUYLAoJoXm5jgg==
x-amz-cf-pop
AMS54-C1
x-cache
Hit from cloudfront
Preset.js
adcdn.holmesmind.com/adserver/ Frame 542F 		575 B
642 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adcdn.holmesmind.com/adserver/Preset.js?z=13856
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2368:5000:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
22d4fe7a41e1b5ac442faeccace387a6e59c4f056bc35b71f1b65cf42e7a6721

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:11:51 GMT
content-encoding
gzip
via
1.1 da638d87f8ab43a61f74ca34a51fd8b8.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
HEL51-P1
age
29
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
x-amz-cf-id
BmXp1DwOQhNrgFZbsF31civjIrohje86wikRoxmUHPzS_Nn5U_rWwA==
Preset.js
adcdn.holmesmind.com/adserver/ Frame 6A45 		760 B
693 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adcdn.holmesmind.com/adserver/Preset.js?z=13848
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2368:5000:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
8f85e51a2f3c094fe6816857f185ca3f81647b4a74c6b06dd0df82e1d7455771

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:11:51 GMT
content-encoding
gzip
via
1.1 da638d87f8ab43a61f74ca34a51fd8b8.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
HEL51-P1
age
29
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
x-amz-cf-id
LJIZnk_vVJwHNBxKKE4uVR49svupyhci3AvXtqbPY1rv-pw3GsHUaw==
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame 15C7 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:804::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 07:02:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4204
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33951
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Sep 2023 07:02:16 GMT
prebid.js
img.scupio.com/js/ Frame 15C7 		236 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/prebid.js?v=5.20.0
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.219.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-219-8.ams54.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
97a8ac3778e546a6f181085011be6050889e44dd212ac3e9782389f0b853c23d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/html/ad.html?v=1.0.65
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:07:52 GMT
content-encoding
gzip
via
1.1 4fa61644a4cc2dfcb32e66f7e29f0076.cloudfront.net (CloudFront)
last-modified
Tue, 28 Jun 2022 05:54:43 GMT
server
nginx/1.12.1
x-amz-cf-pop
AMS54-C1
age
271
etag
W/"62ba97a3-3b047"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
x-amz-cf-id
FYzBZaV3CcbK2J9WDyL8r2XkjMa_bi-HINyyCNFIgDJf8sVn4RkSIg==
expires
Sun, 30 Oct 2022 08:07:49 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame A7A5 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:804::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 07:02:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4204
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33951
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Sep 2023 07:02:16 GMT
prebid.js
img.scupio.com/js/ Frame A7A5 		236 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/prebid.js?v=5.20.0
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.219.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-219-8.ams54.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
97a8ac3778e546a6f181085011be6050889e44dd212ac3e9782389f0b853c23d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/html/ad.html?v=1.0.65
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:07:52 GMT
content-encoding
gzip
via
1.1 4fa61644a4cc2dfcb32e66f7e29f0076.cloudfront.net (CloudFront)
last-modified
Tue, 28 Jun 2022 05:54:43 GMT
server
nginx/1.12.1
x-amz-cf-pop
AMS54-C1
age
271
etag
W/"62ba97a3-3b047"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
x-amz-cf-id
k3qOW4iG4vOFmXhPWul4wUBX8a6GZ6OASaAlAF22C55qv6nYQY8Yow==
expires
Sun, 30 Oct 2022 08:07:49 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-102456694-1&cid=697224600.1664525541&jid=1526958204&_u=IEBAAEAAAAAAAC~&z=2126369085
Requested by
Host: reurl.cc
URL: https://reurl.cc/pMRx4x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Sep 2022 08:12:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-102456694-1&cid=697224600.1664525541&jid=1526958204&_u=IEBAAEAAAAAAAC~&z=2126369085
Requested by
Host: reurl.cc
URL: https://reurl.cc/pMRx4x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Sep 2022 08:12:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads.js
ad.holmesmind.com/adserver/ Frame 6A45 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=13848&rf=https%3A%2F%2Freurl.cc%2FpMRx4x&n=8&o=1&d=1&b=2&ts=1&ii=3&FPCK=7131-l75Sl5nKh15ZycRKJ9nyRNgujcPY6Fff&initver=210830P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.68.234.1 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-68-234-1.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
3ad815e2a0469395554c5dbdc363f489dc23ba6f484217a9b89a93d5ad633d57

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Fri, 30 Sep 2022 08:12:21 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame 6A45 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:8200:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 30 Sep 2022 08:12:00 GMT
via
1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:10 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
25
etag
"6a605eea47197fa280f27aaf1fa1521d"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2773
x-amz-cf-id
ja2nMArjrtDuKNQXQ7JWBtR8X2PnmdXOo_pNI5z1eRiSlFsotoWYow==
publishertag.js
static.criteo.net/js/ld/ Frame 6A45 		121 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
e78c5380563a8a078ca08254718d91472579bdcd61e6b34b1dfacb0f786ed213
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:20 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Sat, 17 Sep 2022 19:59:55 GMT
server
nginx
etag
W/"6326273b-1e2be"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 01 Oct 2022 08:12:20 GMT
criteoV2.js
cdn.holmesmind.com/js/ Frame 6A45 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:8200:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 30 Sep 2022 08:12:00 GMT
via
1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:12 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
23
etag
"e8f33fcb581483ced4a09b3c8e7550e4"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2443
x-amz-cf-id
r-CsbJ8s0gIcvO4Dpqn5lP-ztNB_WT8ldhWVxnG0Hn79wK8_zNJpxg==
bridgewellV3.js
cdn.holmesmind.com/js/ Frame 6A45 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:8200:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 30 Sep 2022 08:12:00 GMT
via
1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified
Tue, 20 Apr 2021 06:25:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
28
etag
"c3b948e5a48dd0ec20c265d6d8da7add"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
4530
x-amz-cf-id
szQtgqX5aRw8zEhxuV7Pghe3JKRQEpH7wHG2p1s7AUIepUyrNstnww==
appierV2.js
cdn.holmesmind.com/js/ Frame 6A45 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:8200:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 30 Sep 2022 08:11:30 GMT
via
1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified
Thu, 11 Mar 2021 07:54:26 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
51
etag
"548ed610a8571343fb3022f543174735"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3177
x-amz-cf-id
kXgvQiXgAc0pBxPmHCqj4u5fVjqxaD-GUZdCc-2H8VmT0ieHNATQ7w==
appier_mainV3.js
cdn.holmesmind.com/js/ Frame 6A45 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:8200:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cb559970e468315ee6536be649b06177402e61e08f44baf23dcea086050081a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-amz-version-id
MdWeC1SPZeIh9xSqjXjlj3abPqMhnJfk
date
Fri, 30 Sep 2022 08:12:00 GMT
via
1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified
Wed, 28 Sep 2022 02:19:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
28
etag
"8e1b46b18b195f6e1856d4e020014a8e"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
5541
x-amz-cf-id
BljXj7PP0P9J-bTVCjQZg8b_CVae6zWpCgjfjgBa_udF3rQqvX_f2w==
ads.js
ad.holmesmind.com/adserver/ Frame 542F 		2 KB
1001 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=13856&rf=https%3A%2F%2Freurl.cc%2FpMRx4x&n=277&o=1&d=1&b=2&ts=1&ii=3&FPCK=7131-l75Sl5nKh15ZycRKJ9nyRNgujcPY6Fff&initver=210830P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.68.234.1 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-68-234-1.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
26c7117cc5174fc7f607e0c9139290593452e5db4ac76129af7d671f16fdad9a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Fri, 30 Sep 2022 08:12:21 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame 542F 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:8200:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 30 Sep 2022 08:12:00 GMT
via
1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:10 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
25
etag
"6a605eea47197fa280f27aaf1fa1521d"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2773
x-amz-cf-id
iRNl-wlWYy0w1SnlZFGu6O5e5IMkfF84nY_9emZj05sh_aIU-FLRKA==
appierV2.js
cdn.holmesmind.com/js/ Frame 542F 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:8200:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 30 Sep 2022 08:11:30 GMT
via
1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified
Thu, 11 Mar 2021 07:54:26 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
51
etag
"548ed610a8571343fb3022f543174735"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3177
x-amz-cf-id
5TC6Wq4aQWnVl1sn7WgAK90PM0Yw9H-BQikdgnOhmq-ZkGgtkOpIHw==
getAds.do
ads.yap.yahoo.com/nosdk/wj/v1/ Frame DBA2 		290 B
486 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?locale=en_US&agentVersion=205&adTrackingEnabled=true&adUnitCode=64d289b9-de9a-443b-a2c0-d45680807e46&apiKey=M2G62KV2NBNXKBPVHWQN&usp=&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Freurl.cc%2FpMRx4x&caps=16&cb=jsonpCallback0
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.82.100.146 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
media-router-flurry71.prod.media.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
f7a8e9ba173126956cea416f7d8039002d47e39abd29f782ac164884ed216c5e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:21 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Accept-Encoding, User-Agent
content-type
application/javascript; charset=UTF-8
b
geo.yahoo.com/ Frame DBA2 		43 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geo.yahoo.com/b?t=xhkd7&9sdk8454
Requested by
Host: reurl.cc
URL: https://reurl.cc/pMRx4x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Sep 2022 08:12:21 GMT
strict-transport-security
max-age=31536000
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type
image/gif
p3p
policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control
no-cache, no-store, private
x-envoy-upstream-service-time
1
content-length
43
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame 6A45 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Fri, 30 Sep 2022 08:12:21 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
bid
ad2.apx.appier.net/v1/prebid/ Frame 6A45
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=9nh6OJwEBKuE6HMR5qQ2Yw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=9nh6OJwEBKuE6HMR5qQ2Yw
Requested by
Host: reurl.cc
URL: https://reurl.cc/pMRx4x
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:22 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Fri, 30 Sep 2022 08:12:22 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=9nh6OJwEBKuE6HMR5qQ2Yw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame 542F 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Fri, 30 Sep 2022 08:12:21 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid.aspx
prebid.scupio.com/recweb/ Frame 6A45 		0
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.8830480473519062
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.181 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 30 Sep 2022 08:12:20 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
text/html
Access-Control-Allow-Origin
https://reurl.cc
Cache-Control
private
Access-Control-Allow-Credentials
true
bid
ad2.apx.appier.net/v1/prebid/ Frame 6A45
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=obw3lK6-DlCVgVP15qQ2Yw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=obw3lK6-DlCVgVP15qQ2Yw
Requested by
Host: reurl.cc
URL: https://reurl.cc/pMRx4x
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:23 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Fri, 30 Sep 2022 08:12:22 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=obw3lK6-DlCVgVP15qQ2Yw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
ads.js
ad.holmesmind.com/adserver/ Frame 7108 		0
215 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=13847&rf=https%3A%2F%2Freurl.cc%2FpMRx4x&n=754&o=1&d=1&b=2&ts=1&ii=3&FPCK=7131-l75Sl5nKh15ZycRKJ9nyRNgujcPY6Fff&initver=210830P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.68.234.1 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-68-234-1.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Fri, 30 Sep 2022 08:12:21 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame 7108 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:8200:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 30 Sep 2022 08:12:00 GMT
via
1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:10 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
26
etag
"6a605eea47197fa280f27aaf1fa1521d"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2773
x-amz-cf-id
_Nw0tECQcN958z99cWEOhhLKPL92lgWas63BunHTWT4zHoh0UJOXog==
publishertag.js
static.criteo.net/js/ld/ Frame 7108 		121 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
e78c5380563a8a078ca08254718d91472579bdcd61e6b34b1dfacb0f786ed213
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:21 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Sat, 17 Sep 2022 19:59:55 GMT
server
nginx
etag
W/"6326273b-1e2be"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 01 Oct 2022 08:12:21 GMT
criteoV2.js
cdn.holmesmind.com/js/ Frame 7108 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:8200:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 30 Sep 2022 08:12:00 GMT
via
1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:12 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
24
etag
"e8f33fcb581483ced4a09b3c8e7550e4"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2443
x-amz-cf-id
VfNBk7KNgb-4rbK6Axg3BBCTxBe5XUcB1hWcfoeXIZ2r-qVZoHKAmQ==
bridgewellV3.js
cdn.holmesmind.com/js/ Frame 7108 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:8200:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 30 Sep 2022 08:12:00 GMT
via
1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified
Tue, 20 Apr 2021 06:25:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
29
etag
"c3b948e5a48dd0ec20c265d6d8da7add"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
4530
x-amz-cf-id
A7iV79rMeM8hPz9qofTWP2YSlPGJ3Ax30A4iopj_IXOH6fD7XDeYUA==
appierV2.js
cdn.holmesmind.com/js/ Frame 7108 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:8200:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 30 Sep 2022 08:11:30 GMT
via
1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified
Thu, 11 Mar 2021 07:54:26 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
52
etag
"548ed610a8571343fb3022f543174735"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3177
x-amz-cf-id
loDq1LGRt5H8NcIm8bFyo39ucETn6pllR4AvOOPRbjACKY6Ze2EOjw==
appier_mainV3.js
cdn.holmesmind.com/js/ Frame 7108 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:8200:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cb559970e468315ee6536be649b06177402e61e08f44baf23dcea086050081a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-amz-version-id
MdWeC1SPZeIh9xSqjXjlj3abPqMhnJfk
date
Fri, 30 Sep 2022 08:12:00 GMT
via
1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified
Wed, 28 Sep 2022 02:19:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
29
etag
"8e1b46b18b195f6e1856d4e020014a8e"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
5541
x-amz-cf-id
cPimy_pOdrjFYVKrNrV_RwvkBQHOInwCGqwPdx1eG6D1xOxyxs9TIQ==
cdb
bidder.criteo.com/ Frame 6A45 		177 B
426 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=130&profileId=184&cb=16519935855
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
cd4a6d8ec8af2e2b8cdc5ab4c1459d28a533054c24154872206ebb9a0a692912
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 30 Sep 2022 08:12:20 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
163
Disney-Plus-%E5%83%B9%E6%A0%BC%E5%84%AA%E6%83%A0%E4%BB%8B%E7%B4%B9%EF%BC%8C%E9%AB%98%E5%9B%9E%E9%A5%8B%E4%BF%A1%E7%94%A8%E5%8D%A1%E6%8E%A8%E8%96%A6-1080x630.jpg
creditcards.com.tw/wp-content/uploads/2021/11/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creditcards.com.tw/wp-content/uploads/2021/11/Disney-Plus-%E5%83%B9%E6%A0%BC%E5%84%AA%E6%83%A0%E4%BB%8B%E7%B4%B9%EF%BC%8C%E9%AB%98%E5%9B%9E%E9%A5%8B%E4%BF%A1%E7%94%A8%E5%8D%A1%E6%8E%A8%E8%96%A6-1080x630.jpg?crop=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/pMRx4x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.135 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
44de4925b7fdfd5d0844a144ce7c0d4e0373939c4d33e576c408b3f8715a6f25
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-ac
2.hhn _atomic_ams BYPASS
content-length
42264
x-nc
HIT bur 1
last-modified
Fri, 04 Feb 2022 00:48:40 GMT
server
nginx
etag
"3354f67e17f3eed8"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
expires
Sun, 04 Feb 2024 12:48:40 GMT
file.png
static.wixstatic.com/media/8d2acb_a70e33dbf569492da4ee50aad95882a8~mv2.jpg/v1/fit/w_1000,h_720,al_c,q_80/ 		978 KB
979 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.wixstatic.com/media/8d2acb_a70e33dbf569492da4ee50aad95882a8~mv2.jpg/v1/fit/w_1000,h_720,al_c,q_80/file.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/pMRx4x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.176.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
152.176.102.34.bc.googleusercontent.com
Software
openresty/1.21.4.1 /
Resource Hash
62b1f0416c870a765b275a92d20b350ba2697d40004df32d8684d0ecbee11cad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 04:06:36 GMT
via
1.1 google
server
openresty/1.21.4.1
age
14745
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1001218
wix-tracer
2FTKmydjVDOU4deHKi69WB4MafX
x-seen-by
image-manipulator-5cdc794f79-wj8bb
1664498784-96d5d1bb948ad099d4c4fe77ef2944c1-840x525.png
img.gbyhn.com.tw/2022/09/ 		437 KB
438 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.gbyhn.com.tw/2022/09/1664498784-96d5d1bb948ad099d4c4fe77ef2944c1-840x525.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/pMRx4x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b85b761da9d25eeb0443fd8198695a49c10bcf41d8170f01df90259041298aaa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:21 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
23179
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
447439
last-modified
Fri, 30 Sep 2022 00:46:27 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A65Ry0kdD9%2Bhhd%2F0Sbr8YewE%2FKX3oZcdjapw%2FNXAsJkxluNT2uIAxcIQTrGbvblKAuI5f%2FzG%2FlidQN2tosPFBxas4sOZKDMaxRLqNE%2BGCym1xABJuiI6w8pPv4hVXmwq7sBwQwz7HeqgabIusONB"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
752b7e39bbe19a2d-FRA
expires
Fri, 07 Oct 2022 00:47:57 GMT
ibm_logo.jpg
mma.prnasia.com/media2/95470/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mma.prnasia.com/media2/95470/ibm_logo.jpg?p=medium600
Requested by
Host: reurl.cc
URL: https://reurl.cc/pMRx4x
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:fc04 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
4cfb2fc5725c2717da03dfd1f68847cfd3e194b6aac29bb4630ebedf242a76eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:21 GMT
cf-cache-status
HIT
age
62310
x-powered-by
ASP.NET
server-timing
intid;desc=840781dfcd45f9b2
content-length
25167
cf-bgj
h2pri
last-modified
Thu, 29 Sep 2022 14:53:50 GMT
server
cloudflare
vary
*, Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=1
accept-ranges
bytes
cf-ray
752b7e393f7cbbc7-FRA
access-control-allow-headers
Content-Type
expires
Thu, 29 Sep 2022 14:53:51 GMT
2022082607033680.jpg
img.racingcharger.tw/wp-content/uploads/ 		127 KB
127 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.racingcharger.tw/wp-content/uploads/2022082607033680.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/pMRx4x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7720852704e8bce1aec7b9756d9051be8392a85b53fabd923442208e8031001

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:21 GMT
cf-cache-status
HIT
last-modified
Fri, 26 Aug 2022 07:03:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
9218
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1OHMYjkNHK7zcEnFfJGyubX%2FTN0WNVxbigWuROf%2B0tkhs%2BVAOc59Zw8icmM7lUBpSA28OT%2BRqkqQPwnzOysatI4X%2FdcgM%2F%2BZiqlDo2Ppnf26GSB%2Bc8OQ6ZmCEl3FdOMKbWLjJkoi5txEUUrAcPi57UDf5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
752b7e3c0ec59b2d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
129575
img_8717-1-scaled.jpg
i0.wp.com/golike.tw/wp-content/uploads/2022/09/ 		219 KB
220 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/golike.tw/wp-content/uploads/2022/09/img_8717-1-scaled.jpg?fit=2560%2C1920&ssl=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/pMRx4x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
36faf3fe37ff5fdf4a6b58f6f6ed14fec6843d05b1b243054466a72d19cdc51a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Fri, 30 Sep 2022 08:12:21 GMT
x-content-type-options
nosniff
last-modified
Mon, 26 Sep 2022 09:13:47 GMT
server
nginx
etag
"70de2f31a2590ed6"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://golike.tw/wp-content/uploads/2022/09/img_8717-1-scaled.jpg>; rel="canonical"
content-length
224544
expires
Wed, 25 Sep 2024 21:13:47 GMT
%E8%A9%B2%E5%A6%82%E4%BD%95%E6%8A%95%E8%B3%87%E8%87%AA%E5%B7%B1%EF%BC%9F-.jpg
blog.alphaloan.co/wp-content/uploads/2022/09/ 		151 KB
151 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.alphaloan.co/wp-content/uploads/2022/09/%E8%A9%B2%E5%A6%82%E4%BD%95%E6%8A%95%E8%B3%87%E8%87%AA%E5%B7%B1%EF%BC%9F-.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/pMRx4x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.236 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
7ae2f5b5d641c02de5d3222990df1b555a4a41f06b0eedac42b7f5e984454769
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:21 GMT
strict-transport-security
max-age=31536000
x-ac
2.hhn _atomic_ams BYPASS
last-modified
Thu, 01 Sep 2022 07:11:29 GMT
server
nginx
etag
"63105b21-25a43"
access-control-allow-methods
GET, HEAD
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
154179
expires
Fri, 07 Oct 2022 08:12:21 GMT
landing.php
fp.holmesmind.com/ Frame 63ED 		0
82 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=1930-jGqgaPnqwMamN1K4gQnBQ1rECvZ5GA7l&CFFPCKUUID=7131-l75Sl5nKh15ZycRKJ9nyRNgujcPY6Fff&url=https%3A%2F%2Freurl.cc%2FpMRx4x&maindomain=reurl.cc
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.219.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
39.219.117.34.bc.googleusercontent.com
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
x-requested-with,content-type
access-control-allow-methods
*
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 30 Sep 2022 08:12:21 GMT
server
nginx/1.20.0
vary
Accept-Encoding
via
1.1 google
utag.js
t.ssp.hinet.net/ Frame 6A45 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:21 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 06:51:32 GMT
server
nginx
etag
W/"62de3d74-134a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Fri, 30 Sep 2022 08:22:21 GMT
landing.php
fp.holmesmind.com/ Frame A906 		0
249 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=1930-jGqgaPnqwMamN1K4gQnBQ1rECvZ5GA7l&CFFPCKUUID=7131-l75Sl5nKh15ZycRKJ9nyRNgujcPY6Fff&url=https%3A%2F%2Freurl.cc%2FpMRx4x&maindomain=reurl.cc
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.219.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
39.219.117.34.bc.googleusercontent.com
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
x-requested-with,content-type
access-control-allow-methods
*
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 30 Sep 2022 08:12:21 GMT
server
nginx/1.20.0
vary
Accept-Encoding
via
1.1 google
utag.js
t.ssp.hinet.net/ Frame 542F 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:21 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 06:51:32 GMT
server
nginx
etag
W/"62de3d74-134a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Fri, 30 Sep 2022 08:22:21 GMT
currency.json
img.scupio.com/js/config/ Frame 15C7 		108 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/config/currency.json
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.219.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-219-8.ams54.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
2580afa638fc441b047207ff013a641307c3f71124de626dd0aaab1fe2fb8ef7

Request headers

Referer
https://img.scupio.com/html/ad.html?v=1.0.65
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 30 Sep 2022 08:09:00 GMT
via
1.1 4fa61644a4cc2dfcb32e66f7e29f0076.cloudfront.net (CloudFront)
last-modified
Thu, 29 Sep 2022 19:15:04 GMT
server
nginx/1.12.1
x-amz-cf-pop
AMS54-C1
age
201
etag
"6335eeb8-6c"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/json
cache-control
max-age=10800
accept-ranges
bytes
content-length
108
x-amz-cf-id
kBi5H0LU6jeo0es1qFe2szPHEVVW3Y94KcsNuT7UadXPCySEVJfBsw==
expires
Fri, 30 Sep 2022 11:09:00 GMT
currency.json
img.scupio.com/js/config/ Frame A7A5 		108 B
496 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/config/currency.json
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.219.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-219-8.ams54.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
2580afa638fc441b047207ff013a641307c3f71124de626dd0aaab1fe2fb8ef7

Request headers

Referer
https://img.scupio.com/html/ad.html?v=1.0.65
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 30 Sep 2022 08:09:00 GMT
via
1.1 4fa61644a4cc2dfcb32e66f7e29f0076.cloudfront.net (CloudFront)
last-modified
Thu, 29 Sep 2022 19:15:04 GMT
server
nginx/1.12.1
x-amz-cf-pop
AMS54-C1
age
201
etag
"6335eeb8-6c"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/json
cache-control
max-age=10800
accept-ranges
bytes
content-length
108
x-amz-cf-id
2ecKB5lyWrwH1tnkL0hRZyi7EnCFJRZPkNmCnBVPdT_Ls8_HperAKw==
expires
Fri, 30 Sep 2022 11:09:00 GMT
prebid.json
ad.holmesmind.com/adserver/ Frame 15C7 		0
218 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/prebid.json?cb=1664525541249&hb=1&ver=1.21
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.68.234.1 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-68-234-1.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://img.scupio.com
date
Fri, 30 Sep 2022 08:12:21 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
prebid.aspx
prebid.scupio.com/recweb/ Frame 15C7 		0
285 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.07714171825938743
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.181 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 30 Sep 2022 08:12:20 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
text/html
Access-Control-Allow-Origin
https://img.scupio.com
Cache-Control
private
Access-Control-Allow-Credentials
true
header
hb.aralego.com/ Frame 15C7 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-6272B749823AD3B6FE98336EBDD2A34A&tdid=&schain=1.0%2C1!scupio.com%2C4808%2C1%2C%2C%2C&eids=&pubcid=febcb7f3-2e0b-4d12-a177-6e282d62ce12&u=https%3A%2F%2Freurl.cc%2FpMRx4x&host=reurl.cc&xr=0&ao=https%3A%2F%2Freurl.cc&ucfUid=53282420-c8ac-40e8-bddd-1490f63564ee&w=300&h=250
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.200.41 Washington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://img.scupio.com
Date
Fri, 30 Sep 2022 08:12:21 GMT
Access-Control-Allow-Credentials
true
Connection
close
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame 15C7 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://img.scupio.com
date
Fri, 30 Sep 2022 08:12:21 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
cdb
bidder.criteo.com/ Frame 15C7 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.21.0-pre&cb=13657555201
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 30 Sep 2022 08:12:21 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://img.scupio.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
prebid.aspx
prebid.scupio.com/recweb/ Frame A7A5 		0
285 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.9376230991498398
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.181 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 30 Sep 2022 08:12:21 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
text/html
Access-Control-Allow-Origin
https://img.scupio.com
Cache-Control
private
Access-Control-Allow-Credentials
true
cdb
bidder.criteo.com/ Frame A7A5 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.21.0-pre&cb=70468055278
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 30 Sep 2022 08:12:20 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://img.scupio.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame A7A5 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://img.scupio.com
date
Fri, 30 Sep 2022 08:12:21 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid.json
ad.holmesmind.com/adserver/ Frame A7A5 		0
218 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/prebid.json?cb=1664525541318&hb=1&ver=1.21
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.68.234.1 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-68-234-1.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://img.scupio.com
date
Fri, 30 Sep 2022 08:12:21 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
header
hb.aralego.com/ Frame A7A5 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-9A2A7263E9EB6DA9F4EB86E487B8648A&tdid=&schain=1.0%2C1!scupio.com%2C4808%2C1%2C%2C%2C&eids=&pubcid=febcb7f3-2e0b-4d12-a177-6e282d62ce12&u=https%3A%2F%2Freurl.cc%2FpMRx4x&host=reurl.cc&xr=0&ao=https%3A%2F%2Freurl.cc&ucfUid=0116fd77-e8cc-4204-b67a-2c7dd353ca0c&w=970&h=250
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.200.41 Washington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://img.scupio.com
Date
Fri, 30 Sep 2022 08:12:21 GMT
Access-Control-Allow-Credentials
true
Connection
close
events
bidder.criteo.com/csm/ Frame 6A45 		0
209 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 30 Sep 2022 08:12:21 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
landing.php
fp.holmesmind.com/ Frame F19A 		0
82 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=1930-jGqgaPnqwMamN1K4gQnBQ1rECvZ5GA7l&CFFPCKUUID=7131-l75Sl5nKh15ZycRKJ9nyRNgujcPY6Fff&url=https%3A%2F%2Freurl.cc%2FpMRx4x&maindomain=reurl.cc
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.219.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
39.219.117.34.bc.googleusercontent.com
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
x-requested-with,content-type
access-control-allow-methods
*
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 30 Sep 2022 08:12:21 GMT
server
nginx/1.20.0
vary
Accept-Encoding
via
1.1 google
utag.js
t.ssp.hinet.net/ Frame 7108 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:21 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 06:51:32 GMT
server
nginx
etag
W/"62de3d74-134a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Fri, 30 Sep 2022 08:22:21 GMT
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame 7108 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Fri, 30 Sep 2022 08:12:21 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid.aspx
prebid.scupio.com/recweb/ Frame 7108 		0
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.8658740042492004
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.181 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 30 Sep 2022 08:12:21 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
text/html
Access-Control-Allow-Origin
https://reurl.cc
Cache-Control
private
Access-Control-Allow-Credentials
true
prebid.aspx
prebid.scupio.com/recweb/ Frame 7108 		0
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.4721519327384802
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.181 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 30 Sep 2022 08:12:21 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
text/html
Access-Control-Allow-Origin
https://reurl.cc
Cache-Control
private
Access-Control-Allow-Credentials
true
bid
ad2.apx.appier.net/v1/prebid/ Frame 7108
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=FEhmR3qfCUGec3Bc5qQ2Yw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=FEhmR3qfCUGec3Bc5qQ2Yw
Requested by
Host: reurl.cc
URL: https://reurl.cc/pMRx4x
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:22 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Fri, 30 Sep 2022 08:12:22 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=FEhmR3qfCUGec3Bc5qQ2Yw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame 7108
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=oIaPGrwfB22zpdaT5qQ2Yw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=oIaPGrwfB22zpdaT5qQ2Yw
Requested by
Host: reurl.cc
URL: https://reurl.cc/pMRx4x
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:22 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Fri, 30 Sep 2022 08:12:22 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=oIaPGrwfB22zpdaT5qQ2Yw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
cdb
bidder.criteo.com/ Frame 7108 		177 B
424 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=130&profileId=184&cb=22579512188
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
29899339f0c91437b73d895f3ad5c3cf5042ba1a9f9165c5d2e56f1c87b2626b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 30 Sep 2022 08:12:20 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
162
cdb
bidder.criteo.com/ Frame 7108 		177 B
424 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=130&profileId=184&cb=32856943741
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
9723aedcc6c8f5f287e40b8d74da3d8c3f500ecbcabfc1b12b5a930cc96dfbe3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 30 Sep 2022 08:12:21 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
162
/
t.ssp.hinet.net/ 		37 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
4364f1bf10762c235fd85e3e26d00cd7c84b767e28ce2816ffcf2f4d7b6de1cf
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:21 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
/
t.ssp.hinet.net/ Frame B8D0 		37 B
409 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
21f78ead9deceb0b94c3991d73f75d593f1c05cc3e6324eab58434177bbd1561
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:21 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
/
t.ssp.hinet.net/ Frame 6A45 		37 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
ae4685e3574d3a89cb76db8e67ad6c70be7433d348d99b04410406e814600dee
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:21 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
drawV2.js
cdn.holmesmind.com/js/ Frame 6A45 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13848&rf=https%3A%2F%2Freurl.cc%2FpMRx4x&n=8&o=1&d=1&b=2&ts=1&ii=3&FPCK=7131-l75Sl5nKh15ZycRKJ9nyRNgujcPY6Fff&initver=210830P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:8200:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 30 Sep 2022 08:11:30 GMT
via
1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified
Fri, 16 Oct 2020 09:58:46 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
52
etag
"84d8b1a745228113e60f5e62f0eff6d3"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
10359
x-amz-cf-id
KI8fY4Gv065AaXlMtGNv4DK6xOIoiNjhkoyr8R-oIzchZXBdNiVXhg==
drawV2.js
cdn.holmesmind.com/js/ Frame 542F 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13856&rf=https%3A%2F%2Freurl.cc%2FpMRx4x&n=277&o=1&d=1&b=2&ts=1&ii=3&FPCK=7131-l75Sl5nKh15ZycRKJ9nyRNgujcPY6Fff&initver=210830P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:8200:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 30 Sep 2022 08:11:30 GMT
via
1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified
Fri, 16 Oct 2020 09:58:46 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
52
etag
"84d8b1a745228113e60f5e62f0eff6d3"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
10359
x-amz-cf-id
lSuPy62r17VxOsvKQvydHDZnlqMan1OqqChM-QHw8YCHAZUlA1y55Q==
events
bidder.criteo.com/csm/ Frame 7108 		0
209 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 30 Sep 2022 08:12:21 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
events
bidder.criteo.com/csm/ Frame 7108 		0
209 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 30 Sep 2022 08:12:21 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
/
t.ssp.hinet.net/ Frame 542F 		37 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
ec5392b0cfae1e9da875ec4e3da58729772508fe5584dbbf5f4d98d5a7161842
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:21 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
/
t.ssp.hinet.net/ Frame 7108 		37 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
3e192246e720d2e29f8317a78010c8ab4e44b8c5e7980202134ead85526153cf
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:21 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
emome2
t.ssp.hinet.net/ 		30 B
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=c8a522ee-a7fb-4437-8501-e886795b0a78
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:22 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
emome2
t.ssp.hinet.net/ Frame B8D0 		30 B
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=51092a0b-79b1-4635-bfe8-a87f9fe05b8a
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:22 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
emome2
t.ssp.hinet.net/ Frame 6A45 		30 B
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=c8a522ee-a7fb-4437-8501-e886795b0a78
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:22 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
emome2
t.ssp.hinet.net/ Frame 542F 		30 B
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=c8a522ee-a7fb-4437-8501-e886795b0a78
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:22 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
emome2
t.ssp.hinet.net/ Frame 7108 		30 B
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=c8a522ee-a7fb-4437-8501-e886795b0a78
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:22 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
adsbyscupio.js
img.scupio.com/js/ Frame B0DC 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/adsbyscupio.js?v=1.0.2
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.219.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-219-8.ams54.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
d7fc505653c3573f9bccca93a33e2ed14bd8b4586bdeca9180225dab01f1bbbe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/html/ad.html?v=1.0.65
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:09:05 GMT
content-encoding
gzip
via
1.1 4fa61644a4cc2dfcb32e66f7e29f0076.cloudfront.net (CloudFront)
last-modified
Mon, 19 Apr 2021 03:30:31 GMT
server
nginx/1.12.1
x-amz-cf-pop
AMS54-C1
age
199
etag
W/"607cf957-11ab"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=10800
x-amz-cf-id
1oE0u7DVvTIDGx2W7wR-VxSAkEDPhtbGJmi0vWBrqQnjgb4LU2shug==
expires
Fri, 30 Sep 2022 11:09:03 GMT
bidinfo.aspx
bw.scupio.com/adpinline/ Frame 15C7 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bw.scupio.com/adpinline/bidinfo.aspx?cb=0.7132828477759598
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.180 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
b2cfce40888f1fe9452e3f51902873d2f6a93458bf43e072a5042e3f266cc8e9

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Fri, 30 Sep 2022 08:12:22 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
P3P
CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin
https://img.scupio.com
Content-Type
application/javascript; charset=utf-8
Cache-Control
private
Access-Control-Allow-Credentials
true
Content-Length
1608
truncated
/ Frame 15C7 		762 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4ce81ecccefb27ce0f347ef564114da2ba450a9e1d9a7260b4597e62b1f71a72

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
adsbyscupio.js
img.scupio.com/js/ Frame A649 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/adsbyscupio.js?v=1.0.2
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.219.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-219-8.ams54.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
d7fc505653c3573f9bccca93a33e2ed14bd8b4586bdeca9180225dab01f1bbbe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/html/ad.html?v=1.0.65
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:09:05 GMT
content-encoding
gzip
via
1.1 4fa61644a4cc2dfcb32e66f7e29f0076.cloudfront.net (CloudFront)
last-modified
Mon, 19 Apr 2021 03:30:31 GMT
server
nginx/1.12.1
x-amz-cf-pop
AMS54-C1
age
199
etag
W/"607cf957-11ab"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=10800
x-amz-cf-id
HXPRnYjOE2oBIFU0qTezp2loG1ZQTvJMYngyLjRRNuWmzoFENELbyg==
expires
Fri, 30 Sep 2022 11:09:03 GMT
bidinfo.aspx
bw.scupio.com/adpinline/ Frame A7A5 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bw.scupio.com/adpinline/bidinfo.aspx?cb=0.7275132867592893
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.180 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e41720e8fbf233f34e588f1b688ffd167db7ec00d29fc601f88a99d916c70d85

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Fri, 30 Sep 2022 08:12:22 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
P3P
CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin
https://img.scupio.com
Content-Type
application/javascript; charset=utf-8
Cache-Control
private
Access-Control-Allow-Credentials
true
Content-Length
1606
truncated
/ Frame A7A5 		762 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4ce81ecccefb27ce0f347ef564114da2ba450a9e1d9a7260b4597e62b1f71a72

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
cm
t.ssp.hinet.net/ 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=a546ca&cid=%%%20Partner%20Cookie%20Here%20%%&mp=c8a522ee-a7fb-4437-8501-e886795b0a78
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:22 GMT
strict-transport-security
max-age=0
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
pixel
c8a522ee-a7fb-4437-8501-e886795b0a78.t.ssp.hinet.net/ 		0
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c8a522ee-a7fb-4437-8501-e886795b0a78.t.ssp.hinet.net/pixel?bd=c8a522ee-a7fb-4437-8501-e886795b0a78&t=a546ca&referrer=%25%25%20referrer%20%25%25
Requested by
Host: reurl.cc
URL: https://reurl.cc/pMRx4x
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:23 GMT
strict-transport-security
max-age=0
server
nginx
content-length
0
content-type
image/png
cm
t.ssp.hinet.net/ Frame 6A45 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=50ef57&cid=1930-jGqgaPnqwMamN1K4gQnBQ1rECvZ5GA7l&mp=c8a522ee-a7fb-4437-8501-e886795b0a78
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:22 GMT
strict-transport-security
max-age=0
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
pixel
c8a522ee-a7fb-4437-8501-e886795b0a78.t.ssp.hinet.net/ Frame 6A45 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c8a522ee-a7fb-4437-8501-e886795b0a78.t.ssp.hinet.net/pixel?bd=c8a522ee-a7fb-4437-8501-e886795b0a78&t=50ef57&referrer=https%3A%2F%2Freurl.cc
Requested by
Host: reurl.cc
URL: https://reurl.cc/pMRx4x
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:23 GMT
strict-transport-security
max-age=0
server
nginx
content-length
0
content-type
image/png
300x250.jpg
img.scupio.com/img/padding/ Frame B0DC 		56 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.scupio.com/img/padding/300x250.jpg
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.219.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-219-8.ams54.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
5e0c4b65a9aa656ce5484dee823c78de192e6b3fd64eab5317713ff31325c89c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/html/ad.html?v=1.0.65
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 07:29:40 GMT
via
1.1 4fa61644a4cc2dfcb32e66f7e29f0076.cloudfront.net (CloudFront)
last-modified
Mon, 19 Apr 2021 03:31:40 GMT
server
nginx/1.12.1
x-amz-cf-pop
AMS54-C1
age
2862
etag
"607cf99c-e1ff"
vary
Origin
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
57855
x-amz-cf-id
bYW1s5xmo9hhFqrA8JNUXAYb7L6ypDFheC1teaOzuSX07a_zLGcbww==
expires
Sat, 30 Sep 2023 07:24:40 GMT
970x250.jpg
img.scupio.com/img/padding/ Frame A649 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.scupio.com/img/padding/970x250.jpg
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.219.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-219-8.ams54.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
1219005b1ac715570be263a42b98d63280456e8fc7fcdfdf704536cfe5f9e9b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/html/ad.html?v=1.0.65
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 07:43:16 GMT
via
1.1 4fa61644a4cc2dfcb32e66f7e29f0076.cloudfront.net (CloudFront)
last-modified
Mon, 19 Apr 2021 03:31:40 GMT
server
nginx/1.12.1
x-amz-cf-pop
AMS54-C1
age
1746
etag
"607cf99c-b9b9"
vary
Origin
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
47545
x-amz-cf-id
Nx9Vk-7R2irg1uDY5Y9y9vYSRh8OIrAm60bZ2VKYe4SFCROespgUXg==
expires
Sat, 30 Sep 2023 07:43:16 GMT
pixel
c8a522ee-a7fb-4437-8501-e886795b0a78.t.ssp.hinet.net/ Frame 542F 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c8a522ee-a7fb-4437-8501-e886795b0a78.t.ssp.hinet.net/pixel?bd=c8a522ee-a7fb-4437-8501-e886795b0a78&t=50ef57&referrer=https%3A%2F%2Freurl.cc
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:23 GMT
strict-transport-security
max-age=0
server
nginx
content-length
0
content-type
image/png
cm
t.ssp.hinet.net/ Frame 542F 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=50ef57&cid=1930-jGqgaPnqwMamN1K4gQnBQ1rECvZ5GA7l&mp=c8a522ee-a7fb-4437-8501-e886795b0a78
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:22 GMT
strict-transport-security
max-age=0
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
pixel
c8a522ee-a7fb-4437-8501-e886795b0a78.t.ssp.hinet.net/ Frame 7108 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c8a522ee-a7fb-4437-8501-e886795b0a78.t.ssp.hinet.net/pixel?bd=c8a522ee-a7fb-4437-8501-e886795b0a78&t=50ef57&referrer=https%3A%2F%2Freurl.cc
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:23 GMT
strict-transport-security
max-age=0
server
nginx
content-length
0
content-type
image/png
cm
t.ssp.hinet.net/ Frame 7108 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=50ef57&cid=1930-jGqgaPnqwMamN1K4gQnBQ1rECvZ5GA7l&mp=c8a522ee-a7fb-4437-8501-e886795b0a78
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:22 GMT
strict-transport-security
max-age=0
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
init.js
cdn.holmesmind.com/js/ Frame 9E5C 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/pMRx4x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:8200:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-amz-version-id
UdwMmUAM2dmZqopCO7YOeMhqjXQRxqvB
date
Fri, 30 Sep 2022 08:11:59 GMT
via
1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified
Fri, 04 Mar 2022 10:10:49 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
24
etag
"439e160b698f1ec2efb45c3b6cd6b265"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
6552
x-amz-cf-id
McZi-n9YLMVp-tclCyqngx6U3ayOCx_hniz3U-JmhXyWMhc8a7UAMw==
init.js
cdn.holmesmind.com/js/ Frame 93B1 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/pMRx4x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:8200:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-amz-version-id
UdwMmUAM2dmZqopCO7YOeMhqjXQRxqvB
date
Fri, 30 Sep 2022 08:11:59 GMT
via
1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified
Fri, 04 Mar 2022 10:10:49 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
24
etag
"439e160b698f1ec2efb45c3b6cd6b265"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
6552
x-amz-cf-id
Gqj7yHZOMUON2JmKxEvAXPvkEb5EN7luEcIAvt1dFNKNjgEnH6XoWw==
capmapping.htm
cdn.holmesmind.com/js/ Frame 690C 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:8200:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cc37fba2e98f49c4d9551f72176d3aff72eacd798e5e85436837847e6b967c36

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
38
content-length
4730
content-type
text/html
date
Fri, 30 Sep 2022 08:11:50 GMT
etag
"c36f5eb091d6195fe8b68f3b263f999b"
last-modified
Mon, 22 Aug 2022 03:00:17 GMT
server
AmazonS3
via
1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
x-amz-cf-id
wx0PGgv6GJ7XBPY0nU6Me7KqJoIecqhqu7XC1kJcR9711wTST9GRIg==
x-amz-cf-pop
FRA56-P2
x-amz-version-id
9jVaRQ2pP3sbT47ouwg8zArcPp2ddVmt
x-cache
Hit from cloudfront
edmp_init.js
cdn.holmesmind.com/js/ Frame 9E5C 		662 B
1004 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/edmp_init.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:8200:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 30 Sep 2022 08:12:10 GMT
via
1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified
Fri, 12 Mar 2021 02:45:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
13
etag
"f58f8a90686f8ffb3325107e8a788b71"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
662
x-amz-cf-id
3vcvILV9MNDqNIhF6-xj3AOhac1ruKP5GYp0HSoDGyz2MOzy_no1LQ==
presetfn.js
cdn.holmesmind.com/js/ Frame 8EB7 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:8200:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
83a37c9bbe8dae0a71e95a0e6401bd5d9576a2b0e35295e640c2d807f9b4424e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-amz-version-id
QFAcVwN57aO_RWKPah9bVgfaw1eby0J0
date
Fri, 30 Sep 2022 08:12:07 GMT
via
1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified
Mon, 22 Aug 2022 03:00:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
16
etag
"ddf163a3d8381378b3e35e39339ad7ab"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
9530
x-amz-cf-id
wo0Lzw-sJ3tSWROntGJbDKeYC_BqR71gGyWrt50KryVSnBYAeBYfmA==
capmapping.htm
cdn.holmesmind.com/js/ Frame 4059 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:8200:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cc37fba2e98f49c4d9551f72176d3aff72eacd798e5e85436837847e6b967c36

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
38
content-length
4730
content-type
text/html
date
Fri, 30 Sep 2022 08:11:50 GMT
etag
"c36f5eb091d6195fe8b68f3b263f999b"
last-modified
Mon, 22 Aug 2022 03:00:17 GMT
server
AmazonS3
via
1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
x-amz-cf-id
xGFOe2mWNfyhpBPRVVJuwCQNziH9TBPWhwOUeIKjlykfsSMgaGpbvg==
x-amz-cf-pop
FRA56-P2
x-amz-version-id
9jVaRQ2pP3sbT47ouwg8zArcPp2ddVmt
x-cache
Hit from cloudfront
edmp_init.js
cdn.holmesmind.com/js/ Frame 93B1 		662 B
1004 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/edmp_init.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:8200:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 30 Sep 2022 08:12:10 GMT
via
1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified
Fri, 12 Mar 2021 02:45:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
13
etag
"f58f8a90686f8ffb3325107e8a788b71"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
662
x-amz-cf-id
zR8wRmDQtmYKhWTrkmd6C_VGkH4dbwRW01-8nWcLAbbISew5wgyRFA==
presetfn.js
cdn.holmesmind.com/js/ Frame B3EA 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:8200:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
83a37c9bbe8dae0a71e95a0e6401bd5d9576a2b0e35295e640c2d807f9b4424e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-amz-version-id
QFAcVwN57aO_RWKPah9bVgfaw1eby0J0
date
Fri, 30 Sep 2022 08:12:07 GMT
via
1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified
Mon, 22 Aug 2022 03:00:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
16
etag
"ddf163a3d8381378b3e35e39339ad7ab"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
9530
x-amz-cf-id
34zB7x07nIU_TC97zZFeMRsAWIZmAOPiu66gnpBuuCNFcIeitNFTIw==
cm.php
fcm.holmesmind.com/ Frame C778 		0
0
utag.js
t.ssp.hinet.net/ Frame 690C 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:22 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 06:51:32 GMT
server
nginx
etag
W/"62de3d74-134a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Fri, 30 Sep 2022 08:22:22 GMT
cm
c.holmesmind.com/ Frame 690C 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:23 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
google
m.holmesmind.com/ml/ Frame 690C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=829572-s9wC6KRrJOJv5cMKI3qOOipmMcGOQf3J&uu_m=undefined
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm=&cf_uid=829572-s9wC6KRrJOJv5cMKI3qOOipmMcGOQf3J&uu_m=undefined&google_tc=
  • https://m.holmesmind.com/ml/google?cf_uid=829572-s9wC6KRrJOJv5cMKI3qOOipmMcGOQf3J&uu_m=undefined&google_gid=CAESEJvZouQVM9eK4N40D_pUGrE&google_cver=1
0
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.holmesmind.com/ml/google?cf_uid=829572-s9wC6KRrJOJv5cMKI3qOOipmMcGOQf3J&uu_m=undefined&google_gid=CAESEJvZouQVM9eK4N40D_pUGrE&google_cver=1
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Server
35.227.249.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
156.249.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:22 GMT
x-guploader-uploadid
ADPycdvs_SBtGBO-vOXPF1v4yvQTq8UPPn5hjJct0bsQvrFNEtxvPzLy-TwYZn_2vJOJaWkILvUITL01kaD0utcfPyqdc4rZT8UR
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
last-modified
Wed, 21 Feb 2018 07:36:41 GMT
server
UploadServer
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-goog-generation
1519198601160228
content-type
image/png
x-goog-hash
crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
cache-control
public, max-age=3600
x-goog-stored-content-length
0
accept-ranges
bytes
expires
Fri, 30 Sep 2022 09:12:22 GMT

Redirect headers

pragma
no-cache
date
Fri, 30 Sep 2022 08:12:22 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://m.holmesmind.com/ml/google?cf_uid=829572-s9wC6KRrJOJv5cMKI3qOOipmMcGOQf3J&uu_m=undefined&google_gid=CAESEJvZouQVM9eK4N40D_pUGrE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
358
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
c.holmesmind.com/ Frame 4059 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:22 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
cm.php
fcm.holmesmind.com/ Frame 6C2C 		0
0
utag.js
t.ssp.hinet.net/ Frame 4059 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:22 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 06:51:32 GMT
server
nginx
etag
W/"62de3d74-134a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Fri, 30 Sep 2022 08:22:22 GMT
google
m.holmesmind.com/ml/ Frame 4059
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=829572-s9wC6KRrJOJv5cMKI3qOOipmMcGOQf3J&uu_m=undefined
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm=&cf_uid=829572-s9wC6KRrJOJv5cMKI3qOOipmMcGOQf3J&uu_m=undefined&google_tc=
  • https://m.holmesmind.com/ml/google?cf_uid=829572-s9wC6KRrJOJv5cMKI3qOOipmMcGOQf3J&uu_m=undefined&google_gid=CAESEPkFdV6XdPl5nXNHKVL9svg&google_cver=1
0
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.holmesmind.com/ml/google?cf_uid=829572-s9wC6KRrJOJv5cMKI3qOOipmMcGOQf3J&uu_m=undefined&google_gid=CAESEPkFdV6XdPl5nXNHKVL9svg&google_cver=1
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Server
35.227.249.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
156.249.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:22 GMT
x-guploader-uploadid
ADPycdtUm1HjG_UVT84VQ5ULaLbcVsEaRgrF8l-wsdnDbb8ecjHcqIj0rgQtpOO4LRz8eL4XSmVaQu9LZHWsf_1F9MY5i_X3TVEj
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
last-modified
Wed, 21 Feb 2018 07:36:41 GMT
server
UploadServer
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-goog-generation
1519198601160228
content-type
image/png
x-goog-hash
crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
cache-control
public, max-age=3600
x-goog-stored-content-length
0
accept-ranges
bytes
expires
Fri, 30 Sep 2022 09:12:22 GMT

Redirect headers

pragma
no-cache
date
Fri, 30 Sep 2022 08:12:22 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://m.holmesmind.com/ml/google?cf_uid=829572-s9wC6KRrJOJv5cMKI3qOOipmMcGOQf3J&uu_m=undefined&google_gid=CAESEPkFdV6XdPl5nXNHKVL9svg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
358
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Preset.js
adcdn.holmesmind.com/adserver/ Frame 8EB7 		1 KB
751 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adcdn.holmesmind.com/adserver/Preset.js?z=13849
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2368:5000:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
a7cac69ff4c7b905552b1915305ba548a87acdf6205efe6e5bd1eef0d4700793

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:11:55 GMT
content-encoding
gzip
via
1.1 da638d87f8ab43a61f74ca34a51fd8b8.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
HEL51-P1
age
27
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
x-amz-cf-id
GVGso49xbu4QFislK-gijOs6nhTVbbYFQ3AASp8VfPzZ-W8sBv85fg==
Preset.js
adcdn.holmesmind.com/adserver/ Frame B3EA 		1 KB
751 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adcdn.holmesmind.com/adserver/Preset.js?z=13857
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2368:5000:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
a7cac69ff4c7b905552b1915305ba548a87acdf6205efe6e5bd1eef0d4700793

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:11:54 GMT
content-encoding
gzip
via
1.1 da638d87f8ab43a61f74ca34a51fd8b8.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
HEL51-P1
age
28
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
x-amz-cf-id
2-YczC2UB0zi55ZiBERfOXdQYcjukehc6NE84GzEkvtYtGfAAsy1Sg==
ads.js
ad.holmesmind.com/adserver/ Frame 8EB7 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=13849&rf=https%3A%2F%2Freurl.cc%2FpMRx4x&n=389&o=1&d=1&b=2&ts=1&ii=2&FPCK=7131-l75Sl5nKh15ZycRKJ9nyRNgujcPY6Fff&initver=210830P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.68.234.1 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-68-234-1.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
1d28f06564d970524c6ddd30b8a2d3d0890b10333812e8376a435f31c59910df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Fri, 30 Sep 2022 08:12:22 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame 8EB7 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:8200:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 30 Sep 2022 08:12:00 GMT
via
1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:10 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
27
etag
"6a605eea47197fa280f27aaf1fa1521d"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2773
x-amz-cf-id
vFc0ak5KWvQiEhRuZl-8xgudx1VL3GqE1QOwIPSvAPWg3QTqZWstkg==
publishertag.js
static.criteo.net/js/ld/ Frame 8EB7 		121 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
e78c5380563a8a078ca08254718d91472579bdcd61e6b34b1dfacb0f786ed213
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:22 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Sat, 17 Sep 2022 19:59:55 GMT
server
nginx
etag
W/"6326273b-1e2be"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 01 Oct 2022 08:12:22 GMT
criteoV2.js
cdn.holmesmind.com/js/ Frame 8EB7 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:8200:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 30 Sep 2022 08:12:00 GMT
via
1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:12 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
25
etag
"e8f33fcb581483ced4a09b3c8e7550e4"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2443
x-amz-cf-id
26I6GS32qG594ii3nDxYnub0lef7ATdAItJV6LlCx5QPiCXC8lNR_Q==
bridgewellV3.js
cdn.holmesmind.com/js/ Frame 8EB7 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:8200:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 30 Sep 2022 08:12:00 GMT
via
1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified
Tue, 20 Apr 2021 06:25:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
30
etag
"c3b948e5a48dd0ec20c265d6d8da7add"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
4530
x-amz-cf-id
zLa5sFWARbtMnWWGFD1dRhlGmrOXS9lZ_gS0M2Hj1DIQAwnwV34Dww==
appierV2.js
cdn.holmesmind.com/js/ Frame 8EB7 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:8200:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 30 Sep 2022 08:11:30 GMT
via
1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified
Thu, 11 Mar 2021 07:54:26 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
53
etag
"548ed610a8571343fb3022f543174735"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3177
x-amz-cf-id
IkWLHlaASvO3uRsPF1Ah4M7uafDdtwpTQUQQiaqhB-v9fuycpm6poQ==
appier_mainV3.js
cdn.holmesmind.com/js/ Frame 8EB7 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:8200:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cb559970e468315ee6536be649b06177402e61e08f44baf23dcea086050081a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-amz-version-id
MdWeC1SPZeIh9xSqjXjlj3abPqMhnJfk
date
Fri, 30 Sep 2022 08:12:00 GMT
via
1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified
Wed, 28 Sep 2022 02:19:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
30
etag
"8e1b46b18b195f6e1856d4e020014a8e"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
5541
x-amz-cf-id
z8cl1IK9mNVKHLHkR4ZD5j3W5uuddUVX4Qx_u8jaAEx_5SNbVebHYw==
ads.js
ad.holmesmind.com/adserver/ Frame B3EA 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=13857&rf=https%3A%2F%2Freurl.cc%2FpMRx4x&n=168&o=1&d=1&b=2&ts=1&ii=2&FPCK=7131-l75Sl5nKh15ZycRKJ9nyRNgujcPY6Fff&initver=210830P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.68.234.1 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-68-234-1.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
32326e1e80d9a62f25f0e65158688452faec650285acda8b1e14c4dae43c1124

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Fri, 30 Sep 2022 08:12:22 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame B3EA 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:8200:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 30 Sep 2022 08:12:00 GMT
via
1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:10 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
27
etag
"6a605eea47197fa280f27aaf1fa1521d"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2773
x-amz-cf-id
4NUIc_SgEW6tpiIcaar_LmVNQ3foNOFb9t0cr-xmPvled4oy86EQ5g==
publishertag.js
static.criteo.net/js/ld/ Frame B3EA 		121 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
e78c5380563a8a078ca08254718d91472579bdcd61e6b34b1dfacb0f786ed213
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:22 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Sat, 17 Sep 2022 19:59:55 GMT
server
nginx
etag
W/"6326273b-1e2be"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 01 Oct 2022 08:12:22 GMT
criteoV2.js
cdn.holmesmind.com/js/ Frame B3EA 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:8200:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 30 Sep 2022 08:12:00 GMT
via
1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:12 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
25
etag
"e8f33fcb581483ced4a09b3c8e7550e4"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2443
x-amz-cf-id
BLl7uuIVoP1nfxBIBtdOWrkP4e5-QrhQvim9tagK4NA-aFRiHse_wA==
bridgewellV3.js
cdn.holmesmind.com/js/ Frame B3EA 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:8200:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 30 Sep 2022 08:12:00 GMT
via
1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified
Tue, 20 Apr 2021 06:25:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
30
etag
"c3b948e5a48dd0ec20c265d6d8da7add"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
4530
x-amz-cf-id
epRyM01y9UovtfVoweQ9qSet710WViA33Ng4Z4rWWDVMGIOEGyCCKg==
appierV2.js
cdn.holmesmind.com/js/ Frame B3EA 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:8200:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 30 Sep 2022 08:11:30 GMT
via
1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified
Thu, 11 Mar 2021 07:54:26 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
53
etag
"548ed610a8571343fb3022f543174735"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3177
x-amz-cf-id
4lKMGdDOyUzb_HeolZrOIzV772UNvjb5IlXoDzs1q-XHoRATtMMskw==
appier_mainV3.js
cdn.holmesmind.com/js/ Frame B3EA 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:8200:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cb559970e468315ee6536be649b06177402e61e08f44baf23dcea086050081a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-amz-version-id
MdWeC1SPZeIh9xSqjXjlj3abPqMhnJfk
date
Fri, 30 Sep 2022 08:12:00 GMT
via
1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified
Wed, 28 Sep 2022 02:19:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
30
etag
"8e1b46b18b195f6e1856d4e020014a8e"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
5541
x-amz-cf-id
O4S-WJVlA9XOfAac_iXK_Mjh00M6_XYX_zZzh6BCSGq1O53_ldGxjw==
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame 8EB7 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Fri, 30 Sep 2022 08:12:22 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame B3EA 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Fri, 30 Sep 2022 08:12:22 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid.aspx
prebid.scupio.com/recweb/ Frame 8EB7 		0
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.6816457124465372
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.181 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 30 Sep 2022 08:12:21 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
text/html
Access-Control-Allow-Origin
https://reurl.cc
Cache-Control
private
Access-Control-Allow-Credentials
true
bid
ad2.apx.appier.net/v1/prebid/ Frame 8EB7
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=obw3lK6-DlCVgVP15qQ2Yw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=obw3lK6-DlCVgVP15qQ2Yw
Requested by
Host: reurl.cc
URL: https://reurl.cc/pMRx4x
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:23 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Fri, 30 Sep 2022 08:12:22 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=obw3lK6-DlCVgVP15qQ2Yw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
prebid.aspx
prebid.scupio.com/recweb/ Frame B3EA 		0
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.635111842980038
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.181 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 30 Sep 2022 08:12:21 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
text/html
Access-Control-Allow-Origin
https://reurl.cc
Cache-Control
private
Access-Control-Allow-Credentials
true
bid
ad2.apx.appier.net/v1/prebid/ Frame 8EB7
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=obw3lK6-DlCVgVP15qQ2Yw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=obw3lK6-DlCVgVP15qQ2Yw
Requested by
Host: reurl.cc
URL: https://reurl.cc/pMRx4x
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:23 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Fri, 30 Sep 2022 08:12:22 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=obw3lK6-DlCVgVP15qQ2Yw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame 8EB7
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=obw3lK6-DlCVgVP15qQ2Yw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=obw3lK6-DlCVgVP15qQ2Yw
Requested by
Host: reurl.cc
URL: https://reurl.cc/pMRx4x
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:23 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Fri, 30 Sep 2022 08:12:22 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=obw3lK6-DlCVgVP15qQ2Yw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame B3EA
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=obw3lK6-DlCVgVP15qQ2Yw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=obw3lK6-DlCVgVP15qQ2Yw
Requested by
Host: reurl.cc
URL: https://reurl.cc/pMRx4x
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:23 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Fri, 30 Sep 2022 08:12:23 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=obw3lK6-DlCVgVP15qQ2Yw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame B3EA
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=obw3lK6-DlCVgVP15qQ2Yw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=obw3lK6-DlCVgVP15qQ2Yw
Requested by
Host: reurl.cc
URL: https://reurl.cc/pMRx4x
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:23 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Fri, 30 Sep 2022 08:12:23 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=obw3lK6-DlCVgVP15qQ2Yw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame B3EA
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=obw3lK6-DlCVgVP15qQ2Yw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=obw3lK6-DlCVgVP15qQ2Yw
Requested by
Host: reurl.cc
URL: https://reurl.cc/pMRx4x
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:24 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Fri, 30 Sep 2022 08:12:23 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=obw3lK6-DlCVgVP15qQ2Yw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
cdb
bidder.criteo.com/ Frame B3EA 		177 B
425 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=130&profileId=184&cb=71970561315
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
44cab9c958b8109d751bbd77c9a6e415e88b657f14c7830153f8f1e4cf11498e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 30 Sep 2022 08:12:21 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
163
cdb
bidder.criteo.com/ Frame 8EB7 		177 B
425 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=130&profileId=184&cb=277371009
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
6d68236bc0e24f4f31bdcca035f7e7db11a06a798acd278412e6e5e822d282b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 30 Sep 2022 08:12:22 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
163
events
bidder.criteo.com/csm/ Frame B3EA 		0
209 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 30 Sep 2022 08:12:22 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
events
bidder.criteo.com/csm/ Frame 8EB7 		0
209 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 30 Sep 2022 08:12:22 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
/
t.ssp.hinet.net/ Frame 690C 		36 B
408 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
97196ad19e29045d3f7146aeecc44e0c9d7de591d7556cf2ad4216151d071d02
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:22 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
/
t.ssp.hinet.net/ Frame 4059 		36 B
408 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
97196ad19e29045d3f7146aeecc44e0c9d7de591d7556cf2ad4216151d071d02
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:22 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
landing.php
fp.holmesmind.com/ Frame B92A 		0
37 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=1930-jGqgaPnqwMamN1K4gQnBQ1rECvZ5GA7l&CFFPCKUUID=7131-l75Sl5nKh15ZycRKJ9nyRNgujcPY6Fff&url=https%3A%2F%2Freurl.cc%2FpMRx4x&maindomain=reurl.cc
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.219.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
39.219.117.34.bc.googleusercontent.com
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
x-requested-with,content-type
access-control-allow-methods
*
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 30 Sep 2022 08:12:22 GMT
server
nginx/1.20.0
vary
Accept-Encoding
via
1.1 google
utag.js
t.ssp.hinet.net/ Frame 8EB7 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:22 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 06:51:32 GMT
server
nginx
etag
W/"62de3d74-134a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Fri, 30 Sep 2022 08:22:22 GMT
landing.php
fp.holmesmind.com/ Frame 1E68 		0
37 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=1930-jGqgaPnqwMamN1K4gQnBQ1rECvZ5GA7l&CFFPCKUUID=7131-l75Sl5nKh15ZycRKJ9nyRNgujcPY6Fff&url=https%3A%2F%2Freurl.cc%2FpMRx4x&maindomain=reurl.cc
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.219.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
39.219.117.34.bc.googleusercontent.com
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
x-requested-with,content-type
access-control-allow-methods
*
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 30 Sep 2022 08:12:22 GMT
server
nginx/1.20.0
vary
Accept-Encoding
via
1.1 google
utag.js
t.ssp.hinet.net/ Frame B3EA 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:22 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 06:51:32 GMT
server
nginx
etag
W/"62de3d74-134a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Fri, 30 Sep 2022 08:22:22 GMT
drawV2.js
cdn.holmesmind.com/js/ Frame B3EA 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13857&rf=https%3A%2F%2Freurl.cc%2FpMRx4x&n=168&o=1&d=1&b=2&ts=1&ii=2&FPCK=7131-l75Sl5nKh15ZycRKJ9nyRNgujcPY6Fff&initver=210830P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:8200:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 30 Sep 2022 08:11:30 GMT
via
1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified
Fri, 16 Oct 2020 09:58:46 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
53
etag
"84d8b1a745228113e60f5e62f0eff6d3"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
10359
x-amz-cf-id
4TngTf_oVfVUO3AW-3Gl9wV42PtTc6usDzxvMu9B-gEbwlRGRgprLw==
drawV2.js
cdn.holmesmind.com/js/ Frame 8EB7 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13849&rf=https%3A%2F%2Freurl.cc%2FpMRx4x&n=389&o=1&d=1&b=2&ts=1&ii=2&FPCK=7131-l75Sl5nKh15ZycRKJ9nyRNgujcPY6Fff&initver=210830P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:8200:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 30 Sep 2022 08:11:30 GMT
via
1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified
Fri, 16 Oct 2020 09:58:46 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
53
etag
"84d8b1a745228113e60f5e62f0eff6d3"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
10359
x-amz-cf-id
ABoZsi09pUJ5VXewUYrZdeI2dqxFYPZ2iWpEuBtNpXRknDXp1YZwHA==
emome2
t.ssp.hinet.net/ Frame 690C 		30 B
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=7b5615bf-1a35-455a-bdc3-f9e13f83816d
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:23 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
emome2
t.ssp.hinet.net/ Frame 4059 		30 B
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=7b5615bf-1a35-455a-bdc3-f9e13f83816d
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:23 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
/
t.ssp.hinet.net/ Frame 8EB7 		36 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
97196ad19e29045d3f7146aeecc44e0c9d7de591d7556cf2ad4216151d071d02
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:23 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
publishertag.prebid.117.js
static.criteo.net/js/ld/ Frame 15C7 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:23 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 01 Oct 2022 08:12:23 GMT
publishertag.prebid.117.js
static.criteo.net/js/ld/ Frame A7A5 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:23 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 01 Oct 2022 08:12:23 GMT
syncframe
gum.criteo.com/ Frame ABE5 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
639785aa0d683a5d24bcbe96629d8d07fd8eefd12499bd97606e65f9373a5112
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://img.scupio.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 30 Sep 2022 08:12:22 GMT
server
Kestrel
server-processing-duration-in-ticks
1026891
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 15C7 		88 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:23 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Sat, 17 Sep 2022 19:59:55 GMT
server
nginx
etag
W/"6326273b-16120"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 01 Oct 2022 08:12:23 GMT
ls.html
img.scupio.com/html/ Frame 0A9F 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/html/ls.html
Requested by
Host: reurl.cc
URL: https://reurl.cc/pMRx4x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.219.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-219-8.ams54.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce

Request headers

Referer
https://img.scupio.com/html/ad.html?v=1.0.65
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
989
cache-control
max-age=604800
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 30 Sep 2022 07:56:01 GMT
etag
W/"583295c9-4dc"
expires
Fri, 07 Oct 2022 07:55:54 GMT
last-modified
Mon, 21 Nov 2016 06:35:53 GMT
server
nginx/1.12.1
vary
Origin
via
1.1 4fa61644a4cc2dfcb32e66f7e29f0076.cloudfront.net (CloudFront)
x-amz-cf-id
dDsGt3tn6Wexv884hCw9Swr3f2qP2G6icOnFrKES5qizewcAQ-vwgA==
x-amz-cf-pop
AMS54-C1
x-cache
Hit from cloudfront
ggid.aspx
rec.scupio.com/recweb/ Frame 9493
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q0hBMjAyMjA5MzAxNjEyMjIzODk5MQ%3d%3d&layout=js
  • https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEEkIpBQY-az4VAl9Y5ooS0Y&google_cver=1&google_ula=3918219,0
0
551 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEEkIpBQY-az4VAl9Y5ooS0Y&google_cver=1&google_ula=3918219,0
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol
HTTP/1.1
Server
210.59.219.175 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Fri, 30 Sep 2022 08:12:23 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
text/javascript
P3P
CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control
private
Content-Length
0

Redirect headers

pragma
no-cache
date
Fri, 30 Sep 2022 08:12:23 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEEkIpBQY-az4VAl9Y5ooS0Y&google_cver=1&google_ula=3918219,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 625F
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac
  • https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Requested by
Host: reurl.cc
URL: https://reurl.cc/pMRx4x
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://img.scupio.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 30 Sep 2022 08:12:23 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 30 Sep 2022 08:12:23 GMT
location
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
server
AkamaiGHost
/
www.facebook.com/tr/ Frame 9493 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=588795092476391&ev=ViewContent&dl=https%3A%2F%2Fimg.scupio.com%2Fhtml%2Fad.html%3Fv%3D1.0.65&rl=https%3A%2F%2Fimg.scupio.com%2Fhtml%2Fad.html%3Fv%3D1.0.65&if=true&ts=1664525543163&cd[SBST]=17&cd[PuID]=reurl&ud[external_id]=b358366d0844d2a4647b78c46093db33b04bb9d7c2c6f9c78f86f63b434e64ba
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 30 Sep 2022 08:12:23 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
priority
u=3,i
generic
match.adsrvr.org/track/cmf/ Frame 9493
Redirect Chain
  • https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CHA2022093016122238991
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/3302a3d5-f0ed-3d90-bb38-484021093cb2?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-pq08_K9E2oWeGKLLlSju5aj6IQGfJN1m58euPbY-~A&redirect=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol
H2
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 30 Sep 2022 08:12:24 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
date
Fri, 30 Sep 2022 08:12:23 GMT
connection
close
content-length
111
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
ls.html
img.scupio.com/html/ Frame FE0C 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/html/ls.html
Requested by
Host: reurl.cc
URL: https://reurl.cc/pMRx4x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.219.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-219-8.ams54.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce

Request headers

Referer
https://img.scupio.com/html/ad.html?v=1.0.65
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
989
cache-control
max-age=604800
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 30 Sep 2022 07:56:01 GMT
etag
W/"583295c9-4dc"
expires
Fri, 07 Oct 2022 07:55:54 GMT
last-modified
Mon, 21 Nov 2016 06:35:53 GMT
server
nginx/1.12.1
vary
Origin
via
1.1 4fa61644a4cc2dfcb32e66f7e29f0076.cloudfront.net (CloudFront)
x-amz-cf-id
ICfEPdciHBFDrD0K78fWyvEVvPkA0PXM0X5Pa_LdBWZpXBO7i0unVQ==
x-amz-cf-pop
AMS54-C1
x-cache
Hit from cloudfront
ggid.aspx
rec.scupio.com/recweb/ Frame E619
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q1pBMjAyMjA5MzAxNjEyMjM5NTc4ODI%3d&layout=js
  • https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEEkIpBQY-az4VAl9Y5ooS0Y&google_cver=1&google_ula=3918219,0
0
551 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEEkIpBQY-az4VAl9Y5ooS0Y&google_cver=1&google_ula=3918219,0
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol
HTTP/1.1
Server
210.59.219.175 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Fri, 30 Sep 2022 08:12:23 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
text/javascript
P3P
CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control
private
Content-Length
0

Redirect headers

pragma
no-cache
date
Fri, 30 Sep 2022 08:12:23 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEEkIpBQY-az4VAl9Y5ooS0Y&google_cver=1&google_ula=3918219,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame B089
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac
  • https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Requested by
Host: reurl.cc
URL: https://reurl.cc/pMRx4x
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://img.scupio.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 30 Sep 2022 08:12:23 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 30 Sep 2022 08:12:23 GMT
location
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
server
AkamaiGHost
/
www.facebook.com/tr/ Frame E619 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=588795092476391&ev=ViewContent&dl=https%3A%2F%2Fimg.scupio.com%2Fhtml%2Fad.html%3Fv%3D1.0.65&rl=https%3A%2F%2Fimg.scupio.com%2Fhtml%2Fad.html%3Fv%3D1.0.65&if=true&ts=1664525543185&cd[SBST]=17&cd[PuID]=reurl&ud[external_id]=cd93fc91f7c090db2000fca5edee9400f47584cd1e777691354e36911f892ea7
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 30 Sep 2022 08:12:23 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
priority
u=3,i
generic
match.adsrvr.org/track/cmf/ Frame E619
Redirect Chain
  • https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CZA20220930161223957882
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/3302a3d5-f0ed-3d90-bb38-484021093cb2?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-vVgJ.0FE2oXY5FiF883LkdHRt4fjTB3i.oZbKPI-~A&redirect=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol
H2
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 30 Sep 2022 08:12:24 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
date
Fri, 30 Sep 2022 08:12:24 GMT
connection
close
content-length
111
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
syncframe
gum.criteo.com/ Frame 3761 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
639785aa0d683a5d24bcbe96629d8d07fd8eefd12499bd97606e65f9373a5112
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://img.scupio.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 30 Sep 2022 08:12:22 GMT
server
Kestrel
server-processing-duration-in-ticks
2734014
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ Frame A7A5 		88 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:23 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Sat, 17 Sep 2022 19:59:55 GMT
server
nginx
etag
W/"6326273b-16120"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 01 Oct 2022 08:12:23 GMT
cm
t.ssp.hinet.net/ Frame 690C 		0
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=cf&cid=829572-s9wC6KRrJOJv5cMKI3qOOipmMcGOQf3J&mp=7b5615bf-1a35-455a-bdc3-f9e13f83816d
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:23 GMT
strict-transport-security
max-age=0
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
pixel
7b5615bf-1a35-455a-bdc3-f9e13f83816d.t.ssp.hinet.net/ Frame 690C 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://7b5615bf-1a35-455a-bdc3-f9e13f83816d.t.ssp.hinet.net/pixel?bd=7b5615bf-1a35-455a-bdc3-f9e13f83816d&t=cf&referrer=https%3A%2F%2Freurl.cc
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:23 GMT
strict-transport-security
max-age=0
server
nginx
content-length
0
content-type
image/png
sid
mug.criteo.com/ Frame ABE5
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=riD66nxVZm5tUFdQL3NGS3l6ZFUrdzhrNjQzaDFBT3dQSFh1d1ZjSE1ndGFVTmEvTm5IcXM0Ty82R2NIZW4xZDhLYWdmUFI2UU8vU0NpTzVUZnJINHZhU3ZCTXN0OVlHUzR4NWZmMjZhWEJmak1NVkM1VjNTaHFmbHV6V1...
425 B
647 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=riD66nxVZm5tUFdQL3NGS3l6ZFUrdzhrNjQzaDFBT3dQSFh1d1ZjSE1ndGFVTmEvTm5IcXM0Ty82R2NIZW4xZDhLYWdmUFI2UU8vU0NpTzVUZnJINHZhU3ZCTXN0OVlHUzR4NWZmMjZhWEJmak1NVkM1VjNTaHFmbHV6V1JtbUpleGV5RXV3cVIzY1kzTFYvUEFIMXl1aktYL0JCOWsvUlZCNTVFZW1yRXJvV1NWL2FNWDZROW53VFVtY0JKMjc2VU9pcDVzNFlLT0ZMczY2ZVVnZWNsR3BVM2pFOStKUWw3Yk9iaXBtUG8zNmpxMHIyeGE2NmZpRldLKzFVcFU0cFFURkJPa3Njb290RjJXVXZxNFFLUUFIeEU2L1ZjcGsra3dQUFpkak1Oc3UwMkYvdz18&cppv=2
Requested by
Host: reurl.cc
URL: https://reurl.cc/pMRx4x
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
84bbddf6fd8d392ce40cc7371e17e992dae9204480bbc111249b7eb88c6b8a36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Sep 2022 08:12:22 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2486260
expires
0

Redirect headers

pragma
no-cache
date
Fri, 30 Sep 2022 08:12:22 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=riD66nxVZm5tUFdQL3NGS3l6ZFUrdzhrNjQzaDFBT3dQSFh1d1ZjSE1ndGFVTmEvTm5IcXM0Ty82R2NIZW4xZDhLYWdmUFI2UU8vU0NpTzVUZnJINHZhU3ZCTXN0OVlHUzR4NWZmMjZhWEJmak1NVkM1VjNTaHFmbHV6V1JtbUpleGV5RXV3cVIzY1kzTFYvUEFIMXl1aktYL0JCOWsvUlZCNTVFZW1yRXJvV1NWL2FNWDZROW53VFVtY0JKMjc2VU9pcDVzNFlLT0ZMczY2ZVVnZWNsR3BVM2pFOStKUWw3Yk9iaXBtUG8zNmpxMHIyeGE2NmZpRldLKzFVcFU0cFFURkJPa3Njb290RjJXVXZxNFFLUUFIeEU2L1ZjcGsra3dQUFpkak1Oc3UwMkYvdz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
842802
content-length
0
expires
0
pixel
7b5615bf-1a35-455a-bdc3-f9e13f83816d.t.ssp.hinet.net/ Frame 4059 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://7b5615bf-1a35-455a-bdc3-f9e13f83816d.t.ssp.hinet.net/pixel?bd=7b5615bf-1a35-455a-bdc3-f9e13f83816d&t=cf&referrer=https%3A%2F%2Freurl.cc
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:23 GMT
strict-transport-security
max-age=0
server
nginx
content-length
0
content-type
image/png
cm
t.ssp.hinet.net/ Frame 4059 		0
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=cf&cid=829572-s9wC6KRrJOJv5cMKI3qOOipmMcGOQf3J&mp=7b5615bf-1a35-455a-bdc3-f9e13f83816d
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:23 GMT
strict-transport-security
max-age=0
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
sid
mug.criteo.com/ Frame 3761
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=kUYNdnx0ZSttLzFKcHBTTnJiVC9BdXZsWTBaK3RwSjZOSHEya3NESy9yRlpDUzhDd0kvM1BvK1dLeGUzQVY5SG5zNTVPU3p5S2x1VmVWSzZYV2xWRzV3WWVMVnR0dXVjaVhVeE5KSU9oMkxROFN0TkZjQWNieklFT0MrZF...
433 B
655 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=kUYNdnx0ZSttLzFKcHBTTnJiVC9BdXZsWTBaK3RwSjZOSHEya3NESy9yRlpDUzhDd0kvM1BvK1dLeGUzQVY5SG5zNTVPU3p5S2x1VmVWSzZYV2xWRzV3WWVMVnR0dXVjaVhVeE5KSU9oMkxROFN0TkZjQWNieklFT0MrZFpiWGF4V21vZVB2YUwyeEsvUGI4ZmNRc0VyTGZJWkJWQTlleGxOdGswalhWT0JFWHVwMFNxcGUrZ3JmV2xjNU16ZkxSVmk5d0NhR1NqRFM1WEVBQ2RQZWRTK3ZOVUZBdkNLQTRvVk13dWpnUW5CNVB6cGQ2UVMwWWJ3dDlkOC9Oay81c2pBN3Rwa3lJYUVUTXVmSzlnNWRKTzVIMWUyQUx3Zml4Y0ZMdFVVNEFJemV5U3pLQT18&cppv=2
Requested by
Host: reurl.cc
URL: https://reurl.cc/pMRx4x
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44d93cc675a184534692d920906aca8c45459eec41ffda2edb7541793c4bf9d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Sep 2022 08:12:23 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1758845
expires
0

Redirect headers

pragma
no-cache
date
Fri, 30 Sep 2022 08:12:22 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=kUYNdnx0ZSttLzFKcHBTTnJiVC9BdXZsWTBaK3RwSjZOSHEya3NESy9yRlpDUzhDd0kvM1BvK1dLeGUzQVY5SG5zNTVPU3p5S2x1VmVWSzZYV2xWRzV3WWVMVnR0dXVjaVhVeE5KSU9oMkxROFN0TkZjQWNieklFT0MrZFpiWGF4V21vZVB2YUwyeEsvUGI4ZmNRc0VyTGZJWkJWQTlleGxOdGswalhWT0JFWHVwMFNxcGUrZ3JmV2xjNU16ZkxSVmk5d0NhR1NqRFM1WEVBQ2RQZWRTK3ZOVUZBdkNLQTRvVk13dWpnUW5CNVB6cGQ2UVMwWWJ3dDlkOC9Oay81c2pBN3Rwa3lJYUVUTXVmSzlnNWRKTzVIMWUyQUx3Zml4Y0ZMdFVVNEFJemV5U3pLQT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
589467
content-length
0
expires
0
sdk
cdn.aralego.net/ucfad/sdk/us-east/ Frame D0E5
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
43 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by
Host: reurl.cc
URL: https://reurl.cc/pMRx4x
Protocol
H2
Server
2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28bf646c6e799ca96adb3a5b48fe882639d31e27102cad9ed2979555da55944a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:23 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1215
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43705
last-modified
Thu, 22 Sep 2022 10:05:53 GMT
server
cloudflare
etag
"632c3381-aab9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7KgynOs1b5RGxgUS3cJjcVkeFB87VFv2CFIEIygjfaYreRn8UTU9bkA4zXCQx%2F3b6fCSTrbDbYzlrIUs95g%2F%2FlPb7t2eIAMvSnRnBKJYdnKxnvPGpDpEGKSc1D9n%2BGMbS5B1a5%2BhmveM1fVutw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
752b7e491e749054-FRA

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection
close
Content-length
0
sdk
cdn.aralego.net/ucfad/sdk/us-east/ Frame 69D1
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
43 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by
Host: reurl.cc
URL: https://reurl.cc/pMRx4x
Protocol
H2
Server
2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28bf646c6e799ca96adb3a5b48fe882639d31e27102cad9ed2979555da55944a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:23 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1215
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43705
last-modified
Thu, 22 Sep 2022 10:05:53 GMT
server
cloudflare
etag
"632c3381-aab9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1I0GiHTfD0qf0J81av5mzPfR5NwuUeEv2KyxWhfcGF6tGnkWvwuPG9bsPRxicKDcMsZ3BCa0oPvy0I2M1upt13Cs5YmHhBRQjChteSLcO7iuzJOUid1ryXhJQLOTPP3wnLa8PSLXlbLO%2BOtIFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
752b7e491e779054-FRA

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection
close
Content-length
0
cm
t.ssp.hinet.net/ Frame 8EB7 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=50ef57&cid=1930-jGqgaPnqwMamN1K4gQnBQ1rECvZ5GA7l&mp=7b5615bf-1a35-455a-bdc3-f9e13f83816d
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:23 GMT
strict-transport-security
max-age=0
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
pixel
7b5615bf-1a35-455a-bdc3-f9e13f83816d.t.ssp.hinet.net/ Frame 8EB7 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://7b5615bf-1a35-455a-bdc3-f9e13f83816d.t.ssp.hinet.net/pixel?bd=7b5615bf-1a35-455a-bdc3-f9e13f83816d&t=50ef57&referrer=https%3A%2F%2Freurl.cc
Requested by
Host: reurl.cc
URL: https://reurl.cc/pMRx4x
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:23 GMT
strict-transport-security
max-age=0
server
nginx
content-length
0
content-type
image/png
pixel
c8a522ee-a7fb-4437-8501-e886795b0a78.t.ssp.hinet.net/ Frame B3EA 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c8a522ee-a7fb-4437-8501-e886795b0a78.t.ssp.hinet.net/pixel?bd=c8a522ee-a7fb-4437-8501-e886795b0a78&t=50ef57&referrer=https%3A%2F%2Freurl.cc
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:23 GMT
strict-transport-security
max-age=0
server
nginx
content-length
0
content-type
image/png
cm
t.ssp.hinet.net/ Frame B3EA 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=50ef57&cid=1930-jGqgaPnqwMamN1K4gQnBQ1rECvZ5GA7l&mp=c8a522ee-a7fb-4437-8501-e886795b0a78
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:23 GMT
strict-transport-security
max-age=0
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
usync.js
eus.rubiconproject.com/ Frame 625F 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1219d714e27f186eb7bbf428f0553a2a5a32fd30e6321b10af81582c66fa173d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Fri, 30 Sep 2022 08:12:23 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=85812
Connection
keep-alive
Content-Length
9421
Expires
Sat, 01 Oct 2022 08:02:35 GMT
usync.js
eus.rubiconproject.com/ Frame B089 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1219d714e27f186eb7bbf428f0553a2a5a32fd30e6321b10af81582c66fa173d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Fri, 30 Sep 2022 08:12:23 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=85812
Connection
keep-alive
Content-Length
9421
Expires
Sat, 01 Oct 2022 08:02:35 GMT
khaos.jpg
token.rubiconproject.com/ Frame 625F 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
khaos.jpg
token.rubiconproject.com/ Frame B089 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync.php
pixel-apac.rubiconproject.com/exchange/ Frame 625F 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-apac.rubiconproject.com/exchange/sync.php?p=xapi-bridgewell
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
808ed95536e7f55d8adbcb9fc76d309d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ucfad-formats.css
cdn.aralego.net/css/dev/ Frame D0E5 		975 B
786 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5746
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FF1o%2Fja5S%2F9P%2FAG1fBjGxQe70SsIwXaWNRy7esqTnoUfqQ%2B9Ee%2FxulIj3CDCZZf7Vg3OO19U%2Fc97RweX432s9Z7A%2FID%2Fii56D1g5OBM%2BaRZ0I4WEsKMAhXnuvlen8le9gGHeI1K3wwELaqqn1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
752b7e496b2d90a0-FRA
idRequest
sync.aralego.com/ Frame D0E5 		46 B
486 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Washington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
9b00d4d2551062db43cbdd242cff127512527c98a70e4e3dc67afa0d0e2c108d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:23 GMT
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
connection
close
content-length
46
ad_request
ads.aralego.com/ Frame D0E5 		552 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=reurl.cc&u=https%3A%2F%2Freurl.cc%2FpMRx4x&adid=ad-BE7A8D43E47B3D23C77A9993A9B8A778&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.5942085906660484&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B&ao=https%3A%2F%2Freurl.cc&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.200.41 Washington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
99ec1b27528b2883154fd166e11c3fa740d28609937a1a0287d95674ea99c2bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Fri, 30 Sep 2022 08:12:24 GMT
X-Width
300
X-Height
250
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://reurl.cc
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
PSA
X-SspId
3302a3d5-f0ed-3d90-bb38-484021093cb2
X-Adtype
html
Connection
close
Content-Length
552
ucfad-formats.css
cdn.aralego.net/css/dev/ Frame 69D1 		975 B
822 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5746
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MTxbI2iEDZAfHGxI7FuJF2Qc7dem1ls1vriLu5FskcVpznEIVaD7%2FL4ejF6zjWuQHTsk%2BYmRTUZ6k3%2FH%2FHvuFmhAyXx%2BIK83zbHcyaG0AdVwlYE8q%2F2QL7CFQsbw2FJCV5neCo%2F2%2FyWdbOAujQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
752b7e496b3390a0-FRA
idRequest
sync.aralego.com/ Frame 69D1 		46 B
486 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Washington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
9b00d4d2551062db43cbdd242cff127512527c98a70e4e3dc67afa0d0e2c108d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:24 GMT
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
connection
close
content-length
46
ad_request
ads.aralego.com/ Frame 69D1 		555 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=reurl.cc&u=https%3A%2F%2Freurl.cc%2FpMRx4x&adid=ad-BE78DB396979B34E17BE3B66A3E7D76B&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.47383511473592477&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B&ao=https%3A%2F%2Freurl.cc&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.200.41 Washington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
fdfa393e5fb39c4ab607d817e8d0b5fe3573a4a2e3e8554131fbade8d615bcbf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Fri, 30 Sep 2022 08:12:24 GMT
X-Width
300
X-Height
250
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://reurl.cc
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
PSA
X-SspId
3302a3d5-f0ed-3d90-bb38-484021093cb2
X-Adtype
html
Connection
close
Content-Length
555
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame ABCA 		714 B
778 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
age
3385
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
752b7e49fc0190a0-FRA
content-encoding
br
content-type
text/html
date
Fri, 30 Sep 2022 08:12:24 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AgToukwCEoTPvhHVXM8%2F5Ho2uyMT8rCyrVXGi7W2hObZFZUKKFvoaq%2BzjXz9emjdBDwh1viBqlgWtEtJkapTMZ%2FJLgMeQDek7q%2Fzq2aH46bLTEliRi8%2BG3cSGx9LKrJNbBg%2B1nUsJnpOKfSE3A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
idsync
sync.aralego.com/ Frame D0E5 		35 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by
Host: reurl.cc
URL: https://reurl.cc/pMRx4x
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Washington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:24 GMT
connection
close
content-length
35
content-type
image/gif
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame ABCA 		80 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6ae8ce462f975d0198fb69c9a4c63c17e6fca5ee6e339ee7ae8ab1981acf707e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27723
x-xss-protection
0
server
sffe
etag
"1349 / 760 of 1000 / last-modified: 1664489179"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 30 Sep 2022 08:12:24 GMT
pubads_impl_2022092601.js
securepubads.g.doubleclick.net/gpt/ Frame ABCA 		379 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
13dc84933e4d797b46f63df140ac0238a00a0b2b866c0769e9f39d94fb5976bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 07:58:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
820
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131426
x-xss-protection
0
last-modified
Mon, 26 Sep 2022 08:39:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 30 Sep 2023 07:58:44 GMT
integrator.js
adservice.google.de/adsid/ Frame ABCA 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame ABCA 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame ABCA 		492 B
262 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4378894702526501&correlator=1333044941702470&eid=31069634%2C44761478%2C31069354%2C31070069%2C44769662&output=ldjh&gdfp_req=1&vrg=2022092601&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-38&fsapi=false&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1664525544174&lmt=1644386353&dlt=1664525544013&idt=127&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=pwobb3261ej2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=5&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Freurl.cc%2F&top=https%3A%2F%2Freurl.cc%2F&frm=8&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=680422300.1664525544&ga_sid=1664525544&ga_hid=555786492&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8a3a7e1d445c0dd6d2a2ece3d01ec89e28bd50fa677af20073ce9a832b5de4cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:24 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
233
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
0342d0927e7bae31297420a867da69f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 10BD 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0342d0927e7bae31297420a867da69f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=5
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 30 Sep 2022 08:12:24 GMT
expires
Sat, 30 Sep 2023 08:12:24 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame AEC2 		714 B
780 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
age
3385
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
752b7e4b4db490a0-FRA
content-encoding
br
content-type
text/html
date
Fri, 30 Sep 2022 08:12:24 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pywSuKCQExh%2FO7KIjRmv39TlWcKfq%2Ba1IxeLJ5dTySgATCVMlGSwE2uqqNBjHIPFxo%2FXQNiXI4%2F2uMvN%2FREWjdU3sdhzxHhZRGSlDikhwSlMORZPFa4vxxU5SEgCuuJ%2Bcpn2yiUzJS34Ub4WeA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
idsync
sync.aralego.com/ Frame 69D1 		35 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Washington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:24 GMT
connection
close
content-length
35
content-type
image/gif
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame AEC2 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6ae8ce462f975d0198fb69c9a4c63c17e6fca5ee6e339ee7ae8ab1981acf707e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27723
x-xss-protection
0
server
sffe
etag
"1349 / 298 of 1000 / last-modified: 1664489179"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 30 Sep 2022 08:12:24 GMT
pubads_impl_2022092601.js
securepubads.g.doubleclick.net/gpt/ Frame AEC2 		379 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
13dc84933e4d797b46f63df140ac0238a00a0b2b866c0769e9f39d94fb5976bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 07:58:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
820
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131426
x-xss-protection
0
last-modified
Mon, 26 Sep 2022 08:39:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 30 Sep 2023 07:58:44 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame E252 		112 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
42198d92a91f53e8bfdc3d8556bb0c3d8fe0126d9b2ec2def2e74866d215343d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:24 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38072
x-xss-protection
0
server
cafe
etag
10335275301432655995
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 30 Sep 2022 08:12:24 GMT
integrator.js
adservice.google.de/adsid/ Frame AEC2 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame AEC2 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame AEC2 		492 B
262 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4428012310141551&correlator=518179209674283&eid=31068458%2C31069839%2C31069923%2C31069353&output=ldjh&gdfp_req=1&vrg=2022092601&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-38&fsapi=false&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1664525544306&lmt=1644386353&dlt=1664525544220&idt=73&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=m0l94x3jlrx5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=5&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Freurl.cc%2F&top=https%3A%2F%2Freurl.cc%2F&frm=8&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=804201376.1664525544&ga_sid=1664525544&ga_hid=562296806&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4f6b9f9190317f2597bd32c47ee858339ba2976c16ab7672ffdd6142d43f8fad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:24 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
233
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
d0fd612faf23e498f893d32c99e1ae73.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6B1B 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d0fd612faf23e498f893d32c99e1ae73.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=5
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 30 Sep 2022 08:12:24 GMT
expires
Sat, 30 Sep 2023 08:12:24 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame FA69 		112 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6d3b83262b34195dd14e7446a0bf8ce2d9c85351a270ce9e1eac07149f7a3881
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:24 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38070
x-xss-protection
0
server
cafe
etag
698562003639816741
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 30 Sep 2022 08:12:24 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209280101/ Frame E252 		349 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=reurl.cc&bust=31070010
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
772e052ef54499e8fc29c4114781b2a14316e07fba9960d3eeb73b7c0f6f81bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:24 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117163
x-xss-protection
0
server
cafe
etag
17381241383199039144
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 30 Sep 2022 08:12:24 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/ Frame FA69 		348 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=reurl.cc
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
221e485bf86ac18179bf20bdaac320a0a993dde0425cb4462b7e4bc71f1f1250
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:24 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117019
x-xss-protection
0
server
cafe
etag
8716021828414073197
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 30 Sep 2022 08:12:24 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame E252 		212 B
641 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=reurl.cc&callback=_gfp_s_&client=ca-pub-4485239425924787
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=reurl.cc&bust=31070010
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.39.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f2.1e100.net
Software
cafe /
Resource Hash
e8a98763d7b8f26a3bcec2dde06b27f8f1b21644909ab0903e62678d4ee7193d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
196
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame E252 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=reurl.cc
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=reurl.cc&bust=31070010
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame E252 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=reurl.cc
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=reurl.cc&bust=31070010
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 7D8F 		17 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242783&pi=t.ma~as.2784%2F12679&w=300&lmt=1664525544&url=https%3A%2F%2Freurl.cc%2FpMRx4x&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664525544356&bpp=14&bdt=447&idt=104&shv=r20220928&mjsv=m202209280101&ptt=5&saldr=sa&correlator=8564256091718&frm=23&ife=1&pv=2&ga_vid=697224600.1664525541&ga_sid=1664525544&ga_hid=1569809238&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=185496731&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44760912%2C31070010%2C31069564&oid=2&pvsid=3021857933724103&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ecnxqulzd6eg&fsb=1&dtd=123
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=reurl.cc&bust=31070010
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9828988906318b6d1038cf6803745b6d90d3e0563db2e911d838a1f45f03e76c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
9610
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 30 Sep 2022 08:12:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ Frame FA69 		212 B
261 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=reurl.cc&callback=_gfp_s_&client=ca-pub-4485239425924787
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=reurl.cc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.39.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f2.1e100.net
Software
cafe /
Resource Hash
d3ec926923e2d5603266c956a9c8a780141e45d4021b477dd9dfd2c00a18187a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
196
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame FA69 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=reurl.cc
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=reurl.cc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame FA69 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=reurl.cc
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=reurl.cc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 994F 		17 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242782&pi=t.ma~as.2784%2F13801&w=300&lmt=1664525544&url=https%3A%2F%2Freurl.cc%2FpMRx4x&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664525544380&bpp=15&bdt=490&idt=131&shv=r20220928&mjsv=m202209260101&ptt=5&saldr=sa&correlator=8564256091718&frm=23&ife=1&pv=1&ga_vid=697224600.1664525541&ga_sid=1664525545&ga_hid=1898908164&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=4137765006&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44770881%2C31067826&oid=2&pvsid=3002605275570105&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.6whtjf7nbbic&fsb=1&dtd=148
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=reurl.cc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dfaa33d965a5adf05a2ab421e30a3fbceb274c0b28c2884542cda3a41e270764
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
9496
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 30 Sep 2022 08:12:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame AEC2 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022092601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de9f8dab11d4980f481a5d0b899aefe243ea2027560f1ba4a10796816c9516f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11162
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame ABCA 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022092601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b91628e186ca28fb53aee67e8143e11862cee82c20faf22301b20f0e4f44381c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11154
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame AEC2 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 30 Sep 2022 08:12:24 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame ABCA 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 30 Sep 2022 08:12:24 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0958 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2744
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 30 Sep 2022 07:26:40 GMT
expires
Sat, 30 Sep 2023 07:26:40 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 1F2F 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8a19b11bd4d96df796e6e2ee6c8eff6fe330664fdd0938a86d8ce0933960d8ab
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-08LTNI8Q60NcuvYGNE7IJA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-08LTNI8Q60NcuvYGNE7IJA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 30 Sep 2022 08:12:24 GMT
expires
Fri, 30 Sep 2022 08:12:24 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9F98 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2744
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 30 Sep 2022 07:26:40 GMT
expires
Sat, 30 Sep 2023 07:26:40 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame CFA9 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
df9fc79b33d0fb734e48e321d29f6ec2eb038bc8996d098c9ab5858717ceede0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-YY5ab9Xb-VcP6lky3718yw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-YY5ab9Xb-VcP6lky3718yw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 30 Sep 2022 08:12:24 GMT
expires
Fri, 30 Sep 2022 08:12:24 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame 1F2F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022092601&jk=4428012310141551&rc=
Requested by
Host: reurl.cc
URL: https://reurl.cc/pMRx4x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame CFA9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022092601&jk=4378894702526501&rc=
Requested by
Host: reurl.cc
URL: https://reurl.cc/pMRx4x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers
gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js
pagead2.googlesyndication.com/bg/ Frame 0958 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8272ed99c2fe9a7e77a6af842513173821400a3a597748aa888bfcd284de29ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 06:55:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4629
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 30 Sep 2023 06:55:15 GMT
gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js
pagead2.googlesyndication.com/bg/ Frame 9F98 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8272ed99c2fe9a7e77a6af842513173821400a3a597748aa888bfcd284de29ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 06:55:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4629
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 30 Sep 2023 06:55:15 GMT
generate_204
tpc.googlesyndication.com/ Frame 0958 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?_d6hhA
Requested by
Host: reurl.cc
URL: https://reurl.cc/pMRx4x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:24 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 9F98 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?UsTAFQ
Requested by
Host: reurl.cc
URL: https://reurl.cc/pMRx4x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:24 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7D8F 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AZ9p3R8NCHhbE3GTlY_zjS-xRGZb8S0vltYDb6o_R1FV6GbTUjw2gen-Awiian3WQQuUQL3UUH6LyXqxBwd_GqDLkTVYwHVmbFoVTtUmSP8PiigeM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242783&pi=t.ma~as.2784%2F12679&w=300&lmt=1664525544&url=https%3A%2F%2Freurl.cc%2FpMRx4x&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664525544356&bpp=14&bdt=447&idt=104&shv=r20220928&mjsv=m202209280101&ptt=5&saldr=sa&correlator=8564256091718&frm=23&ife=1&pv=2&ga_vid=697224600.1664525541&ga_sid=1664525544&ga_hid=1569809238&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=185496731&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44760912%2C31070010%2C31069564&oid=2&pvsid=3021857933724103&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ecnxqulzd6eg&fsb=1&dtd=123
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Sep 2022 08:12:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 7D8F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242783&pi=t.ma~as.2784%2F12679&w=300&lmt=1664525544&url=https%3A%2F%2Freurl.cc%2FpMRx4x&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664525544356&bpp=14&bdt=447&idt=104&shv=r20220928&mjsv=m202209280101&ptt=5&saldr=sa&correlator=8564256091718&frm=23&ife=1&pv=2&ga_vid=697224600.1664525541&ga_sid=1664525544&ga_hid=1569809238&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=185496731&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44760912%2C31070010%2C31069564&oid=2&pvsid=3021857933724103&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ecnxqulzd6eg&fsb=1&dtd=123
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 07:43:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1725
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 14 Oct 2022 07:43:39 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 7D8F 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242783&pi=t.ma~as.2784%2F12679&w=300&lmt=1664525544&url=https%3A%2F%2Freurl.cc%2FpMRx4x&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664525544356&bpp=14&bdt=447&idt=104&shv=r20220928&mjsv=m202209280101&ptt=5&saldr=sa&correlator=8564256091718&frm=23&ife=1&pv=2&ga_vid=697224600.1664525541&ga_sid=1664525544&ga_hid=1569809238&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=185496731&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44760912%2C31070010%2C31069564&oid=2&pvsid=3021857933724103&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ecnxqulzd6eg&fsb=1&dtd=123
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86d8e892ceacd8c8a7e7125c68dd0e1b311f8399871b6d64b8b6795f0235c1d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 07:48:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1444
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7559
x-xss-protection
0
server
cafe
etag
15289875785628835784
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 14 Oct 2022 07:48:20 GMT
l
www.google.com/ads/measurement/ Frame 7D8F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQmO2hwh1DyXzOYwpClRE5nvwoftcrgMdeDlqhkh0NSopWVDzAcH2eMdc_BnAtpebm51j93crhKqFySLyhzPpx_cf2U6g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242783&pi=t.ma~as.2784%2F12679&w=300&lmt=1664525544&url=https%3A%2F%2Freurl.cc%2FpMRx4x&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664525544356&bpp=14&bdt=447&idt=104&shv=r20220928&mjsv=m202209280101&ptt=5&saldr=sa&correlator=8564256091718&frm=23&ife=1&pv=2&ga_vid=697224600.1664525541&ga_sid=1664525544&ga_hid=1569809238&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=185496731&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44760912%2C31070010%2C31069564&oid=2&pvsid=3021857933724103&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ecnxqulzd6eg&fsb=1&dtd=123
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7D8F 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242783&pi=t.ma~as.2784%2F12679&w=300&lmt=1664525544&url=https%3A%2F%2Freurl.cc%2FpMRx4x&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664525544356&bpp=14&bdt=447&idt=104&shv=r20220928&mjsv=m202209280101&ptt=5&saldr=sa&correlator=8564256091718&frm=23&ife=1&pv=2&ga_vid=697224600.1664525541&ga_sid=1664525544&ga_hid=1569809238&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=185496731&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44760912%2C31070010%2C31069564&oid=2&pvsid=3021857933724103&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ecnxqulzd6eg&fsb=1&dtd=123
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da8438b81e390283f6eb8cc9cf49ccde3d00c954b4fbccdf6372c162c4b58ab2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44530
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1664365478704152"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 30 Sep 2022 08:12:24 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame B39A 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGK6lmMcBMAE&v=APEucNWBO2VSf9bVjseWjE_CAlpVqmn670rCI1mL37hiX3vTs4Q3kxUBA40Ok9Xg0e3J6VuFWJ33HIoVQLDsxNANV0HrIqKwEOaifkYNm1pUN5uS1whWxLLQvySAufVTmvJse8k9IVXj4k5tX1HzMqLbt4YLdYD8cBq6TF4A71LthkM226447qM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242783&pi=t.ma~as.2784%2F12679&w=300&lmt=1664525544&url=https%3A%2F%2Freurl.cc%2FpMRx4x&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664525544356&bpp=14&bdt=447&idt=104&shv=r20220928&mjsv=m202209280101&ptt=5&saldr=sa&correlator=8564256091718&frm=23&ife=1&pv=2&ga_vid=697224600.1664525541&ga_sid=1664525544&ga_hid=1569809238&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=185496731&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44760912%2C31070010%2C31069564&oid=2&pvsid=3021857933724103&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ecnxqulzd6eg&fsb=1&dtd=123
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242783&pi=t.ma~as.2784%2F12679&w=300&lmt=1664525544&url=https%3A%2F%2Freurl.cc%2FpMRx4x&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664525544356&bpp=14&bdt=447&idt=104&shv=r20220928&mjsv=m202209280101&ptt=5&saldr=sa&correlator=8564256091718&frm=23&ife=1&pv=2&ga_vid=697224600.1664525541&ga_sid=1664525544&ga_hid=1569809238&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=185496731&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44760912%2C31070010%2C31069564&oid=2&pvsid=3021857933724103&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ecnxqulzd6eg&fsb=1&dtd=123
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 30 Sep 2022 08:12:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 7D8F 		86 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BREuFCUBzXQdoOMNZwjCpYzNbsAaid1DSFib8GizJ_H7WUtCkbHA4w_fDeEHJm4mntFbcZYJqx-V3mZuVYXtbWiKPB_Q&cry=1&dbm_d=AKAmf-AxiCq5r6NyJEyLuM57Xo6x-UzPndkonEkr8emLYCZcHACUGDiJI4kfy4u1vZK-5N791_d-FNW0oANBqMcahOKxCEnSyYQT_XIfWxLPnq9Bqlmtx63SPzlAReS9G-MJT3PxDSbNynXpLgpKoG7dfKciY9ezGbbMLyOb4woeVO9SJnb2zh4fhyFZT1ex7FwVLF_XAZjkct-ZSYJsuunBxsLG7EjEd7KnJlyTwBduGae9EbbjFIdLncYhQdqh5t1adBWhuet7sUwzMIix_gp467XDLxk2EUs-PdLTq9_2399YUlYc4RL6NMnBj4jwxZGoy9df4Sf6W4ERkxHvXjFh_znLnCFxJjYlT7vmKYnK-6IK4csm5AK-PD4fpoxfyIxTK-h-MKI3MAkFo23JUNTCJtKcLDXaoAv4EGey-IX_HKOGnTMoq2_gOwPbJQGJvKw9uaz7_mI2mgAo4GJY6FoUm3cyWUCHiWk_3Ht-VicF01d0D0x0i1tKNBmkwl55pUPLKyA28IXfAob1Xz3wXOYihwq2LqpJXoqdPXpARvUx-aKzd50SODNngOY9WivMtjDowmZ7pjJW_fgCy6s9CN8wE0DnkHeQDii8KEcP8td6kIvgH7EaefBn23A8NRPHmrdbAYp87Cme4iGooS1EjNMs0HLtVT5RSf0X35_dPBUAYbDVeDOJHeXXZevDu1DxPYj0g4PgzyWJyWqJ3IRb7YLXva2rVAT8tI2ZruFApjb7HnpCo95FGsZ0S-lPJDTCef2aN9-TMyZCqw1f0Dy9PNnljYPn898JvvzoSy3s1DHenkk6ckd6031pc4izlM9xczauu1HjhL4oQlaytNkiZ4_svwOOjOHzkDzwVDT9PeUx9A_WdfHqfPd_gV_RPN1dV0hhcc5_mLXjCa158OUFNww0Z-_oZF3MgSkd6PI3oPZJkj0-mvCE_3GuivqgpWKkW1XNS8f-IMiGM-5eOZPfqKezkhD6gdYuesKdLuxH1O5HhApVCK72QOHoqXQHl__5wvXSgcXvkV2Hv1-BMx26zB2w5s9we-i_iB5bZyElRVa17Ke8A4SlvNUz7WdK3JH4olqbtKzaskXH-6hnAILX5OXX2dVLbCls5DH05H9f6_n3-ac_CBj9SGRYpQ5991mU9m4VF-s1SvKASq8hBRClIqjgTI8EKukx1z7KbEDFzwfpt9M8Lzk4iVcM5jz44ISv_0pHXVNElmqen5CU5iFrR5kWKdaf5L_WZVqCjD2FVQF59BHRTc20VgJgJXEaMcIUfP-tIJy-oM0x8-r2p55932HyfRa1bDrmX7hB-CEJsD5DOx6S79kMqzEwi4cA8YthNrwTk4XuQaCZ1ijoEMs35SzCyRhTK7V5nn_1IVFEp8xyiJMa2Qwkn0DL5ZGWoHRFjt5Wg-JMZ4QSWmHCXi_ZJuTa1oYIF-8THpRfrBO1AUEtzDJ9nyl5c1sbeobneeKRGpT0roHTqO9OAP3RYj0xVFFwUTeIgmaHWm4R3YEHvHAnyvgRl_LDKfYn2ROBGU5saL2GC6QlXUkMN3U0mY0HE1cj4xlCdI6Wp-b3HbwVHUC1mNkFfjRjrKhIXK828TaEL8wQHbtlUezxigKXQBpNi_xSUIPR-DqoomHdUFuLufGdhAp2YrFiFC7EKtkDVeKkQMueKfmnNrf0MyAom6hAYwKAnQtrKrXgpxw4YoTriq4UWtUfRCpDO6C_FsBy_vfLj3cmJmSDj1f6yu9In8pBype4QJgHhF06lR8a4xs8LtBl0GRQfFBMT_JBVIFEMgqJpGZ_sX6v8WT6mXdFFnwARyLS9nO6GM4FLue0SNYeLYoY4OwTgfIuSq74e6EtOTifLj-0JQg0W4bw_yRMc9jf_qfiZsrDidMxbdhhbtAo8J0Y9_TpBvyCgwcwpnOljHwqWsdQRAHr4RX6LgBRmUzedLGOf9KOj4QVhyAOkO_L4cyAFKSzBt3o_z_0vV1rYcI8f46mXSvRzutjEsmoBved7gIL3y50uJQ1_P51FLNIN_uK8jQWcGYFBe1kdJWmOR1rncWlqnZRe3VIrBsVXklgAXiL0ilqmgzNOHQHydGq1-Q_9OfqbMeN8YwV0qaNAvZife6Vk9edr4qn_kP6PLWjqB_5XczDnhWgVt8G0287xoSZ17gGooc_DaWkwBFPogYV1DF4WV67wy0mosd7nuFFnrNFdRksga4gNVk62sOkntze4y_9tLnf_4gSKvtIb13QE2iInyHvFSPriXRKfT60EH0ZiZYZ_pFIOEZEAT662tdONuNuTLPE8mIhnb1NsmGA-0dEz7n26HckxlL5xi3L6yP2JpajLiH2ynj0xEWinBEY9dyeCy4AEuLK6mezZoPZ5PJLGaUBOF9FvFCVLsEnikW3Ug7jMMRSjQFzlU_tw9IC0Fb1HMmfSmQsldXajD7orPSFqsDtcLsx1vw7HEYsR6MffwODgi5jiSA0ox98Joj_P04V9MZWJpme-apJivNjJ_kz7sWtAqTIiy1reIM5nvw3oxFyvJR1mfMzx5ISAnG5F7VYSS97-BR1wquK8VGBIvWpgCb2N-oi8YUw3PljB1Kc1VzWE1obdf8YaZrjPuwuh7YztDVm8QmJBc8JzTMhHXGrYyVm0ziaOi_CoiqJ9iGpIL3oyWl6YH4NtjqVe-VfAK-NotqRCTvKsWRCu_Wl34yhiu2Up5hQTzMetcUizxSqokka06G7G4uBuqmBYmx5qkgoOq6_0kM4hkvy7VKd3EhXMBYCJPL9NhD5SGnRjnlWq7NSlX9oAOZbIO1LDqU0DFnoTfazprzOImQyJEo7HezCIKbPscJFWYPtTitBXBSBN3hHWl8oi63qtsqRsswn5TGuNA-5SbY0Y-uCOLLmP_R6Op_qZm6S3INNFZzK9xxJnlNvzeIe1ckzpEphQwt2dNEQvZmWuM0YzNnFxA0zQfXuz9RQ_VuabyGbcMoJJa79nBMWmcmOPYo6HLTZHxfYijNNjltE_JCywekLk_KT93SF_guOFYZAgO_7IS3F1g4IrOfOynBd82kbzdpZToycS1-LYSlbk4g7L05A1V3BRBTx4r0fYIIIZ6cTUqjGSuUbGLtHFiZWzPsAgwIYI0ISQvQ93EwMSIQSO6u8V69HfkrTkxEBzfSTSgkjppD_8LwGMRxX-nJu1qTiOssnq6FHbkDFeGpe6hKxWvQpRt4EB-TWWpH8pSwgNTROhSBrHswAbqWejhfkUpZn6x24Jt_AN-Vv4NFefi6WV0Og6_QOaqIVfQg5sQUwjNgt6MLrCan5fICyMsV70yS5wfAml7tUgoE6PstsQZqo1atWxjVbVjDtwpDLT0Q4&cid=CAASEuRoAX4XiIwk3y65pDumITzdTg&rfl=6%2Chttps%253A%252F%252Freurl.cc%242%2C%2C%2C%2C%2Chttps%253A%252F%252Freurl.cc%252F%240
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242783&pi=t.ma~as.2784%2F12679&w=300&lmt=1664525544&url=https%3A%2F%2Freurl.cc%2FpMRx4x&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664525544356&bpp=14&bdt=447&idt=104&shv=r20220928&mjsv=m202209280101&ptt=5&saldr=sa&correlator=8564256091718&frm=23&ife=1&pv=2&ga_vid=697224600.1664525541&ga_sid=1664525544&ga_hid=1569809238&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=185496731&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44760912%2C31070010%2C31069564&oid=2&pvsid=3021857933724103&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ecnxqulzd6eg&fsb=1&dtd=123
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b429438dd63082fea235b371b0f0fa5af218416317bbeecfeda2786e581d1e7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242783&pi=t.ma~as.2784%2F12679&w=300&lmt=1664525544&url=https%3A%2F%2Freurl.cc%2FpMRx4x&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664525544356&bpp=14&bdt=447&idt=104&shv=r20220928&mjsv=m202209280101&ptt=5&saldr=sa&correlator=8564256091718&frm=23&ife=1&pv=2&ga_vid=697224600.1664525541&ga_sid=1664525544&ga_hid=1569809238&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=185496731&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44760912%2C31070010%2C31069564&oid=2&pvsid=3021857933724103&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ecnxqulzd6eg&fsb=1&dtd=123
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Sep 2022 08:12:24 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34780
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 994F 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CaEr4bYy5CtN5VDUaQ3HKb3ATpdZEP5pQhW1igRp1AaymfWT6lvI5jn8bLkZtE_pfYcpeF0EjLhAJocuDWubdHw00Rh5aaCYuA0tSj_Epv6CEHleI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242782&pi=t.ma~as.2784%2F13801&w=300&lmt=1664525544&url=https%3A%2F%2Freurl.cc%2FpMRx4x&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664525544380&bpp=15&bdt=490&idt=131&shv=r20220928&mjsv=m202209260101&ptt=5&saldr=sa&correlator=8564256091718&frm=23&ife=1&pv=1&ga_vid=697224600.1664525541&ga_sid=1664525545&ga_hid=1898908164&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=4137765006&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44770881%2C31067826&oid=2&pvsid=3002605275570105&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.6whtjf7nbbic&fsb=1&dtd=148
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Sep 2022 08:12:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 994F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242782&pi=t.ma~as.2784%2F13801&w=300&lmt=1664525544&url=https%3A%2F%2Freurl.cc%2FpMRx4x&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664525544380&bpp=15&bdt=490&idt=131&shv=r20220928&mjsv=m202209260101&ptt=5&saldr=sa&correlator=8564256091718&frm=23&ife=1&pv=1&ga_vid=697224600.1664525541&ga_sid=1664525545&ga_hid=1898908164&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=4137765006&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44770881%2C31067826&oid=2&pvsid=3002605275570105&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.6whtjf7nbbic&fsb=1&dtd=148
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 07:43:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1725
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 14 Oct 2022 07:43:39 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 994F 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242782&pi=t.ma~as.2784%2F13801&w=300&lmt=1664525544&url=https%3A%2F%2Freurl.cc%2FpMRx4x&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664525544380&bpp=15&bdt=490&idt=131&shv=r20220928&mjsv=m202209260101&ptt=5&saldr=sa&correlator=8564256091718&frm=23&ife=1&pv=1&ga_vid=697224600.1664525541&ga_sid=1664525545&ga_hid=1898908164&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=4137765006&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44770881%2C31067826&oid=2&pvsid=3002605275570105&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.6whtjf7nbbic&fsb=1&dtd=148
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86d8e892ceacd8c8a7e7125c68dd0e1b311f8399871b6d64b8b6795f0235c1d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 07:48:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1444
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7559
x-xss-protection
0
server
cafe
etag
15289875785628835784
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 14 Oct 2022 07:48:20 GMT
l
www.google.com/ads/measurement/ Frame 994F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRrLO7AkfKUWhQUOxpo5HFZ3f1CwQFOKBaoTwdWz3dr4XOurOz3W55FYyZANFoVIKmyCvQRtsvaKpWYw4j3dYZsfrS3yw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242782&pi=t.ma~as.2784%2F13801&w=300&lmt=1664525544&url=https%3A%2F%2Freurl.cc%2FpMRx4x&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664525544380&bpp=15&bdt=490&idt=131&shv=r20220928&mjsv=m202209260101&ptt=5&saldr=sa&correlator=8564256091718&frm=23&ife=1&pv=1&ga_vid=697224600.1664525541&ga_sid=1664525545&ga_hid=1898908164&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=4137765006&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44770881%2C31067826&oid=2&pvsid=3002605275570105&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.6whtjf7nbbic&fsb=1&dtd=148
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 994F 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242782&pi=t.ma~as.2784%2F13801&w=300&lmt=1664525544&url=https%3A%2F%2Freurl.cc%2FpMRx4x&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664525544380&bpp=15&bdt=490&idt=131&shv=r20220928&mjsv=m202209260101&ptt=5&saldr=sa&correlator=8564256091718&frm=23&ife=1&pv=1&ga_vid=697224600.1664525541&ga_sid=1664525545&ga_hid=1898908164&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=4137765006&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44770881%2C31067826&oid=2&pvsid=3002605275570105&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.6whtjf7nbbic&fsb=1&dtd=148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da8438b81e390283f6eb8cc9cf49ccde3d00c954b4fbccdf6372c162c4b58ab2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44530
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1664365478704152"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 30 Sep 2022 08:12:24 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame E6A6 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COCGGxD2waYCGImE28sBMAE&v=APEucNUf3UyAhzDg34JW07gWXSmePpy7WCb0pET71veHNcIgHDZ93sW4fqyp2plyEEpHC-aKAw21q3cbtPtQzqZSuLh8UjCDmBdKQpMwFS59adlhvmD1Bfx3OM2IZmoDUGjKzEarUq6h4W0je_O8kPUO56ygcSP7WHt6-0NVhTtGIA_KseGlQD8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242782&pi=t.ma~as.2784%2F13801&w=300&lmt=1664525544&url=https%3A%2F%2Freurl.cc%2FpMRx4x&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664525544380&bpp=15&bdt=490&idt=131&shv=r20220928&mjsv=m202209260101&ptt=5&saldr=sa&correlator=8564256091718&frm=23&ife=1&pv=1&ga_vid=697224600.1664525541&ga_sid=1664525545&ga_hid=1898908164&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=4137765006&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44770881%2C31067826&oid=2&pvsid=3002605275570105&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.6whtjf7nbbic&fsb=1&dtd=148
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242782&pi=t.ma~as.2784%2F13801&w=300&lmt=1664525544&url=https%3A%2F%2Freurl.cc%2FpMRx4x&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664525544380&bpp=15&bdt=490&idt=131&shv=r20220928&mjsv=m202209260101&ptt=5&saldr=sa&correlator=8564256091718&frm=23&ife=1&pv=1&ga_vid=697224600.1664525541&ga_sid=1664525545&ga_hid=1898908164&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=4137765006&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44770881%2C31067826&oid=2&pvsid=3002605275570105&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.6whtjf7nbbic&fsb=1&dtd=148
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 30 Sep 2022 08:12:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 994F 		69 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CEdXd67ubtICRjSyEd5yNA477mkAEm1I1AfgVbDY0jxmTdtIARPgGmEAHsSOSIM_FOFqsIlY-xIloXDiSEJ3iA1eQeGuW-Gyv0GuHxCs4tv5WO9Y8TnsJ8qcm2WuvtfvYOV-0N0hwGXNrdYw2iUdpgDY7ih9J1Fm5O__xaGibku8E00b4&cry=1&dbm_d=AKAmf-BRyXQcvbFznyQo67rj7cEqR-80JyKszLtALIneyrmwumQFh0CHmoc3mNlxGnYHoQ845sgK5XQR6aBVd-MetGwngpWoqPRNDzKratcyloXejjT1YQs_cBL56C8UkG3zyd-KMl_vX6dSizdgf3LyZjenp64bqwvze18yeEp8xH_nSx3Ysx7zVWkRarnH2vaZFChj5ae7LQoyZqnW3S1qS6urp6F973wh0FE4yuMLfjnq9Nx7sBf-KDdaqde6Rk8AOKCJT2HJonOAx9uT-VTDlm68Z1Vlc7WWuPIuBI4qhRtEz5y0NOhKsiNs6o7Ao7X8HrnxKRWp2Wr4MFyntBTDUW3Gb2zBxA-1D3zRX1f1QoRY3JAQZ91q892wpa3N0uNtoaGxYe2r1LJixRY_KhwhHKQigqSDS4ILKZBNopg4rydDiHqhLoBoMFJi8VVM6GJd_-Amz3HuCsfu4YauZhYV_FkYofiHdhPCcal549tq2gV5et3PQtKi9rEwd6TdSRUBHTYE4Cw2R0MXLv7kyIXB0cQeWacIs4w5h5e2S4bBh2nRxBYwc4z8TyrncCAqzcFWihbEPeAOBR9V-uF4TiY2ZK9Ms5yHm3sJObgqbqXndbXNNqUV8s2CzJSO7nWCCpZuj72Yvte24MtwZikntjoheB4--wQSB3SN-q7-bBWWkQElj6pGgd48XUb3O-xLeVX7tc-42fzuFMZZXo2DnCs988qJqKf84wur__edE_pe8VMGMembcAuHmABnXUDLyUxsh55kuJX-7FD5jO8ZTal8N_DBDkyG56ap-rIfJ_CBi036k5At7kpG8L21reD8Iz0-CgSIf-IzKVnXQla0XIPFAk6GOXpx0U2LEYcRtyNIgIT-R54q2KDi_WywzozAV3ZYKaHDCsGk1vwkey-D7PkprzkqyUA-p15hSN4A8aax-tXn3-4LY5WlAPNlBF3Ra_qqN_ea6b5EJY0R5qzsAVahcGr1Ax91sCRLngo7u8aGj3pXXYSOhzzbWO4m8eFlKl0sszTEp2vU-lyp5dGy49oqQayNur_MvtFiYwNMjN2l7FD-zipw7CIf6eEOod_7lqHilPv-zGn1GDtbeNqorlujAxQQMgeTEv3hoZZXf7OoNcWICDSfyWdWTzooMeCWkSYy2eRnyEvEyg_THGndr3LqWZhh8NoNOJtVyajhEDLQCV7sagKNTPpNANpInGQoP9UW9VVqhlz2J3K1Yvgxmw00j3zcS0tcdCWpopjFmIoGTutesvRLD_lt796LdLxSU2Zr6xj818prZ9LA00tGNwm5mdtHWks3wX-xUNzmLS-zlRcaX4flmteJXRNrHSfQtG7_oGvItX25HRfHH5txdHm0fTqKlDO7SctBgxY4XtPPqARU5TVshDtuco3H4hueJl20zKjr-4xNJy97wkbZ8S01cS5_e0lslSXehgbN_apMsu1z3JLMbfe5LuwMyFIF6hSb-HioopDUcXknPG8SdC9BJpSTkUehB066c_ceqgicDRYhciVnSqjB7ZvsZYJ-l7Nd66CwhHSYSR6ljjhuV-yUBfzs2cVrlO0jLNRKNN9N_sXvHaNH-AsjhC2RUkkRhgJzthYCvFZO7GwJ5HsiLg1IUYhyttHt8vumOolpUj6NVDcVHZqYO6Hpe1kuvDpZK1ZRsfG1nh1NWYpFJNPYwiw-pmOi5PDoPpIURgUOcrgMmYxVwjWmUyvC3g1i6BC1D6JEAQdpjUvuGcGALS8q3K4lyb7vYNep1_h9uu55-ttqm_Sohn3aAmqpNh2xAF2IN7odJPXb1wHQGUUbxOY-_G2i0dyLahL7Xkl6pS9T4P9TSKrdNlbpENqkUN-PWVK-rGxV8no1cTHdix0Y9ZM0czRBOearxqkbiBtCJeR9F5MsFwJAAopbAeCqpeBh8PkThaGwdI6wjvH-RvEKX6NAdPxYri4HWPC9qP6hGpEDqMcbkqFB_ReqmTJsmPmNvBYyQcWE9GVDthUZc-xpkIVBt9-pr9dLwkn-K-b7hTcVj1sknYZ4aIaWXnqFa7xrMOV5Onyddt4ook9seJk-nZQz4vz7VjG5OuEmewdzZVM_TRfS44W_Gg9VKNlcBYkNASAMzYMsTdEf8a5U-GNF-XPE1rwdIsQNLNg9g74tXiZWv0dbpF3Jiy1_zRaM0lhAJQEiEoxI5L78pySeAkpVLGf8HR92CtAudODFdNnM5UXydHtWDQ_oTM1oJHCzFUVhAofoV2gSwlki9nfwvCDRXQ69QDKflCxC7SnvAKkP8QErokDOsTdv6gEYl-o-gDF1muv6TK-YLclqNcsbI531OlzrjUwz6B26nACywYHIFZdnI-_w8YgYUoAeg9EQH4lx63etrmr9DK3TF0ExrJaqN0HL0Ad7NXUAvqOGZ99OJm-s3dspk8EpYX9AboF11z17Ss0bmujWb8dPQmh1XIBPehKvIo6P_9HCkD23bRrqYLix1E0DfLi2_0RMha0zcw1JiBLSuG-fJfmO-TSqegMkrCVxzmA8NhI-wjRt23NuFFA8vfOPEYPw9ZXVxqwqnPyI2zoDZO5nC4auH-I1YjFJ_soDofj1lsAlsFPt0_Hb2tY9daMBDLi3KZOKTeIWhLWNsiDQ7e3Js3LF0yZ98cN_Gd5mVnvIjakf2U3esxTkvvVOTbe7-M57eZCgRl2IegWMIJDqH7w6H1t5Acho5W0s3p0tdraxij5BoABb1LfrhMjKRBk2vHs9bA_40ElvB5b4OBXOvQ17RuGF3c2bqQetyVDx7DIr1VbsjgNE207Y2-6ixNYdoHHLuD0bXsbzVMGTp0NZS7xvRthEizPpE2meUfZxC7iSfWZ9-u6IMtVan63PdXh3Mvyy4RHC-7Ko_J4l2mxA-PQVwgP4Lj4oIudaXWwdQ0UgGIFQfpHY6ggwjWEeCl-5M_3AcyNM9FnFqpbHMnRxuyaH7JkxHxFQ31QV-NGz9dIINBaeyvMWFuU3_06tOuWqO5miwfGIPfjqMTS2yqNI5d27R74H7rMw20p79NqJ7ECPwbFKu7WVNkUe7lkEdyDkLLb54PMxhzUJUiBykdqUFSYchjBuGvcCOXVOwqw5I9PWPG5Xn_CSIKq7uqp-D3Ui1moggxxL2ioIIPeobeOTQSckRre1Zk_ej_Z7ev7wDYQDPvb9YQdzBzBMbDEcRAEGQ1g7BJW-sn7PalBPKA-8c583Qa0SKxmoDkRRHTOH6B-8TadlTgCVhoDkiHqmBYUS0TZ3uEMqUtJ1tgLRzfkuSBXFaB4uKoas&cid=CAASEuRotTIcHyyEhgh7P8MzF0ukRg&rfl=6%2Chttps%253A%252F%252Freurl.cc%242%2C%2C%2C%2C%2Chttps%253A%252F%252Freurl.cc%252F%240
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242782&pi=t.ma~as.2784%2F13801&w=300&lmt=1664525544&url=https%3A%2F%2Freurl.cc%2FpMRx4x&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664525544380&bpp=15&bdt=490&idt=131&shv=r20220928&mjsv=m202209260101&ptt=5&saldr=sa&correlator=8564256091718&frm=23&ife=1&pv=1&ga_vid=697224600.1664525541&ga_sid=1664525545&ga_hid=1898908164&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=4137765006&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44770881%2C31067826&oid=2&pvsid=3002605275570105&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.6whtjf7nbbic&fsb=1&dtd=148
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
382baa8521cea4159a4e7f534e6147d15f51b8186157ab8904285c118418b60b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242782&pi=t.ma~as.2784%2F13801&w=300&lmt=1664525544&url=https%3A%2F%2Freurl.cc%2FpMRx4x&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664525544380&bpp=15&bdt=490&idt=131&shv=r20220928&mjsv=m202209260101&ptt=5&saldr=sa&correlator=8564256091718&frm=23&ife=1&pv=1&ga_vid=697224600.1664525541&ga_sid=1664525545&ga_hid=1898908164&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=4137765006&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44770881%2C31067826&oid=2&pvsid=3002605275570105&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.6whtjf7nbbic&fsb=1&dtd=148
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Sep 2022 08:12:24 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32895
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame E6A6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENeTiW485ki0BPQxSoYhk20&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENeTiW485ki0BPQxSoYhk20&google_cver=1&C=1
43 B
848 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENeTiW485ki0BPQxSoYhk20&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COCGGxD2waYCGImE28sBMAE&v=APEucNUf3UyAhzDg34JW07gWXSmePpy7WCb0pET71veHNcIgHDZ93sW4fqyp2plyEEpHC-aKAw21q3cbtPtQzqZSuLh8UjCDmBdKQpMwFS59adlhvmD1Bfx3OM2IZmoDUGjKzEarUq6h4W0je_O8kPUO56ygcSP7WHt6-0NVhTtGIA_KseGlQD8
Protocol
H3
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Sep 2022 08:12:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r9WTFBMJL%2BSW6yhupBe0c7XUlLmLXU3QrvvGwUclAa%2B3KrEZOxKQPzmzo6VzJFggbNIgUijVzwczz%2BHEzL2FPLvjCrawiEOH1MEn3dod6BDoDtmlkK%2Ftmk9D%2BjEd6q3BGpyGMtCRXHNDKA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
752b7e509f319b98-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 30 Sep 2022 08:12:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=my5TKprQYEOmrYX5I4Hpzb7uzVVv2P2Ld1M3WKFlTgG%2B525Wj1JgLQZVLUnqaEC5PSSvJXxGX%2FpV2zfOsytihAY7tVaUJPBLNKPgIBQaH1mqRr0ZS09gw75dkzs4HCHoXtZW4%2F0gbsk8Og%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESENeTiW485ki0BPQxSoYhk20&google_cver=1&C=1
cache-control
no-cache
cf-ray
752b7e5018e0904c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame E6A6
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yzak6Cr5vkJRVBzHhc-wEwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENeTiW485ki0BPQxSoYhk20&google_cver=1
43 B
851 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENeTiW485ki0BPQxSoYhk20&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COCGGxD2waYCGImE28sBMAE&v=APEucNUf3UyAhzDg34JW07gWXSmePpy7WCb0pET71veHNcIgHDZ93sW4fqyp2plyEEpHC-aKAw21q3cbtPtQzqZSuLh8UjCDmBdKQpMwFS59adlhvmD1Bfx3OM2IZmoDUGjKzEarUq6h4W0je_O8kPUO56ygcSP7WHt6-0NVhTtGIA_KseGlQD8
Protocol
H3
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Sep 2022 08:12:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tUu2BPwlKIvbk0ZTSuT3vmew%2BWkidLHIb%2Ff1wMFN1U3p0CkYiKpZxlKw%2BIWEPwheTb6k%2FM5%2F2Ap8XL1%2BdRFUj2qtasGx4DEQVbJSg7wYlL4%2BENEivrOOV9m5ilK23%2BNc72c71zoZdw%2Bfpg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
752b7e5159649b98-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 30 Sep 2022 08:12:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENeTiW485ki0BPQxSoYhk20&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame E6A6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELeq3fOZL9Jq6eTZdOaH6-E&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELeq3fOZL9Jq6eTZdOaH6-E%26google_cver%3D1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELeq3fOZL9Jq6eTZdOaH6-E%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COCGGxD2waYCGImE28sBMAE&v=APEucNUf3UyAhzDg34JW07gWXSmePpy7WCb0pET71veHNcIgHDZ93sW4fqyp2plyEEpHC-aKAw21q3cbtPtQzqZSuLh8UjCDmBdKQpMwFS59adlhvmD1Bfx3OM2IZmoDUGjKzEarUq6h4W0je_O8kPUO56ygcSP7WHt6-0NVhTtGIA_KseGlQD8
Protocol
HTTP/1.1
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Sep 2022 08:12:25 GMT
AN-X-Request-Uuid
b2ad71bc-80bf-4fc9-9061-9c2eaf11c14c
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
138.199.38.132; 138.199.38.132; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 30 Sep 2022 08:12:24 GMT
AN-X-Request-Uuid
656fe756-1e84-4432-b4bd-28f061e77ce0
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELeq3fOZL9Jq6eTZdOaH6-E%26google_cver%3D1
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
138.199.38.132; 138.199.38.132; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E6A6
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjE2NzA2MTk5MTU1MzczNjE2NQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjE2NzA2MTk5MTU1MzczNjE2NQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COCGGxD2waYCGImE28sBMAE&v=APEucNUf3UyAhzDg34JW07gWXSmePpy7WCb0pET71veHNcIgHDZ93sW4fqyp2plyEEpHC-aKAw21q3cbtPtQzqZSuLh8UjCDmBdKQpMwFS59adlhvmD1Bfx3OM2IZmoDUGjKzEarUq6h4W0je_O8kPUO56ygcSP7WHt6-0NVhTtGIA_KseGlQD8
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Sep 2022 08:12:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 30 Sep 2022 08:12:25 GMT
AN-X-Request-Uuid
bdcfc4cb-00e4-4bf7-b79d-0be8a4fab190
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjE2NzA2MTk5MTU1MzczNjE2NQ%3D%3D
Connection
keep-alive
X-Proxy-Origin
138.199.38.132; 138.199.38.132; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame B39A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENeTiW485ki0BPQxSoYhk20&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENeTiW485ki0BPQxSoYhk20&google_cver=1&C=1
43 B
884 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENeTiW485ki0BPQxSoYhk20&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGK6lmMcBMAE&v=APEucNWBO2VSf9bVjseWjE_CAlpVqmn670rCI1mL37hiX3vTs4Q3kxUBA40Ok9Xg0e3J6VuFWJ33HIoVQLDsxNANV0HrIqKwEOaifkYNm1pUN5uS1whWxLLQvySAufVTmvJse8k9IVXj4k5tX1HzMqLbt4YLdYD8cBq6TF4A71LthkM226447qM
Protocol
H3
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Sep 2022 08:12:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bi3Fma3dn7gdzcSE0juqCqwEXFQ6KnSghffZ8uRspzvFRR2i3WjvCvfhAkdDCz%2B7HNvryh8%2Frko%2Bw%2BXFfsj2kB5oeRuxhONGpoDtXAWkRBzAfpkK4zv9UyTaTxuQROOjlBg8y2yM%2F1Qc%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
752b7e509f2b9b98-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 30 Sep 2022 08:12:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vucJrEErHWIW%2BK6qZ3JxxrO16dYLnZ8%2FcqB%2BMhE3ASrkEbw29ost5POe2TFHk30NGWDOVnz9ewezHwNsaaA9jnRYkjlahlDTbqu1j%2BBmvnsW58LM%2B%2BIv4HO7UL3SrK1cQH7KLMdd%2F2d%2BuA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESENeTiW485ki0BPQxSoYhk20&google_cver=1&C=1
cache-control
no-cache
cf-ray
752b7e5018e4904c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame B39A
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yzak6Cr5vkJRVBzHhc-wEwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENeTiW485ki0BPQxSoYhk20&google_cver=1
43 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENeTiW485ki0BPQxSoYhk20&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGK6lmMcBMAE&v=APEucNWBO2VSf9bVjseWjE_CAlpVqmn670rCI1mL37hiX3vTs4Q3kxUBA40Ok9Xg0e3J6VuFWJ33HIoVQLDsxNANV0HrIqKwEOaifkYNm1pUN5uS1whWxLLQvySAufVTmvJse8k9IVXj4k5tX1HzMqLbt4YLdYD8cBq6TF4A71LthkM226447qM
Protocol
H3
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Sep 2022 08:12:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZZZHoe4%2FATpUG5Z6zgpykqPDpgvfFpA4bg9MkqQQ7XljZVXwwseVWpdJiUDmswLyZcfu%2Bqwkd3UZxMKwQrS8hguw1kXi5E2gNqYX0TDKD6msl30hQh1Jph%2FleysGSUZVdqP1gEE25kMEYw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
752b7e5138db9b98-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 30 Sep 2022 08:12:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENeTiW485ki0BPQxSoYhk20&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame B39A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELeq3fOZL9Jq6eTZdOaH6-E&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELeq3fOZL9Jq6eTZdOaH6-E%26google_cver%3D1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELeq3fOZL9Jq6eTZdOaH6-E%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGK6lmMcBMAE&v=APEucNWBO2VSf9bVjseWjE_CAlpVqmn670rCI1mL37hiX3vTs4Q3kxUBA40Ok9Xg0e3J6VuFWJ33HIoVQLDsxNANV0HrIqKwEOaifkYNm1pUN5uS1whWxLLQvySAufVTmvJse8k9IVXj4k5tX1HzMqLbt4YLdYD8cBq6TF4A71LthkM226447qM
Protocol
HTTP/1.1
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Sep 2022 08:12:25 GMT
AN-X-Request-Uuid
75a3a4f4-2383-4702-af36-668c7d788751
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
138.199.38.132; 138.199.38.132; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 30 Sep 2022 08:12:25 GMT
AN-X-Request-Uuid
0560ffa9-1324-4eb9-8db7-4a1d6c125e2a
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELeq3fOZL9Jq6eTZdOaH6-E%26google_cver%3D1
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
138.199.38.132; 138.199.38.132; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B39A
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjE2NzA2MTk5MTU1MzczNjE2NQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjE2NzA2MTk5MTU1MzczNjE2NQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGK6lmMcBMAE&v=APEucNWBO2VSf9bVjseWjE_CAlpVqmn670rCI1mL37hiX3vTs4Q3kxUBA40Ok9Xg0e3J6VuFWJ33HIoVQLDsxNANV0HrIqKwEOaifkYNm1pUN5uS1whWxLLQvySAufVTmvJse8k9IVXj4k5tX1HzMqLbt4YLdYD8cBq6TF4A71LthkM226447qM
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Sep 2022 08:12:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 30 Sep 2022 08:12:25 GMT
AN-X-Request-Uuid
ebd0d0cb-3f91-48da-80d4-4fef20c8fe23
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjE2NzA2MTk5MTU1MzczNjE2NQ%3D%3D
Connection
keep-alive
X-Proxy-Origin
138.199.38.132; 138.199.38.132; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220928/r20110914/ Frame 994F 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220928/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CEdXd67ubtICRjSyEd5yNA477mkAEm1I1AfgVbDY0jxmTdtIARPgGmEAHsSOSIM_FOFqsIlY-xIloXDiSEJ3iA1eQeGuW-Gyv0GuHxCs4tv5WO9Y8TnsJ8qcm2WuvtfvYOV-0N0hwGXNrdYw2iUdpgDY7ih9J1Fm5O__xaGibku8E00b4&cry=1&dbm_d=AKAmf-BRyXQcvbFznyQo67rj7cEqR-80JyKszLtALIneyrmwumQFh0CHmoc3mNlxGnYHoQ845sgK5XQR6aBVd-MetGwngpWoqPRNDzKratcyloXejjT1YQs_cBL56C8UkG3zyd-KMl_vX6dSizdgf3LyZjenp64bqwvze18yeEp8xH_nSx3Ysx7zVWkRarnH2vaZFChj5ae7LQoyZqnW3S1qS6urp6F973wh0FE4yuMLfjnq9Nx7sBf-KDdaqde6Rk8AOKCJT2HJonOAx9uT-VTDlm68Z1Vlc7WWuPIuBI4qhRtEz5y0NOhKsiNs6o7Ao7X8HrnxKRWp2Wr4MFyntBTDUW3Gb2zBxA-1D3zRX1f1QoRY3JAQZ91q892wpa3N0uNtoaGxYe2r1LJixRY_KhwhHKQigqSDS4ILKZBNopg4rydDiHqhLoBoMFJi8VVM6GJd_-Amz3HuCsfu4YauZhYV_FkYofiHdhPCcal549tq2gV5et3PQtKi9rEwd6TdSRUBHTYE4Cw2R0MXLv7kyIXB0cQeWacIs4w5h5e2S4bBh2nRxBYwc4z8TyrncCAqzcFWihbEPeAOBR9V-uF4TiY2ZK9Ms5yHm3sJObgqbqXndbXNNqUV8s2CzJSO7nWCCpZuj72Yvte24MtwZikntjoheB4--wQSB3SN-q7-bBWWkQElj6pGgd48XUb3O-xLeVX7tc-42fzuFMZZXo2DnCs988qJqKf84wur__edE_pe8VMGMembcAuHmABnXUDLyUxsh55kuJX-7FD5jO8ZTal8N_DBDkyG56ap-rIfJ_CBi036k5At7kpG8L21reD8Iz0-CgSIf-IzKVnXQla0XIPFAk6GOXpx0U2LEYcRtyNIgIT-R54q2KDi_WywzozAV3ZYKaHDCsGk1vwkey-D7PkprzkqyUA-p15hSN4A8aax-tXn3-4LY5WlAPNlBF3Ra_qqN_ea6b5EJY0R5qzsAVahcGr1Ax91sCRLngo7u8aGj3pXXYSOhzzbWO4m8eFlKl0sszTEp2vU-lyp5dGy49oqQayNur_MvtFiYwNMjN2l7FD-zipw7CIf6eEOod_7lqHilPv-zGn1GDtbeNqorlujAxQQMgeTEv3hoZZXf7OoNcWICDSfyWdWTzooMeCWkSYy2eRnyEvEyg_THGndr3LqWZhh8NoNOJtVyajhEDLQCV7sagKNTPpNANpInGQoP9UW9VVqhlz2J3K1Yvgxmw00j3zcS0tcdCWpopjFmIoGTutesvRLD_lt796LdLxSU2Zr6xj818prZ9LA00tGNwm5mdtHWks3wX-xUNzmLS-zlRcaX4flmteJXRNrHSfQtG7_oGvItX25HRfHH5txdHm0fTqKlDO7SctBgxY4XtPPqARU5TVshDtuco3H4hueJl20zKjr-4xNJy97wkbZ8S01cS5_e0lslSXehgbN_apMsu1z3JLMbfe5LuwMyFIF6hSb-HioopDUcXknPG8SdC9BJpSTkUehB066c_ceqgicDRYhciVnSqjB7ZvsZYJ-l7Nd66CwhHSYSR6ljjhuV-yUBfzs2cVrlO0jLNRKNN9N_sXvHaNH-AsjhC2RUkkRhgJzthYCvFZO7GwJ5HsiLg1IUYhyttHt8vumOolpUj6NVDcVHZqYO6Hpe1kuvDpZK1ZRsfG1nh1NWYpFJNPYwiw-pmOi5PDoPpIURgUOcrgMmYxVwjWmUyvC3g1i6BC1D6JEAQdpjUvuGcGALS8q3K4lyb7vYNep1_h9uu55-ttqm_Sohn3aAmqpNh2xAF2IN7odJPXb1wHQGUUbxOY-_G2i0dyLahL7Xkl6pS9T4P9TSKrdNlbpENqkUN-PWVK-rGxV8no1cTHdix0Y9ZM0czRBOearxqkbiBtCJeR9F5MsFwJAAopbAeCqpeBh8PkThaGwdI6wjvH-RvEKX6NAdPxYri4HWPC9qP6hGpEDqMcbkqFB_ReqmTJsmPmNvBYyQcWE9GVDthUZc-xpkIVBt9-pr9dLwkn-K-b7hTcVj1sknYZ4aIaWXnqFa7xrMOV5Onyddt4ook9seJk-nZQz4vz7VjG5OuEmewdzZVM_TRfS44W_Gg9VKNlcBYkNASAMzYMsTdEf8a5U-GNF-XPE1rwdIsQNLNg9g74tXiZWv0dbpF3Jiy1_zRaM0lhAJQEiEoxI5L78pySeAkpVLGf8HR92CtAudODFdNnM5UXydHtWDQ_oTM1oJHCzFUVhAofoV2gSwlki9nfwvCDRXQ69QDKflCxC7SnvAKkP8QErokDOsTdv6gEYl-o-gDF1muv6TK-YLclqNcsbI531OlzrjUwz6B26nACywYHIFZdnI-_w8YgYUoAeg9EQH4lx63etrmr9DK3TF0ExrJaqN0HL0Ad7NXUAvqOGZ99OJm-s3dspk8EpYX9AboF11z17Ss0bmujWb8dPQmh1XIBPehKvIo6P_9HCkD23bRrqYLix1E0DfLi2_0RMha0zcw1JiBLSuG-fJfmO-TSqegMkrCVxzmA8NhI-wjRt23NuFFA8vfOPEYPw9ZXVxqwqnPyI2zoDZO5nC4auH-I1YjFJ_soDofj1lsAlsFPt0_Hb2tY9daMBDLi3KZOKTeIWhLWNsiDQ7e3Js3LF0yZ98cN_Gd5mVnvIjakf2U3esxTkvvVOTbe7-M57eZCgRl2IegWMIJDqH7w6H1t5Acho5W0s3p0tdraxij5BoABb1LfrhMjKRBk2vHs9bA_40ElvB5b4OBXOvQ17RuGF3c2bqQetyVDx7DIr1VbsjgNE207Y2-6ixNYdoHHLuD0bXsbzVMGTp0NZS7xvRthEizPpE2meUfZxC7iSfWZ9-u6IMtVan63PdXh3Mvyy4RHC-7Ko_J4l2mxA-PQVwgP4Lj4oIudaXWwdQ0UgGIFQfpHY6ggwjWEeCl-5M_3AcyNM9FnFqpbHMnRxuyaH7JkxHxFQ31QV-NGz9dIINBaeyvMWFuU3_06tOuWqO5miwfGIPfjqMTS2yqNI5d27R74H7rMw20p79NqJ7ECPwbFKu7WVNkUe7lkEdyDkLLb54PMxhzUJUiBykdqUFSYchjBuGvcCOXVOwqw5I9PWPG5Xn_CSIKq7uqp-D3Ui1moggxxL2ioIIPeobeOTQSckRre1Zk_ej_Z7ev7wDYQDPvb9YQdzBzBMbDEcRAEGQ1g7BJW-sn7PalBPKA-8c583Qa0SKxmoDkRRHTOH6B-8TadlTgCVhoDkiHqmBYUS0TZ3uEMqUtJ1tgLRzfkuSBXFaB4uKoas&cid=CAASEuRotTIcHyyEhgh7P8MzF0ukRg&rfl=6%2Chttps%253A%252F%252Freurl.cc%242%2C%2C%2C%2C%2Chttps%253A%252F%252Freurl.cc%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f03f34a896200ac3d36794a86a5b23d054f1982d05740b454078c8526a33b631
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:01:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
634
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11727
x-xss-protection
0
server
cafe
etag
4188671789125589074
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 14 Oct 2022 08:01:50 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220928/r20110914/elements/html/ Frame 994F 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220928/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CEdXd67ubtICRjSyEd5yNA477mkAEm1I1AfgVbDY0jxmTdtIARPgGmEAHsSOSIM_FOFqsIlY-xIloXDiSEJ3iA1eQeGuW-Gyv0GuHxCs4tv5WO9Y8TnsJ8qcm2WuvtfvYOV-0N0hwGXNrdYw2iUdpgDY7ih9J1Fm5O__xaGibku8E00b4&cry=1&dbm_d=AKAmf-BRyXQcvbFznyQo67rj7cEqR-80JyKszLtALIneyrmwumQFh0CHmoc3mNlxGnYHoQ845sgK5XQR6aBVd-MetGwngpWoqPRNDzKratcyloXejjT1YQs_cBL56C8UkG3zyd-KMl_vX6dSizdgf3LyZjenp64bqwvze18yeEp8xH_nSx3Ysx7zVWkRarnH2vaZFChj5ae7LQoyZqnW3S1qS6urp6F973wh0FE4yuMLfjnq9Nx7sBf-KDdaqde6Rk8AOKCJT2HJonOAx9uT-VTDlm68Z1Vlc7WWuPIuBI4qhRtEz5y0NOhKsiNs6o7Ao7X8HrnxKRWp2Wr4MFyntBTDUW3Gb2zBxA-1D3zRX1f1QoRY3JAQZ91q892wpa3N0uNtoaGxYe2r1LJixRY_KhwhHKQigqSDS4ILKZBNopg4rydDiHqhLoBoMFJi8VVM6GJd_-Amz3HuCsfu4YauZhYV_FkYofiHdhPCcal549tq2gV5et3PQtKi9rEwd6TdSRUBHTYE4Cw2R0MXLv7kyIXB0cQeWacIs4w5h5e2S4bBh2nRxBYwc4z8TyrncCAqzcFWihbEPeAOBR9V-uF4TiY2ZK9Ms5yHm3sJObgqbqXndbXNNqUV8s2CzJSO7nWCCpZuj72Yvte24MtwZikntjoheB4--wQSB3SN-q7-bBWWkQElj6pGgd48XUb3O-xLeVX7tc-42fzuFMZZXo2DnCs988qJqKf84wur__edE_pe8VMGMembcAuHmABnXUDLyUxsh55kuJX-7FD5jO8ZTal8N_DBDkyG56ap-rIfJ_CBi036k5At7kpG8L21reD8Iz0-CgSIf-IzKVnXQla0XIPFAk6GOXpx0U2LEYcRtyNIgIT-R54q2KDi_WywzozAV3ZYKaHDCsGk1vwkey-D7PkprzkqyUA-p15hSN4A8aax-tXn3-4LY5WlAPNlBF3Ra_qqN_ea6b5EJY0R5qzsAVahcGr1Ax91sCRLngo7u8aGj3pXXYSOhzzbWO4m8eFlKl0sszTEp2vU-lyp5dGy49oqQayNur_MvtFiYwNMjN2l7FD-zipw7CIf6eEOod_7lqHilPv-zGn1GDtbeNqorlujAxQQMgeTEv3hoZZXf7OoNcWICDSfyWdWTzooMeCWkSYy2eRnyEvEyg_THGndr3LqWZhh8NoNOJtVyajhEDLQCV7sagKNTPpNANpInGQoP9UW9VVqhlz2J3K1Yvgxmw00j3zcS0tcdCWpopjFmIoGTutesvRLD_lt796LdLxSU2Zr6xj818prZ9LA00tGNwm5mdtHWks3wX-xUNzmLS-zlRcaX4flmteJXRNrHSfQtG7_oGvItX25HRfHH5txdHm0fTqKlDO7SctBgxY4XtPPqARU5TVshDtuco3H4hueJl20zKjr-4xNJy97wkbZ8S01cS5_e0lslSXehgbN_apMsu1z3JLMbfe5LuwMyFIF6hSb-HioopDUcXknPG8SdC9BJpSTkUehB066c_ceqgicDRYhciVnSqjB7ZvsZYJ-l7Nd66CwhHSYSR6ljjhuV-yUBfzs2cVrlO0jLNRKNN9N_sXvHaNH-AsjhC2RUkkRhgJzthYCvFZO7GwJ5HsiLg1IUYhyttHt8vumOolpUj6NVDcVHZqYO6Hpe1kuvDpZK1ZRsfG1nh1NWYpFJNPYwiw-pmOi5PDoPpIURgUOcrgMmYxVwjWmUyvC3g1i6BC1D6JEAQdpjUvuGcGALS8q3K4lyb7vYNep1_h9uu55-ttqm_Sohn3aAmqpNh2xAF2IN7odJPXb1wHQGUUbxOY-_G2i0dyLahL7Xkl6pS9T4P9TSKrdNlbpENqkUN-PWVK-rGxV8no1cTHdix0Y9ZM0czRBOearxqkbiBtCJeR9F5MsFwJAAopbAeCqpeBh8PkThaGwdI6wjvH-RvEKX6NAdPxYri4HWPC9qP6hGpEDqMcbkqFB_ReqmTJsmPmNvBYyQcWE9GVDthUZc-xpkIVBt9-pr9dLwkn-K-b7hTcVj1sknYZ4aIaWXnqFa7xrMOV5Onyddt4ook9seJk-nZQz4vz7VjG5OuEmewdzZVM_TRfS44W_Gg9VKNlcBYkNASAMzYMsTdEf8a5U-GNF-XPE1rwdIsQNLNg9g74tXiZWv0dbpF3Jiy1_zRaM0lhAJQEiEoxI5L78pySeAkpVLGf8HR92CtAudODFdNnM5UXydHtWDQ_oTM1oJHCzFUVhAofoV2gSwlki9nfwvCDRXQ69QDKflCxC7SnvAKkP8QErokDOsTdv6gEYl-o-gDF1muv6TK-YLclqNcsbI531OlzrjUwz6B26nACywYHIFZdnI-_w8YgYUoAeg9EQH4lx63etrmr9DK3TF0ExrJaqN0HL0Ad7NXUAvqOGZ99OJm-s3dspk8EpYX9AboF11z17Ss0bmujWb8dPQmh1XIBPehKvIo6P_9HCkD23bRrqYLix1E0DfLi2_0RMha0zcw1JiBLSuG-fJfmO-TSqegMkrCVxzmA8NhI-wjRt23NuFFA8vfOPEYPw9ZXVxqwqnPyI2zoDZO5nC4auH-I1YjFJ_soDofj1lsAlsFPt0_Hb2tY9daMBDLi3KZOKTeIWhLWNsiDQ7e3Js3LF0yZ98cN_Gd5mVnvIjakf2U3esxTkvvVOTbe7-M57eZCgRl2IegWMIJDqH7w6H1t5Acho5W0s3p0tdraxij5BoABb1LfrhMjKRBk2vHs9bA_40ElvB5b4OBXOvQ17RuGF3c2bqQetyVDx7DIr1VbsjgNE207Y2-6ixNYdoHHLuD0bXsbzVMGTp0NZS7xvRthEizPpE2meUfZxC7iSfWZ9-u6IMtVan63PdXh3Mvyy4RHC-7Ko_J4l2mxA-PQVwgP4Lj4oIudaXWwdQ0UgGIFQfpHY6ggwjWEeCl-5M_3AcyNM9FnFqpbHMnRxuyaH7JkxHxFQ31QV-NGz9dIINBaeyvMWFuU3_06tOuWqO5miwfGIPfjqMTS2yqNI5d27R74H7rMw20p79NqJ7ECPwbFKu7WVNkUe7lkEdyDkLLb54PMxhzUJUiBykdqUFSYchjBuGvcCOXVOwqw5I9PWPG5Xn_CSIKq7uqp-D3Ui1moggxxL2ioIIPeobeOTQSckRre1Zk_ej_Z7ev7wDYQDPvb9YQdzBzBMbDEcRAEGQ1g7BJW-sn7PalBPKA-8c583Qa0SKxmoDkRRHTOH6B-8TadlTgCVhoDkiHqmBYUS0TZ3uEMqUtJ1tgLRzfkuSBXFaB4uKoas&cid=CAASEuRotTIcHyyEhgh7P8MzF0ukRg&rfl=6%2Chttps%253A%252F%252Freurl.cc%242%2C%2C%2C%2C%2Chttps%253A%252F%252Freurl.cc%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 07:58:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
861
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 14 Oct 2022 07:58:03 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 994F 		0
622 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuLxO4_K7PKMGWdYmXMGGOrGGFSLrFx3lHYTEaRp7eapCFs4ZQsGVdUHI9taPJ4EUmr-tlwennjGyh3D5iTibGzXnhElD9yW1jC-Tibh1yKbciXkj_C9l0I6aULvx-4w3qZxhdt-aaLSOnYPbOKWfZsrDAR2-PU7AUGEYPc_nOaPX2F3ppYGhWd7nWAd-DgZG8a3TGpsE6s6fgLQpYc9FF6Z61eVSPqaPENRN7wzgO8yJUtR_P9A_7ZYA7BVm88TASjKmUhBldi4LZiVKGB5pHjtzNz1XwIeHZVUgSNjaEXxe4W8pIuGzT8JIPDgeTj7DPAqNqjZYrGQPqnDGG52FWeKoVz7vwx8qmw0Oegn3yn2oRfuuwj5Rj94zkZWe-I1CtBSMzNVkF_EZeKNHtZu_jYEvb6wiwtSswrmFK-BNz4NAI_QGaapxZmzm4idCiKSnvayNM5r8j6zoLrVY1ju26dL-RV4PJHj2NzoeT9VqWN8GNv9_V9mbFqAmmNy-slHrrvk8JwVT15a89wifXBcKzm6HwCygErFigwCn88y_8p7xLTXjBMpe98WEAzsFgJNlblmxtxsFKgfJMm0YnSnI1QurL1i1B7tZb6J4AGO1lVFrrsM4_w-t4mPsTOpL8uQGzXmStwwDUh375nULxPTcU7Bg3iDBw4X4nToF_9omCwkxg4mZM4ljPO6_XeFIu2AfHQlIJq50yVhLO4c_YZl5Zz8R1VMCqfTUiJlvGq1LYJ8RePb-qZc0p68R6y3CV8POSJNgGzMnUU9UqQKF1_yUramCYcUgXvHXOGtHaqJ56Nko111Oq8gQ4jJ2U8C2GgdxSfHWJKeE40DBJA6aULFzBu7fTiKuedvChrph4zeytkiSVTrGPVSpe10R3F58CfJI1z0Kgm8mICYSWFmC7XMp-WMhLxsSymVxmhXV3fdmo4H1PWvk18wLi_KpIsheayWmydynDnpMaJcVYtBBsAMNZtpaa6Cit5icCahvWiT2tlc-1kggKrzqBC7uBKNUJR95N7nX2Iqs2ocfQCIXSlicfzrYJc27-41gt-vnodyG7Hh5bZSviixilbpujzTRszBim2YftzT_uZ584_L2sRcilIZf3znCTflnPrDZzRtKD46DQCyHh3PV0nGtAnAk3WIPrTft_XePOE4traoFE_Oqky-cJxephfAcLBrSY3GKnH_lYBi_0-5eV4RtVokMz2CKXY&sai=AMfl-YT1H1nRfrQNC_GCArmb3EQULH17iT6nAEGKgt0eJW9aZSGfiF3Adyq-EGRmlIlnuCRnNEURrP3IdkfqUkjaJLLLkQEV0WrImeK9GU_wOcc_HyVsooKsfeMGrUTcto7lksfMm-JndmpfrzAhmevVc6-4CwlDuYieZcLc61ulm_0YERHRjkmy0sIk&sig=Cg0ArKJSzAaZZBRbcraLEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20220928.60747&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CEdXd67ubtICRjSyEd5yNA477mkAEm1I1AfgVbDY0jxmTdtIARPgGmEAHsSOSIM_FOFqsIlY-xIloXDiSEJ3iA1eQeGuW-Gyv0GuHxCs4tv5WO9Y8TnsJ8qcm2WuvtfvYOV-0N0hwGXNrdYw2iUdpgDY7ih9J1Fm5O__xaGibku8E00b4&cry=1&dbm_d=AKAmf-BRyXQcvbFznyQo67rj7cEqR-80JyKszLtALIneyrmwumQFh0CHmoc3mNlxGnYHoQ845sgK5XQR6aBVd-MetGwngpWoqPRNDzKratcyloXejjT1YQs_cBL56C8UkG3zyd-KMl_vX6dSizdgf3LyZjenp64bqwvze18yeEp8xH_nSx3Ysx7zVWkRarnH2vaZFChj5ae7LQoyZqnW3S1qS6urp6F973wh0FE4yuMLfjnq9Nx7sBf-KDdaqde6Rk8AOKCJT2HJonOAx9uT-VTDlm68Z1Vlc7WWuPIuBI4qhRtEz5y0NOhKsiNs6o7Ao7X8HrnxKRWp2Wr4MFyntBTDUW3Gb2zBxA-1D3zRX1f1QoRY3JAQZ91q892wpa3N0uNtoaGxYe2r1LJixRY_KhwhHKQigqSDS4ILKZBNopg4rydDiHqhLoBoMFJi8VVM6GJd_-Amz3HuCsfu4YauZhYV_FkYofiHdhPCcal549tq2gV5et3PQtKi9rEwd6TdSRUBHTYE4Cw2R0MXLv7kyIXB0cQeWacIs4w5h5e2S4bBh2nRxBYwc4z8TyrncCAqzcFWihbEPeAOBR9V-uF4TiY2ZK9Ms5yHm3sJObgqbqXndbXNNqUV8s2CzJSO7nWCCpZuj72Yvte24MtwZikntjoheB4--wQSB3SN-q7-bBWWkQElj6pGgd48XUb3O-xLeVX7tc-42fzuFMZZXo2DnCs988qJqKf84wur__edE_pe8VMGMembcAuHmABnXUDLyUxsh55kuJX-7FD5jO8ZTal8N_DBDkyG56ap-rIfJ_CBi036k5At7kpG8L21reD8Iz0-CgSIf-IzKVnXQla0XIPFAk6GOXpx0U2LEYcRtyNIgIT-R54q2KDi_WywzozAV3ZYKaHDCsGk1vwkey-D7PkprzkqyUA-p15hSN4A8aax-tXn3-4LY5WlAPNlBF3Ra_qqN_ea6b5EJY0R5qzsAVahcGr1Ax91sCRLngo7u8aGj3pXXYSOhzzbWO4m8eFlKl0sszTEp2vU-lyp5dGy49oqQayNur_MvtFiYwNMjN2l7FD-zipw7CIf6eEOod_7lqHilPv-zGn1GDtbeNqorlujAxQQMgeTEv3hoZZXf7OoNcWICDSfyWdWTzooMeCWkSYy2eRnyEvEyg_THGndr3LqWZhh8NoNOJtVyajhEDLQCV7sagKNTPpNANpInGQoP9UW9VVqhlz2J3K1Yvgxmw00j3zcS0tcdCWpopjFmIoGTutesvRLD_lt796LdLxSU2Zr6xj818prZ9LA00tGNwm5mdtHWks3wX-xUNzmLS-zlRcaX4flmteJXRNrHSfQtG7_oGvItX25HRfHH5txdHm0fTqKlDO7SctBgxY4XtPPqARU5TVshDtuco3H4hueJl20zKjr-4xNJy97wkbZ8S01cS5_e0lslSXehgbN_apMsu1z3JLMbfe5LuwMyFIF6hSb-HioopDUcXknPG8SdC9BJpSTkUehB066c_ceqgicDRYhciVnSqjB7ZvsZYJ-l7Nd66CwhHSYSR6ljjhuV-yUBfzs2cVrlO0jLNRKNN9N_sXvHaNH-AsjhC2RUkkRhgJzthYCvFZO7GwJ5HsiLg1IUYhyttHt8vumOolpUj6NVDcVHZqYO6Hpe1kuvDpZK1ZRsfG1nh1NWYpFJNPYwiw-pmOi5PDoPpIURgUOcrgMmYxVwjWmUyvC3g1i6BC1D6JEAQdpjUvuGcGALS8q3K4lyb7vYNep1_h9uu55-ttqm_Sohn3aAmqpNh2xAF2IN7odJPXb1wHQGUUbxOY-_G2i0dyLahL7Xkl6pS9T4P9TSKrdNlbpENqkUN-PWVK-rGxV8no1cTHdix0Y9ZM0czRBOearxqkbiBtCJeR9F5MsFwJAAopbAeCqpeBh8PkThaGwdI6wjvH-RvEKX6NAdPxYri4HWPC9qP6hGpEDqMcbkqFB_ReqmTJsmPmNvBYyQcWE9GVDthUZc-xpkIVBt9-pr9dLwkn-K-b7hTcVj1sknYZ4aIaWXnqFa7xrMOV5Onyddt4ook9seJk-nZQz4vz7VjG5OuEmewdzZVM_TRfS44W_Gg9VKNlcBYkNASAMzYMsTdEf8a5U-GNF-XPE1rwdIsQNLNg9g74tXiZWv0dbpF3Jiy1_zRaM0lhAJQEiEoxI5L78pySeAkpVLGf8HR92CtAudODFdNnM5UXydHtWDQ_oTM1oJHCzFUVhAofoV2gSwlki9nfwvCDRXQ69QDKflCxC7SnvAKkP8QErokDOsTdv6gEYl-o-gDF1muv6TK-YLclqNcsbI531OlzrjUwz6B26nACywYHIFZdnI-_w8YgYUoAeg9EQH4lx63etrmr9DK3TF0ExrJaqN0HL0Ad7NXUAvqOGZ99OJm-s3dspk8EpYX9AboF11z17Ss0bmujWb8dPQmh1XIBPehKvIo6P_9HCkD23bRrqYLix1E0DfLi2_0RMha0zcw1JiBLSuG-fJfmO-TSqegMkrCVxzmA8NhI-wjRt23NuFFA8vfOPEYPw9ZXVxqwqnPyI2zoDZO5nC4auH-I1YjFJ_soDofj1lsAlsFPt0_Hb2tY9daMBDLi3KZOKTeIWhLWNsiDQ7e3Js3LF0yZ98cN_Gd5mVnvIjakf2U3esxTkvvVOTbe7-M57eZCgRl2IegWMIJDqH7w6H1t5Acho5W0s3p0tdraxij5BoABb1LfrhMjKRBk2vHs9bA_40ElvB5b4OBXOvQ17RuGF3c2bqQetyVDx7DIr1VbsjgNE207Y2-6ixNYdoHHLuD0bXsbzVMGTp0NZS7xvRthEizPpE2meUfZxC7iSfWZ9-u6IMtVan63PdXh3Mvyy4RHC-7Ko_J4l2mxA-PQVwgP4Lj4oIudaXWwdQ0UgGIFQfpHY6ggwjWEeCl-5M_3AcyNM9FnFqpbHMnRxuyaH7JkxHxFQ31QV-NGz9dIINBaeyvMWFuU3_06tOuWqO5miwfGIPfjqMTS2yqNI5d27R74H7rMw20p79NqJ7ECPwbFKu7WVNkUe7lkEdyDkLLb54PMxhzUJUiBykdqUFSYchjBuGvcCOXVOwqw5I9PWPG5Xn_CSIKq7uqp-D3Ui1moggxxL2ioIIPeobeOTQSckRre1Zk_ej_Z7ev7wDYQDPvb9YQdzBzBMbDEcRAEGQ1g7BJW-sn7PalBPKA-8c583Qa0SKxmoDkRRHTOH6B-8TadlTgCVhoDkiHqmBYUS0TZ3uEMqUtJ1tgLRzfkuSBXFaB4uKoas&cid=CAASEuRotTIcHyyEhgh7P8MzF0ukRg&rfl=6%2Chttps%253A%252F%252Freurl.cc%242%2C%2C%2C%2C%2Chttps%253A%252F%252Freurl.cc%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 30 Sep 2022 08:12:25 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 994F 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CEdXd67ubtICRjSyEd5yNA477mkAEm1I1AfgVbDY0jxmTdtIARPgGmEAHsSOSIM_FOFqsIlY-xIloXDiSEJ3iA1eQeGuW-Gyv0GuHxCs4tv5WO9Y8TnsJ8qcm2WuvtfvYOV-0N0hwGXNrdYw2iUdpgDY7ih9J1Fm5O__xaGibku8E00b4&cry=1&dbm_d=AKAmf-BRyXQcvbFznyQo67rj7cEqR-80JyKszLtALIneyrmwumQFh0CHmoc3mNlxGnYHoQ845sgK5XQR6aBVd-MetGwngpWoqPRNDzKratcyloXejjT1YQs_cBL56C8UkG3zyd-KMl_vX6dSizdgf3LyZjenp64bqwvze18yeEp8xH_nSx3Ysx7zVWkRarnH2vaZFChj5ae7LQoyZqnW3S1qS6urp6F973wh0FE4yuMLfjnq9Nx7sBf-KDdaqde6Rk8AOKCJT2HJonOAx9uT-VTDlm68Z1Vlc7WWuPIuBI4qhRtEz5y0NOhKsiNs6o7Ao7X8HrnxKRWp2Wr4MFyntBTDUW3Gb2zBxA-1D3zRX1f1QoRY3JAQZ91q892wpa3N0uNtoaGxYe2r1LJixRY_KhwhHKQigqSDS4ILKZBNopg4rydDiHqhLoBoMFJi8VVM6GJd_-Amz3HuCsfu4YauZhYV_FkYofiHdhPCcal549tq2gV5et3PQtKi9rEwd6TdSRUBHTYE4Cw2R0MXLv7kyIXB0cQeWacIs4w5h5e2S4bBh2nRxBYwc4z8TyrncCAqzcFWihbEPeAOBR9V-uF4TiY2ZK9Ms5yHm3sJObgqbqXndbXNNqUV8s2CzJSO7nWCCpZuj72Yvte24MtwZikntjoheB4--wQSB3SN-q7-bBWWkQElj6pGgd48XUb3O-xLeVX7tc-42fzuFMZZXo2DnCs988qJqKf84wur__edE_pe8VMGMembcAuHmABnXUDLyUxsh55kuJX-7FD5jO8ZTal8N_DBDkyG56ap-rIfJ_CBi036k5At7kpG8L21reD8Iz0-CgSIf-IzKVnXQla0XIPFAk6GOXpx0U2LEYcRtyNIgIT-R54q2KDi_WywzozAV3ZYKaHDCsGk1vwkey-D7PkprzkqyUA-p15hSN4A8aax-tXn3-4LY5WlAPNlBF3Ra_qqN_ea6b5EJY0R5qzsAVahcGr1Ax91sCRLngo7u8aGj3pXXYSOhzzbWO4m8eFlKl0sszTEp2vU-lyp5dGy49oqQayNur_MvtFiYwNMjN2l7FD-zipw7CIf6eEOod_7lqHilPv-zGn1GDtbeNqorlujAxQQMgeTEv3hoZZXf7OoNcWICDSfyWdWTzooMeCWkSYy2eRnyEvEyg_THGndr3LqWZhh8NoNOJtVyajhEDLQCV7sagKNTPpNANpInGQoP9UW9VVqhlz2J3K1Yvgxmw00j3zcS0tcdCWpopjFmIoGTutesvRLD_lt796LdLxSU2Zr6xj818prZ9LA00tGNwm5mdtHWks3wX-xUNzmLS-zlRcaX4flmteJXRNrHSfQtG7_oGvItX25HRfHH5txdHm0fTqKlDO7SctBgxY4XtPPqARU5TVshDtuco3H4hueJl20zKjr-4xNJy97wkbZ8S01cS5_e0lslSXehgbN_apMsu1z3JLMbfe5LuwMyFIF6hSb-HioopDUcXknPG8SdC9BJpSTkUehB066c_ceqgicDRYhciVnSqjB7ZvsZYJ-l7Nd66CwhHSYSR6ljjhuV-yUBfzs2cVrlO0jLNRKNN9N_sXvHaNH-AsjhC2RUkkRhgJzthYCvFZO7GwJ5HsiLg1IUYhyttHt8vumOolpUj6NVDcVHZqYO6Hpe1kuvDpZK1ZRsfG1nh1NWYpFJNPYwiw-pmOi5PDoPpIURgUOcrgMmYxVwjWmUyvC3g1i6BC1D6JEAQdpjUvuGcGALS8q3K4lyb7vYNep1_h9uu55-ttqm_Sohn3aAmqpNh2xAF2IN7odJPXb1wHQGUUbxOY-_G2i0dyLahL7Xkl6pS9T4P9TSKrdNlbpENqkUN-PWVK-rGxV8no1cTHdix0Y9ZM0czRBOearxqkbiBtCJeR9F5MsFwJAAopbAeCqpeBh8PkThaGwdI6wjvH-RvEKX6NAdPxYri4HWPC9qP6hGpEDqMcbkqFB_ReqmTJsmPmNvBYyQcWE9GVDthUZc-xpkIVBt9-pr9dLwkn-K-b7hTcVj1sknYZ4aIaWXnqFa7xrMOV5Onyddt4ook9seJk-nZQz4vz7VjG5OuEmewdzZVM_TRfS44W_Gg9VKNlcBYkNASAMzYMsTdEf8a5U-GNF-XPE1rwdIsQNLNg9g74tXiZWv0dbpF3Jiy1_zRaM0lhAJQEiEoxI5L78pySeAkpVLGf8HR92CtAudODFdNnM5UXydHtWDQ_oTM1oJHCzFUVhAofoV2gSwlki9nfwvCDRXQ69QDKflCxC7SnvAKkP8QErokDOsTdv6gEYl-o-gDF1muv6TK-YLclqNcsbI531OlzrjUwz6B26nACywYHIFZdnI-_w8YgYUoAeg9EQH4lx63etrmr9DK3TF0ExrJaqN0HL0Ad7NXUAvqOGZ99OJm-s3dspk8EpYX9AboF11z17Ss0bmujWb8dPQmh1XIBPehKvIo6P_9HCkD23bRrqYLix1E0DfLi2_0RMha0zcw1JiBLSuG-fJfmO-TSqegMkrCVxzmA8NhI-wjRt23NuFFA8vfOPEYPw9ZXVxqwqnPyI2zoDZO5nC4auH-I1YjFJ_soDofj1lsAlsFPt0_Hb2tY9daMBDLi3KZOKTeIWhLWNsiDQ7e3Js3LF0yZ98cN_Gd5mVnvIjakf2U3esxTkvvVOTbe7-M57eZCgRl2IegWMIJDqH7w6H1t5Acho5W0s3p0tdraxij5BoABb1LfrhMjKRBk2vHs9bA_40ElvB5b4OBXOvQ17RuGF3c2bqQetyVDx7DIr1VbsjgNE207Y2-6ixNYdoHHLuD0bXsbzVMGTp0NZS7xvRthEizPpE2meUfZxC7iSfWZ9-u6IMtVan63PdXh3Mvyy4RHC-7Ko_J4l2mxA-PQVwgP4Lj4oIudaXWwdQ0UgGIFQfpHY6ggwjWEeCl-5M_3AcyNM9FnFqpbHMnRxuyaH7JkxHxFQ31QV-NGz9dIINBaeyvMWFuU3_06tOuWqO5miwfGIPfjqMTS2yqNI5d27R74H7rMw20p79NqJ7ECPwbFKu7WVNkUe7lkEdyDkLLb54PMxhzUJUiBykdqUFSYchjBuGvcCOXVOwqw5I9PWPG5Xn_CSIKq7uqp-D3Ui1moggxxL2ioIIPeobeOTQSckRre1Zk_ej_Z7ev7wDYQDPvb9YQdzBzBMbDEcRAEGQ1g7BJW-sn7PalBPKA-8c583Qa0SKxmoDkRRHTOH6B-8TadlTgCVhoDkiHqmBYUS0TZ3uEMqUtJ1tgLRzfkuSBXFaB4uKoas&cid=CAASEuRotTIcHyyEhgh7P8MzF0ukRg&rfl=6%2Chttps%253A%252F%252Freurl.cc%242%2C%2C%2C%2C%2Chttps%253A%252F%252Freurl.cc%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 10:22:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78584
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Sep 2023 10:22:40 GMT
17190344291950496624
s0.2mdn.net/simgad/ Frame 994F 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/17190344291950496624
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242782&pi=t.ma~as.2784%2F13801&w=300&lmt=1664525544&url=https%3A%2F%2Freurl.cc%2FpMRx4x&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664525544380&bpp=15&bdt=490&idt=131&shv=r20220928&mjsv=m202209260101&ptt=5&saldr=sa&correlator=8564256091718&frm=23&ife=1&pv=1&ga_vid=697224600.1664525541&ga_sid=1664525545&ga_hid=1898908164&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=4137765006&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44770881%2C31067826&oid=2&pvsid=3002605275570105&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.6whtjf7nbbic&fsb=1&dtd=148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9d5c007ca975b1e1d932bc558293c9e67cd0cb1e60c15109f5a7fa200e758f11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 23:06:00 GMT
x-content-type-options
nosniff
age
32785
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12284
x-xss-protection
0
last-modified
Mon, 30 May 2022 22:00:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 29 Sep 2023 23:06:00 GMT
express_html_obb_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 7D8F 		119 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/pMRx4x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed44e345a8354731787a4fc575c66363aac13eebd6007b88aecd8a1deea341df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:25:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38794
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42405
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:28 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 30 Sep 2022 21:25:51 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220928/r20110914/elements/html/ Frame 7D8F 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220928/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BREuFCUBzXQdoOMNZwjCpYzNbsAaid1DSFib8GizJ_H7WUtCkbHA4w_fDeEHJm4mntFbcZYJqx-V3mZuVYXtbWiKPB_Q&cry=1&dbm_d=AKAmf-AxiCq5r6NyJEyLuM57Xo6x-UzPndkonEkr8emLYCZcHACUGDiJI4kfy4u1vZK-5N791_d-FNW0oANBqMcahOKxCEnSyYQT_XIfWxLPnq9Bqlmtx63SPzlAReS9G-MJT3PxDSbNynXpLgpKoG7dfKciY9ezGbbMLyOb4woeVO9SJnb2zh4fhyFZT1ex7FwVLF_XAZjkct-ZSYJsuunBxsLG7EjEd7KnJlyTwBduGae9EbbjFIdLncYhQdqh5t1adBWhuet7sUwzMIix_gp467XDLxk2EUs-PdLTq9_2399YUlYc4RL6NMnBj4jwxZGoy9df4Sf6W4ERkxHvXjFh_znLnCFxJjYlT7vmKYnK-6IK4csm5AK-PD4fpoxfyIxTK-h-MKI3MAkFo23JUNTCJtKcLDXaoAv4EGey-IX_HKOGnTMoq2_gOwPbJQGJvKw9uaz7_mI2mgAo4GJY6FoUm3cyWUCHiWk_3Ht-VicF01d0D0x0i1tKNBmkwl55pUPLKyA28IXfAob1Xz3wXOYihwq2LqpJXoqdPXpARvUx-aKzd50SODNngOY9WivMtjDowmZ7pjJW_fgCy6s9CN8wE0DnkHeQDii8KEcP8td6kIvgH7EaefBn23A8NRPHmrdbAYp87Cme4iGooS1EjNMs0HLtVT5RSf0X35_dPBUAYbDVeDOJHeXXZevDu1DxPYj0g4PgzyWJyWqJ3IRb7YLXva2rVAT8tI2ZruFApjb7HnpCo95FGsZ0S-lPJDTCef2aN9-TMyZCqw1f0Dy9PNnljYPn898JvvzoSy3s1DHenkk6ckd6031pc4izlM9xczauu1HjhL4oQlaytNkiZ4_svwOOjOHzkDzwVDT9PeUx9A_WdfHqfPd_gV_RPN1dV0hhcc5_mLXjCa158OUFNww0Z-_oZF3MgSkd6PI3oPZJkj0-mvCE_3GuivqgpWKkW1XNS8f-IMiGM-5eOZPfqKezkhD6gdYuesKdLuxH1O5HhApVCK72QOHoqXQHl__5wvXSgcXvkV2Hv1-BMx26zB2w5s9we-i_iB5bZyElRVa17Ke8A4SlvNUz7WdK3JH4olqbtKzaskXH-6hnAILX5OXX2dVLbCls5DH05H9f6_n3-ac_CBj9SGRYpQ5991mU9m4VF-s1SvKASq8hBRClIqjgTI8EKukx1z7KbEDFzwfpt9M8Lzk4iVcM5jz44ISv_0pHXVNElmqen5CU5iFrR5kWKdaf5L_WZVqCjD2FVQF59BHRTc20VgJgJXEaMcIUfP-tIJy-oM0x8-r2p55932HyfRa1bDrmX7hB-CEJsD5DOx6S79kMqzEwi4cA8YthNrwTk4XuQaCZ1ijoEMs35SzCyRhTK7V5nn_1IVFEp8xyiJMa2Qwkn0DL5ZGWoHRFjt5Wg-JMZ4QSWmHCXi_ZJuTa1oYIF-8THpRfrBO1AUEtzDJ9nyl5c1sbeobneeKRGpT0roHTqO9OAP3RYj0xVFFwUTeIgmaHWm4R3YEHvHAnyvgRl_LDKfYn2ROBGU5saL2GC6QlXUkMN3U0mY0HE1cj4xlCdI6Wp-b3HbwVHUC1mNkFfjRjrKhIXK828TaEL8wQHbtlUezxigKXQBpNi_xSUIPR-DqoomHdUFuLufGdhAp2YrFiFC7EKtkDVeKkQMueKfmnNrf0MyAom6hAYwKAnQtrKrXgpxw4YoTriq4UWtUfRCpDO6C_FsBy_vfLj3cmJmSDj1f6yu9In8pBype4QJgHhF06lR8a4xs8LtBl0GRQfFBMT_JBVIFEMgqJpGZ_sX6v8WT6mXdFFnwARyLS9nO6GM4FLue0SNYeLYoY4OwTgfIuSq74e6EtOTifLj-0JQg0W4bw_yRMc9jf_qfiZsrDidMxbdhhbtAo8J0Y9_TpBvyCgwcwpnOljHwqWsdQRAHr4RX6LgBRmUzedLGOf9KOj4QVhyAOkO_L4cyAFKSzBt3o_z_0vV1rYcI8f46mXSvRzutjEsmoBved7gIL3y50uJQ1_P51FLNIN_uK8jQWcGYFBe1kdJWmOR1rncWlqnZRe3VIrBsVXklgAXiL0ilqmgzNOHQHydGq1-Q_9OfqbMeN8YwV0qaNAvZife6Vk9edr4qn_kP6PLWjqB_5XczDnhWgVt8G0287xoSZ17gGooc_DaWkwBFPogYV1DF4WV67wy0mosd7nuFFnrNFdRksga4gNVk62sOkntze4y_9tLnf_4gSKvtIb13QE2iInyHvFSPriXRKfT60EH0ZiZYZ_pFIOEZEAT662tdONuNuTLPE8mIhnb1NsmGA-0dEz7n26HckxlL5xi3L6yP2JpajLiH2ynj0xEWinBEY9dyeCy4AEuLK6mezZoPZ5PJLGaUBOF9FvFCVLsEnikW3Ug7jMMRSjQFzlU_tw9IC0Fb1HMmfSmQsldXajD7orPSFqsDtcLsx1vw7HEYsR6MffwODgi5jiSA0ox98Joj_P04V9MZWJpme-apJivNjJ_kz7sWtAqTIiy1reIM5nvw3oxFyvJR1mfMzx5ISAnG5F7VYSS97-BR1wquK8VGBIvWpgCb2N-oi8YUw3PljB1Kc1VzWE1obdf8YaZrjPuwuh7YztDVm8QmJBc8JzTMhHXGrYyVm0ziaOi_CoiqJ9iGpIL3oyWl6YH4NtjqVe-VfAK-NotqRCTvKsWRCu_Wl34yhiu2Up5hQTzMetcUizxSqokka06G7G4uBuqmBYmx5qkgoOq6_0kM4hkvy7VKd3EhXMBYCJPL9NhD5SGnRjnlWq7NSlX9oAOZbIO1LDqU0DFnoTfazprzOImQyJEo7HezCIKbPscJFWYPtTitBXBSBN3hHWl8oi63qtsqRsswn5TGuNA-5SbY0Y-uCOLLmP_R6Op_qZm6S3INNFZzK9xxJnlNvzeIe1ckzpEphQwt2dNEQvZmWuM0YzNnFxA0zQfXuz9RQ_VuabyGbcMoJJa79nBMWmcmOPYo6HLTZHxfYijNNjltE_JCywekLk_KT93SF_guOFYZAgO_7IS3F1g4IrOfOynBd82kbzdpZToycS1-LYSlbk4g7L05A1V3BRBTx4r0fYIIIZ6cTUqjGSuUbGLtHFiZWzPsAgwIYI0ISQvQ93EwMSIQSO6u8V69HfkrTkxEBzfSTSgkjppD_8LwGMRxX-nJu1qTiOssnq6FHbkDFeGpe6hKxWvQpRt4EB-TWWpH8pSwgNTROhSBrHswAbqWejhfkUpZn6x24Jt_AN-Vv4NFefi6WV0Og6_QOaqIVfQg5sQUwjNgt6MLrCan5fICyMsV70yS5wfAml7tUgoE6PstsQZqo1atWxjVbVjDtwpDLT0Q4&cid=CAASEuRoAX4XiIwk3y65pDumITzdTg&rfl=6%2Chttps%253A%252F%252Freurl.cc%242%2C%2C%2C%2C%2Chttps%253A%252F%252Freurl.cc%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 07:58:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
861
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 14 Oct 2022 07:58:03 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220928/r20110914/ Frame 7D8F 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220928/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BREuFCUBzXQdoOMNZwjCpYzNbsAaid1DSFib8GizJ_H7WUtCkbHA4w_fDeEHJm4mntFbcZYJqx-V3mZuVYXtbWiKPB_Q&cry=1&dbm_d=AKAmf-AxiCq5r6NyJEyLuM57Xo6x-UzPndkonEkr8emLYCZcHACUGDiJI4kfy4u1vZK-5N791_d-FNW0oANBqMcahOKxCEnSyYQT_XIfWxLPnq9Bqlmtx63SPzlAReS9G-MJT3PxDSbNynXpLgpKoG7dfKciY9ezGbbMLyOb4woeVO9SJnb2zh4fhyFZT1ex7FwVLF_XAZjkct-ZSYJsuunBxsLG7EjEd7KnJlyTwBduGae9EbbjFIdLncYhQdqh5t1adBWhuet7sUwzMIix_gp467XDLxk2EUs-PdLTq9_2399YUlYc4RL6NMnBj4jwxZGoy9df4Sf6W4ERkxHvXjFh_znLnCFxJjYlT7vmKYnK-6IK4csm5AK-PD4fpoxfyIxTK-h-MKI3MAkFo23JUNTCJtKcLDXaoAv4EGey-IX_HKOGnTMoq2_gOwPbJQGJvKw9uaz7_mI2mgAo4GJY6FoUm3cyWUCHiWk_3Ht-VicF01d0D0x0i1tKNBmkwl55pUPLKyA28IXfAob1Xz3wXOYihwq2LqpJXoqdPXpARvUx-aKzd50SODNngOY9WivMtjDowmZ7pjJW_fgCy6s9CN8wE0DnkHeQDii8KEcP8td6kIvgH7EaefBn23A8NRPHmrdbAYp87Cme4iGooS1EjNMs0HLtVT5RSf0X35_dPBUAYbDVeDOJHeXXZevDu1DxPYj0g4PgzyWJyWqJ3IRb7YLXva2rVAT8tI2ZruFApjb7HnpCo95FGsZ0S-lPJDTCef2aN9-TMyZCqw1f0Dy9PNnljYPn898JvvzoSy3s1DHenkk6ckd6031pc4izlM9xczauu1HjhL4oQlaytNkiZ4_svwOOjOHzkDzwVDT9PeUx9A_WdfHqfPd_gV_RPN1dV0hhcc5_mLXjCa158OUFNww0Z-_oZF3MgSkd6PI3oPZJkj0-mvCE_3GuivqgpWKkW1XNS8f-IMiGM-5eOZPfqKezkhD6gdYuesKdLuxH1O5HhApVCK72QOHoqXQHl__5wvXSgcXvkV2Hv1-BMx26zB2w5s9we-i_iB5bZyElRVa17Ke8A4SlvNUz7WdK3JH4olqbtKzaskXH-6hnAILX5OXX2dVLbCls5DH05H9f6_n3-ac_CBj9SGRYpQ5991mU9m4VF-s1SvKASq8hBRClIqjgTI8EKukx1z7KbEDFzwfpt9M8Lzk4iVcM5jz44ISv_0pHXVNElmqen5CU5iFrR5kWKdaf5L_WZVqCjD2FVQF59BHRTc20VgJgJXEaMcIUfP-tIJy-oM0x8-r2p55932HyfRa1bDrmX7hB-CEJsD5DOx6S79kMqzEwi4cA8YthNrwTk4XuQaCZ1ijoEMs35SzCyRhTK7V5nn_1IVFEp8xyiJMa2Qwkn0DL5ZGWoHRFjt5Wg-JMZ4QSWmHCXi_ZJuTa1oYIF-8THpRfrBO1AUEtzDJ9nyl5c1sbeobneeKRGpT0roHTqO9OAP3RYj0xVFFwUTeIgmaHWm4R3YEHvHAnyvgRl_LDKfYn2ROBGU5saL2GC6QlXUkMN3U0mY0HE1cj4xlCdI6Wp-b3HbwVHUC1mNkFfjRjrKhIXK828TaEL8wQHbtlUezxigKXQBpNi_xSUIPR-DqoomHdUFuLufGdhAp2YrFiFC7EKtkDVeKkQMueKfmnNrf0MyAom6hAYwKAnQtrKrXgpxw4YoTriq4UWtUfRCpDO6C_FsBy_vfLj3cmJmSDj1f6yu9In8pBype4QJgHhF06lR8a4xs8LtBl0GRQfFBMT_JBVIFEMgqJpGZ_sX6v8WT6mXdFFnwARyLS9nO6GM4FLue0SNYeLYoY4OwTgfIuSq74e6EtOTifLj-0JQg0W4bw_yRMc9jf_qfiZsrDidMxbdhhbtAo8J0Y9_TpBvyCgwcwpnOljHwqWsdQRAHr4RX6LgBRmUzedLGOf9KOj4QVhyAOkO_L4cyAFKSzBt3o_z_0vV1rYcI8f46mXSvRzutjEsmoBved7gIL3y50uJQ1_P51FLNIN_uK8jQWcGYFBe1kdJWmOR1rncWlqnZRe3VIrBsVXklgAXiL0ilqmgzNOHQHydGq1-Q_9OfqbMeN8YwV0qaNAvZife6Vk9edr4qn_kP6PLWjqB_5XczDnhWgVt8G0287xoSZ17gGooc_DaWkwBFPogYV1DF4WV67wy0mosd7nuFFnrNFdRksga4gNVk62sOkntze4y_9tLnf_4gSKvtIb13QE2iInyHvFSPriXRKfT60EH0ZiZYZ_pFIOEZEAT662tdONuNuTLPE8mIhnb1NsmGA-0dEz7n26HckxlL5xi3L6yP2JpajLiH2ynj0xEWinBEY9dyeCy4AEuLK6mezZoPZ5PJLGaUBOF9FvFCVLsEnikW3Ug7jMMRSjQFzlU_tw9IC0Fb1HMmfSmQsldXajD7orPSFqsDtcLsx1vw7HEYsR6MffwODgi5jiSA0ox98Joj_P04V9MZWJpme-apJivNjJ_kz7sWtAqTIiy1reIM5nvw3oxFyvJR1mfMzx5ISAnG5F7VYSS97-BR1wquK8VGBIvWpgCb2N-oi8YUw3PljB1Kc1VzWE1obdf8YaZrjPuwuh7YztDVm8QmJBc8JzTMhHXGrYyVm0ziaOi_CoiqJ9iGpIL3oyWl6YH4NtjqVe-VfAK-NotqRCTvKsWRCu_Wl34yhiu2Up5hQTzMetcUizxSqokka06G7G4uBuqmBYmx5qkgoOq6_0kM4hkvy7VKd3EhXMBYCJPL9NhD5SGnRjnlWq7NSlX9oAOZbIO1LDqU0DFnoTfazprzOImQyJEo7HezCIKbPscJFWYPtTitBXBSBN3hHWl8oi63qtsqRsswn5TGuNA-5SbY0Y-uCOLLmP_R6Op_qZm6S3INNFZzK9xxJnlNvzeIe1ckzpEphQwt2dNEQvZmWuM0YzNnFxA0zQfXuz9RQ_VuabyGbcMoJJa79nBMWmcmOPYo6HLTZHxfYijNNjltE_JCywekLk_KT93SF_guOFYZAgO_7IS3F1g4IrOfOynBd82kbzdpZToycS1-LYSlbk4g7L05A1V3BRBTx4r0fYIIIZ6cTUqjGSuUbGLtHFiZWzPsAgwIYI0ISQvQ93EwMSIQSO6u8V69HfkrTkxEBzfSTSgkjppD_8LwGMRxX-nJu1qTiOssnq6FHbkDFeGpe6hKxWvQpRt4EB-TWWpH8pSwgNTROhSBrHswAbqWejhfkUpZn6x24Jt_AN-Vv4NFefi6WV0Og6_QOaqIVfQg5sQUwjNgt6MLrCan5fICyMsV70yS5wfAml7tUgoE6PstsQZqo1atWxjVbVjDtwpDLT0Q4&cid=CAASEuRoAX4XiIwk3y65pDumITzdTg&rfl=6%2Chttps%253A%252F%252Freurl.cc%242%2C%2C%2C%2C%2Chttps%253A%252F%252Freurl.cc%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f03f34a896200ac3d36794a86a5b23d054f1982d05740b454078c8526a33b631
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:01:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
634
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11727
x-xss-protection
0
server
cafe
etag
4188671789125589074
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 14 Oct 2022 08:01:50 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 61B0 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242782&pi=t.ma~as.2784%2F13801&w=300&lmt=1664525544&url=https%3A%2F%2Freurl.cc%2FpMRx4x&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664525544380&bpp=15&bdt=490&idt=131&shv=r20220928&mjsv=m202209260101&ptt=5&saldr=sa&correlator=8564256091718&frm=23&ife=1&pv=1&ga_vid=697224600.1664525541&ga_sid=1664525545&ga_hid=1898908164&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=4137765006&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44770881%2C31067826&oid=2&pvsid=3002605275570105&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.6whtjf7nbbic&fsb=1&dtd=148
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
75070
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 29 Sep 2022 11:21:15 GMT
etag
48472445140208031
expires
Fri, 30 Sep 2022 11:21:15 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 994F 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8b1e6e7524d6b0ff92213bd9173940a37aa2a54685e70532da2be2cad218dffb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame D249 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
78584
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 29 Sep 2022 10:22:41 GMT
expires
Fri, 29 Sep 2023 10:22:41 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 7D8F 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242783&pi=t.ma~as.2784%2F12679&w=300&lmt=1664525544&url=https%3A%2F%2Freurl.cc%2FpMRx4x&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664525544356&bpp=14&bdt=447&idt=104&shv=r20220928&mjsv=m202209280101&ptt=5&saldr=sa&correlator=8564256091718&frm=23&ife=1&pv=2&ga_vid=697224600.1664525541&ga_sid=1664525544&ga_hid=1569809238&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=185496731&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44760912%2C31070010%2C31069564&oid=2&pvsid=3021857933724103&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ecnxqulzd6eg&fsb=1&dtd=123
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 10:22:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78585
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Sep 2023 10:22:40 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame B50A 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242783&pi=t.ma~as.2784%2F12679&w=300&lmt=1664525544&url=https%3A%2F%2Freurl.cc%2FpMRx4x&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664525544356&bpp=14&bdt=447&idt=104&shv=r20220928&mjsv=m202209280101&ptt=5&saldr=sa&correlator=8564256091718&frm=23&ife=1&pv=2&ga_vid=697224600.1664525541&ga_sid=1664525544&ga_hid=1569809238&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=185496731&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44760912%2C31070010%2C31069564&oid=2&pvsid=3021857933724103&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ecnxqulzd6eg&fsb=1&dtd=123
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
75070
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 29 Sep 2022 11:21:15 GMT
etag
48472445140208031
expires
Fri, 30 Sep 2022 11:21:15 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 7D8F 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cb24d23c813cc94bb450bd68e06680af143157c407d61e4e9adb534e87a188cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type
image/png
current
dclk-match.dotomi.com/match/bounce/ Frame 61B0 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEHelCjencvz1mg6PYFogVx0&google_cver=1&google_push=AZmPxg8TapeTiJk7RQ5ME_1sE2sb43ZIgQ3Qk2iQtDgvVJXr_NEQm1WEdpOrQ5FxnB5DS0p1nLwXkcUbeGGZEd4IQfkDG4syZEcx
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242782&pi=t.ma~as.2784%2F13801&w=300&lmt=1664525544&url=https%3A%2F%2Freurl.cc%2FpMRx4x&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664525544380&bpp=15&bdt=490&idt=131&shv=r20220928&mjsv=m202209260101&ptt=5&saldr=sa&correlator=8564256091718&frm=23&ife=1&pv=1&ga_vid=697224600.1664525541&ga_sid=1664525545&ga_hid=1898908164&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=4137765006&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44770881%2C31067826&oid=2&pvsid=3002605275570105&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.6whtjf7nbbic&fsb=1&dtd=148
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Sep 2022 08:12:25 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame 61B0
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESENvYlBv-xcUjMbMLVF6lcDY&google_cver=1&google_push=AZmPxg-b4vLlu0SqI505jlQZaSM7j556-WzlbDTiSb9XmxbaraBurnIYsF6lXroW8tlMVSHDyNVTHaMdQN5w5J4v...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg-b4vLlu0SqI505jlQZaSM7j556-WzlbDTiSb9XmxbaraBurnIYsF6lXroW8tlMVSHDyNVTHaMdQN5w5J4vVMjtNSoJw-M
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg-b4vLlu0SqI505jlQZaSM7j556-WzlbDTiSb9XmxbaraBurnIYsF6lXroW8tlMVSHDyNVTHaMdQN5w5J4vVMjtNSoJw-M
Requested by
Host: reurl.cc
URL: https://reurl.cc/pMRx4x
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Sep 2022 08:12:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 30 Sep 2022 08:12:25 GMT
Server
MT3 4525 e1952b7 master nrt-pixel-x21 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg-b4vLlu0SqI505jlQZaSM7j556-WzlbDTiSb9XmxbaraBurnIYsF6lXroW8tlMVSHDyNVTHaMdQN5w5J4vVMjtNSoJw-M
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 30 Sep 2022 08:12:24 GMT
google
match.adsrvr.org/track/cmf/ Frame 61B0 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEAtDPXDyLuc2gpKDZZfUsPs&google_cver=1&google_push=AZmPxg-6TIX1lGQEmEulB2fdHZ9VyWuSJrQMvbKx9s7BJ4JEIdvr8YyxPFYMop-pDrCTNDQzflaqq1qETt-65Fo1abnXP9wUqiVC
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242782&pi=t.ma~as.2784%2F13801&w=300&lmt=1664525544&url=https%3A%2F%2Freurl.cc%2FpMRx4x&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664525544380&bpp=15&bdt=490&idt=131&shv=r20220928&mjsv=m202209260101&ptt=5&saldr=sa&correlator=8564256091718&frm=23&ife=1&pv=1&ga_vid=697224600.1664525541&ga_sid=1664525545&ga_hid=1898908164&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=4137765006&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44770881%2C31067826&oid=2&pvsid=3002605275570105&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.6whtjf7nbbic&fsb=1&dtd=148
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 30 Sep 2022 08:12:25 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 61B0
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEK2SvgWGTKiv4YJ5TxczFAM&google_cver=1&google_push=AZmPxg-Wjo0z-bHcyI2XCdq_iXTD5aK1L7JQwfV-NxOip9TC2E4h8tu8HQKt9R82ztZ2KoLDblIXq8t...
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=8&google_gid=CAESEK2SvgWGTKiv4YJ5TxczFAM&google_cver=1&google_push=AZmPxg-Wjo0z-bHcyI2XCdq_iXTD5aK1L7JQwfV-NxOip9TC2E4h8tu8HQKt9R82ztZ2K...
  • https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=8Fpg2SriQPymIiuLPoOEhmM2pOk
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=8Fpg2SriQPymIiuLPoOEhmM2pOk
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242782&pi=t.ma~as.2784%2F13801&w=300&lmt=1664525544&url=https%3A%2F%2Freurl.cc%2FpMRx4x&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664525544380&bpp=15&bdt=490&idt=131&shv=r20220928&mjsv=m202209260101&ptt=5&saldr=sa&correlator=8564256091718&frm=23&ife=1&pv=1&ga_vid=697224600.1664525541&ga_sid=1664525545&ga_hid=1898908164&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=4137765006&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44770881%2C31067826&oid=2&pvsid=3002605275570105&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.6whtjf7nbbic&fsb=1&dtd=148
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Sep 2022 08:12:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 30 Sep 2022 08:12:24 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=8Fpg2SriQPymIiuLPoOEhmM2pOk
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
dds
rtb.openx.net/sync/ Frame 61B0 		43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEHpq1EjUdnAOvgF4WQ8AMPc&google_cver=1&google_push=AZmPxg9gGyy_sTgATGJNsmNzJmtV8y0vfB5YQrFgvxSqMIS4nJz-q_maPoOQ67s0SivS-LH_pOQvv5g0NNksgt2s2pq1Q_Yc2NKJ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242782&pi=t.ma~as.2784%2F13801&w=300&lmt=1664525544&url=https%3A%2F%2Freurl.cc%2FpMRx4x&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664525544380&bpp=15&bdt=490&idt=131&shv=r20220928&mjsv=m202209260101&ptt=5&saldr=sa&correlator=8564256091718&frm=23&ife=1&pv=1&ga_vid=697224600.1664525541&ga_sid=1664525545&ga_hid=1898908164&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=4137765006&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44770881%2C31067826&oid=2&pvsid=3002605275570105&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.6whtjf7nbbic&fsb=1&dtd=148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Sep 2022 08:12:24 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
0q1k5gu3jdqi35kecmgph1q58o1p8ap1
pixel
cm.g.doubleclick.net/ Frame 61B0
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEHVPaIcPXnBRGi1F0yfKFck&google_cver=1&google_push=AZmPxg8sVRiRa3PtNGdxl5T_OKxll-_ZofequiZFxUyCunKvfZ4Ga9K80s1NhN5-4gs7u33_0zqxiLmVgHLzbGt0bj5lZd...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEHVPaIcPXnBRGi1F0yfKFck&google_cver=1&google_push=AZmPxg8sVRiRa3PtNGdxl5T_OKxll-_ZofequiZFxUyCunKvfZ4Ga9K80s1NhN5-4gs7u33_0zqxiLmVgHLzbGt0...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=NcGQ0NFSTEizGNSfg-8Vmg&google_push=AZmPxg8sVRiRa3PtNGdxl5T_OKxll-_ZofequiZFxUyCunKvfZ4Ga9K80s1NhN5-4gs7u33_0zqxiLmVgHLzbGt...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=NcGQ0NFSTEizGNSfg-8Vmg&google_push=AZmPxg8sVRiRa3PtNGdxl5T_OKxll-_ZofequiZFxUyCunKvfZ4Ga9K80s1NhN5-4gs7u33_0zqxiLmVgHLzbGt0bj5lZdqiyrO6
Requested by
Host: reurl.cc
URL: https://reurl.cc/pMRx4x
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Sep 2022 08:12:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=NcGQ0NFSTEizGNSfg-8Vmg&google_push=AZmPxg8sVRiRa3PtNGdxl5T_OKxll-_ZofequiZFxUyCunKvfZ4Ga9K80s1NhN5-4gs7u33_0zqxiLmVgHLzbGt0bj5lZdqiyrO6
access-control-allow-origin
*
date
Fri, 30 Sep 2022 08:12:25 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame 61B0
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEE...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AZmPxg9GDttM2Zxv0_nJsRPeAF0IIajIEs1TvPtgpnFKcEJUOxqIFrI4zI45slgjmakQSaf3cZSuFC0MKw_0FP-J0j5Kc3qGZew&redir=https%3A%2F%2Fcm.g.double...
  • https://sync.targeting.unrulymedia.com/csync/RX-5eb3f4d8-4565-4507-937c-479325d5a50c-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAZmPxg9GDttM2Zxv0_nJsRPeA...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg9GDttM2Zxv0_nJsRPeAF0IIajIEs1TvPtgpnFKcEJUOxqIFrI4zI45slgjmakQSaf3cZSuFC0MKw_0FP-J0j5Kc3qGZew&google_hm=A16z9NhFZUUHk3xHkyXVpQw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg9GDttM2Zxv0_nJsRPeAF0IIajIEs1TvPtgpnFKcEJUOxqIFrI4zI45slgjmakQSaf3cZSuFC0MKw_0FP-J0j5Kc3qGZew&google_hm=A16z9NhFZUUHk3xHkyXVpQw
Requested by
Host: reurl.cc
URL: https://reurl.cc/pMRx4x
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Sep 2022 08:12:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg9GDttM2Zxv0_nJsRPeAF0IIajIEs1TvPtgpnFKcEJUOxqIFrI4zI45slgjmakQSaf3cZSuFC0MKw_0FP-J0j5Kc3qGZew&google_hm=A16z9NhFZUUHk3xHkyXVpQw
date
Fri, 30 Sep 2022 08:12:25 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX5eb3f4d845654507937c479325d5a50c003
content-type
text/html
attr
cm.g.doubleclick.net/pixel/ Frame 61B0 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LCqSBwXFBvn9fvXwJVVcdcGIB-N_n_xvzaXyfVYfrU8KkGKR8XNEjt46823qq2KUak0Vc1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242782&pi=t.ma~as.2784%2F13801&w=300&lmt=1664525544&url=https%3A%2F%2Freurl.cc%2FpMRx4x&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664525544380&bpp=15&bdt=490&idt=131&shv=r20220928&mjsv=m202209260101&ptt=5&saldr=sa&correlator=8564256091718&frm=23&ife=1&pv=1&ga_vid=697224600.1664525541&ga_sid=1664525545&ga_hid=1898908164&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=4137765006&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44770881%2C31067826&oid=2&pvsid=3002605275570105&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.6whtjf7nbbic&fsb=1&dtd=148
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:25 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://img.scupio.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://img.scupio.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 30 Sep 2022 08:12:24 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
274032
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 15C7
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=5vrpbXx5SzZvTkt1b0ZwNTlkelRlZVdsOUlPQTRFOUJUU3ZHUUdXSmdaTDRkTHBLMitrczFhR3JRWlJuOE5VZXQ2Z2dMS2EzVE5KVGo1TU5wMWhtN3VBa1UyV0Ywd1JHUnVUbnYrWFZkWmFTbE1uYjZNSHFaWGw4WHFKUj...
424 B
693 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=5vrpbXx5SzZvTkt1b0ZwNTlkelRlZVdsOUlPQTRFOUJUU3ZHUUdXSmdaTDRkTHBLMitrczFhR3JRWlJuOE5VZXQ2Z2dMS2EzVE5KVGo1TU5wMWhtN3VBa1UyV0Ywd1JHUnVUbnYrWFZkWmFTbE1uYjZNSHFaWGw4WHFKUjRkZDZ5OEgyUlFkMlNFVk9NNDJJeXNsTXJhN3JQcTdRZG5KTTd1Y3p2Q2ZRdUlCNzVQRlFqOC9JQ1d1WmgxZVBVSVc4K1NRWmZ0dGlEQ044VVFJMUFSWkRHckN5aTB5ZCs3UU5yQm9zVFBaZ3NVWTdUSnpnSWVGemZqc0gxR3J6QzQ0clI3d29RbTdLbGRWbVhuNk4wZ2tMb2NkVVlocUQzVkxreXZkSENhb2RCZzhRRFNmaz18&cppv=2
Requested by
Host: reurl.cc
URL: https://reurl.cc/pMRx4x
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
828b7125cb6de19959974d7b57f742ca8198afe9ebd72514f0a093a9f07d074a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Sep 2022 08:12:24 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
929968
expires
0

Redirect headers

pragma
no-cache
date
Fri, 30 Sep 2022 08:12:24 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=5vrpbXx5SzZvTkt1b0ZwNTlkelRlZVdsOUlPQTRFOUJUU3ZHUUdXSmdaTDRkTHBLMitrczFhR3JRWlJuOE5VZXQ2Z2dMS2EzVE5KVGo1TU5wMWhtN3VBa1UyV0Ywd1JHUnVUbnYrWFZkWmFTbE1uYjZNSHFaWGw4WHFKUjRkZDZ5OEgyUlFkMlNFVk9NNDJJeXNsTXJhN3JQcTdRZG5KTTd1Y3p2Q2ZRdUlCNzVQRlFqOC9JQ1d1WmgxZVBVSVc4K1NRWmZ0dGlEQ044VVFJMUFSWkRHckN5aTB5ZCs3UU5yQm9zVFBaZ3NVWTdUSnpnSWVGemZqc0gxR3J6QzQ0clI3d29RbTdLbGRWbVhuNk4wZ2tMb2NkVVlocUQzVkxreXZkSENhb2RCZzhRRFNmaz18&cppv=2
access-control-allow-origin
https://img.scupio.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
697824
content-length
0
expires
0
cm
c.holmesmind.com/ Frame 15C7 		0
13 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm
Requested by
Host: reurl.cc
URL: https://reurl.cc/pMRx4x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:25 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
idSync
sync.aralego.com/ Frame 15C7 		35 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idSync
Requested by
Host: reurl.cc
URL: https://reurl.cc/pMRx4x
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Washington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:25 GMT
connection
close
content-length
35
content-type
image/gif
view
googleads4.g.doubleclick.net/pcs/ Frame 994F 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuLxO4_K7PKMGWdYmXMGGOrGGFSLrFx3lHYTEaRp7eapCFs4ZQsGVdUHI9taPJ4EUmr-tlwennjGyh3D5iTibGzXnhElD9yW1jC-Tibh1yKbciXkj_C9l0I6aULvx-4w3qZxhdt-aaLSOnYPbOKWfZsrDAR2-PU7AUGEYPc_nOaPX2F3ppYGhWd7nWAd-DgZG8a3TGpsE6s6fgLQpYc9FF6Z61eVSPqaPENRN7wzgO8yJUtR_P9A_7ZYA7BVm88TASjKmUhBldi4LZiVKGB5pHjtzNz1XwIeHZVUgSNjaEXxe4W8pIuGzT8JIPDgeTj7DPAqNqjZYrGQPqnDGG52FWeKoVz7vwx8qmw0Oegn3yn2oRfuuwj5Rj94zkZWe-I1CtBSMzNVkF_EZeKNHtZu_jYEvb6wiwtSswrmFK-BNz4NAI_QGaapxZmzm4idCiKSnvayNM5r8j6zoLrVY1ju26dL-RV4PJHj2NzoeT9VqWN8GNv9_V9mbFqAmmNy-slHrrvk8JwVT15a89wifXBcKzm6HwCygErFigwCn88y_8p7xLTXjBMpe98WEAzsFgJNlblmxtxsFKgfJMm0YnSnI1QurL1i1B7tZb6J4AGO1lVFrrsM4_w-t4mPsTOpL8uQGzXmStwwDUh375nULxPTcU7Bg3iDBw4X4nToF_9omCwkxg4mZM4ljPO6_XeFIu2AfHQlIJq50yVhLO4c_YZl5Zz8R1VMCqfTUiJlvGq1LYJ8RePb-qZc0p68R6y3CV8POSJNgGzMnUU9UqQKF1_yUramCYcUgXvHXOGtHaqJ56Nko111Oq8gQ4jJ2U8C2GgdxSfHWJKeE40DBJA6aULFzBu7fTiKuedvChrph4zeytkiSVTrGPVSpe10R3F58CfJI1z0Kgm8mICYSWFmC7XMp-WMhLxsSymVxmhXV3fdmo4H1PWvk18wLi_KpIsheayWmydynDnpMaJcVYtBBsAMNZtpaa6Cit5icCahvWiT2tlc-1kggKrzqBC7uBKNUJR95N7nX2Iqs2ocfQCIXSlicfzrYJc27-41gt-vnodyG7Hh5bZSviixilbpujzTRszBim2YftzT_uZ584_L2sRcilIZf3znCTflnPrDZzRtKD46DQCyHh3PV0nGtAnAk3WIPrTft_XePOE4traoFE_Oqky-cJxephfAcLBrSY3GKnH_lYBi_0-5eV4RtVokMz2CKXY&sai=AMfl-YT1H1nRfrQNC_GCArmb3EQULH17iT6nAEGKgt0eJW9aZSGfiF3Adyq-EGRmlIlnuCRnNEURrP3IdkfqUkjaJLLLkQEV0WrImeK9GU_wOcc_HyVsooKsfeMGrUTcto7lksfMm-JndmpfrzAhmevVc6-4CwlDuYieZcLc61ulm_0YERHRjkmy0sIk&sig=Cg0ArKJSzAaZZBRbcraLEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=172&vt=11&dtpt=170&dett=2&cstd=0&cisv=r20220928.60747&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CEdXd67ubtICRjSyEd5yNA477mkAEm1I1AfgVbDY0jxmTdtIARPgGmEAHsSOSIM_FOFqsIlY-xIloXDiSEJ3iA1eQeGuW-Gyv0GuHxCs4tv5WO9Y8TnsJ8qcm2WuvtfvYOV-0N0hwGXNrdYw2iUdpgDY7ih9J1Fm5O__xaGibku8E00b4&cry=1&dbm_d=AKAmf-BRyXQcvbFznyQo67rj7cEqR-80JyKszLtALIneyrmwumQFh0CHmoc3mNlxGnYHoQ845sgK5XQR6aBVd-MetGwngpWoqPRNDzKratcyloXejjT1YQs_cBL56C8UkG3zyd-KMl_vX6dSizdgf3LyZjenp64bqwvze18yeEp8xH_nSx3Ysx7zVWkRarnH2vaZFChj5ae7LQoyZqnW3S1qS6urp6F973wh0FE4yuMLfjnq9Nx7sBf-KDdaqde6Rk8AOKCJT2HJonOAx9uT-VTDlm68Z1Vlc7WWuPIuBI4qhRtEz5y0NOhKsiNs6o7Ao7X8HrnxKRWp2Wr4MFyntBTDUW3Gb2zBxA-1D3zRX1f1QoRY3JAQZ91q892wpa3N0uNtoaGxYe2r1LJixRY_KhwhHKQigqSDS4ILKZBNopg4rydDiHqhLoBoMFJi8VVM6GJd_-Amz3HuCsfu4YauZhYV_FkYofiHdhPCcal549tq2gV5et3PQtKi9rEwd6TdSRUBHTYE4Cw2R0MXLv7kyIXB0cQeWacIs4w5h5e2S4bBh2nRxBYwc4z8TyrncCAqzcFWihbEPeAOBR9V-uF4TiY2ZK9Ms5yHm3sJObgqbqXndbXNNqUV8s2CzJSO7nWCCpZuj72Yvte24MtwZikntjoheB4--wQSB3SN-q7-bBWWkQElj6pGgd48XUb3O-xLeVX7tc-42fzuFMZZXo2DnCs988qJqKf84wur__edE_pe8VMGMembcAuHmABnXUDLyUxsh55kuJX-7FD5jO8ZTal8N_DBDkyG56ap-rIfJ_CBi036k5At7kpG8L21reD8Iz0-CgSIf-IzKVnXQla0XIPFAk6GOXpx0U2LEYcRtyNIgIT-R54q2KDi_WywzozAV3ZYKaHDCsGk1vwkey-D7PkprzkqyUA-p15hSN4A8aax-tXn3-4LY5WlAPNlBF3Ra_qqN_ea6b5EJY0R5qzsAVahcGr1Ax91sCRLngo7u8aGj3pXXYSOhzzbWO4m8eFlKl0sszTEp2vU-lyp5dGy49oqQayNur_MvtFiYwNMjN2l7FD-zipw7CIf6eEOod_7lqHilPv-zGn1GDtbeNqorlujAxQQMgeTEv3hoZZXf7OoNcWICDSfyWdWTzooMeCWkSYy2eRnyEvEyg_THGndr3LqWZhh8NoNOJtVyajhEDLQCV7sagKNTPpNANpInGQoP9UW9VVqhlz2J3K1Yvgxmw00j3zcS0tcdCWpopjFmIoGTutesvRLD_lt796LdLxSU2Zr6xj818prZ9LA00tGNwm5mdtHWks3wX-xUNzmLS-zlRcaX4flmteJXRNrHSfQtG7_oGvItX25HRfHH5txdHm0fTqKlDO7SctBgxY4XtPPqARU5TVshDtuco3H4hueJl20zKjr-4xNJy97wkbZ8S01cS5_e0lslSXehgbN_apMsu1z3JLMbfe5LuwMyFIF6hSb-HioopDUcXknPG8SdC9BJpSTkUehB066c_ceqgicDRYhciVnSqjB7ZvsZYJ-l7Nd66CwhHSYSR6ljjhuV-yUBfzs2cVrlO0jLNRKNN9N_sXvHaNH-AsjhC2RUkkRhgJzthYCvFZO7GwJ5HsiLg1IUYhyttHt8vumOolpUj6NVDcVHZqYO6Hpe1kuvDpZK1ZRsfG1nh1NWYpFJNPYwiw-pmOi5PDoPpIURgUOcrgMmYxVwjWmUyvC3g1i6BC1D6JEAQdpjUvuGcGALS8q3K4lyb7vYNep1_h9uu55-ttqm_Sohn3aAmqpNh2xAF2IN7odJPXb1wHQGUUbxOY-_G2i0dyLahL7Xkl6pS9T4P9TSKrdNlbpENqkUN-PWVK-rGxV8no1cTHdix0Y9ZM0czRBOearxqkbiBtCJeR9F5MsFwJAAopbAeCqpeBh8PkThaGwdI6wjvH-RvEKX6NAdPxYri4HWPC9qP6hGpEDqMcbkqFB_ReqmTJsmPmNvBYyQcWE9GVDthUZc-xpkIVBt9-pr9dLwkn-K-b7hTcVj1sknYZ4aIaWXnqFa7xrMOV5Onyddt4ook9seJk-nZQz4vz7VjG5OuEmewdzZVM_TRfS44W_Gg9VKNlcBYkNASAMzYMsTdEf8a5U-GNF-XPE1rwdIsQNLNg9g74tXiZWv0dbpF3Jiy1_zRaM0lhAJQEiEoxI5L78pySeAkpVLGf8HR92CtAudODFdNnM5UXydHtWDQ_oTM1oJHCzFUVhAofoV2gSwlki9nfwvCDRXQ69QDKflCxC7SnvAKkP8QErokDOsTdv6gEYl-o-gDF1muv6TK-YLclqNcsbI531OlzrjUwz6B26nACywYHIFZdnI-_w8YgYUoAeg9EQH4lx63etrmr9DK3TF0ExrJaqN0HL0Ad7NXUAvqOGZ99OJm-s3dspk8EpYX9AboF11z17Ss0bmujWb8dPQmh1XIBPehKvIo6P_9HCkD23bRrqYLix1E0DfLi2_0RMha0zcw1JiBLSuG-fJfmO-TSqegMkrCVxzmA8NhI-wjRt23NuFFA8vfOPEYPw9ZXVxqwqnPyI2zoDZO5nC4auH-I1YjFJ_soDofj1lsAlsFPt0_Hb2tY9daMBDLi3KZOKTeIWhLWNsiDQ7e3Js3LF0yZ98cN_Gd5mVnvIjakf2U3esxTkvvVOTbe7-M57eZCgRl2IegWMIJDqH7w6H1t5Acho5W0s3p0tdraxij5BoABb1LfrhMjKRBk2vHs9bA_40ElvB5b4OBXOvQ17RuGF3c2bqQetyVDx7DIr1VbsjgNE207Y2-6ixNYdoHHLuD0bXsbzVMGTp0NZS7xvRthEizPpE2meUfZxC7iSfWZ9-u6IMtVan63PdXh3Mvyy4RHC-7Ko_J4l2mxA-PQVwgP4Lj4oIudaXWwdQ0UgGIFQfpHY6ggwjWEeCl-5M_3AcyNM9FnFqpbHMnRxuyaH7JkxHxFQ31QV-NGz9dIINBaeyvMWFuU3_06tOuWqO5miwfGIPfjqMTS2yqNI5d27R74H7rMw20p79NqJ7ECPwbFKu7WVNkUe7lkEdyDkLLb54PMxhzUJUiBykdqUFSYchjBuGvcCOXVOwqw5I9PWPG5Xn_CSIKq7uqp-D3Ui1moggxxL2ioIIPeobeOTQSckRre1Zk_ej_Z7ev7wDYQDPvb9YQdzBzBMbDEcRAEGQ1g7BJW-sn7PalBPKA-8c583Qa0SKxmoDkRRHTOH6B-8TadlTgCVhoDkiHqmBYUS0TZ3uEMqUtJ1tgLRzfkuSBXFaB4uKoas&cid=CAASEuRotTIcHyyEhgh7P8MzF0ukRg&rfl=6%2Chttps%253A%252F%252Freurl.cc%242%2C%2C%2C%2C%2Chttps%253A%252F%252Freurl.cc%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:25 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame F4C9 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
78584
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 29 Sep 2022 10:22:41 GMT
expires
Fri, 29 Sep 2023 10:22:41 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame B50A
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEIPAPu9S5L9GWq-vZRbL7ho&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEIPAPu9S5L9GWq-vZRbL7ho&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MjA0elUyeXIxT0ViOGQ1&google_gid=CAESEIPAPu9S5L9GWq-vZRbL7ho&google_cver=1&google_push=AZmPxg_DV_ROEKi3tUuZqunzOV7T6M6jl1djaplLPTsjF8S...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MjA0elUyeXIxT0ViOGQ1&google_gid=CAESEIPAPu9S5L9GWq-vZRbL7ho&google_cver=1&google_push=AZmPxg_DV_ROEKi3tUuZqunzOV7T6M6jl1djaplLPTsjF8S84bHbbJ-47mAHCvPkzW319UWJx8TpYyIicPx2v_ikDzKs10ETr3Gi
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242783&pi=t.ma~as.2784%2F12679&w=300&lmt=1664525544&url=https%3A%2F%2Freurl.cc%2FpMRx4x&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664525544356&bpp=14&bdt=447&idt=104&shv=r20220928&mjsv=m202209280101&ptt=5&saldr=sa&correlator=8564256091718&frm=23&ife=1&pv=2&ga_vid=697224600.1664525541&ga_sid=1664525544&ga_hid=1569809238&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=185496731&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44760912%2C31070010%2C31069564&oid=2&pvsid=3021857933724103&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ecnxqulzd6eg&fsb=1&dtd=123
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Sep 2022 08:12:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 30 Sep 2022 08:12:24 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/5cd8a5d#5cd8a5dae4649c563ed7e6eb1dd90a4f2423ff29 i-0b4514da13a8bc28c@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MjA0elUyeXIxT0ViOGQ1&google_gid=CAESEIPAPu9S5L9GWq-vZRbL7ho&google_cver=1&google_push=AZmPxg_DV_ROEKi3tUuZqunzOV7T6M6jl1djaplLPTsjF8S84bHbbJ-47mAHCvPkzW319UWJx8TpYyIicPx2v_ikDzKs10ETr3Gi
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B50A
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEDr5x2OyDLUDPl53rA0zNDo&google_cver=1&google_push=AZmPxg_yVesaM1GTbFHfnLfaVDuTzXgWnreX4IAeEHUWVu5PRRRBpR2eGwEyWQogxDRkGOprBkRXAOmXux6n99ynQUhxnvGB2zdx
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2CD3AE38F7C144C2A581515C44B950B5&google_push=AZmPxg_yVesaM1GTbFHfnLfaVDuTzXgWnreX4IAeEHUWVu5PRRRBpR2eGwEyWQogxDRkGOprBkRXAOmXux6n99y...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2CD3AE38F7C144C2A581515C44B950B5&google_push=AZmPxg_yVesaM1GTbFHfnLfaVDuTzXgWnreX4IAeEHUWVu5PRRRBpR2eGwEyWQogxDRkGOprBkRXAOmXux6n99ynQUhxnvGB2zdx
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242783&pi=t.ma~as.2784%2F12679&w=300&lmt=1664525544&url=https%3A%2F%2Freurl.cc%2FpMRx4x&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664525544356&bpp=14&bdt=447&idt=104&shv=r20220928&mjsv=m202209280101&ptt=5&saldr=sa&correlator=8564256091718&frm=23&ife=1&pv=2&ga_vid=697224600.1664525541&ga_sid=1664525544&ga_hid=1569809238&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=185496731&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44760912%2C31070010%2C31069564&oid=2&pvsid=3021857933724103&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ecnxqulzd6eg&fsb=1&dtd=123
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Sep 2022 08:12:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 30 Sep 2022 08:12:25 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2CD3AE38F7C144C2A581515C44B950B5&google_push=AZmPxg_yVesaM1GTbFHfnLfaVDuTzXgWnreX4IAeEHUWVu5PRRRBpR2eGwEyWQogxDRkGOprBkRXAOmXux6n99ynQUhxnvGB2zdx
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 29 Sep 2022 08:12:25 GMT
google
match.adsrvr.org/track/cmf/ Frame B50A 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEAtDPXDyLuc2gpKDZZfUsPs&google_cver=1&google_push=AZmPxg9qGET7uv6AosU3GMTE0MaLfNCNcBozmFPHp8P7YPmjDh14qPNDlYpUJR2R148DzhN_f-1zy5J8iDI-jzU1-L8f9jb7d0Dh
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242783&pi=t.ma~as.2784%2F12679&w=300&lmt=1664525544&url=https%3A%2F%2Freurl.cc%2FpMRx4x&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664525544356&bpp=14&bdt=447&idt=104&shv=r20220928&mjsv=m202209280101&ptt=5&saldr=sa&correlator=8564256091718&frm=23&ife=1&pv=2&ga_vid=697224600.1664525541&ga_sid=1664525544&ga_hid=1569809238&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=185496731&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44760912%2C31070010%2C31069564&oid=2&pvsid=3021857933724103&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ecnxqulzd6eg&fsb=1&dtd=123
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 30 Sep 2022 08:12:25 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame B50A
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEORcKqcwHaGPg_1BfRHql7c&google_cver=1&google_push=AZmPxg_zMMrtBJLPIC3uvmcnUXxYUDU9BYeM21kDWglU-ttT8yOITs9CDip9OT05SiQYC4y-OljJUfQfRUZcNw...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE0OTA4Mjc3OTEzNzUzODE5NQ%3D%3D&google_push=AZmPxg_zMMrtBJLPIC3uvmcnUXxYUDU9BYeM21kDWglU-ttT8yOITs9CDip9OT05SiQYC4y-OljJUfQfRUZcNwEpUm...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE0OTA4Mjc3OTEzNzUzODE5NQ%3D%3D&google_push=AZmPxg_zMMrtBJLPIC3uvmcnUXxYUDU9BYeM21kDWglU-ttT8yOITs9CDip9OT05SiQYC4y-OljJUfQfRUZcNwEpUm3f58gnG9g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242783&pi=t.ma~as.2784%2F12679&w=300&lmt=1664525544&url=https%3A%2F%2Freurl.cc%2FpMRx4x&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664525544356&bpp=14&bdt=447&idt=104&shv=r20220928&mjsv=m202209280101&ptt=5&saldr=sa&correlator=8564256091718&frm=23&ife=1&pv=2&ga_vid=697224600.1664525541&ga_sid=1664525544&ga_hid=1569809238&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=185496731&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44760912%2C31070010%2C31069564&oid=2&pvsid=3021857933724103&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ecnxqulzd6eg&fsb=1&dtd=123
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Sep 2022 08:12:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE0OTA4Mjc3OTEzNzUzODE5NQ%3D%3D&google_push=AZmPxg_zMMrtBJLPIC3uvmcnUXxYUDU9BYeM21kDWglU-ttT8yOITs9CDip9OT05SiQYC4y-OljJUfQfRUZcNwEpUm3f58gnG9g
Date
Fri, 30 Sep 2022 08:12:25 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame B50A
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESED1aAm7gyVctDZ7uQz5MaSs&google_cver=1&google_push=AZmPxg9c4IIJeu62qzA0-DMS6tghoEQMYjoqdlg5rB8TdFVyKol08Kk8ihwOK91-LCVMckn_wmmGO4yRSTZNM0pNKUjR...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESED1aAm7gyVctDZ7uQz5MaSs&google_cver=1&google_push=AZmPxg9c4IIJeu62qzA0-DMS6tghoEQMYjoqdlg5rB8TdFVyKol08Kk8ihwOK91-LCVMckn_wmmGO4yRSTZNM0...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg9c4IIJeu62qzA0-DMS6tghoEQMYjoqdlg5rB8TdFVyKol08Kk8ihwOK91-LCVMckn_wmmGO4yRSTZNM0pNKUjRw1hRtlQ&google_hm=mpgFpajzQn-n0jP2cyq-jw==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg9c4IIJeu62qzA0-DMS6tghoEQMYjoqdlg5rB8TdFVyKol08Kk8ihwOK91-LCVMckn_wmmGO4yRSTZNM0pNKUjRw1hRtlQ&google_hm=mpgFpajzQn-n0jP2cyq-jw==
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242783&pi=t.ma~as.2784%2F12679&w=300&lmt=1664525544&url=https%3A%2F%2Freurl.cc%2FpMRx4x&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664525544356&bpp=14&bdt=447&idt=104&shv=r20220928&mjsv=m202209280101&ptt=5&saldr=sa&correlator=8564256091718&frm=23&ife=1&pv=2&ga_vid=697224600.1664525541&ga_sid=1664525544&ga_hid=1569809238&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=185496731&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44760912%2C31070010%2C31069564&oid=2&pvsid=3021857933724103&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ecnxqulzd6eg&fsb=1&dtd=123
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Sep 2022 08:12:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg9c4IIJeu62qzA0-DMS6tghoEQMYjoqdlg5rB8TdFVyKol08Kk8ihwOK91-LCVMckn_wmmGO4yRSTZNM0pNKUjRw1hRtlQ&google_hm=mpgFpajzQn-n0jP2cyq-jw==
Date
Fri, 30 Sep 2022 08:12:25 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame B50A
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEHVPaIcPXnBRGi1F0yfKFck&google_cver=1&google_push=AZmPxg8kOhIsHNM5Q3-fF2kq1GsJR9kfjKlssCaR6lmWG9HD-BmZde_BgrdhCiTfMr27Us2XVUffoO3FWkn2SEtShJw1Fz...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEHVPaIcPXnBRGi1F0yfKFck&google_cver=1&google_push=AZmPxg8kOhIsHNM5Q3-fF2kq1GsJR9kfjKlssCaR6lmWG9HD-BmZde_BgrdhCiTfMr27Us2XVUffoO3FWkn2SEtS...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=NcGQ0NFSTEizGNSfg-8Vmg&google_push=AZmPxg8kOhIsHNM5Q3-fF2kq1GsJR9kfjKlssCaR6lmWG9HD-BmZde_BgrdhCiTfMr27Us2XVUffoO3FWkn2SEt...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=NcGQ0NFSTEizGNSfg-8Vmg&google_push=AZmPxg8kOhIsHNM5Q3-fF2kq1GsJR9kfjKlssCaR6lmWG9HD-BmZde_BgrdhCiTfMr27Us2XVUffoO3FWkn2SEtShJw1FzWJ68Ow
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242783&pi=t.ma~as.2784%2F12679&w=300&lmt=1664525544&url=https%3A%2F%2Freurl.cc%2FpMRx4x&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664525544356&bpp=14&bdt=447&idt=104&shv=r20220928&mjsv=m202209280101&ptt=5&saldr=sa&correlator=8564256091718&frm=23&ife=1&pv=2&ga_vid=697224600.1664525541&ga_sid=1664525544&ga_hid=1569809238&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=185496731&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44760912%2C31070010%2C31069564&oid=2&pvsid=3021857933724103&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ecnxqulzd6eg&fsb=1&dtd=123
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Sep 2022 08:12:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=NcGQ0NFSTEizGNSfg-8Vmg&google_push=AZmPxg8kOhIsHNM5Q3-fF2kq1GsJR9kfjKlssCaR6lmWG9HD-BmZde_BgrdhCiTfMr27Us2XVUffoO3FWkn2SEtShJw1FzWJ68Ow
access-control-allow-origin
*
date
Fri, 30 Sep 2022 08:12:25 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame B50A
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEE...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AZmPxg-E3KBYQVMV6qzhYSK63xsBT-YzbU0DunwxHDo7c1fhNDVjFDtrRDRR8VIujT8J3dI7MK1la0L1tk_GL-9JEVQvaXezAsmV&redir=https%3A%2F%2Fcm.g.doubl...
  • https://sync.targeting.unrulymedia.com/csync/RX-5eb3f4d8-4565-4507-937c-479325d5a50c-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAZmPxg-E3KBYQVMV6qzhYSK63...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg-E3KBYQVMV6qzhYSK63xsBT-YzbU0DunwxHDo7c1fhNDVjFDtrRDRR8VIujT8J3dI7MK1la0L1tk_GL-9JEVQvaXezAsmV&google_hm=A16z9NhFZUUHk3xHkyXVpQw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg-E3KBYQVMV6qzhYSK63xsBT-YzbU0DunwxHDo7c1fhNDVjFDtrRDRR8VIujT8J3dI7MK1la0L1tk_GL-9JEVQvaXezAsmV&google_hm=A16z9NhFZUUHk3xHkyXVpQw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242783&pi=t.ma~as.2784%2F12679&w=300&lmt=1664525544&url=https%3A%2F%2Freurl.cc%2FpMRx4x&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664525544356&bpp=14&bdt=447&idt=104&shv=r20220928&mjsv=m202209280101&ptt=5&saldr=sa&correlator=8564256091718&frm=23&ife=1&pv=2&ga_vid=697224600.1664525541&ga_sid=1664525544&ga_hid=1569809238&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=185496731&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44760912%2C31070010%2C31069564&oid=2&pvsid=3021857933724103&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ecnxqulzd6eg&fsb=1&dtd=123
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Sep 2022 08:12:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg-E3KBYQVMV6qzhYSK63xsBT-YzbU0DunwxHDo7c1fhNDVjFDtrRDRR8VIujT8J3dI7MK1la0L1tk_GL-9JEVQvaXezAsmV&google_hm=A16z9NhFZUUHk3xHkyXVpQw
date
Fri, 30 Sep 2022 08:12:25 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX5eb3f4d845654507937c479325d5a50c003
content-type
text/html
attr
cm.g.doubleclick.net/pixel/ Frame B50A 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LbPqF19df8Hgku0PgXIu59L_e1KOWtxdpnyiwP6Sfn3OCHlL5kS59OcDsV8ypTW37jxaV8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242783&pi=t.ma~as.2784%2F12679&w=300&lmt=1664525544&url=https%3A%2F%2Freurl.cc%2FpMRx4x&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664525544356&bpp=14&bdt=447&idt=104&shv=r20220928&mjsv=m202209280101&ptt=5&saldr=sa&correlator=8564256091718&frm=23&ife=1&pv=2&ga_vid=697224600.1664525541&ga_sid=1664525544&ga_hid=1569809238&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=185496731&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44760912%2C31070010%2C31069564&oid=2&pvsid=3021857933724103&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ecnxqulzd6eg&fsb=1&dtd=123
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:25 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js
pagead2.googlesyndication.com/bg/ Frame D249 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8272ed99c2fe9a7e77a6af842513173821400a3a597748aa888bfcd284de29ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 06:55:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4630
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 30 Sep 2023 06:55:15 GMT
index.html
s0.2mdn.net/sadbundle/5958565599956564489/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/ Frame F481 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5958565599956564489/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
423705d020235f060fe854739561f1f3e8f6cf9c4401798c30112fea9928eca8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
371747
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1669
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 26 Sep 2022 00:56:38 GMT
expires
Tue, 26 Sep 2023 00:56:38 GMT
last-modified
Wed, 06 Jul 2022 12:46:20 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 7D8F 		0
27 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssicKN8ICXw1o8fbw0ehQWx0wuh8a5JkizupftKuRM2Lmaq11vRGZdo-tvuq7VLIgB04SFGc-paCinhVJZrij1snUEJqOyMWINnfAIHOklM9RjZOJHKnj0j7-oiYn1G_T4ibxs7fpIpyZNvOSQgUrtjDNfoWLVE7GjKStG58ks8uHW_4WvFv3li7Qy-27nN7B6dGhW5KYPs5iaDuLZJu2n5SsiKhSlid1mo-WedR8P-RwIe4jWmMNQjMbE_9FqADr-RL_mrqok3VTZtFUCE4-l_LYYYIvXLhHsygY8qzcU9GV4O7ZmyY68isvoEUVkawN2BokWJTyKoCbo5dgJ8PG1H0LEOdW7XK2R3Fh-plNvEZz-z1iTgjVlPnqgJBL-F_a6hyZmzHboKCHdRDYYp7csN_Fyxz-1DWa4vvcEIkjM6G6_9ShC0xsCWdMM21udjFUBMACNrwiQuC3x7kSArRvQVDUwooAqQ1ZjEGQsLZQiCMIXYYVXy8Wzh-dyy2tKl2qHPao43MOtu7apqAwpHxS2PzJHaoZXJY9440P0tSNGr2qAhaymp3JYIHJ8wPcyIuaTL0KGE6qc7tgdY-_deNGYRwVdLPpB36rK4SQscOCjFAmI1gl2oc5bpccdvC907ML19qWhsakhdaRKZIWoFxyHQAo5QFLVSmLVhZ2Q8zhnNQhC2NIl9WfvOPJPRLHxXNWsyEtgLfSKkH18UXFXKMYTCRNZF90XDzI4AqYkoaqXFZ0F-3iSF3DKYGI84FJGDaKHvXxqoXlW6rUIyuzOP2QS0inX5AUTrbMg50NVkUfsXLqi9bgjW7m2iCyuFsSfu-HvsO5J-Fh93mZw4W9fEUvkQgcaL975ed11pXHAP07bgpRZ3W_94W1FKt7HM62G3cIFJk6wWjrW4TNz5_2gWceExOjlpH5h4lCIfZJ6eOxD2Y1Lyk1wKKuh3Y44HRkxtZAXmbtOOZOpO0o0gBq9LZRdgzbi9-ws-oar7Dmo43d6zlCxlEUIZmRZSKzHkM6aTmE5SKHZNMlB2i87UdcqjGG3H9MJXl01lUBFsbcTU9Qp1FOi5GqpwDhhpxylymQqQIvGTAUmZEaan29WlOF3TmNtLRZZgbMbX-M-JPujWsOsw7ATMrj1MhITl1fYgcB-VbGLm94ipqdjbWq2QQjxvZbpk5Zl7QQ1yR9Lv5IxaIxg3Xy7XuG6j37JgIdB0GCOfVnStS4hKHZ0p_h_H4ZQqBjYvLgwiSAOnGfRFqCqKqGK2FH4JvRysJ3ndWsT-j3e2bXYew9ArpJX4OoJcxmEX4BX5NHjkYgc62sn9VHEtTMC3&sai=AMfl-YSg5gdSXycs0A0xnOfcQRG5M8PHld3mctn17-MSxXNGFPf6obpFcPRruK6lV_Z_P8pfOOp8siZQkF0jnIAKWqE5lKvacN0P2hiY7U1KQa5-usro30YvTwfh9FPOKJYVW3G37VfAg96pha1xNPj1-NAYCbc9PJtt&sig=Cg0ArKJSzOuMl9lUTrAEEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=181&cbvp=1&cstd=177&cisv=r20220928.37762&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: reurl.cc
URL: https://reurl.cc/pMRx4x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 30 Sep 2022 08:12:25 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://img.scupio.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://img.scupio.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 30 Sep 2022 08:12:24 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
531337
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame A7A5
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=EQaFM3wyei9NNzhXMzJUeGFyRkVUMlhFTDF5M2lWUFd3ZUdJOGhMVVFMdzZzd2JNNGFweHA4SjFWRldoK3lzWDlCazA2QUUwUFg3aHljbEZwRG1mRDFNaC9mNGV6YkFQZUxsRVZoSkdoSlB6VVJIU0xWZmlnemhOT2p1K1...
424 B
692 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=EQaFM3wyei9NNzhXMzJUeGFyRkVUMlhFTDF5M2lWUFd3ZUdJOGhMVVFMdzZzd2JNNGFweHA4SjFWRldoK3lzWDlCazA2QUUwUFg3aHljbEZwRG1mRDFNaC9mNGV6YkFQZUxsRVZoSkdoSlB6VVJIU0xWZmlnemhOT2p1K1Rqc1hqV3FvcW5MZFB2eVdkSXR2cE9qMFV6bnI0Q2VEemM5bWJOeVBGcWF5eXZlSlF4eHpuTDV5bVNkdlZPajdOcWxDUFZEZ2xOZ2JONnhJSHkzUk1RRGJSN2EyS0h0ZSs2UFlTTERuclVuampqb29HNW9jOXJ2ZEZkMXA5ajR5RTBoNHUyZHFiRHk3OU5CUFM0N0JCMTdHaDB3aGtqN1c5cHdMaWViTVpvZW83S3ltcjFyWT18&cppv=2
Requested by
Host: reurl.cc
URL: https://reurl.cc/pMRx4x
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3ff832c701364201c9f648f60446742b4484f36077f25c3d3ba698b51272a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Sep 2022 08:12:24 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
819712
expires
0

Redirect headers

pragma
no-cache
date
Fri, 30 Sep 2022 08:12:24 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=EQaFM3wyei9NNzhXMzJUeGFyRkVUMlhFTDF5M2lWUFd3ZUdJOGhMVVFMdzZzd2JNNGFweHA4SjFWRldoK3lzWDlCazA2QUUwUFg3aHljbEZwRG1mRDFNaC9mNGV6YkFQZUxsRVZoSkdoSlB6VVJIU0xWZmlnemhOT2p1K1Rqc1hqV3FvcW5MZFB2eVdkSXR2cE9qMFV6bnI0Q2VEemM5bWJOeVBGcWF5eXZlSlF4eHpuTDV5bVNkdlZPajdOcWxDUFZEZ2xOZ2JONnhJSHkzUk1RRGJSN2EyS0h0ZSs2UFlTTERuclVuampqb29HNW9jOXJ2ZEZkMXA5ajR5RTBoNHUyZHFiRHk3OU5CUFM0N0JCMTdHaDB3aGtqN1c5cHdMaWViTVpvZW83S3ltcjFyWT18&cppv=2
access-control-allow-origin
https://img.scupio.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
490480
content-length
0
expires
0
idSync
sync.aralego.com/ Frame A7A5 		35 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idSync
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Washington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:25 GMT
connection
close
content-length
35
content-type
image/gif
cm
c.holmesmind.com/ Frame A7A5 		0
13 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:25 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=5vrpbXx5SzZvTkt1b0ZwNTlkelRlZVdsOUlPQTRFOUJUU3ZHUUdXSmdaTDRkTHBLMitrczFhR3JRWlJuOE5VZXQ2Z2dMS2EzVE5KVGo1TU5wMWhtN3VBa1UyV0Ywd1JHUnVUbnYrWFZkWmFTbE1uYjZNSHFaWGw4WHFKUjRkZDZ5OEgyUlFkMlNFVk9NNDJJeXNsTXJhN3JQcTdRZG5KTTd1Y3p2Q2ZRdUlCNzVQRlFqOC9JQ1d1WmgxZVBVSVc4K1NRWmZ0dGlEQ044VVFJMUFSWkRHckN5aTB5ZCs3UU5yQm9zVFBaZ3NVWTdUSnpnSWVGemZqc0gxR3J6QzQ0clI3d29RbTdLbGRWbVhuNk4wZ2tMb2NkVVlocUQzVkxreXZkSENhb2RCZzhRRFNmaz18&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 30 Sep 2022 08:12:24 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
639095
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js
pagead2.googlesyndication.com/bg/ Frame F4C9 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8272ed99c2fe9a7e77a6af842513173821400a3a597748aa888bfcd284de29ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 06:55:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4630
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 30 Sep 2023 06:55:15 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=EQaFM3wyei9NNzhXMzJUeGFyRkVUMlhFTDF5M2lWUFd3ZUdJOGhMVVFMdzZzd2JNNGFweHA4SjFWRldoK3lzWDlCazA2QUUwUFg3aHljbEZwRG1mRDFNaC9mNGV6YkFQZUxsRVZoSkdoSlB6VVJIU0xWZmlnemhOT2p1K1Rqc1hqV3FvcW5MZFB2eVdkSXR2cE9qMFV6bnI0Q2VEemM5bWJOeVBGcWF5eXZlSlF4eHpuTDV5bVNkdlZPajdOcWxDUFZEZ2xOZ2JONnhJSHkzUk1RRGJSN2EyS0h0ZSs2UFlTTERuclVuampqb29HNW9jOXJ2ZEZkMXA5ajR5RTBoNHUyZHFiRHk3OU5CUFM0N0JCMTdHaDB3aGtqN1c5cHdMaWViTVpvZW83S3ltcjFyWT18&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 30 Sep 2022 08:12:24 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
583201
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sodar
pagead2.googlesyndication.com/getconfig/ Frame FA69 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220928&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=reurl.cc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0212d8a8bb1042fedb7150881e64cfecf7173aa6e807c624753cd64dd608974f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11497
x-xss-protection
0
ad.css
s0.2mdn.net/sadbundle/5958565599956564489/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/css/ Frame F481 		1 KB
494 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5958565599956564489/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/css/ad.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5958565599956564489/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e980978372ef893e791fa10ac60561adda47a13b2fa5a10557e491808259633f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5958565599956564489/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 10:24:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78491
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
465
x-xss-protection
0
last-modified
Wed, 06 Jul 2022 12:46:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 29 Sep 2023 10:24:14 GMT
img1.jpg
s0.2mdn.net/sadbundle/5958565599956564489/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/ Frame F481 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5958565599956564489/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/img1.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5958565599956564489/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
16ec50bac671d303d46d078347192e3defdfebd1488991288f6182f4b6fe1488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5958565599956564489/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:40:33 GMT
x-content-type-options
nosniff
age
88312
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36078
x-xss-protection
0
last-modified
Wed, 06 Jul 2022 12:46:20 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 29 Sep 2023 07:40:33 GMT
img2.jpg
s0.2mdn.net/sadbundle/5958565599956564489/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/ Frame F481 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5958565599956564489/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/img2.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5958565599956564489/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9fff3f99dc21e4051a54b10c589611a6b4c56b78079c275cc9279d996950468
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5958565599956564489/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 15:41:01 GMT
x-content-type-options
nosniff
age
59484
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45194
x-xss-protection
0
last-modified
Wed, 06 Jul 2022 12:46:20 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 29 Sep 2023 15:41:01 GMT
img3.jpg
s0.2mdn.net/sadbundle/5958565599956564489/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/ Frame F481 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5958565599956564489/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/img3.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5958565599956564489/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93b3c4a595bd63cb41b20bfa3feed5a0515c0b1ad5b943d12c50e37dcea64696
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5958565599956564489/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 14:05:15 GMT
x-content-type-options
nosniff
age
583630
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36124
x-xss-protection
0
last-modified
Wed, 06 Jul 2022 12:46:20 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 23 Sep 2023 14:05:15 GMT
img4.jpg
s0.2mdn.net/sadbundle/5958565599956564489/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/ Frame F481 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5958565599956564489/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/img4.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5958565599956564489/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e064bae416609c3a889384a353c1fccad530f6a9169a2dd3702aa54813d88443
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5958565599956564489/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 00:07:21 GMT
x-content-type-options
nosniff
age
374704
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44662
x-xss-protection
0
last-modified
Wed, 06 Jul 2022 12:46:20 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 26 Sep 2023 00:07:21 GMT
txt1.png
s0.2mdn.net/sadbundle/5958565599956564489/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/ Frame F481 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5958565599956564489/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/txt1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5958565599956564489/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6369d32085728856813df2a0debbfed9a2338698cbba75737849c9805a9570f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5958565599956564489/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 10:57:56 GMT
x-content-type-options
nosniff
age
76469
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6882
x-xss-protection
0
last-modified
Wed, 06 Jul 2022 12:46:20 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 29 Sep 2023 10:57:56 GMT
txt1b.png
s0.2mdn.net/sadbundle/5958565599956564489/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/ Frame F481 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5958565599956564489/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/txt1b.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5958565599956564489/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
adfb4cad9ff9a338742a03254c75f3bb152534d4209c0eacf2175f4a3091d667
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5958565599956564489/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 14:05:15 GMT
x-content-type-options
nosniff
age
583630
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5429
x-xss-protection
0
last-modified
Wed, 06 Jul 2022 12:46:20 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 23 Sep 2023 14:05:15 GMT
txt2.png
s0.2mdn.net/sadbundle/5958565599956564489/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/ Frame F481 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5958565599956564489/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/txt2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5958565599956564489/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb7a31f16a1a9bda77fe3d3f1201ac7e238101cd1022b68e93580fa39394fbcb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5958565599956564489/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 00:07:21 GMT
x-content-type-options
nosniff
age
374704
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7176
x-xss-protection
0
last-modified
Wed, 06 Jul 2022 12:46:20 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 26 Sep 2023 00:07:21 GMT
txt2b.png
s0.2mdn.net/sadbundle/5958565599956564489/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/ Frame F481 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5958565599956564489/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/txt2b.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5958565599956564489/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bcb5c5298e2439eacc8bbbd3a20f56b1cb005614bb4af475a9510124c33aa3ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5958565599956564489/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 17:21:16 GMT
x-content-type-options
nosniff
age
485469
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3772
x-xss-protection
0
last-modified
Wed, 06 Jul 2022 12:46:20 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Sep 2023 17:21:16 GMT
txt3.png
s0.2mdn.net/sadbundle/5958565599956564489/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/ Frame F481 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5958565599956564489/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/txt3.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5958565599956564489/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ad2ae14f9e3a0b0f5a8ce19fef6938a770fd218074ed858feaf48cb2986c4372
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5958565599956564489/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 16:39:30 GMT
x-content-type-options
nosniff
age
142375
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9401
x-xss-protection
0
last-modified
Wed, 06 Jul 2022 12:46:20 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 28 Sep 2023 16:39:30 GMT
txt3b.png
s0.2mdn.net/sadbundle/5958565599956564489/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/ Frame F481 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5958565599956564489/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/txt3b.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5958565599956564489/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cde1e812a0335654f8b799dc109ef9c0254c72de4e35f40c20a2bdded0be19c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5958565599956564489/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 00:07:21 GMT
x-content-type-options
nosniff
age
374704
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4662
x-xss-protection
0
last-modified
Wed, 06 Jul 2022 12:46:20 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 26 Sep 2023 00:07:21 GMT
txt4.png
s0.2mdn.net/sadbundle/5958565599956564489/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/ Frame F481 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5958565599956564489/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/txt4.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5958565599956564489/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e7878bbb1a0d8199e68adf0a7ffdf82a162b0a24207a696b0c5a8c3f64acc4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5958565599956564489/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 14:05:15 GMT
x-content-type-options
nosniff
age
583630
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7513
x-xss-protection
0
last-modified
Wed, 06 Jul 2022 12:46:20 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 23 Sep 2023 14:05:15 GMT
txt4b.png
s0.2mdn.net/sadbundle/5958565599956564489/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/ Frame F481 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5958565599956564489/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/txt4b.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5958565599956564489/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85d8b565ec1b8140a0f3dd1801e149bc09ee8fd650539cb35ae5aeb86faa29c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5958565599956564489/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 11:56:11 GMT
x-content-type-options
nosniff
age
504974
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7018
x-xss-protection
0
last-modified
Wed, 06 Jul 2022 12:46:20 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Sep 2023 11:56:11 GMT
cta_img1.png
s0.2mdn.net/sadbundle/5958565599956564489/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/ Frame F481 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5958565599956564489/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/cta_img1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5958565599956564489/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c7f7b6ccfbf79cae50825d1c5bb299e19e6dcf08322824815ac50a223949b7e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5958565599956564489/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 07:22:43 GMT
x-content-type-options
nosniff
age
2982
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3710
x-xss-protection
0
last-modified
Wed, 06 Jul 2022 12:46:20 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 30 Sep 2023 07:22:43 GMT
cta_img2.png
s0.2mdn.net/sadbundle/5958565599956564489/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/ Frame F481 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5958565599956564489/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/cta_img2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5958565599956564489/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
06d5536790e8d7944356feaf9ae77fa4796addcfeade125e8ec10bb4b7491a5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5958565599956564489/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 00:07:21 GMT
x-content-type-options
nosniff
age
374704
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3821
x-xss-protection
0
last-modified
Wed, 06 Jul 2022 12:46:20 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 26 Sep 2023 00:07:21 GMT
info_text.png
s0.2mdn.net/sadbundle/5958565599956564489/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/ Frame F481 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5958565599956564489/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/info_text.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5958565599956564489/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3749235df78b9b38c7259cfd2ec65ab028abef413abacf3136132e7f5b05fef9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5958565599956564489/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:40:33 GMT
x-content-type-options
nosniff
age
88312
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24639
x-xss-protection
0
last-modified
Wed, 06 Jul 2022 12:46:20 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 29 Sep 2023 07:40:33 GMT
logo.png
s0.2mdn.net/sadbundle/5958565599956564489/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/ Frame F481 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5958565599956564489/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/logo.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5958565599956564489/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8acb14506260c4c012ca16081656a17cbf162224ddf70d31e48e6cefb7fb6cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5958565599956564489/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 00:07:21 GMT
x-content-type-options
nosniff
age
374704
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4246
x-xss-protection
0
last-modified
Wed, 06 Jul 2022 12:46:20 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 26 Sep 2023 00:07:21 GMT
tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame F481 		105 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5958565599956564489/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5958565599956564489/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35824
x-xss-protection
0
last-modified
Fri, 09 Oct 2015 14:01:28 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 30 Sep 2022 08:12:25 GMT
ad.js
s0.2mdn.net/sadbundle/5958565599956564489/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/js/ Frame F481 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5958565599956564489/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/js/ad.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5958565599956564489/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e47d8bef38af843704c4eae28e8b4cbc3b4b56b1564b934a7c11499f41a1a9a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5958565599956564489/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 14:05:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
583630
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2717
x-xss-protection
0
last-modified
Wed, 06 Jul 2022 12:46:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 23 Sep 2023 14:05:15 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame FA69 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=reurl.cc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 30 Sep 2022 08:12:25 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7D6E 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2745
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 30 Sep 2022 07:26:40 GMT
expires
Sat, 30 Sep 2023 07:26:40 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 201F 		783 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
0e5cbad320e4b87dc89397baf0901597ab956b36cd72ecb566a2390ee119cedc
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-mviR9xablJjEFZkqdCncXw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-mviR9xablJjEFZkqdCncXw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 30 Sep 2022 08:12:25 GMT
expires
Fri, 30 Sep 2022 08:12:25 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame AEC2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022092601&jk=4428012310141551&bg=!s7ClsPTNAAYQgTJdMIE7ACkAdvg8WntOyFbzSGS5_-aYAlbISwUM8QEwiCSnzIVdxlKll4oHHMdx1AIAAACQUgAAAANoAQeZAv0YYXnUG6dYFhPqB_C8qQQEJalVJnApmV2EeZq5pYDOqH56tmWAxcThc-jPSi0eXk7MjNeZQuq4vXIWb48ZCErSlEaBKW2FkOpSt7CGGSBfED5lS_T_vWwWyl23fXqkUebK_jFzuzNtrm_jTXcpnhTt1lcgl2RBPE-B_-iPRdxL2KQwhHocP3kPphImeIfhlLZn0AUH1yhVIX7xYH-uTCsIlqS6pYAHt9Z0uxfFHKKGMFyvTT6MZNEeng1BD1HFj1TN8F9zfslFQiZJFDKOxBFKkU3wxDyzDNRKFhefBIpwvYTCfJBVsvmS7giyR8j_6HrAuVDyWPazfR79ordLfZoN92JhIrM3-x38aj280AsKUvpCc1GxjMKWViAL4jBuZe2oh4SVLPe66CG2tOwtB9jtb2HllogJBfYsKtpYy-NYUHWH4SJCqLHMbU37jGZoPs27CChn4x50Yp_2w2C_dMBmGI2v2hun8oZl9om_Ld_XTKaPa7cf_7cVVTGVdpiRq3wngYFm7v0R9g8risryQ2mfInWWwwOgTXY68YW2VsB0ASpASiH3qDMJzkvA12O3-2Ql4S3B6toydx7-p755C9PaJeEfNpwop1luPu_BlTlpf8yT_jW-5VP_g4kZIXIJRHw5e1HwLLYgonE3qetPbcOHU1lAh9TJBIRHXaBvz7hzQxx-Y-DOJWKIRE6uI7REChtP3cPUXSdRzMQNN57YZfRUHG8vbFJSiVXd5eEPnthxIPY-878QboEKjQpfGeHKyov0EElQOz0xdQzuh9LWdlCOIY3wK1SjvL8q2LQVXXABmPiBRQlmznaSkFt7H-KyY120QVL4M9wvK4sh2s95rprVNVPU4puPFjw3IfN81XiqDSZJWUFoj1bd1O6Tooc9Dof8buHo1syJXmlJ0vGEHBTzWJjeq5vcgEamwcIbmLrFMoD8lW_JaYb9kl2IhPz9yM4VIEkpYovxMWOgP_cFoB8URzjLyD-HF_HdT2G8LVbmDju02HDd3gzyg_k5sfo
Requested by
Host: reurl.cc
URL: https://reurl.cc/pMRx4x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame ABCA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022092601&jk=4378894702526501&bg=!vL-lv_vNAAYQgTJdMIE7ACkAdvg8WmWCB4_I1Wwy_KZirwh0CqkEFZ6LQATH0t4v_lIZDB6XhY-yKwIAAAB-UgAAAANoAQcKACQFLkVaiCcx7T1BM5Pb0Sa5UeSn-f7YRU-nzgA_rK3OffHEmWmZAv7iemYuiw0ekCqXP0e6doGYgpLpLXBz5aGlE1rIF1qAWTWg4zKgAx5pjkYtCl2VSdDF2KAVNqZ6_pPCsFBtrdYldcf4BvMbPFRqWnX4HuDr9AoriMPBQ3SzHYZHzEMRyAb_y-NX8-f5tHr9i2Heq03EDZ_AYpsFn3-5hp2cid6IKuAUHQz-WNOdyg3wo4wMBNOxfXYRxCUogmqOVcwrulqeRUz7TUuKF38-_IEQ8xzDGJw6-9Ul4h_inGvwJ8jHiXo4sGeYuj_5Rvro6PqFV1MZS_zNa64hD1IYU3KJp_ztgQTo4qNNHnyjG2bXbwTASr0dmAWW2Tq3NM_I2GDsCzPAsVVu0ukhPSzXcuWo76zUgO3OGWDUCN397EUChIno6J4B_HzdMCO6THBjnxr3UICd-dsIXtKyFtQYf7s5wfggcFAUDPijFHG1o0DrTesfJ32zo8KFI5oJaV3aOQZolSelOQ0xD7mK1qt4m__3zQYscc1a1O5p9SfXQVOJQTsn4yaLjgTFDFPP47xKj5CiZZv-UAh2ts2XQxI8lZYAsNKc4kcbAHwgbpy940wh8kRvwUM19kGDXddWt0McWgP2fWXevejZf41kh127vEGQw4_8Vjc3Pt5puZQQHHnoF1hvQjYh9n6D-H_by3Sjyp1HU21qBRfNexCT4tImogGcnlwnDHBMJp29tj8bvrDTgd094F9yHrdQHtSMqBCz6_OsRoawLGS52NhwGL9V3ZAOz2_PfV3XQgG-aQW0lG0XwXcrrNf68jBK7OItz0w4UogXt3jAyK0qJU54WD2JTxABPacqEHsjJAOdNAB0vwktP8v-E92nyVivVF_C8i-04jLlHPdU3YsW-wxsMHw8b-dZkuGI83cX--yh0pV6Xca3hF18kDxvh1z35wux7R8M-4BEpz-OneT31yiRcx50OELwLYTmmM7e-w-6ZXdc5D5HrdN-FUASB1lJvnPxymN1SwT5U0MZGNLEjf4z5JL2Q1TqdYeWgZQ-int0IlV697rEsT4t
Requested by
Host: reurl.cc
URL: https://reurl.cc/pMRx4x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers
view
googleads4.g.doubleclick.net/pcs/ Frame 7D8F 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssicKN8ICXw1o8fbw0ehQWx0wuh8a5JkizupftKuRM2Lmaq11vRGZdo-tvuq7VLIgB04SFGc-paCinhVJZrij1snUEJqOyMWINnfAIHOklM9RjZOJHKnj0j7-oiYn1G_T4ibxs7fpIpyZNvOSQgUrtjDNfoWLVE7GjKStG58ks8uHW_4WvFv3li7Qy-27nN7B6dGhW5KYPs5iaDuLZJu2n5SsiKhSlid1mo-WedR8P-RwIe4jWmMNQjMbE_9FqADr-RL_mrqok3VTZtFUCE4-l_LYYYIvXLhHsygY8qzcU9GV4O7ZmyY68isvoEUVkawN2BokWJTyKoCbo5dgJ8PG1H0LEOdW7XK2R3Fh-plNvEZz-z1iTgjVlPnqgJBL-F_a6hyZmzHboKCHdRDYYp7csN_Fyxz-1DWa4vvcEIkjM6G6_9ShC0xsCWdMM21udjFUBMACNrwiQuC3x7kSArRvQVDUwooAqQ1ZjEGQsLZQiCMIXYYVXy8Wzh-dyy2tKl2qHPao43MOtu7apqAwpHxS2PzJHaoZXJY9440P0tSNGr2qAhaymp3JYIHJ8wPcyIuaTL0KGE6qc7tgdY-_deNGYRwVdLPpB36rK4SQscOCjFAmI1gl2oc5bpccdvC907ML19qWhsakhdaRKZIWoFxyHQAo5QFLVSmLVhZ2Q8zhnNQhC2NIl9WfvOPJPRLHxXNWsyEtgLfSKkH18UXFXKMYTCRNZF90XDzI4AqYkoaqXFZ0F-3iSF3DKYGI84FJGDaKHvXxqoXlW6rUIyuzOP2QS0inX5AUTrbMg50NVkUfsXLqi9bgjW7m2iCyuFsSfu-HvsO5J-Fh93mZw4W9fEUvkQgcaL975ed11pXHAP07bgpRZ3W_94W1FKt7HM62G3cIFJk6wWjrW4TNz5_2gWceExOjlpH5h4lCIfZJ6eOxD2Y1Lyk1wKKuh3Y44HRkxtZAXmbtOOZOpO0o0gBq9LZRdgzbi9-ws-oar7Dmo43d6zlCxlEUIZmRZSKzHkM6aTmE5SKHZNMlB2i87UdcqjGG3H9MJXl01lUBFsbcTU9Qp1FOi5GqpwDhhpxylymQqQIvGTAUmZEaan29WlOF3TmNtLRZZgbMbX-M-JPujWsOsw7ATMrj1MhITl1fYgcB-VbGLm94ipqdjbWq2QQjxvZbpk5Zl7QQ1yR9Lv5IxaIxg3Xy7XuG6j37JgIdB0GCOfVnStS4hKHZ0p_h_H4ZQqBjYvLgwiSAOnGfRFqCqKqGK2FH4JvRysJ3ndWsT-j3e2bXYew9ArpJX4OoJcxmEX4BX5NHjkYgc62sn9VHEtTMC3&sai=AMfl-YSg5gdSXycs0A0xnOfcQRG5M8PHld3mctn17-MSxXNGFPf6obpFcPRruK6lV_Z_P8pfOOp8siZQkF0jnIAKWqE5lKvacN0P2hiY7U1KQa5-usro30YvTwfh9FPOKJYVW3G37VfAg96pha1xNPj1-NAYCbc9PJtt&sig=Cg0ArKJSzOuMl9lUTrAEEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=553&vt=11&dtpt=372&dett=3&cstd=177&cisv=r20220928.37762&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: reurl.cc
URL: https://reurl.cc/pMRx4x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:25 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 7D8F 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=latest&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
403e9d5ba3e951e3d5b280a74a1a0dc072b98c73dccdc7689989f3971950675d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5877
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 201F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220928&jk=3002605275570105&rc=
Requested by
Host: reurl.cc
URL: https://reurl.cc/pMRx4x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 7D8F 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 30 Sep 2022 08:12:25 GMT
gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js
pagead2.googlesyndication.com/bg/ Frame 7D6E 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8272ed99c2fe9a7e77a6af842513173821400a3a597748aa888bfcd284de29ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 06:55:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4630
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 30 Sep 2023 06:55:15 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D249 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BEna36KQ2Y_-4OOSEjuwPr-6Q4AcAAAAAOAHgBAI&bg=!2Nul25_NAAYQgTJdMIE7ACkAdvg8WiE6vwWrroklPJq7HPGH9bmlYhbH7j-dx5nuaYc5YiYA3hv9QQIAAAFiUgAAAANoAQcKABCURudZMicAE643jAt8-3cRmQMgY6O9sMgVWPUwujHCq4fD8uCgUzKqmiGtcMWESSkzj9-Xfhia0NGrCG_tiomhqPPx6Qmq53AB3hDjbMdSOXk8yspJNVSlBpQGCqxtIPWZKtUGt2uB7AzGPoQO9PZakJ0cMOadeI5L13UIfQ5ka0VNI24Mys-_sS0EkJIynrrXUFdoaySLN_guikgX3NVB4XGogsD9g66XE2_AqiiqANjDmbAp_ITCqxtiPUpULH-9juwLofi1r0sWIb8d57843OzMXI3DhT9VWtrWWgP_vgkVDcoGoTx3AuHlhtgOFimBEqjYUFNkA5d5Rz3ttcPKqnDH6fnD7B4GsXVmP7klKuB6QKGF4NsPHxH9txDPvR-G82Yzg3WcKfdP6-SUfqMuOs1qbLncosO1VW864uQPhizRQl-xuSNhHa0-hegGbAcnERjHuq2yr1VV_nmWy0ctr2SFbMUsgbiiHuaa6bRqNiOZ0iDpgFPRo3_TlpdgRF6ulGvxXRsi9BHMo8Q0ftBBptgB0A8vROvs4VrClTAQOwcMSeE31TYVag8SzoJYIvEwSH1h_8TUHFCY-hx0OJuQHdM5Ci29-I5ypvQEAjs12p60DKjVp87Gygn6K2BIFCebrUd-AI-Q3c-3ddDjLf19f3S-rxlZIbWN63CUUfv8QYU0EQMq_sz4dsg_scG_z2uj19_WndZ4_ewruhlK-24QVYMMri6dw4-zdUyUYjS1jELRbS1uujTh_k7KIYqMZ6nyPeDhNyPONGiS_tBJK3J31IOTwbi6imi3yax_Y0CQkqdkvMJr7HfxWZrQFBfoIfIVAYrJGTFba94lJfl7al5t_s0lqGb9EsrxNz-7EmmeqGIyFwo3WeBPBBeOL4xGPn3UFcGCWKffa31ZV3YioM5F3OPDRNOvTY6JUAioqyMTXgE9w6NrscIUBhZUP8hW1BXFTgB8KDkLk8JxmFpjRjrWg5Br1AYUx4cg4MhF_7C-Bku5Tce5TcW4mq5WwNGjcJbSpPwceWBZ6l0O2Ff7JW6juwuQTWRpo7JPyTQLGyqokNtFBMtTaRpGy3vrMzaQEh_9Xq8
Requested by
Host: reurl.cc
URL: https://reurl.cc/pMRx4x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Sep 2022 08:12:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js
pagead2.googlesyndication.com/bg/ Frame 87C7 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8272ed99c2fe9a7e77a6af842513173821400a3a597748aa888bfcd284de29ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 06:55:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4630
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 30 Sep 2023 06:55:15 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F4C9 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bze__6KQ2Y_bDOMfP7_UPxtuAmA8AAAAAOAHgBAI&bg=!xMelx4PNAAYQgTJdMIE7ACkAdvg8Wm0Tb4QlovCfhGnuxZ3nQbnNJvoh5e_0sNHWWc2grF8FFf-O4QIAAAFcUgAAAANoAQeZAxxLmULdxZy61xdKNnejEmYxdi5vaLZV406hqC6KP3lqcHVj4i8eaYVy2oKx9zT18OpnrjvHm9AQs6eIwb1OxjT71E6BwonRvSG6HliUlalC7pDLiFvOkB2gxsk2_R3sL3FQgQd55Sc7O8R0H2le0UI2Lh0NsPy65wPyUcZQR87zdMHtb_0iz9x9gvAT0qXSgcZWCQ-jVzzCNMoZrtJbUH4G_7G0nHdV582s7kjOlUo8n0LO-2qzaKM3lPrW9lAjOSHNNXJicI460XGLBAc_x7z61tiptR3kGmP31dZUpGRqIWULrh72D9R3UdhaKZzyAwka-J3f03kpur5xPJai5nU0rylwvKkUBRLVcehNU8yAf8t54tXOt-nzD02hJfCFdpGXhAVo2k5qizddlDMzZkC5IO2DT3tU_VMPdZWVBoe3_ExHldAfNqponr9tsEeoLkcZW5Umc_rzs4_5PSsSYZbv3xLZ6D4q2JBQnRkX7w6x32Jc6gjP1pnY7kZy_f4xbimGZIUFpdvbBHCFPb0yAI-XxSzr88rwk9hI__h8R-gKpGzyioW8on9TG-ImbhP3YF3ibbiWdvjW6vTNH2oQuRsl1p9sDwoWFTOq6z-ViEMabGFz8fAeq_LV0dveZsMYScvWOxYXFiBY28Cy75v7Kd2tRysfhO3-iVcrdMw__c7Jnhq7oHwk-cSylWZyfGkxEXsuCKFf8axUDqlBQn3YEgOnWVxedvJi1oUlxkkm3B1oEC4p8msdYUc_VTwbamolb7u_EH_27TU_cwiKkSksvCJ_v-zJU1vYoOIbJ_KwU9WOIx2uGxpUC4Y-FHM5ED1uZXBt4duX6aJ1NbBFaHb-Tb3z730MIp6fhm8VV5nLNXCY5mgmLd46-QPm4y4AsYV2wl6_HZFbxoYL4kGJ0t1OjBT2ks-kcHyWgkS21JXj58UJhYCUkNIq_WLhks6b96XTb0z_c2vYsnRIHg5eXqZaH1U1cju0vdsxGzYk8OPCp8YLiig0jKzqpftmKCtOj6LBlY8rQlGknS-Qd8IZkbCwpXN_p4BsSnjJFog4Q6Nq
Requested by
Host: reurl.cc
URL: https://reurl.cc/pMRx4x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Sep 2022 08:12:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 7D6E 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?0c4JKA
Requested by
Host: reurl.cc
URL: https://reurl.cc/pMRx4x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 08:12:25 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 7D8F 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssK_BUo92HpXQRV9-MNQiZRQqv6o1tC9j4KDugDIGdDjxiTTWUbBb8WMBlIFQES2aseDUjH24hjBBBSLcbP7_VS5W_T1z-u9Y6iTyWeHGd5mMErFjfrL8SpWd6Pjo1i0t7Mt-RIGg&sai=AMfl-YRXIQI5dy3Ndxmvk5lJbpCitUW3urY3t82eI3lpVYglv2H21y3t-4fgv65aFS74kaCkLv4_jQj-jUIugDPw664S7uXze_jGjlD8MA&sig=Cg0ArKJSzFG40YFs73nSEAE&cid=CAASEuRoAX4XiIwk3y65pDumITzdTg&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220928&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3645501049&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664525544481&rpt=753&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Sep 2022 08:12:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 994F 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss5ESpm0qZb0Lje03uWMldumbkNiWLy4JRy1zP5GweBcPeChlAeXXW0RNYGgKcJG6hufpMu1hoLR8i5BxpEJWSsoEVWYCWrluzRLTkWY6qQmsjLm6ElCU6sZ478ceh7eoNf91n1Cg&sai=AMfl-YRORnmdfx65XMu0yeH74E1zpeHai8z21_bAA3Sz1wfS7ZOHOIxTFfYGSJwShzLv33yp5Bzr8RZn9Pf4DSIrB1-nUbergNzL6tdZxw&sig=Cg0ArKJSzPyYMdmaQQO7EAE&cid=CAASEuRotTIcHyyEhgh7P8MzF0ukRg&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220928&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=727071374&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664525544530&rpt=722&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Sep 2022 08:12:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame FA69 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220928&jk=3002605275570105&bg=!9_Sl9LDNAAYQgTJdMIE7ACkAdvg8Wr5b8lA7-hYIZbTe-j3sn7PkujcKfOWu6OvIxiPhjV1ktChatgIAAADfUgAAAANoAQeZAw0ArPPg4cX3QY-icVqzjH55ZTJQo8gCjGQdb5TAP-FtCxP7JkFI0qjDkkCKPCexWM1Y3ZIUqc7cVM32YuumqVYi-nGuMIYgUw6Y8PtIzlAH7SkoW0w9tJYYXwf396725GYI4tbvGE7jr_9g1xzjw0wV2I4zLuLyZHMjXpyOeu3zhctnppACKkAJUGC4kj17I9azsLkz63FVZYlXHOMuZalur9rxvodkNXl3x-zt6LVUBLwjT3UC2ujZZRiEFfRPOkUetabo8tLEM5676snCp_43e3nu2obr1FMUeilDaVhyzfy-kZE36TTKGmV0-kl1y6PMplH306L_DUs1zgQNivbYFFf6GjslNtOs_ntpyti0z8yP0OOvvhIfYwZicFn7eJ-MlxWAwpJ2YhENuIXQZR1AGvUFF5K0guJerXR5cEiOW8jGXJCFmOWo6ZzIRWEuLOllGp6eNKa4t8ZHLcA2qYt4oSOnu5MjCW43g6QiLoJjGKKMLQyzvFdsC7sIUvC-ZpEa_ccL0fURaah-qTFsqTumwcyJ3gNZ9CC1qYJ3E7Gs9zHKHYBzzR8xnFL8R6lbCh_Y6Qd59yl2mQ-ZSfpazMULmVsjI9a5UrsxiiNqPA2xKB2FXJ9y-P_c-QUZLITtt1ARBi1q0UQoPzuKDGP1E_SRozkJs9q2X6Iu7EnoFn1aClbMbWeBLVaSz033BLvgjl-heXc0uH0UE8mCcPw0B-c7PT-Xwe7PDtQfI47FKGXM8BSep7hoczhB4Tpqy7fMLhtEdwFG5vGmnSEtRpo079kC4bbx4ggQhZnIso0i6KjgoCw-sJP6gLTvb-FUy5QZISMqnGfSP7GTMKlxha8IjH9DhkdWolqe5Y8MtGj-0TaYMO4-0pbmXrnP4yjUp27DUN4Cou17TGiKZ6NMkSzG8TK32r6ANh0p7WbeaQryu08L8jTNEVKwKMtrERtstdTxIrVdhEMudtkKgEd9d56RNNvZL2hbLZNs7VcVDlLtHSfnXt2aKW3WWbaT9_-Hcl6ktd5pWC5AtLN9ue6ZGjHe
Requested by
Host: reurl.cc
URL: https://reurl.cc/pMRx4x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fcm.holmesmind.com
URL
https://fcm.holmesmind.com/cm.php
Domain
fcm.holmesmind.com
URL
https://fcm.holmesmind.com/cm.php

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| fbq function| _fbq string| partnerId function| hiball object| __hitagCmdQueue function| Vue object| renews function| getRenewsFeeds object| app string| labelToken string| category string| GoogleAnalyticsObject function| ga object| SD object| device function| sitemajiDebugger string| adUnitType number| edmpvct number| edmpcct function| c_tag_mk number| cftkn function| chktkn object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| ElandTracker function| stfpjs function| cookie_mapping object| Scupioads function| hasOwnProperty object| scupiosdk object| criteo_syncframe_state object| hitag object| google_reactive_ads_global_state object| google_ad_modifications number| google_global_correlator object| google_prev_clients object| googletag

54 Cookies

Domain/Path Name / Value
.reurl.cc/ Name: _ga
Value: GA1.2.697224600.1664525541
.reurl.cc/ Name: _gid
Value: GA1.2.1867703573.1664525541
.reurl.cc/ Name: _gat
Value: 1
.reurl.cc/ Name: _fbp
Value: fb.1.1664525540578.1744440238
reurl.cc/ Name: CFFPCKUUID
Value: 7131-l75Sl5nKh15ZycRKJ9nyRNgujcPY6Fff
.reurl.cc/ Name: CFFPCKUUIDMAIN
Value: 1930-jGqgaPnqwMamN1K4gQnBQ1rECvZ5GA7l
.holmesmind.com/ Name: P
Value: 829572-s9wC6KRrJOJv5cMKI3qOOipmMcGOQf3J
.holmesmind.com/ Name: Vision
Value: 20220930-23:59,20220930-19,20220930-19,20220930-23:59
.holmesmind.com/ Name: C
Value: null
.holmesmind.com/ Name: RK
Value: null
.prnasia.com/ Name: __cf_bm
Value: T53vDpam0w.1BYircin5dxvA.ebPQRsk9USv751pOiA-1664525541-0-Aar3cAR/UIYE+yWOz4OOA8hxpXFetuLOh5vxjyqo7u1Y/6ugaxnsE96zJGcXKQ7uRqEY+P1Hg5jiQq4lTG5xIBQ=
.hinet.net/ Name: uuid
Value: 7b5615bf-1a35-455a-bdc3-f9e13f83816d
.reurl.cc/ Name: _ht_a546ca
Value: 1
.reurl.cc/ Name: _ht_em
Value: 1
.reurl.cc/ Name: _ht_50ef57
Value: 1
.c.appier.net/ Name: _auid
Value: obw3lK6-DlCVgVP15qQ2Yw
.doubleclick.net/ Name: IDE
Value: AHWqTUn966biWmSTScMe3KQG_vfA3Emk5WtqBOG_rKw6aTGT3Uj7nHKK2m3z_jNWNG0
.holmesmind.com/ Name: R
Value: null
.holmesmind.com/ Name: G
Value: we3u7ZGJymKY5J47cKd8kQ==
.holmesmind.com/ Name: d
Value: /jHzqDFxfoBZ4WTyQK3MPaD5j7NQOgUkv1Txfycvr2ReudB2dm6t0KDrpHJuqax6WjAFQ16PJy71RxDiXPBzgA==
.reurl.cc/ Name: _ht_hi
Value: 1
.scupio.com/ Name: fxc
Value: 1
.scupio.com/ Name: OrgKeyValue
Value: CZA20220930161223957882
.scupio.com/ Name: gx
Value: H4sIAGcVN2MA%2fxNmYGDg4uZY1tI2aePGidYCrEIsHPYCTAAlr9yYFwAAAA%3d%3d
.criteo.com/ Name: uid
Value: 5ec4ba9c-41e3-41a6-8409-f5caab879a83
.reurl.cc/ Name: __htid
Value: 7b5615bf-1a35-455a-bdc3-f9e13f83816d
.aralego.com/ Name: sspid
Value: 3302a3d5-f0ed-3d90-bb38-484021093cb2
.yahoo.com/ Name: A3
Value: d=AQABBOekNmMCEBh0BhwQOpa1TKo2hQmu6SIFEgEBAQH2N2NAYwAAAAAA_eMAAA&S=AQAAAv2FjpP8x81Akl1mLQOOWek
.scupio.com/ Name: gxc
Value: 1
.aralego.com/ Name: euconsent-v2
Value:
.aralego.com/ Name: gdpr
Value: 1
.reurl.cc/ Name: __gads
Value: ID=cfbd3546abdcc4ce-22b5790035ce00a5:T=1664525544:RT=1664525544:S=ALNI_MbI0Fc4tND5NmwWD3Dde_fbO2piIA
.casalemedia.com/ Name: CMID
Value: Yzak6Cr5vkJRVBzHhc-wEwAA
.casalemedia.com/ Name: CMPS
Value: 1141
.casalemedia.com/ Name: CMPRO
Value: 1141
.adnxs.com/ Name: uuid2
Value: 8268630381538418630
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2E>9t'+(N!]tbPl1M>e)ZlrFUfJ+tGXxo<G<$]=N!C#oA1wh6<8yMwY8/2B]5+tF`v?u?3If)y3KL9D3I?+(CTYni
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-5eb3f4d8-4565-4507-937c-479325d5a50c-003%22%7D
.sitescout.com/ Name: ssi
Value: f05a60d9-2ae2-40fc-a622-2b8b3e838486#1664525545188
.bidswitch.net/ Name: tuuid
Value: 9a9805a5-a8f3-427f-a7d2-33f6732abe8f
.bidswitch.net/ Name: c
Value: 1664525545
.bidswitch.net/ Name: tuuid_lu
Value: 1664525545
.w55c.net/ Name: wfivefivec
Value: 204zU2yr1OEb8d5
.adfarm1.adition.com/ Name: UserID1
Value: 7149082779137538195
.360yield.com/ Name: tuuid_lu
Value: 1664525545
.360yield.com/ Name: tuuid
Value: 35c190d0-d152-4c48-b318-d49f83ef159a
.casalemedia.com/ Name: CMTS
Value: 5168
.w55c.net/ Name: matchgoogle
Value: 5
.bidswitch.net/ Name: google_push
Value: AZmPxg9c4IIJeu62qzA0-DMS6tghoEQMYjoqdlg5rB8TdFVyKol08Kk8ihwOK91-LCVMckn_wmmGO4yRSTZNM0pNKUjRw1hRtlQ
.sitescout.com/ Name: _ssuma
Value: e30
.simpli.fi/ Name: suid
Value: 2CD3AE38F7C144C2A581515C44B950B5
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-5eb3f4d8-4565-4507-937c-479325d5a50c-003%22%7D
.mathtag.com/ Name: uuid
Value: abab6336-a4e9-4b00-a677-7087214fd0f5
.mathtag.com/ Name: mt_mop
Value: 4:1664525545

1 Console Messages

Source Level URL
Text
network error URL: https://fcm.holmesmind.com/cm.php
Message:
Failed to load resource: the server responded with a status of 502 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0342d0927e7bae31297420a867da69f0.safeframe.googlesyndication.com
7b5615bf-1a35-455a-bdc3-f9e13f83816d.t.ssp.hinet.net
ad.holmesmind.com
ad.sitemaji.com
ad2.apx.appier.net
adcdn.holmesmind.com
ads.aralego.com
ads.yap.yahoo.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
bidder.criteo.com
blog.alphaloan.co
bw.scupio.com
c.holmesmind.com
c8a522ee-a7fb-4437-8501-e886795b0a78.t.ssp.hinet.net
cdn.aralego.net
cdn.holmesmind.com
cdn.jsdelivr.net
cm.g.doubleclick.net
connect.facebook.net
creditcards.com.tw
d0fd612faf23e498f893d32c99e1ae73.safeframe.googlesyndication.com
dclk-match.dotomi.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eus.rubiconproject.com
fcm.holmesmind.com
fp.holmesmind.com
geo.yahoo.com
gocm.c.appier.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hb.aralego.com
i0.wp.com
ib.adnxs.com
img.gbyhn.com.tw
img.racingcharger.tw
img.scupio.com
m.holmesmind.com
match.360yield.com
match.adsrvr.org
mma.prnasia.com
mug.criteo.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-apac.rubiconproject.com
pixel-sync.sitescout.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-asia.creativecdn.com
prebid.scupio.com
rec.scupio.com
reurl.cc
rtb.openx.net
s.yimg.com
s0.2mdn.net
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
static.criteo.net
static.wixstatic.com
static.xx.fbcdn.net
stats.g.doubleclick.net
storage.re-news.tw
sync.1rx.io
sync.aralego.com
sync.mathtag.com
sync.targeting.unrulymedia.com
t.ssp.hinet.net
token.rubiconproject.com
tpc.googlesyndication.com
um.simpli.fi
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
x.bidswitch.net
fcm.holmesmind.com
103.132.192.30
103.229.205.243
104.18.18.126
13.227.219.8
142.250.186.34
142.251.39.2
162.210.196.208
172.105.220.23
172.217.18.2
178.250.2.131
178.250.2.146
18.157.93.190
192.0.77.2
192.0.78.135
192.0.78.236
192.96.200.41
203.75.214.136
210.59.219.175
210.59.219.180
210.59.219.181
212.82.100.146
213.19.147.45
23.205.235.133
2600:9000:223c:8200:0:e06c:e940:93a1
2600:9000:2368:5000:3:1794:2540:93a1
2606:4700:20::681a:567
2606:4700::6810:fc04
2a00:1288:110:c204::b000
2a00:1288:f03d:1fa::2000
2a00:1450:4001:808::2002
2a00:1450:4001:808::2004
2a00:1450:4001:80e::2002
2a00:1450:4001:812::2002
2a00:1450:4001:827::2001
2a00:1450:4001:827::2003
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
2a00:1450:400c:c08::9a
2a00:1450:400d:804::2001
2a00:1450:400d:804::200a
2a00:1450:400d:807::2006
2a02:2638:1::13
2a02:2638:1::3
2a02:fa8:8806:13::1400
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a04:4e42:400::485
2a05:d018:d29:3602:870a:9263:699a:3d34
2a06:98c1:3120::3
2a06:98c1:3121::c
3.123.196.183
3.33.220.150
34.102.176.152
34.117.219.39
34.95.67.231
34.96.119.68
35.185.130.121
35.186.215.140
35.201.76.93
35.204.74.118
35.227.249.156
35.227.252.103
35.244.196.223
37.252.172.250
52.50.55.155
52.68.234.1
66.155.71.149
69.173.144.139
69.173.158.64
85.114.159.93
92.123.9.160
001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343
00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674
0212d8a8bb1042fedb7150881e64cfecf7173aa6e807c624753cd64dd608974f
06d5536790e8d7944356feaf9ae77fa4796addcfeade125e8ec10bb4b7491a5d
0b7c985fafda17e8085fb6ba1cc58444ae9aad39a3f721a627db9e64d4491cea
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e5cbad320e4b87dc89397baf0901597ab956b36cd72ecb566a2390ee119cedc
1219005b1ac715570be263a42b98d63280456e8fc7fcdfdf704536cfe5f9e9b2
1219d714e27f186eb7bbf428f0553a2a5a32fd30e6321b10af81582c66fa173d
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12e46b645dde5408be7fc6f4ce9647addac5d09c5f27dc8e3ffe9e07e6c9a935
13dc84933e4d797b46f63df140ac0238a00a0b2b866c0769e9f39d94fb5976bc
16ec50bac671d303d46d078347192e3defdfebd1488991288f6182f4b6fe1488
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1d28f06564d970524c6ddd30b8a2d3d0890b10333812e8376a435f31c59910df
204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce
21f78ead9deceb0b94c3991d73f75d593f1c05cc3e6324eab58434177bbd1561
221e485bf86ac18179bf20bdaac320a0a993dde0425cb4462b7e4bc71f1f1250
22d4fe7a41e1b5ac442faeccace387a6e59c4f056bc35b71f1b65cf42e7a6721
25355805f44af99037c6b951f9afd762f5fd74eb126aba4b2f82cafa563c0f90
2580afa638fc441b047207ff013a641307c3f71124de626dd0aaab1fe2fb8ef7
26c7117cc5174fc7f607e0c9139290593452e5db4ac76129af7d671f16fdad9a
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c
28bf646c6e799ca96adb3a5b48fe882639d31e27102cad9ed2979555da55944a
29899339f0c91437b73d895f3ad5c3cf5042ba1a9f9165c5d2e56f1c87b2626b
32326e1e80d9a62f25f0e65158688452faec650285acda8b1e14c4dae43c1124
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6
36faf3fe37ff5fdf4a6b58f6f6ed14fec6843d05b1b243054466a72d19cdc51a
3749235df78b9b38c7259cfd2ec65ab028abef413abacf3136132e7f5b05fef9
382baa8521cea4159a4e7f534e6147d15f51b8186157ab8904285c118418b60b
3ad815e2a0469395554c5dbdc363f489dc23ba6f484217a9b89a93d5ad633d57
3e192246e720d2e29f8317a78010c8ab4e44b8c5e7980202134ead85526153cf
3e25ee4fd42b9c3dd0c88da6b82c290f14eb50e640691a0b46e159bc6e27e294
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
403e9d5ba3e951e3d5b280a74a1a0dc072b98c73dccdc7689989f3971950675d
42198d92a91f53e8bfdc3d8556bb0c3d8fe0126d9b2ec2def2e74866d215343d
423705d020235f060fe854739561f1f3e8f6cf9c4401798c30112fea9928eca8
4364f1bf10762c235fd85e3e26d00cd7c84b767e28ce2816ffcf2f4d7b6de1cf
44cab9c958b8109d751bbd77c9a6e415e88b657f14c7830153f8f1e4cf11498e
44d93cc675a184534692d920906aca8c45459eec41ffda2edb7541793c4bf9d0
44de4925b7fdfd5d0844a144ce7c0d4e0373939c4d33e576c408b3f8715a6f25
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ba9f71f94dd3ed2cfeb67bf7f428bd2a2dac31dcd62806805887fcf0c6f2412
4ce81ecccefb27ce0f347ef564114da2ba450a9e1d9a7260b4597e62b1f71a72
4cfb2fc5725c2717da03dfd1f68847cfd3e194b6aac29bb4630ebedf242a76eb
4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f6b9f9190317f2597bd32c47ee858339ba2976c16ab7672ffdd6142d43f8fad
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
5e0c4b65a9aa656ce5484dee823c78de192e6b3fd64eab5317713ff31325c89c
601ee3b6c89032b8db78375d06c726c00d44ba3c19a793accb43713616c0a20f
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62b1f0416c870a765b275a92d20b350ba2697d40004df32d8684d0ecbee11cad
6369d32085728856813df2a0debbfed9a2338698cbba75737849c9805a9570f3
639785aa0d683a5d24bcbe96629d8d07fd8eefd12499bd97606e65f9373a5112
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6ae8ce462f975d0198fb69c9a4c63c17e6fca5ee6e339ee7ae8ab1981acf707e
6cd0f2763e32559668d4e53ef9f590845d486bb72d5a240c6fa082ed7b389748
6d3b83262b34195dd14e7446a0bf8ce2d9c85351a270ce9e1eac07149f7a3881
6d68236bc0e24f4f31bdcca035f7e7db11a06a798acd278412e6e5e822d282b1
6e9ab8ab1d57a0695a66577e348ae4343e1a92f70cb4835a52c4863f11114037
7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba
749079c4e18ad34ac381e98d3fa23e070937ae17b73e27bb066eae5350ed667d
772e052ef54499e8fc29c4114781b2a14316e07fba9960d3eeb73b7c0f6f81bc
7ae2f5b5d641c02de5d3222990df1b555a4a41f06b0eedac42b7f5e984454769
7e44db14ad0b623e7662bf53489cbe60df557cd579eb47aeebdce630e83ba6e9
8128514a9917b6dcdf20f7ee24d6b00a27b2a6aa0f971acb988f358f25ac4005
8272ed99c2fe9a7e77a6af842513173821400a3a597748aa888bfcd284de29ab
828b7125cb6de19959974d7b57f742ca8198afe9ebd72514f0a093a9f07d074a
8290d97b04510b940ddca9f2aea802eaafb36fc7a8f52e4466ed2b77db35c632
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83a37c9bbe8dae0a71e95a0e6401bd5d9576a2b0e35295e640c2d807f9b4424e
8403aab754a9cfba5d122568666dd158c2b9fde155059ee4042b9b1e3b4c4eb3
84bbddf6fd8d392ce40cc7371e17e992dae9204480bbc111249b7eb88c6b8a36
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85d8b565ec1b8140a0f3dd1801e149bc09ee8fd650539cb35ae5aeb86faa29c8
86d8e892ceacd8c8a7e7125c68dd0e1b311f8399871b6d64b8b6795f0235c1d4
8a19b11bd4d96df796e6e2ee6c8eff6fe330664fdd0938a86d8ce0933960d8ab
8a3a7e1d445c0dd6d2a2ece3d01ec89e28bd50fa677af20073ce9a832b5de4cd
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b1e6e7524d6b0ff92213bd9173940a37aa2a54685e70532da2be2cad218dffb
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f85e51a2f3c094fe6816857f185ca3f81647b4a74c6b06dd0df82e1d7455771
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
9106df425157d837db9798b2b26f25f27f9a4e803f2fb0b2851c88492bec14fd
93b3c4a595bd63cb41b20bfa3feed5a0515c0b1ad5b943d12c50e37dcea64696
97196ad19e29045d3f7146aeecc44e0c9d7de591d7556cf2ad4216151d071d02
9723aedcc6c8f5f287e40b8d74da3d8c3f500ecbcabfc1b12b5a930cc96dfbe3
97a8ac3778e546a6f181085011be6050889e44dd212ac3e9782389f0b853c23d
9828988906318b6d1038cf6803745b6d90d3e0563db2e911d838a1f45f03e76c
99ec1b27528b2883154fd166e11c3fa740d28609937a1a0287d95674ea99c2bc
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b00d4d2551062db43cbdd242cff127512527c98a70e4e3dc67afa0d0e2c108d
9c8c0ac19964706e18280f35973180a896d74c52c760c2d7047d6a94c1329a6f
9d5c007ca975b1e1d932bc558293c9e67cd0cb1e60c15109f5a7fa200e758f11
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
9e7878bbb1a0d8199e68adf0a7ffdf82a162b0a24207a696b0c5a8c3f64acc4f
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a19902458ab4a5513642a87b381b9183a2fc725849b581fd953e22d824d1c5a7
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7cac69ff4c7b905552b1915305ba548a87acdf6205efe6e5bd1eef0d4700793
a99ec75522caf93bb77147885f95a529dedfd129a1739a6224c78a8dd7019de5
ad2ae14f9e3a0b0f5a8ce19fef6938a770fd218074ed858feaf48cb2986c4372
adfb4cad9ff9a338742a03254c75f3bb152534d4209c0eacf2175f4a3091d667
ae4685e3574d3a89cb76db8e67ad6c70be7433d348d99b04410406e814600dee
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2cfce40888f1fe9452e3f51902873d2f6a93458bf43e072a5042e3f266cc8e9
b429438dd63082fea235b371b0f0fa5af218416317bbeecfeda2786e581d1e7a
b85b761da9d25eeb0443fd8198695a49c10bcf41d8170f01df90259041298aaa
b91628e186ca28fb53aee67e8143e11862cee82c20faf22301b20f0e4f44381c
b9fff3f99dc21e4051a54b10c589611a6b4c56b78079c275cc9279d996950468
bb7a31f16a1a9bda77fe3d3f1201ac7e238101cd1022b68e93580fa39394fbcb
bcb5c5298e2439eacc8bbbd3a20f56b1cb005614bb4af475a9510124c33aa3ad
c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b
c7f7b6ccfbf79cae50825d1c5bb299e19e6dcf08322824815ac50a223949b7e8
cb24d23c813cc94bb450bd68e06680af143157c407d61e4e9adb534e87a188cf
cb559970e468315ee6536be649b06177402e61e08f44baf23dcea086050081a4
cc37fba2e98f49c4d9551f72176d3aff72eacd798e5e85436837847e6b967c36
cd4a6d8ec8af2e2b8cdc5ab4c1459d28a533054c24154872206ebb9a0a692912
cde1e812a0335654f8b799dc109ef9c0254c72de4e35f40c20a2bdded0be19c4
ce1e17725c0565bbdb0d7342bd669fea135d89a610c5f1c9ae7d0eed5e118267
d3ec926923e2d5603266c956a9c8a780141e45d4021b477dd9dfd2c00a18187a
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc
d7fc505653c3573f9bccca93a33e2ed14bd8b4586bdeca9180225dab01f1bbbe
da8438b81e390283f6eb8cc9cf49ccde3d00c954b4fbccdf6372c162c4b58ab2
de9f8dab11d4980f481a5d0b899aefe243ea2027560f1ba4a10796816c9516f9
df9fc79b33d0fb734e48e321d29f6ec2eb038bc8996d098c9ab5858717ceede0
dfaa33d965a5adf05a2ab421e30a3fbceb274c0b28c2884542cda3a41e270764
e064bae416609c3a889384a353c1fccad530f6a9169a2dd3702aa54813d88443
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ff832c701364201c9f648f60446742b4484f36077f25c3d3ba698b51272a43
e41720e8fbf233f34e588f1b688ffd167db7ec00d29fc601f88a99d916c70d85
e47d8bef38af843704c4eae28e8b4cbc3b4b56b1564b934a7c11499f41a1a9a1
e7720852704e8bce1aec7b9756d9051be8392a85b53fabd923442208e8031001
e78c5380563a8a078ca08254718d91472579bdcd61e6b34b1dfacb0f786ed213
e8a98763d7b8f26a3bcec2dde06b27f8f1b21644909ab0903e62678d4ee7193d
e8acb14506260c4c012ca16081656a17cbf162224ddf70d31e48e6cefb7fb6cc
e980978372ef893e791fa10ac60561adda47a13b2fa5a10557e491808259633f
ec5392b0cfae1e9da875ec4e3da58729772508fe5584dbbf5f4d98d5a7161842
ed44e345a8354731787a4fc575c66363aac13eebd6007b88aecd8a1deea341df
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f03f34a896200ac3d36794a86a5b23d054f1982d05740b454078c8526a33b631
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032
f670c1ad9fafff4387b4474fda0e68b090c975ddc416cf9f2aa64f50e1a4077c
f7a8e9ba173126956cea416f7d8039002d47e39abd29f782ac164884ed216c5e
fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818
fdfa393e5fb39c4ab607d817e8d0b5fe3573a4a2e3e8554131fbade8d615bcbf