urlscan.io logo urlscan.io
SecurityTrails logo

reurl.cc Open in urlscan Pro
35.185.130.121  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://reurl.cc/zZD6BDe
Effective URL: https://reurl.cc/zZD6BDe
Submission: On September 19 via manual from HK — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 62 IPs in 10 countries across 46 domains to perform 353 HTTP transactions. The main IP is 35.185.130.121, located in Taipei, Taiwan and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is reurl.cc. The Cisco Umbrella rank of the primary domain is 220639.
TLS certificate: Issued by R3 on July 24th 2022. Valid for: 3 months.
This is the only time reurl.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 6 35.185.130.121 396982 (GOOGLE-CL...)
2 2a04:4e42:600... 54113 (FASTLY)
36 203.75.214.136 3462 (HINET Dat...)
2 35.186.215.140 15169 (GOOGLE)
15 65.9.66.27 16509 (AMAZON-02)
40 2600:9000:206... 16509 (AMAZON-02)
3 2a03:2880:f00... 32934 (FACEBOOK)
1 35.244.196.223 15169 (GOOGLE)
4 2a03:2880:f11... 32934 (FACEBOOK)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1288:f03... 10310 (YAHOO-1)
1 2a00:1450:400... 15169 (GOOGLE)
1 34.95.67.231 15169 (GOOGLE)
1 6 35.201.76.93 15169 (GOOGLE)
4 210.59.219.180 3462 (HINET Dat...)
5 2600:9000:205... 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
7 52.198.19.32 16509 (AMAZON-02)
8 2a02:2638::3 44788 (ASN-CRITE...)
7 103.132.192.30 138552 (RTBHOUSE-...)
7 210.59.219.181 3462 (HINET Dat...)
9 18 34.96.119.68 15169 (GOOGLE)
9 9 172.105.221.240 63949 (LINODE-AP...)
1 212.82.100.146 34010 (YAHOO-IRD)
1 2a00:1288:110... 34010 (YAHOO-IRD)
12 178.250.0.165 44788 (ASN-CRITE...)
5 34.117.219.39 396982 (GOOGLE-CL...)
2 192.96.200.41 30633 (LEASEWEB-...)
4 8 2406:2600:4::b 55569 (CRITEO-AS...)
9 22 142.250.185.130 15169 (GOOGLE)
2 35.227.249.156 15169 (GOOGLE)
6 178.250.0.157 44788 (ASN-CRITE...)
2 210.59.219.175 3462 (HINET Dat...)
2 2 104.96.145.246 16625 (AKAMAI-AS)
4 23.205.235.133 16625 (AKAMAI-AS)
7 14 162.210.196.208 30633 (LEASEWEB-...)
2 2 2a05:d018:d29... 16509 (AMAZON-02)
4 35.71.131.137 16509 (AMAZON-02)
4 13.115.52.250 16509 (AMAZON-02)
2 69.173.144.165 26667 (RUBICONPR...)
1 69.173.158.64 26667 (RUBICONPR...)
6 2606:4700:20:... 13335 (CLOUDFLAR...)
6 2a00:1450:400... ()
23 2a00:1450:400... ()
2 142.250.185.194 ()
2 2a00:1450:400... ()
4 2a00:1450:400... ()
7 2a00:1450:400... ()
2 2a00:1450:400... ()
18 2a00:1450:400... ()
2 2a00:1450:400... ()
1 2600:1901:0:7... ()
10 2606:4700:20:... ()
3 5 104.18.18.126 ()
3 4 185.89.210.180 ()
1 2 2606:4700:440... ()
1 151.101.130.49 ()
2 2 104.18.19.126 ()
2 2 216.52.2.19 ()
2 2 18.195.147.193 ()
2 2 13.248.245.213 ()
9 2a00:1450:400... ()
1 1 185.29.132.241 ()
1 1 35.186.193.173 ()
1 1 35.190.0.66 ()
2 2 37.157.4.28 ()
3 3 213.19.147.45 ()
1 1 18.156.0.31 ()
1 104.111.242.245 ()
2 216.58.212.162 ()
1 2606:4700:20:... ()
2 2a00:1450:400... ()
353 62
6    35.185.130.121 (Taipei, Taiwan)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 121.130.185.35.bc.googleusercontent.com
reurl.cc
2    2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
36    203.75.214.136 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-75-214-136.hinet-ip.hinet.net
t.ssp.hinet.net
db15abf2-3b93-4438-888f-d016bbd373dc.t.ssp.hinet.net
2    35.186.215.140 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 140.215.186.35.bc.googleusercontent.com
ad.sitemaji.com
15    65.9.66.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-27.fra56.r.cloudfront.net
img.scupio.com
40    2600:9000:206f:1e00:0:e06c:e940:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.holmesmind.com
3    2a03:2880:f007:8:face:b00c:0:1 (Vienna, Austria)

ASN32934 (FACEBOOK, US)
connect.facebook.net
static.xx.fbcdn.net
1    35.244.196.223 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 223.196.244.35.bc.googleusercontent.com
storage.re-news.tw
4    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1288:f03d:1fa::4000 (United Kingdom)

ASN10310 (YAHOO-1, US)
s.yimg.com
1    2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    34.95.67.231 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 231.67.95.34.bc.googleusercontent.com
fcm.holmesmind.com
6    35.201.76.93 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 93.76.201.35.bc.googleusercontent.com
c.holmesmind.com
4    210.59.219.180 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
bw.scupio.com
5    2600:9000:2057:2200:3:1794:2540:93a1 (United States)

ASN16509 (AMAZON-02, US)
adcdn.holmesmind.com
3    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
fonts.googleapis.com
7    2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
7    52.198.19.32 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-198-19-32.ap-northeast-1.compute.amazonaws.com
ad.holmesmind.com
8    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
7    103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net
prebid-asia.creativecdn.com
7    210.59.219.181 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
prebid.scupio.com
18    34.96.119.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.119.96.34.bc.googleusercontent.com
ad2.apx.appier.net
9    172.105.221.240 (Tokyo, Japan)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1875-240.members.linode.com
gocm.c.appier.net
1    212.82.100.146 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: media-router-flurry71.prod.media.vip.ir2.yahoo.com
ads.yap.yahoo.com
1    2a00:1288:110:c204::b000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
geo.yahoo.com
12    178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com
bidder.criteo.com
5    34.117.219.39 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 39.219.117.34.bc.googleusercontent.com
fp.holmesmind.com
2    192.96.200.41 (Washington, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
hb.aralego.com
8    2406:2600:4::b (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
22    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
cm.g.doubleclick.net
2    35.227.249.156 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 156.249.227.35.bc.googleusercontent.com
m.holmesmind.com
6    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
2    210.59.219.175 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
rec.scupio.com
2    104.96.145.246 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-145-246.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
4    23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
14    162.210.196.208 (Washington, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
sync.aralego.com
ads.aralego.com
2    2a05:d018:d29:3605:7b20:c0b4:a1ec:b67a (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
4    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
4    13.115.52.250 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-115-52-250.ap-northeast-1.compute.amazonaws.com
ccm.holmesmind.com
2    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    69.173.158.64 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)
pixel-apac.rubiconproject.com
6    2606:4700:20::ac43:47fe (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
6    2a00:1450:4001:829::2002 (None, )

ASN- ()
securepubads.g.doubleclick.net
23    2a00:1450:4001:813::2002 (None, )

ASN- ()
pagead2.googlesyndication.com
2    142.250.185.194 (None, )

ASN- ()
partner.googleadservices.com
2    2a00:1450:4001:831::2002 (None, )

ASN- ()
adservice.google.de
4    2a00:1450:4001:806::2002 (None, )

ASN- ()
adservice.google.com
7    2a00:1450:4001:811::2002 (None, )

ASN- ()
googleads.g.doubleclick.net
adservice.google.de
2    2a00:1450:4001:801::2001 (None, )

ASN- ()
c71de566b756a18b0a03ddf72d0ed323.safeframe.googlesyndication.com
b7512aae327f6d33ffaec59ae189f03c.safeframe.googlesyndication.com
18    2a00:1450:4001:813::2001 (None, )

ASN- ()
tpc.googlesyndication.com
2    2a00:1450:4001:808::2002 (None, )

ASN- ()
www.googletagservices.com
1    2600:1901:0:76b9:: (None, )

ASN- ()
prod-rtb.ad4mat.net
10    2606:4700:20::ac43:4a81 (None, )

ASN- ()
as.ad4m.at
ad4m.at
assets.ad4m.at
5    104.18.18.126 (None, )

ASN- ()
dsum-sec.casalemedia.com
4    185.89.210.180 (None, )

ASN- ()
ib.adnxs.com
2    2606:4700:4400::ac40:98f5 (None, )

ASN- ()
a.tribalfusion.com
s.tribalfusion.com
1    151.101.130.49 (None, )

ASN- ()
sync-tm.everesttech.net
2    104.18.19.126 (None, )

ASN- ()
ssum-sec.casalemedia.com
2    216.52.2.19 (None, )

ASN- ()
ap.lijit.com
2    18.195.147.193 (None, )

ASN- ()
match.360yield.com
2    13.248.245.213 (None, )

ASN- ()
eb2.3lift.com
9    2a00:1450:4001:811::2006 (None, )

ASN- ()
s0.2mdn.net
1    185.29.132.241 (None, )

ASN- ()
sync.mathtag.com
1    35.186.193.173 (None, )

ASN- ()
gcm.ctnsnet.com
1    35.190.0.66 (None, )

ASN- ()
ads.travelaudience.com
2    37.157.4.28 (None, )

ASN- ()
c1.adform.net
3    213.19.147.45 (None, )

ASN- ()
sync.1rx.io
sync.targeting.unrulymedia.com
1    18.156.0.31 (None, )

ASN- ()
ups.analytics.yahoo.com
1    104.111.242.245 (None, )

ASN- ()
sync.teads.tv
2    216.58.212.162 (None, )

ASN- ()
googleads4.g.doubleclick.net
1    2606:4700:20::ac43:444e (None, )

ASN- ()
static-de.ad4mat.net
2    2a00:1450:4001:801::2003 (None, )

ASN- ()
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
70 holmesmind.com
cdn.holmesmind.com — Cisco Umbrella Rank: 127935
fcm.holmesmind.com — Cisco Umbrella Rank: 137871
c.holmesmind.com — Cisco Umbrella Rank: 99091
adcdn.holmesmind.com — Cisco Umbrella Rank: 128862
ad.holmesmind.com — Cisco Umbrella Rank: 87976
fp.holmesmind.com — Cisco Umbrella Rank: 126094
m.holmesmind.com — Cisco Umbrella Rank: 214739
ccm.holmesmind.com — Cisco Umbrella Rank: 330050
213 KB
43 googlesyndication.com
pagead2.googlesyndication.com
c71de566b756a18b0a03ddf72d0ed323.safeframe.googlesyndication.com
b7512aae327f6d33ffaec59ae189f03c.safeframe.googlesyndication.com
tpc.googlesyndication.com
555 KB
36 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 79
cm.g.doubleclick.net — Cisco Umbrella Rank: 210
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ad.doubleclick.net Failed
371 KB
36 hinet.net
t.ssp.hinet.net — Cisco Umbrella Rank: 83037
db15abf2-3b93-4438-888f-d016bbd373dc.t.ssp.hinet.net
28 KB
28 scupio.com
img.scupio.com — Cisco Umbrella Rank: 75843
bw.scupio.com — Cisco Umbrella Rank: 123335
prebid.scupio.com — Cisco Umbrella Rank: 65800
rec.scupio.com — Cisco Umbrella Rank: 133028
346 KB
27 appier.net
ad2.apx.appier.net — Cisco Umbrella Rank: 39819
gocm.c.appier.net — Cisco Umbrella Rank: 2373
4 KB
26 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 761
gum.criteo.com — Cisco Umbrella Rank: 406
mug.criteo.com — Cisco Umbrella Rank: 2876
21 KB
16 aralego.com
hb.aralego.com — Cisco Umbrella Rank: 19002
sync.aralego.com — Cisco Umbrella Rank: 3193
ads.aralego.com — Cisco Umbrella Rank: 30433
6 KB
11 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com
4 KB
10 ad4m.at
as.ad4m.at
ad4m.at
assets.ad4m.at
119 KB
9 2mdn.net
s0.2mdn.net
100 KB
9 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 910
eus.rubiconproject.com — Cisco Umbrella Rank: 564
token.rubiconproject.com — Cisco Umbrella Rank: 667
pixel-apac.rubiconproject.com — Cisco Umbrella Rank: 30562
22 KB
8 criteo.net
static.criteo.net — Cisco Umbrella Rank: 673
272 KB
7 casalemedia.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
6 KB
7 creativecdn.com
prebid-asia.creativecdn.com — Cisco Umbrella Rank: 18967
1 KB
6 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 9047
89 KB
6 reurl.cc
reurl.cc — Cisco Umbrella Rank: 220639
6 KB
5 yahoo.com
ads.yap.yahoo.com — Cisco Umbrella Rank: 9118
geo.yahoo.com — Cisco Umbrella Rank: 1409
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 468
ups.analytics.yahoo.com
3 KB
5 google.de
www.google.de — Cisco Umbrella Rank: 6352
adservice.google.de
2 KB
4 adnxs.com
ib.adnxs.com
4 KB
4 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 342
1 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
9 KB
3 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 293
fonts.googleapis.com
68 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
20 KB
2 gstatic.com
fonts.gstatic.com
32 KB
2 1rx.io
sync.1rx.io
2 KB
2 adform.net
c1.adform.net
1 KB
2 3lift.com
eb2.3lift.com
954 B
2 360yield.com
match.360yield.com
788 B
2 lijit.com
ap.lijit.com
1 KB
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 ad4mat.net
prod-rtb.ad4mat.net
static-de.ad4mat.net
4 KB
2 googletagservices.com
www.googletagservices.com
88 KB
2 googleadservices.com
partner.googleadservices.com
861 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 152
34 KB
2 sitemaji.com
ad.sitemaji.com — Cisco Umbrella Rank: 94822
11 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 392
57 KB
1 teads.tv
sync.teads.tv
172 B
1 unrulymedia.com
sync.targeting.unrulymedia.com
574 B
1 travelaudience.com
ads.travelaudience.com
553 B
1 ctnsnet.com
gcm.ctnsnet.com
609 B
1 mathtag.com
sync.mathtag.com
862 B
1 everesttech.net
sync-tm.everesttech.net
177 B
1 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 748
6 KB
1 yimg.com
s.yimg.com — Cisco Umbrella Rank: 480
30 KB
1 re-news.tw
storage.re-news.tw
223 B
353 46
Domain Requested by
40 cdn.holmesmind.com reurl.cc
cdn.holmesmind.com
ad.holmesmind.com
28 t.ssp.hinet.net reurl.cc
cdn.holmesmind.com
t.ssp.hinet.net
23 pagead2.googlesyndication.com ads.aralego.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
tpc.googlesyndication.com
reurl.cc
22 cm.g.doubleclick.net 9 redirects googleads.g.doubleclick.net
18 tpc.googlesyndication.com securepubads.g.doubleclick.net
googleads.g.doubleclick.net
tpc.googlesyndication.com
reurl.cc
pagead2.googlesyndication.com
18 ad2.apx.appier.net 9 redirects reurl.cc
15 img.scupio.com reurl.cc
img.scupio.com
12 bidder.criteo.com static.criteo.net
img.scupio.com
10 sync.aralego.com 5 redirects img.scupio.com
ads.aralego.com
reurl.cc
9 s0.2mdn.net reurl.cc
s0.2mdn.net
9 gocm.c.appier.net 9 redirects
8 gum.criteo.com 4 redirects static.criteo.net
8 db15abf2-3b93-4438-888f-d016bbd373dc.t.ssp.hinet.net reurl.cc
t.ssp.hinet.net
cdn.holmesmind.com
8 static.criteo.net cdn.holmesmind.com
img.scupio.com
static.criteo.net
7 prebid.scupio.com cdn.holmesmind.com
img.scupio.com
7 prebid-asia.creativecdn.com cdn.holmesmind.com
img.scupio.com
7 ad.holmesmind.com cdn.holmesmind.com
img.scupio.com
7 www.google.com reurl.cc
googleads.g.doubleclick.net
tpc.googlesyndication.com
6 securepubads.g.doubleclick.net cdn.aralego.net
securepubads.g.doubleclick.net
6 cdn.aralego.net reurl.cc
ads.aralego.com
6 mug.criteo.com reurl.cc
6 c.holmesmind.com 1 redirects cdn.holmesmind.com
reurl.cc
img.scupio.com
6 reurl.cc 1 redirects reurl.cc
5 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
5 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
reurl.cc
5 fp.holmesmind.com cdn.holmesmind.com
5 adcdn.holmesmind.com cdn.holmesmind.com
4 ad4m.at as.ad4m.at
ad4m.at
4 ib.adnxs.com 3 redirects googleads.g.doubleclick.net
4 as.ad4m.at googleads.g.doubleclick.net
as.ad4m.at
ad4m.at
4 adservice.google.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
4 adservice.google.de pagead2.googlesyndication.com
securepubads.g.doubleclick.net
4 ads.aralego.com 2 redirects ads.aralego.com
4 ccm.holmesmind.com reurl.cc
cdn.holmesmind.com
4 match.adsrvr.org img.scupio.com
reurl.cc
googleads.g.doubleclick.net
4 eus.rubiconproject.com reurl.cc
eus.rubiconproject.com
4 bw.scupio.com img.scupio.com
ajax.googleapis.com
4 www.facebook.com reurl.cc
img.scupio.com
3 www.google-analytics.com reurl.cc
www.google-analytics.com
2 assets.ad4m.at as.ad4m.at
2 fonts.gstatic.com fonts.googleapis.com
2 googleads4.g.doubleclick.net reurl.cc
2 sync.1rx.io 2 redirects
2 c1.adform.net 2 redirects
2 eb2.3lift.com 2 redirects
2 match.360yield.com 2 redirects
2 ap.lijit.com 2 redirects
2 ssum-sec.casalemedia.com 2 redirects
2 www.googletagservices.com googleads.g.doubleclick.net
2 partner.googleadservices.com pagead2.googlesyndication.com
2 token.rubiconproject.com eus.rubiconproject.com
2 pr-bh.ybp.yahoo.com 2 redirects
2 secure-assets.rubiconproject.com 2 redirects
2 rec.scupio.com img.scupio.com
2 m.holmesmind.com cdn.holmesmind.com
2 hb.aralego.com img.scupio.com
2 ajax.googleapis.com img.scupio.com
2 connect.facebook.net reurl.cc
connect.facebook.net
2 ad.sitemaji.com reurl.cc
ad.sitemaji.com
2 cdn.jsdelivr.net reurl.cc
1 fonts.googleapis.com s0.2mdn.net
1 static-de.ad4mat.net as.ad4m.at
1 sync.teads.tv googleads.g.doubleclick.net
1 ups.analytics.yahoo.com 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 ads.travelaudience.com 1 redirects
1 gcm.ctnsnet.com 1 redirects
1 sync.mathtag.com 1 redirects
1 sync-tm.everesttech.net googleads.g.doubleclick.net
1 s.tribalfusion.com googleads.g.doubleclick.net
1 a.tribalfusion.com 1 redirects
1 prod-rtb.ad4mat.net reurl.cc
1 b7512aae327f6d33ffaec59ae189f03c.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 c71de566b756a18b0a03ddf72d0ed323.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 pixel-apac.rubiconproject.com eus.rubiconproject.com
1 geo.yahoo.com reurl.cc
1 ads.yap.yahoo.com s.yimg.com
1 www.google.de reurl.cc
1 static.xx.fbcdn.net www.facebook.com
1 fcm.holmesmind.com cdn.holmesmind.com
1 stats.g.doubleclick.net www.google-analytics.com
1 s.yimg.com ad.sitemaji.com
1 storage.re-news.tw reurl.cc
0 ad.doubleclick.net Failed as.ad4m.at
353 84

This site contains links to these domains. Also see Links.

Domain
youtils.cc
stockinfo.tw
Subject Issuer Validity Valid
reurl.cc
R3		 2022-07-24 -
2022-10-22		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-03-21 -
2023-04-22		 a year crt.sh
*.ssp.hinet.net
 2021-10-12 -
2022-10-12		 a year crt.sh
feebee.com.tw
R3		 2022-08-23 -
2022-11-21		 3 months crt.sh
*.scupio.com
Sectigo RSA Organization Validation Secure Server CA		 2021-10-13 -
2022-11-13		 a year crt.sh
*.holmesmind.com
Go Daddy Secure Certificate Authority - G2		 2022-05-19 -
2023-06-20		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-06-28 -
2022-09-26		 3 months crt.sh
storage.re-news.tw
GTS CA 1D4		 2022-08-26 -
2022-11-24		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.api.fantasysports.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-09-05 -
2022-10-26		 2 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-01 -
2022-11-30		 3 months crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-17 -
2023-04-12		 a year crt.sh
m.yap.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-07-05 -
2022-12-28		 6 months crt.sh
yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-07-12 -
2023-01-04		 6 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-27 -
2022-11-22		 3 months crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2021-10-21 -
2022-11-20		 a year crt.sh
*.t.ssp.hinet.net
 2022-04-14 -
2023-04-14		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-17 -
2023-04-04		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-18 -
2023-05-18		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
prod-rtb.ad4mat.net
GTS CA 1D4		 2022-08-16 -
2022-11-14		 3 months crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-02-03 -
2023-03-07		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
teads.tv
R3		 2022-08-17 -
2022-11-15		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh

This page contains 60 frames:

Primary Page: https://reurl.cc/zZD6BDe
Frame ID: BBD836A9B9BBA39530C845A5BCA90464
Requests: 30 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Frame ID: 6FB55B837CFAEA4BC0859D6608C1A44A
Requests: 2 HTTP requests in this frame

Frame: https://ad.sitemaji.com/native/reurl_passback.js?s=728x90_pc
Frame ID: 2D0EC8CD19BEC84368973A260F4E4D9D
Requests: 4 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: FE8BA1E67E8246B85FC716C623613246
Requests: 5 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 4D17DE153C62C766AF643219C7D06B6D
Requests: 23 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: BD628D1902C94026AE9FD3B4A2F63F7E
Requests: 11 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: C16048ED4E837B44818A662AA99607B3
Requests: 20 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: 9EBCBF0163B1CB84CD68D75751A4B5C4
Requests: 1 HTTP requests in this frame

Frame: https://img.scupio.com/html/ad.html?v=1.0.65
Frame ID: EA689656E12430AEE6EAE8DB1F2E21B4
Requests: 16 HTTP requests in this frame

Frame: https://img.scupio.com/html/ad.html?v=1.0.65
Frame ID: 22E3128595A77A2E79DD60EC00D16E94
Requests: 16 HTTP requests in this frame

Frame: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=7270-BU3Cjg8HuRmps1EBD7WeQ4OrdR5Ne4eC&CFFPCKUUID=6856-WTcPlRd5Ejb9cvi73df9EPrtkEgUAlej&url=https%3A%2F%2Freurl.cc%2FzZD6BDe&maindomain=reurl.cc
Frame ID: 0C16E61CC504101243421F2AD1439650
Requests: 1 HTTP requests in this frame

Frame: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=7270-BU3Cjg8HuRmps1EBD7WeQ4OrdR5Ne4eC&CFFPCKUUID=6856-WTcPlRd5Ejb9cvi73df9EPrtkEgUAlej&url=https%3A%2F%2Freurl.cc%2FzZD6BDe&maindomain=reurl.cc
Frame ID: 7D27DFF43897F3C5105588D923A2F34E
Requests: 1 HTTP requests in this frame

Frame: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=7270-BU3Cjg8HuRmps1EBD7WeQ4OrdR5Ne4eC&CFFPCKUUID=6856-WTcPlRd5Ejb9cvi73df9EPrtkEgUAlej&url=https%3A%2F%2Freurl.cc%2FzZD6BDe&maindomain=reurl.cc
Frame ID: 1DF37ED254D8342294B21134F9F54B90
Requests: 1 HTTP requests in this frame

Frame: https://img.scupio.com/js/adsbyscupio.js?v=1.0.2
Frame ID: 6D34C720854D8B69A02C0623AE2CCE30
Requests: 2 HTTP requests in this frame

Frame: https://img.scupio.com/js/adsbyscupio.js?v=1.0.2
Frame ID: 88864CA8E296640E83560C1FAE9E6A1E
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: 309A55881A4302829BEECA418E9D2EE1
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: B3021F110292DB1A315297B2B482B3F3
Requests: 2 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/init.js
Frame ID: CD6C30FD2B0EE1F7C020B862B5119171
Requests: 4 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/init.js
Frame ID: FFCF96CF1AC430ABC8810901988FFA37
Requests: 4 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 0BE384448035BB6B7248DDD50E893D65
Requests: 8 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 32E23A274A63A507020AB6F58B69F90D
Requests: 19 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 28FD861CE1960CF25A3EE4503C0D6F87
Requests: 8 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 748B6C2D0C3A8044D62AF66BCB2A7F4B
Requests: 19 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: C25E43F01F01694EF7AB168ED4BFAB71
Requests: 1 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: 4D6EBF8BFD7F4A8B1984772ED31E0E95
Requests: 1 HTTP requests in this frame

Frame: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=7270-BU3Cjg8HuRmps1EBD7WeQ4OrdR5Ne4eC&CFFPCKUUID=6856-WTcPlRd5Ejb9cvi73df9EPrtkEgUAlej&url=https%3A%2F%2Freurl.cc%2FzZD6BDe&maindomain=reurl.cc
Frame ID: F29C8E69983FD35AD500AFABF79701FA
Requests: 1 HTTP requests in this frame

Frame: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=7270-BU3Cjg8HuRmps1EBD7WeQ4OrdR5Ne4eC&CFFPCKUUID=6856-WTcPlRd5Ejb9cvi73df9EPrtkEgUAlej&url=https%3A%2F%2Freurl.cc%2FzZD6BDe&maindomain=reurl.cc
Frame ID: 413242D8D0E3A02C40C354910E6DE6D1
Requests: 1 HTTP requests in this frame

Frame: https://img.scupio.com/html/ls.html
Frame ID: 859577072B42C59FEE5B778DF393C02C
Requests: 1 HTTP requests in this frame

Frame: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEHF-kdHr_bJWmANSM5xJS_k&google_cver=1&google_ula=3918219,0
Frame ID: 6708A7E0A83E96C3A3ACFAA00C6F0415
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Frame ID: DB28435E070202629F480F2C63E43B62
Requests: 4 HTTP requests in this frame

Frame: https://img.scupio.com/html/ls.html
Frame ID: B052BD5DB6991ACADD6B40A760321D09
Requests: 1 HTTP requests in this frame

Frame: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEHF-kdHr_bJWmANSM5xJS_k&google_cver=1&google_ula=3918219,0
Frame ID: 448F915201C52D1307E5CF486B4FE063
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Frame ID: CCEE00B7563806D338FE7090793D994C
Requests: 3 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Frame ID: 398624C72A3FC150BDFE318C9B92323D
Requests: 5 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Frame ID: D2A029BD9E73819D29F1C64C3685F4F7
Requests: 5 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 413B60E01418F34743CEF52836191258
Requests: 8 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 632CC52CD03DAF1E4A6997527E9996A4
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 398C89758FD45803F718684DAD8EC352
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 4E6A2ABB284BFA665339C13DE80DAFC2
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242782&pi=t.ma~as.2784%2F13801&w=300&lmt=1663557882&url=https%3A%2F%2Freurl.cc%2FzZD6BDe&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663557881818&bpp=11&bdt=520&idt=110&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=3929757497593&frm=23&ife=1&pv=2&ga_vid=1123884882.1663557877&ga_sid=1663557882&ga_hid=1027788124&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=269&biw=1600&bih=1200&isw=300&ish=250&ifk=1608067884&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31068921&oid=2&pvsid=2826480696244177&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.k6gjwt2u3rqq&fsb=1&dtd=274
Frame ID: 5FF6F18C8CD48F591F932945DA9D7460
Requests: 14 HTTP requests in this frame

Frame: https://c71de566b756a18b0a03ddf72d0ed323.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=5
Frame ID: F59A29A78CCE6E346C8317D8D1A09A32
Requests: 1 HTTP requests in this frame

Frame: https://b7512aae327f6d33ffaec59ae189f03c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=5
Frame ID: 05E17E18B7DD53DB1A84639FA4E3FE48
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242783&pi=t.ma~as.2784%2F12679&w=300&lmt=1663557882&url=https%3A%2F%2Freurl.cc%2FzZD6BDe&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663557881783&bpp=20&bdt=508&idt=396&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=3929757497593&frm=23&ife=1&pv=1&ga_vid=1123884882.1663557877&ga_sid=1663557882&ga_hid=1733324567&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=269&biw=1600&bih=1200&isw=300&ish=250&ifk=3296276343&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C31068920&oid=2&pvsid=2397228612119782&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.o8tu7sj134jw&fsb=1&dtd=412
Frame ID: 53B9831C7944ADAA72492411A9E7D009
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYteHDmAEwAQ&v=APEucNXQv1OJ0i14Cks_YbuRCx52DT1jxTr_ve2Yyv61jg4Mf6JCe-L-0ECKDyOxf1XuSIat8OMlXaX8TDsPVUhhlfplRfkfn_ij3LTEF6PiT8Kf-Yj7FpPJG4B9xwbJ6SVbQ70OZZcHzJr2GbTimhM8DXs4mMWnOvnaaLF3zvWqglemtpPZIFg
Frame ID: 8C75422397061B1F1F2784E253691C0D
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 08BEA0A238543764188A017F86947092
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E46904D4904C92FD82CB8699F95EED4F
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D34F809C90F3D189D7E128485A4BFAD2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AA7BF87354A091276F87F5E96220050C
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CsRsN-uAnY9vgDfSKjuwPrPyN0A6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3oAHCrujdA8gBCakCQyYB0hDOsD6oAwGqBKgBT9AYiY9Yw-JKN2OzIhRNiJEdg_96pIoraEjb_rynbD00HmexYpkNlSNzEEhO7q7vFxXUvehke57KWAMnR9WV96OmWlIdbdRMxT3fQMApJInZVRtplgBCshX09Y8ubtbg5y93O0r1kyQN9PCG6qT6Fws4PDPhiU8WLsnJSWpK_jrDS3kmwJe-gcNPAzgfLDnKqBy6tPg9Df62iIpOLfASOeE4EjQCt3vrgAa30KrL2bTPoU2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTQ0ODUyMzk0MjU5MjQ3ODcY4swZ&sigh=XK-nd95oCKo&uach_m=[UACH]&cid=CAQSKQCsnQUxFQXchx8DRHEmLD5WFC96R9-OJ80jNBlo3RRDnU2hnVN1_9TcGAE
Frame ID: A9B634CC454DC5EF7F6B0F98719D68CA
Requests: 7 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1ka9v9hqn8mhkb8wwqwj53q0npnz4ez33tmkzchbjt74t1renbn6ngjw8wb5sf94e2387y2t63gcn97mg5mxrz20nwx2mcpw56386yc62jcxbfzsp9t9fw3880cb33m0m4g79yd3qpf8yhd2x5g33pkzjq0kj9mpcthw860anfb4d8eex70txt2nacnn4e2vc1mf7jgbzy80b5356gshws33fva3hbpc95pbt0jeq7yem716a5ds5w4cc2r86amjxq0qsz0ma0bhaa5dnh5nnczge41gs9p04g04bjghzsqtd9cbswgh28vx73wrxyevyhr0989dn8w07m04zxcxaaefa9fzjnpcnfw04bkk9bw5hzwere9ea7kx9hnek3efk7gva5n2q6s52aw16xynenmhgsrvtj28j0hvrng0cjh9ymmpn6cxj9pa2mj6g52xvpbd3y2b&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCb4L6-uAnY9vgDfSKjuwPrPyN0A6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3oAHCrujdA8gBCakCQyYB0hDOsD6oAwGqBKsBT9AYiY9Yw-JKN2OzIhRNiJEdg_96pIoraEjb_rynbD00HmexYpkNlSNzEEhO7q7vFxXUvehke57KWAMnR9WV96OmWlIdbdRMxT3fQMApJInZVRtplgBCshX09Y8ubtbg5y93O0r1kyQN9PCG6qT6Fws4PDPhiU8WLsnJSWpK_jrDSzsk4QVpeEQPy79XuuODOu6DoPKQB9CuVQqMZGLqrf8UCuHeKDsjfnHpgAa30KrL2bTPoU2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3GCmfGIMGfrM5oPoy9Z1AbQzy-xg%26client%3Dca-pub-4485239425924787%26adurl%3D
Frame ID: 5C6269DE05659E08D0E58FEFC46A0AD7
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 15946F806F2052EEB9937C7F8D4095A8
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0A5B123FBB9FCFEF9ED7D1E8B07D0DDC
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 2415CD5BE7ADBD135BC59DC20A0223EE
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/11265002931640406990/index.html
Frame ID: BDA7B5BBFBB208A436BE361E10D8519C
Requests: 11 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 3CBCA0DB3BEDDC6A6D69CC2C436D7237
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4E1C6642666DA75CA68377846417F8AF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F68153DBA4BEDED4207BF218BD66CE52
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2BBD383C0FC8BD162F608FA3E3999BC7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A857B1A53FE38BD0ABEAA36EA3145317
Requests: 2 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=23576&b=dE7HEfkf8x8cEHjHwtEtbbrfeS4T59ATgVmM&f=K1mCRfZfjwju5HMHktzCBB4C7SAT84Jtp2Qx&c=300&d=50&e=&g=3e4cd23045649660e8580399bfe577bd%2F2774580295719989684&i=20774&j=14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1663557883062&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k25xz2w9r2cd8tbwstfbbn0886qqzndwak0jk97p8gcm4qtmr95x38d2bw0emsthv4xmzd65tt5wv42vfd73w6gksbes81ht95vfpd7axbcwsq2cpyfmy08qy405b9wdrq0jc3gf9h75cjs1xrsts3dt05f5e1sxx8jz6zhaeh8wkm17xzk4pq84drd0r8g6h1483jq4fj4m4477pxzt7c5t6yaq7y9estqbhzm8qzj8v4w1xs8pmqsv0587daavk6frfyd4radsfcfcxk300zr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCb4L6-uAnY9vgDfSKjuwPrPyN0A6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3oAHCrujdA8gBCakCQyYB0hDOsD6oAwGqBKsBT9AYiY9Yw-JKN2OzIhRNiJEdg_96pIoraEjb_rynbD00HmexYpkNlSNzEEhO7q7vFxXUvehke57KWAMnR9WV96OmWlIdbdRMxT3fQMApJInZVRtplgBCshX09Y8ubtbg5y93O0r1kyQN9PCG6qT6Fws4PDPhiU8WLsnJSWpK_jrDSzsk4QVpeEQPy79XuuODOu6DoPKQB9CuVQqMZGLqrf8UCuHeKDsjfnHpgAa30KrL2bTPoU2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3GCmfGIMGfrM5oPoy9Z1AbQzy-xg%2526client%253Dca-pub-4485239425924787%2526adurl%253D&y=1&s=&z=0
Frame ID: E4B28FD1A62B6DA26529894A0B408E54
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

縮短網址產生器 - reurl

Page URL History Show full URLs

  1. http://reurl.cc/zZD6BDe HTTP 301
    https://reurl.cc/zZD6BDe Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/vue(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • /prebid\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

353
Requests

88 %
HTTPS

41 %
IPv6

46
Domains

84
Subdomains

62
IPs

10
Countries

2513 kB
Transfer

6220 kB
Size

29
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://reurl.cc/zZD6BDe HTTP 301
    https://reurl.cc/zZD6BDe Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27
  • https://c.holmesmind.com/cm HTTP 302
  • https://c.holmesmind.com/cm?tc=getIn&
Request Chain 54
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=HgR6R_CJCE2cQw459uAnYw
Request Chain 55
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=X1vvvf7TATmdvxia9uAnYw
Request Chain 75
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=SRMxSCkZDQ21d5q29uAnYw
Request Chain 76
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=Osv72xQrD5SLDT429uAnYw
Request Chain 78
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=sV42KwVqDSqpO85p9uAnYw
Request Chain 141
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=923580-OZn59FAmfEvvGHtb0QePz2ZKvWpcTKLr&uu_m=undefined HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm=&cf_uid=923580-OZn59FAmfEvvGHtb0QePz2ZKvWpcTKLr&uu_m=undefined&google_tc= HTTP 302
  • https://m.holmesmind.com/ml/google?cf_uid=923580-OZn59FAmfEvvGHtb0QePz2ZKvWpcTKLr&uu_m=undefined&google_gid=CAESEJtvIdeU2VC0_7c0yickZr0&google_cver=1
Request Chain 146
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=923580-OZn59FAmfEvvGHtb0QePz2ZKvWpcTKLr&uu_m=undefined HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm=&cf_uid=923580-OZn59FAmfEvvGHtb0QePz2ZKvWpcTKLr&uu_m=undefined&google_tc= HTTP 302
  • https://m.holmesmind.com/ml/google?cf_uid=923580-OZn59FAmfEvvGHtb0QePz2ZKvWpcTKLr&uu_m=undefined&google_gid=CAESECS2OA2IT5WG5_bk3au9KqE&google_cver=1
Request Chain 166
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=SRMxSCkZDQ21d5q29uAnYw
Request Chain 168
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=SRMxSCkZDQ21d5q29uAnYw
Request Chain 170
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=SRMxSCkZDQ21d5q29uAnYw
Request Chain 171
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=SRMxSCkZDQ21d5q29uAnYw
Request Chain 182
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=oFfcEXxicjRNemRvaGdZZllxTmQ3dCtXNUFDNUN3YzgrYUh3elVyOGZKbmJqbnZWcm45a1JuUmJMU05zZkpaUDdRcDgrY2xtSHRkcnRBV0VLNFVPMXM2R2hsb3p2Nm1CT1VlaWdic3NIaHpTNWRENGxZVTlMYlZHUUZJZEJhdnVBbzQ3RVU2c0tuWnoxNElNZVdicVZFejQwd1VkUjNieG1tNk9CWE5uYkFZMld1T3BtOXN4TDFoVllaUUJsdzVDUUkwNUxCNld3bVBRc2JKWEtpVnpDVUtqU2crL0RVeVlDaWw3bXN4SFBQRjVQVUFKaU1oZVgwbVZjb3NUeHBuaEU1ME9RVEZKRVhGYkRsaytGV1RrdkNManQzVzFIdFUxNUtXRDZJZzFrTHRibFlNVT18&cppv=2
Request Chain 183
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=Bq_EYHw3YkRaanRiTVZXRWJ1d3BSUWNvYTVPK1R4UE05L0sraUxaZzB6aDE0aDdoNTlpMVBwbHE0MVpJYWIzeHAvc2lsamg3S2xTeGdVbHZHV2MxMkdaUmlFajFNWEc1ckswV1E1aVcrWHNySmRLU1VrTjVjeXJIVVRXdzR0UFIvbkpITnV1OVUxR0tWVitsWElVRkgwQ1NOUWZlUnFtdGtwS2lHWmd2aXFxWm5IYlpRRjRyZ0QyRVcwYXA3cU9YRERoWjVxbVlUTStxdE9KL2M4eWpWNFBVRXdZNnVMQi90M05CU3dDV0RtVnZoelp0bE9BSGZMZ0Vhb2xuNklROXQ1bldjZzFKRlJ1Z2dOMzk4eHdJUDdYZEc1d2hZdVp2dkJCaWkwbUVJdXFDdnJZdz18&cppv=2
Request Chain 189
  • https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q0RBMjAyMjA5MTkxMTI0Mzk5ODAyMzY%3d&layout=js HTTP 302
  • https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEHF-kdHr_bJWmANSM5xJS_k&google_cver=1&google_ula=3918219,0
Request Chain 190
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Request Chain 192
  • https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CDA20220919112439980236 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/5859e14f-13ed-3c1f-b680-339ddb332fb5?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-IvPu_LVE2oXiFVMWg4F.NiHCSeFP9PbljdFvb_w-~A&redirect= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Request Chain 194
  • https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q1FBMjAyMjA5MTkxMTI0MzkyMDMzMjc%3d&layout=js HTTP 302
  • https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEHF-kdHr_bJWmANSM5xJS_k&google_cver=1&google_ula=3918219,0
Request Chain 195
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Request Chain 197
  • https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CQA20220919112439203327 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/5859e14f-13ed-3c1f-b680-339ddb332fb5?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-1uVVv6NE2oVQ8C3rBaNEagPM8qZ7s0Lye8JKJ1I-~A&redirect=
Request Chain 209
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Request Chain 210
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Request Chain 234
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=8b8BnHxwK0pWTjNWck5qdUxncnRNTTVCSUJLY1BUYmJMNXdISitxOU9rWTI1eThZaXVZYVVNaU9sUHFaeGhSc0o3RnE2WmtadWZJdEVsVFl0Vk1VWk1NYXlCd3FndzBsOHlTKzA1Z3cvWFZZaHNmQ2dSY0czdVhpTjVCN0h2SklpTmtaaTRueXpIOGszNmNSaVFyNEJPMTdleGZETG1kUnV5ZUk1NUZxRTkyY3lDQy8rK2Z4cEVnZmJSZFYxdXZ1RGVCa053cWpEZnB1L3czcnRWVFpLamZXSXpWbmR5eUFLdFhXZHc0UHpiLzZWOC9xa2d2NUhCQW5mZEMrQWdkYkVvdjdBaDRMU05uZjc1dk55bjlGMGhoL0pldlFhNUJhOFhYQ1RKTFVqQjhkcUVYdz18&cppv=2
Request Chain 236
  • https://sync.aralego.com/idSync HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Request Chain 238
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=IdUl9XxLeXdrdkxjSit0T1RVWmNwMzRwK3RGL0NEdTFDNUcveUtwSHFvUDR1a3M3aVNSZ2FJSytxN1h5Mk1pMVlZd1d0UnhYRjFhaVQxM3dSaWVSZ2dPV2lsNGpkRm5BbmZvbk8rVFdMaDZQOEkrbmh3Ujc4WFBNV1NpOFluWk82UW8rVFNGUHd4bWE4eVgvc1NMUkhsL2tjZWZxVVl6Rmk1VEFYOFExZENNK2FDU28yQjd3dGpNUHNnTnRPR0pIWkhhL0drelEyeUcxU1N0SWFVQXh0czJseTBmd2JITFJGRTVDdWJUZVAwQUEvaVR1Ni8yYUVuTnZnL3lYbTJuaVlnWTQwTUJGSzdDSGJYTDdSMTE4OHV0TmlTZ3l2alZvWmd4d3dVNFk0QkhjeS9wND18&cppv=2
Request Chain 240
  • https://sync.aralego.com/idSync HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Request Chain 281
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHmCpBkxz1VgXSs667dXU7s&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHmCpBkxz1VgXSs667dXU7s&google_cver=1&C=1
Request Chain 282
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yyfg.sNf0Cei7cIQq0.y9QAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHmCpBkxz1VgXSs667dXU7s&google_cver=1&google_hm=2
Request Chain 283
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEBjDZwxPREKkAXMpzfsSO2o&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBjDZwxPREKkAXMpzfsSO2o%26google_cver%3D1
Request Chain 284
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzE2NjUxMDQ3MTI4MDQ5Mzc5NA%3D%3D
Request Chain 285
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEEA5-Z4kUGe26wNQDYvvExU&google_cver=1&google_push=AZmPxg-I-NWlW5Iy5wr-utIKgqVe24eHWseprYLP6b1_DG0zTroWieeM4GuWYKwqyru8NJUNYD7bBx1sphPNKrRN277LK_4yb6U&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg-I-NWlW5Iy5wr-utIKgqVe24eHWseprYLP6b1_DG0zTroWieeM4GuWYKwqyru8NJUNYD7bBx1sphPNKrRN277LK_4yb6U%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEEA5-Z4kUGe26wNQDYvvExU&google_cver=1&google_push=AZmPxg-I-NWlW5Iy5wr-utIKgqVe24eHWseprYLP6b1_DG0zTroWieeM4GuWYKwqyru8NJUNYD7bBx1sphPNKrRN277LK_4yb6U&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg-I-NWlW5Iy5wr-utIKgqVe24eHWseprYLP6b1_DG0zTroWieeM4GuWYKwqyru8NJUNYD7bBx1sphPNKrRN277LK_4yb6U%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 288
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBzxqGYFziJSuh2gxxXZp04&google_cver=1&google_push=AZmPxg-D-aPCVS5wHpSGvEfJcoyKYVyeI0zpUolLQuiWn22pvOpLKB2CPK9-bGSocVx3-NGRb4_Y8QFu2cBLzxVxjg5tzk0CKq0 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEBzxqGYFziJSuh2gxxXZp04&google_push=AZmPxg-D-aPCVS5wHpSGvEfJcoyKYVyeI0zpUolLQuiWn22pvOpLKB2CPK9-bGSocVx3-NGRb4_Y8QFu2cBLzxVxjg5tzk0CKq0&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBzxqGYFziJSuh2gxxXZp04&google_hm=Yyfg-sNf0Cei7cIQq0-y9QAABGMAAAIB&google_nid=index&google_push=AZmPxg-D-aPCVS5wHpSGvEfJcoyKYVyeI0zpUolLQuiWn22pvOpLKB2CPK9-bGSocVx3-NGRb4_Y8QFu2cBLzxVxjg5tzk0CKq0
Request Chain 289
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEEhmyfDh2Vhc20xdr-CwtQY&google_cver=1&google_push=AZmPxg8vU7pHPifzjDailgmmfDt1NMtFBNtcWxM1WPGjqKu13lV5F1hXm6yb21h2t2qgB6Cq-Gz9MACds2E8DOrYnNOE43bhHYY HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEEhmyfDh2Vhc20xdr-CwtQY&google_cver=1&google_push=AZmPxg8vU7pHPifzjDailgmmfDt1NMtFBNtcWxM1WPGjqKu13lV5F1hXm6yb21h2t2qgB6Cq-Gz9MACds2E8DOrYnNOE43bhHYY&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AZmPxg8vU7pHPifzjDailgmmfDt1NMtFBNtcWxM1WPGjqKu13lV5F1hXm6yb21h2t2qgB6Cq-Gz9MACds2E8DOrYnNOE43bhHYY&google_hm=FVxMsGZHojLi3NCETzWtrtMw
Request Chain 290
  • https://match.360yield.com/match/ebda?google_gid=CAESEJyePJklUCfv1VGO7h83LtA&google_cver=1&google_push=AZmPxg_wQDecp-MUvejjQY--d3e53jdEcMP-AGlNKeGe4Mmzzlf9THZCQoTmRwI1P-UgALC9mUgMronJwX9hEM5uCVH26uBb8FI HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEJyePJklUCfv1VGO7h83LtA&google_cver=1&google_push=AZmPxg_wQDecp-MUvejjQY--d3e53jdEcMP-AGlNKeGe4Mmzzlf9THZCQoTmRwI1P-UgALC9mUgMronJwX9hEM5uCVH26uBb8FI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=11uCioEvQIWU7rZ4MwCJVg&google_push=AZmPxg_wQDecp-MUvejjQY--d3e53jdEcMP-AGlNKeGe4Mmzzlf9THZCQoTmRwI1P-UgALC9mUgMronJwX9hEM5uCVH26uBb8FI
Request Chain 291
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEMjzHMgja1-y1WKvCwzpGUs&google_cver=1&google_push=AZmPxg8E0DDTgR_sN3IRyt_Y6g3A2nyCxIS2xcfX7D9JW4TbpSI5dutrUoHwPlCitV3LkJyr6gBj19UCqZz8RcsoFUElgcGD6IY HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AZmPxg8E0DDTgR_sN3IRyt_Y6g3A2nyCxIS2xcfX7D9JW4TbpSI5dutrUoHwPlCitV3LkJyr6gBj19UCqZz8RcsoFUElgcGD6IY&google_gid=CAESEMjzHMgja1-y1WKvCwzpGUs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDA4NTE2NDAzODA3NjEzMjM4ODA1OQ%3D%3D&google_push=AZmPxg8E0DDTgR_sN3IRyt_Y6g3A2nyCxIS2xcfX7D9JW4TbpSI5dutrUoHwPlCitV3LkJyr6gBj19UCqZz8RcsoFUElgcGD6IY
Request Chain 306
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESECRTuIcDWIl6OmWBNIgbyh8&google_cver=1&google_push=AZmPxg8GEw4iR3E3E7E8N6X-RMUr7iXoVT89orzU-Zv4Mqs2HkoeqJ-_0ziJ0kaOv6qT3PLyBBCqL3sx3VSbvC6H7kc276kxR21V HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg8GEw4iR3E3E7E8N6X-RMUr7iXoVT89orzU-Zv4Mqs2HkoeqJ-_0ziJ0kaOv6qT3PLyBBCqL3sx3VSbvC6H7kc276kxR21V
Request Chain 307
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEFHHA_kJKhfzTSNZN7f2TRM&google_cver=1&google_push=AZmPxg_vE7RG4c2YwaXiO-dsi_2on9zOC_yENBLoR62JaQ7FKC4jHO88oFsvzIXswAnpqOHrHq1HuA--YS2ztHqA8ekTX_UTOGbR HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AZmPxg_vE7RG4c2YwaXiO-dsi_2on9zOC_yENBLoR62JaQ7FKC4jHO88oFsvzIXswAnpqOHrHq1HuA--YS2ztHqA8ekTX_UTOGbR&google_hm=xdl5z5cgQRi0Wm4pbfDMnxU
Request Chain 308
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEMjuMRSs4gWO3PZljzXsxuA&google_cver=1&google_push=AZmPxg-nxB3TfpJUAtOTtwvagccaisOSLUabZXfMDIV-l17X7i-EdUgptd3FO1UsIIgC-1eUfFI-jxkUkkTLrItiVVDpViwo_BE3 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=yheLl5u1SDezZvU5e0pSjQ2&google_push=AZmPxg-nxB3TfpJUAtOTtwvagccaisOSLUabZXfMDIV-l17X7i-EdUgptd3FO1UsIIgC-1eUfFI-jxkUkkTLrItiVVDpViwo_BE3
Request Chain 309
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECJTwoVq47xGNC-7UvBD27g&google_cver=1&google_push=AZmPxg8ayQg5xdW1MoCZdBA6zjc_6-oqfq5cuIJBM3BEiQJfqhyK27oqCPpiw7Crg8yMOv7YsgRSpjp0unDQEP21AFc6Tn5ktN1p HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESECJTwoVq47xGNC-7UvBD27g&google_cver=1&google_push=AZmPxg8ayQg5xdW1MoCZdBA6zjc_6-oqfq5cuIJBM3BEiQJfqhyK27oqCPpiw7Crg8yMOv7YsgRSpjp0unDQEP21AFc6Tn5ktN1p HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzIzODgyNjUwMjM3MjAzNDI5Mw&google_push=AZmPxg8ayQg5xdW1MoCZdBA6zjc_6-oqfq5cuIJBM3BEiQJfqhyK27oqCPpiw7Crg8yMOv7YsgRSpjp0unDQEP21AFc6Tn5ktN1p
Request Chain 310
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEMy2nzq7YdDSfU7IfFgeIXM&google_cver=1&google_push=AZmPxg-ny2hGtfExShgR3hbQzg03Lttn_KUlBTQj8okyPVJsGqc8bNt58bgRM4hzKdogCLCd9bPHFC_2uCkmMBK_avw-nJBfCY5y HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AZmPxg-ny2hGtfExShgR3hbQzg03Lttn_KUlBTQj8okyPVJsGqc8bNt58bgRM4hzKdogCLCd9bPHFC_2uCkmMBK_avw-nJBfCY5y&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1663557882764 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-1a2d9519-2b8e-4421-b3bd-5d4eb88090fe-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAZmPxg-ny2hGtfExShgR3hbQzg03Lttn_KUlBTQj8okyPVJsGqc8bNt58bgRM4hzKdogCLCd9bPHFC_2uCkmMBK_avw-nJBfCY5y%26google_hm%3DAxotlRkrjkQhs71dTriAkP4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg-ny2hGtfExShgR3hbQzg03Lttn_KUlBTQj8okyPVJsGqc8bNt58bgRM4hzKdogCLCd9bPHFC_2uCkmMBK_avw-nJBfCY5y&google_hm=AxotlRkrjkQhs71dTriAkP4
Request Chain 311
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEAHqzs6nkKZZNJQclrFwaaw&google_cver=1&google_push=AZmPxg-2tMOgmWtNs1L8cGZOxIF7lEQ5LJZFEcDpaDjAy-5Gecv5sb1gFxb5juDtA6xiI69dZFnClMWwdVTSAtsD_vjmYxigjLc9 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS03LkRpV3ZwRTJ1Rk9Td2VHVS4wU013bEU2bzZjQlMudn5B&google_push=AZmPxg-2tMOgmWtNs1L8cGZOxIF7lEQ5LJZFEcDpaDjAy-5Gecv5sb1gFxb5juDtA6xiI69dZFnClMWwdVTSAtsD_vjmYxigjLc9
Request Chain 353
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3DviewoneiddE7HEfkf8x8cEHjHwtEtbbrfeS4T59ATgVmMoneid__suite_Netmix_Reach118_EXTRAPUSH%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CKOmxoX0n_oCFYuW_QcdP0AB-Q;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3DviewoneiddE7HEfkf8x8cEHjHwtEtbbrfeS4T59ATgVmMoneid__suite_Netmix_Reach118_EXTRAPUSH%26gdpr_consent=%26gdpr=0%26gdpr_pd=0

353 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request zZD6BDe
reurl.cc/
Redirect Chain
  • http://reurl.cc/zZD6BDe
  • https://reurl.cc/zZD6BDe
7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/zZD6BDe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1b2b6bd8fc8cf708b5f416921b25314a0269b7f77c300944f437180b8358929e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 19 Sep 2022 03:24:36 GMT
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding

Redirect headers

Connection
keep-alive
Content-Length
178
Content-Type
text/html
Date
Mon, 19 Sep 2022 03:24:35 GMT
Location
https://reurl.cc/zZD6BDe
Server
nginx/1.18.0 (Ubuntu)
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/ 		152 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/bootstrap.min.css
Requested by
Host: reurl.cc
URL: https://reurl.cc/zZD6BDe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
8999610
x-jsd-version
4.3.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
23235
etag
W/"2606e-bhA1SChFSJj9qA9V897LNH/Z7SE"
x-served-by
cache-fra19136-FRA, cache-mxp6973-MXP
x-jsd-version-type
version
date
Mon, 19 Sep 2022 03:24:36 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
style.css
reurl.cc/stylesheets/rwd/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/stylesheets/rwd/style.css
Requested by
Host: reurl.cc
URL: https://reurl.cc/zZD6BDe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e54e601faee15c866fc80659f34bf9b78048d72901b77795bb0109d4fdabccf7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/zZD6BDe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:36 GMT
content-encoding
gzip
last-modified
Wed, 27 Jul 2022 09:47:30 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"62e109b2-dae"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
expires
Tue, 19 Sep 2023 03:24:36 GMT
pixel.js
reurl.cc/javascripts/ 		470 B
559 B 		Script
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/javascripts/pixel.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/zZD6BDe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
6e9ab8ab1d57a0695a66577e348ae4343e1a92f70cb4835a52c4863f11114037

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/zZD6BDe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:36 GMT
content-encoding
gzip
last-modified
Sun, 08 Aug 2021 17:07:38 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"61100f5a-1d6"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
expires
Tue, 19 Sep 2023 03:24:36 GMT
utag.js
t.ssp.hinet.net/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/zZD6BDe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:37 GMT
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 06:51:32 GMT
server
nginx
etag
W/"62de3d74-134a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
strict-transport-security
max-age=0
expires
Mon, 19 Sep 2022 03:34:37 GMT
vue.min.js
cdn.jsdelivr.net/npm/vue@2.6.11/dist/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/vue@2.6.11/dist/vue.min.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/zZD6BDe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9e0156dd49c03744e79bbea60eebbbb94b5811c1b71b91f5fb38a8270dedfbaf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
7180503
x-jsd-version
2.6.11
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
34098
etag
W/"16de6-q9I58ClmstMksFEsIDvbr4Kk7Xo"
x-served-by
cache-fra19141-FRA, cache-mxp6973-MXP
x-jsd-version-type
version
date
Mon, 19 Sep 2022 03:24:36 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
renews.js
reurl.cc/javascripts/ 		698 B
561 B 		Script
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/javascripts/renews.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/zZD6BDe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
12e46b645dde5408be7fc6f4ce9647addac5d09c5f27dc8e3ffe9e07e6c9a935

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/zZD6BDe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:36 GMT
content-encoding
gzip
last-modified
Thu, 05 May 2022 00:38:33 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"62731c89-2ba"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
expires
Tue, 19 Sep 2023 03:24:36 GMT
ysm_reurl.js
ad.sitemaji.com/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.sitemaji.com/ysm_reurl.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/zZD6BDe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.215.186.35.bc.googleusercontent.com
Software
nginx/1.12.1 (Ubuntu) /
Resource Hash
8290d97b04510b940ddca9f2aea802eaafb36fc7a8f52e4466ed2b77db35c632

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 16:34:56 GMT
via
1.1 google
last-modified
Thu, 20 Jun 2019 08:55:05 GMT
server
nginx/1.12.1 (Ubuntu)
age
38980
etag
W/"5d0b49e9-4488"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400,public
content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5880
expires
Mon, 19 Sep 2022 16:34:56 GMT
ad.js
img.scupio.com/js/ 		76 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/ad.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/zZD6BDe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-27.fra56.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
0b7c985fafda17e8085fb6ba1cc58444ae9aad39a3f721a627db9e64d4491cea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:22:54 GMT
content-encoding
gzip
last-modified
Mon, 19 Sep 2022 02:16:55 GMT
server
nginx/1.12.1
age
102
etag
W/"6327d117-12f95"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront)
cache-control
max-age=900
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
loWYjcE4EjIS6icwDLuFRNu8ajMV8dOmdsjtYpzn8hq_gfBz9kN95w==
expires
Mon, 19 Sep 2022 03:37:54 GMT
init.js
cdn.holmesmind.com/js/ 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/zZD6BDe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:1e00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
UdwMmUAM2dmZqopCO7YOeMhqjXQRxqvB
via
1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
last-modified
Fri, 04 Mar 2022 10:10:49 GMT
server
AmazonS3
age
43
etag
"439e160b698f1ec2efb45c3b6cd6b265"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Mon, 19 Sep 2022 03:23:54 GMT
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
6552
x-amz-cf-id
FFVjRJhXex1nQh7qVIpuCzohfBfOp11YH5aYwNlC6hSHtUKAu_m7OA==
ga2.js
reurl.cc/javascripts/ 		618 B
588 B 		Script
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/javascripts/ga2.js?v=2
Requested by
Host: reurl.cc
URL: https://reurl.cc/zZD6BDe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
9c8c0ac19964706e18280f35973180a896d74c52c760c2d7047d6a94c1329a6f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/zZD6BDe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:36 GMT
content-encoding
gzip
last-modified
Thu, 24 Mar 2022 12:16:16 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"623c6110-26a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
expires
Tue, 19 Sep 2023 03:24:36 GMT
fbevents.js
connect.facebook.net/en_US/ 		101 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/javascripts/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
844bfb2ff3311ad9b5611b51d8c72e0c483a8ceafe7c625a5c321637f9277399
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26839
x-xss-protection
0
pragma
public
x-fb-debug
rkD+pL/hsb2UNh7vOEslCweOiNcUJUiS/VXsJJEgYhEcCrt/3HnSrbJq3Jr72eQZGqkWB2n9CjFXhfyNplSTaQ==
x-fb-trip-id
720026100
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 19 Sep 2022 03:24:36 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
feeds
storage.re-news.tw/ 		21 B
223 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://storage.re-news.tw/feeds
Requested by
Host: reurl.cc
URL: https://reurl.cc/javascripts/renews.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.196.223 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
223.196.244.35.bc.googleusercontent.com
Software
/ Express
Resource Hash
e41656eb2ba6c6293bf6dd928e5a88cdbc50535cab661c1969e0f598e497ed62

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:37 GMT
via
1.1 google
etag
W/"15-/6VXivhc2MKdLfIkLcUE47K6aH0"
x-powered-by
Express
vary
Origin
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://reurl.cc
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21
page.php
www.facebook.com/plugins/ Frame 6FB5 		15 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Requested by
Host: reurl.cc
URL: https://reurl.cc/zZD6BDe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b6f0846f4a58ca151b3967e6e06b3f0c87ac30d0b4a346f9e7b0575000e9a5b6
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
date
Mon, 19 Sep 2022 03:24:36 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
Qx73JOD90KrrjaqCiqm2U4vi0udsZd8AlZGalqpETQmJr7kD/fXEiJvWopM/fcmZzR47LLPPYZXh0fIPWYtYZQ==
x-fb-rlafr
0
x-xss-protection
0
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/javascripts/ga2.js?v=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
1356
date
Mon, 19 Sep 2022 03:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 19 Sep 2022 05:02:00 GMT
reurl_passback.js
ad.sitemaji.com/native/ Frame 2D0E 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.sitemaji.com/native/reurl_passback.js?s=728x90_pc
Requested by
Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_reurl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.215.186.35.bc.googleusercontent.com
Software
nginx/1.12.1 (Ubuntu) /
Resource Hash
9106df425157d837db9798b2b26f25f27f9a4e803f2fb0b2851c88492bec14fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:07:50 GMT
via
1.1 google
last-modified
Thu, 29 Aug 2019 10:21:02 GMT
server
nginx/1.12.1 (Ubuntu)
age
58606
etag
W/"5d67a70e-3bbe"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400,public
content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5256
expires
Mon, 19 Sep 2022 11:07:50 GMT
collect
www.google-analytics.com/j/ 		4 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=698199639&t=pageview&_s=1&dl=https%3A%2F%2Freurl.cc%2FzZD6BDe&ul=en-us&de=UTF-8&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=441900526&gjid=289530949&cid=1123884882.1663557877&tid=UA-102456694-1&_gid=1075165339.1663557877&_r=1&_slc=1&z=105431600
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:24:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=698199639&t=event&_s=2&dl=https%3A%2F%2Freurl.cc%2FzZD6BDe&ul=en-us&de=UTF-8&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=pause&ea=&el=&ev=1&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=1123884882.1663557877&tid=UA-102456694-1&_gid=1075165339.1663557877&z=436447314
Requested by
Host: reurl.cc
URL: https://reurl.cc/zZD6BDe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Sep 2022 21:17:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
22004
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
1675200226052423
connect.facebook.net/signals/config/ 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1675200226052423?v=2.9.83&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
506daa5655732569fb03ad85945cd0206f408b698651cc7f08bbf80ebce5b536
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
pLD6TbdmBQ0HWl2BiHUlPEmvf9fILnTgdnJbNP8k2akgc61pBDCPXN+kwfJ4qGR5v4g4bdwD/sbmUSBSgl8Lug==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 19 Sep 2022 03:24:37 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
native.js
s.yimg.com/dy/ads/ Frame 2D0E 		78 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/dy/ads/native.js
Requested by
Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/native/reurl_passback.js?s=728x90_pc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),
Reverse DNS
Software
ATS /
Resource Hash
a19902458ab4a5513642a87b381b9183a2fc725849b581fd953e22d824d1c5a7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
age
32
x-amz-server-side-encryption
AES256
x-amzn-internal-status
304
x-amz-request-id
02Q3JB0BEJ8ZRM20
x-amz-id-2
cnx88q+slPrhcxcEX23qUvoaees6rWm5XyQSbrp7+lfsAPoT/Snfjem9c849bRwZ4uedaUFp404=
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 08 Feb 2022 12:02:57 GMT
server
ATS
etag
"7e002e241fddeeb8dd76383206c47a3d-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
content-type
application/javascript
vary
Origin, Accept-Encoding
cache-control
max-age=600
accept-ranges
bytes
capmapping.htm
cdn.holmesmind.com/js/ Frame FE8B 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:1e00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cc37fba2e98f49c4d9551f72176d3aff72eacd798e5e85436837847e6b967c36

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
23
content-length
4730
content-type
text/html
date
Mon, 19 Sep 2022 03:24:18 GMT
etag
"c36f5eb091d6195fe8b68f3b263f999b"
last-modified
Mon, 22 Aug 2022 03:00:17 GMT
server
AmazonS3
via
1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
x-amz-cf-id
e41Dz8QuIgGCH3nWcqcnGVamziK6yQPJCKgWpVkdaLFW3oI6LfruvA==
x-amz-cf-pop
FRA56-C1
x-amz-version-id
9jVaRQ2pP3sbT47ouwg8zArcPp2ddVmt
x-cache
Hit from cloudfront
edmp_init.js
cdn.holmesmind.com/js/ 		662 B
1013 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/edmp_init.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:1e00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
last-modified
Fri, 12 Mar 2021 02:45:40 GMT
server
AmazonS3
age
21
etag
"f58f8a90686f8ffb3325107e8a788b71"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Mon, 19 Sep 2022 03:24:25 GMT
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
662
x-amz-cf-id
TelRTKr4Os2w-xzIGQXF138xqfj0mBZKzNsClb3yYbuXbofTYeXzDA==
presetfn.js
cdn.holmesmind.com/js/ Frame 4D17 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:1e00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
83a37c9bbe8dae0a71e95a0e6401bd5d9576a2b0e35295e640c2d807f9b4424e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
QFAcVwN57aO_RWKPah9bVgfaw1eby0J0
via
1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
last-modified
Mon, 22 Aug 2022 03:00:16 GMT
server
AmazonS3
age
43
etag
"ddf163a3d8381378b3e35e39339ad7ab"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Mon, 19 Sep 2022 03:23:54 GMT
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
9530
x-amz-cf-id
UGkFcCNKMOCnXpuPaoUgWiAxaAwwmaPVVj0cdxMoT5CuzeBhslO1Ng==
presetfn.js
cdn.holmesmind.com/js/ Frame BD62 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:1e00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
83a37c9bbe8dae0a71e95a0e6401bd5d9576a2b0e35295e640c2d807f9b4424e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
QFAcVwN57aO_RWKPah9bVgfaw1eby0J0
via
1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
last-modified
Mon, 22 Aug 2022 03:00:16 GMT
server
AmazonS3
age
43
etag
"ddf163a3d8381378b3e35e39339ad7ab"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Mon, 19 Sep 2022 03:23:54 GMT
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
9530
x-amz-cf-id
UJSNAT7ELK0v4H0wsNQMqK_13CsfQOH1ZathyWo7Q5or8W5jAG5tRA==
presetfn.js
cdn.holmesmind.com/js/ Frame C160 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:1e00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
83a37c9bbe8dae0a71e95a0e6401bd5d9576a2b0e35295e640c2d807f9b4424e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
QFAcVwN57aO_RWKPah9bVgfaw1eby0J0
via
1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
last-modified
Mon, 22 Aug 2022 03:00:16 GMT
server
AmazonS3
age
43
etag
"ddf163a3d8381378b3e35e39339ad7ab"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Mon, 19 Sep 2022 03:23:54 GMT
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
9530
x-amz-cf-id
kzEj7xH05pka0TfkzDjZ9Ke7e_CoSb1eYO6RC9H4dq1AMsVfMt3NOA==
collect
stats.g.doubleclick.net/j/ 		4 B
437 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-102456694-1&cid=1123884882.1663557877&jid=441900526&gjid=289530949&_gid=1075165339.1663557877&_u=IEBAAEAAAAAAAC~&z=480832559
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 19 Sep 2022 03:24:36 GMT
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm.php
fcm.holmesmind.com/ Frame 9EBC 		39 B
191 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fcm.holmesmind.com/cm.php
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.67.231 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
231.67.95.34.bc.googleusercontent.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795

Request headers

Referer
https://cdn.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39
content-type
text/html; charset=UTF-8
date
Mon, 19 Sep 2022 03:24:36 GMT
server
Apache/2.4.29 (Ubuntu)
via
1.1 google
utag.js
t.ssp.hinet.net/ Frame FE8B 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:37 GMT
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 06:51:32 GMT
server
nginx
etag
W/"62de3d74-134a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
strict-transport-security
max-age=0
expires
Mon, 19 Sep 2022 03:34:37 GMT
cm
c.holmesmind.com/ Frame FE8B
Redirect Chain
  • https://c.holmesmind.com/cm
  • https://c.holmesmind.com/cm?tc=getIn&
0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm?tc=getIn&
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H3
Server
35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:37 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8

Redirect headers

location
https://c.holmesmind.com/cm?tc=getIn&
date
Mon, 19 Sep 2022 03:24:36 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
17229.json
img.scupio.com/js/config/ 		461 B
866 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/config/17229.json?v=1.0.3839
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-27.fra56.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
e9f1ba6944eceb7d79bd7fac7faec722717283662f05646651fa70d53e7e3796

Request headers

Accept
application/json, text/javascript, */*
Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Mon, 19 Sep 2022 03:24:37 GMT
via
1.1 9570c3a1725c20e6faed117bbb74223a.cloudfront.net (CloudFront)
last-modified
Mon, 19 Sep 2022 02:20:43 GMT
server
nginx/1.12.1
x-amz-cf-pop
FRA56-C1
etag
"6327d1fb-1cd"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=10800
accept-ranges
bytes
content-length
461
x-amz-cf-id
WSbx5weJpVd-3uQesWD39cHNyHMLjyRTBTsx4Lwjz71XUlu2ru2EXg==
expires
Mon, 19 Sep 2022 06:24:37 GMT
adreqlog.aspx
bw.scupio.com/adpinline/ 		0
711 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bw.scupio.com/adpinline/adreqlog.aspx?cid=17229&cb=0.18423842424552905
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.180 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*
Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Mon, 19 Sep 2022 03:24:37 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
P3P
CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin
https://reurl.cc
Cache-Control
private
Access-Control-Allow-Credentials
true
Content-Type
application/json
Content-Length
0
ad.html
img.scupio.com/html/ Frame EA68 		83 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/html/ad.html?v=1.0.65
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-27.fra56.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
f670c1ad9fafff4387b4474fda0e68b090c975ddc416cf9f2aa64f50e1a4077c

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
605
cache-control
max-age=2592000
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 19 Sep 2022 03:14:31 GMT
etag
W/"62fdf772-14d93"
expires
Wed, 19 Oct 2022 03:14:31 GMT
last-modified
Thu, 18 Aug 2022 08:25:22 GMT
server
nginx/1.12.1
vary
Origin
via
1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront)
x-amz-cf-id
44OVkHnZqosoNi3f5sVft0d8WQkJPS2PHTdGndSUjAmBdbCXyk6hmA==
x-amz-cf-pop
FRA56-C1
x-cache
Hit from cloudfront
17253.json
img.scupio.com/js/config/ 		461 B
866 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/config/17253.json?v=1.0.3839
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-27.fra56.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
cc668c152b8285793e188115939ddfb34a31a9ac26fee8ffc3fb5e5071faeb1a

Request headers

Accept
application/json, text/javascript, */*
Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Mon, 19 Sep 2022 03:24:37 GMT
via
1.1 9570c3a1725c20e6faed117bbb74223a.cloudfront.net (CloudFront)
last-modified
Mon, 19 Sep 2022 02:20:43 GMT
server
nginx/1.12.1
x-amz-cf-pop
FRA56-C1
etag
"6327d1fb-1cd"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=10800
accept-ranges
bytes
content-length
461
x-amz-cf-id
8snx7noGqlVw_aKHPozsqgIjiKeTdvN7A4iCx-nGnken_hU_5q-66A==
expires
Mon, 19 Sep 2022 06:24:37 GMT
adreqlog.aspx
bw.scupio.com/adpinline/ 		0
710 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bw.scupio.com/adpinline/adreqlog.aspx?cid=17253&cb=0.000158566293434248
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.180 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*
Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Mon, 19 Sep 2022 03:24:37 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
P3P
CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin
https://reurl.cc
Cache-Control
private
Access-Control-Allow-Credentials
true
Content-Type
application/json
Content-Length
0
ad.html
img.scupio.com/html/ Frame 22E3 		83 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/html/ad.html?v=1.0.65
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-27.fra56.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
f670c1ad9fafff4387b4474fda0e68b090c975ddc416cf9f2aa64f50e1a4077c

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
605
cache-control
max-age=2592000
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 19 Sep 2022 03:14:31 GMT
etag
W/"62fdf772-14d93"
expires
Wed, 19 Oct 2022 03:14:31 GMT
last-modified
Thu, 18 Aug 2022 08:25:22 GMT
server
nginx/1.12.1
vary
Origin
via
1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront)
x-amz-cf-id
_e6JSphqbZ-bIdfUxjEZH2i_2qqVO7yaMHuQqU37pYkcS2IEoTckyA==
x-amz-cf-pop
FRA56-C1
x-cache
Hit from cloudfront
N-Op9l-xrsJ.css
static.xx.fbcdn.net/rsrc.php/v3/ym/l/0,cross/ Frame 6FB5 		20 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/ym/l/0,cross/N-Op9l-xrsJ.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
cae37df926c3b02ce00b3ce0716e995af0595dd90f3f169137f6ccb49f93e44b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:36 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
LKe/cZ9CSpuTPuqrNlPUnA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
5213
x-fb-rlafr
0
x-fb-debug
DNdYxI/P55ju/N/MSRymx0HXQXSoIqL75KJitcdHJfChyj3BaXYXYBCS8kzvaOmxG1GwxNmNhjBPYWOPvsnaGg==
x-fb-trip-id
720026100
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Mon, 18 Sep 2023 15:17:08 GMT
Preset.js
adcdn.holmesmind.com/adserver/ Frame 4D17 		756 B
682 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adcdn.holmesmind.com/adserver/Preset.js?z=13847
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:2200:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ce1e17725c0565bbdb0d7342bd669fea135d89a610c5f1c9ae7d0eed5e118267

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:36 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA6-C1
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
x-amz-cf-id
0CVWadMdR8sHkW1x4h7uybtitQrGxvLey6W_Js_0p_7HTTpatIY-SA==
via
1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
Preset.js
adcdn.holmesmind.com/adserver/ Frame BD62 		575 B
634 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adcdn.holmesmind.com/adserver/Preset.js?z=13856
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:2200:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
22d4fe7a41e1b5ac442faeccace387a6e59c4f056bc35b71f1b65cf42e7a6721

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:37 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA6-C1
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
x-amz-cf-id
y_Q-zy9WGiWEjGl4XE1oWol9wr7M8sMco6iI42-8iH9S3bUYeReVug==
via
1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
Preset.js
adcdn.holmesmind.com/adserver/ Frame C160 		760 B
684 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adcdn.holmesmind.com/adserver/Preset.js?z=13848
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:2200:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
37f7cb504e24d04c0a0ad415ed8612013957406bceb5dc53e21ce7480ecbe46d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:37 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA6-C1
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
x-amz-cf-id
_NX09R2TseivWb0eLS8TzLASmYbSO8O0Ub8ToLix441e8qghX22BVw==
via
1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame EA68 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 12:52:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52332
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33951
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 18 Sep 2023 12:52:24 GMT
prebid.js
img.scupio.com/js/ Frame EA68 		236 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/prebid.js?v=5.20.0
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-27.fra56.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
97a8ac3778e546a6f181085011be6050889e44dd212ac3e9782389f0b853c23d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/html/ad.html?v=1.0.65
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:22:18 GMT
content-encoding
gzip
last-modified
Tue, 28 Jun 2022 05:54:43 GMT
server
nginx/1.12.1
age
240
etag
W/"62ba97a3-3b047"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront)
cache-control
max-age=2592000
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
-ig6MMBqFWB75SYzcPXTpcVwNLyuCjrlaHqFcxpywxYzyXrjfn6HbA==
expires
Wed, 19 Oct 2022 03:20:36 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame 22E3 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 12:52:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52332
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33951
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 18 Sep 2023 12:52:24 GMT
prebid.js
img.scupio.com/js/ Frame 22E3 		236 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/prebid.js?v=5.20.0
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-27.fra56.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
97a8ac3778e546a6f181085011be6050889e44dd212ac3e9782389f0b853c23d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/html/ad.html?v=1.0.65
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:22:18 GMT
content-encoding
gzip
last-modified
Tue, 28 Jun 2022 05:54:43 GMT
server
nginx/1.12.1
age
240
etag
W/"62ba97a3-3b047"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront)
cache-control
max-age=2592000
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
1S_71jw8R8z8wuWQwEzBPyDqYMVXfHF0ItJ9nT9IA1w93W5-NiCUfw==
expires
Wed, 19 Oct 2022 03:20:36 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-102456694-1&cid=1123884882.1663557877&jid=441900526&_u=IEBAAEAAAAAAAC~&z=834259832
Requested by
Host: reurl.cc
URL: https://reurl.cc/zZD6BDe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:24:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-102456694-1&cid=1123884882.1663557877&jid=441900526&_u=IEBAAEAAAAAAAC~&z=834259832
Requested by
Host: reurl.cc
URL: https://reurl.cc/zZD6BDe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:24:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads.js
ad.holmesmind.com/adserver/ Frame 4D17 		0
215 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=13847&rf=https%3A%2F%2Freurl.cc%2FzZD6BDe&n=898&o=1&d=1&b=2&ts=1&ii=3&FPCK=6856-WTcPlRd5Ejb9cvi73df9EPrtkEgUAlej&initver=210830P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.198.19.32 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-198-19-32.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Mon, 19 Sep 2022 03:24:38 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame 4D17 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:1e00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:10 GMT
server
AmazonS3
age
42
etag
"6a605eea47197fa280f27aaf1fa1521d"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Mon, 19 Sep 2022 03:23:55 GMT
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
2773
x-amz-cf-id
oCoos-4N72sWAw8mrayE3fjK0XjmSflxom0CxEwMqXer9NoKsilxyg==
publishertag.js
static.criteo.net/js/ld/ Frame 4D17 		121 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b97c981ac3016bb12cb119a9efe3960eb57c8ec9d77892c1326c4766b86702a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:37 GMT
content-encoding
gzip
last-modified
Mon, 12 Sep 2022 11:36:03 GMT
server
nginx
etag
W/"631f19a3-1e292"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 20 Sep 2022 03:24:37 GMT
criteoV2.js
cdn.holmesmind.com/js/ Frame 4D17 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:1e00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:12 GMT
server
AmazonS3
age
21
etag
"e8f33fcb581483ced4a09b3c8e7550e4"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Mon, 19 Sep 2022 03:24:17 GMT
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
2443
x-amz-cf-id
DpYoXZdJH-MImb-KB_Enw8CHgNVN0zInz1vB6_lsTEn533Dkh4lI7g==
bridgewellV3.js
cdn.holmesmind.com/js/ Frame 4D17 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:1e00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
last-modified
Tue, 20 Apr 2021 06:25:23 GMT
server
AmazonS3
age
42
etag
"c3b948e5a48dd0ec20c265d6d8da7add"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Mon, 19 Sep 2022 03:23:55 GMT
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
4530
x-amz-cf-id
L_oKhtgczDldJWWXarspjonmBgOQTemCMGv0ZRCs5dPfcIEpWd-xTA==
appierV2.js
cdn.holmesmind.com/js/ Frame 4D17 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:1e00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
last-modified
Thu, 11 Mar 2021 07:54:26 GMT
server
AmazonS3
age
21
etag
"548ed610a8571343fb3022f543174735"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Mon, 19 Sep 2022 03:24:16 GMT
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
3177
x-amz-cf-id
0Xi4eZzYlko6H0pCW15dfDqYtt7n7r5gu9iAuocwBUVFYNlu0VkkHw==
appier_mainV3.js
cdn.holmesmind.com/js/ Frame 4D17 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:1e00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d541f77dd45df41c827a1c2b2899696c336c7bb3a1a06422d66ca4f37454258e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
last-modified
Fri, 15 Oct 2021 07:41:44 GMT
server
AmazonS3
age
42
etag
"adc35fd9401ac04bdb2a47c466e46174"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Mon, 19 Sep 2022 03:23:55 GMT
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
2568
x-amz-cf-id
LfTh4CR5aAYun3koyQ0WfJzou9IazSN7GrViiKtuO2U_NzBl-CV1hw==
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame 4D17 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Mon, 19 Sep 2022 03:24:37 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
prebid.aspx
prebid.scupio.com/recweb/ Frame 4D17 		0
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.9538903523465079
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.181 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 19 Sep 2022 03:24:37 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
text/html
Access-Control-Allow-Origin
https://reurl.cc
Cache-Control
private
Access-Control-Allow-Credentials
true
prebid.aspx
prebid.scupio.com/recweb/ Frame 4D17 		0
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.4812811860479562
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.181 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 19 Sep 2022 03:24:37 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
text/html
Access-Control-Allow-Origin
https://reurl.cc
Cache-Control
private
Access-Control-Allow-Credentials
true
bid
ad2.apx.appier.net/v1/prebid/ Frame 4D17
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=HgR6R_CJCE2cQw459uAnYw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=HgR6R_CJCE2cQw459uAnYw
Requested by
Host: reurl.cc
URL: https://reurl.cc/zZD6BDe
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:38 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Mon, 19 Sep 2022 03:24:38 GMT
server
nginx
access-control-allow-origin
null
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=HgR6R_CJCE2cQw459uAnYw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame 4D17
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=X1vvvf7TATmdvxia9uAnYw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=X1vvvf7TATmdvxia9uAnYw
Requested by
Host: reurl.cc
URL: https://reurl.cc/zZD6BDe
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:38 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Mon, 19 Sep 2022 03:24:38 GMT
server
nginx
access-control-allow-origin
null
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=X1vvvf7TATmdvxia9uAnYw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
getAds.do
ads.yap.yahoo.com/nosdk/wj/v1/ Frame 2D0E 		290 B
468 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?locale=en_US&agentVersion=205&adTrackingEnabled=true&adUnitCode=64d289b9-de9a-443b-a2c0-d45680807e46&apiKey=M2G62KV2NBNXKBPVHWQN&usp=&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Freurl.cc%2FzZD6BDe&caps=16&cb=jsonpCallback0
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.82.100.146 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
media-router-flurry71.prod.media.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
f7a8e9ba173126956cea416f7d8039002d47e39abd29f782ac164884ed216c5e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:37 GMT
content-encoding
gzip
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Accept-Encoding, User-Agent
content-type
application/javascript; charset=UTF-8
strict-transport-security
max-age=31536000
b
geo.yahoo.com/ Frame 2D0E 		43 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geo.yahoo.com/b?t=xhkd7&9sdk8454
Requested by
Host: reurl.cc
URL: https://reurl.cc/zZD6BDe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:24:37 GMT
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
p3p
policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control
no-cache, no-store, private
x-envoy-upstream-service-time
0
content-type
image/gif
content-length
43
cdb
bidder.criteo.com/ Frame 4D17 		177 B
425 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=130&profileId=184&cb=68522412676
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
93841e25812ee540b345d9b6cf175e5728480d03a8bdbe85d18683c43ba19c45
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 19 Sep 2022 03:24:36 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
162
cdb
bidder.criteo.com/ Frame 4D17 		177 B
424 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=130&profileId=184&cb=98293100273
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
3faf374da24a445e5f964940405260f379e51666b47b88c0e9df32a23c4a8f76
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 19 Sep 2022 03:24:36 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
162
landing.php
fp.holmesmind.com/ Frame 0C16 		0
249 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=7270-BU3Cjg8HuRmps1EBD7WeQ4OrdR5Ne4eC&CFFPCKUUID=6856-WTcPlRd5Ejb9cvi73df9EPrtkEgUAlej&url=https%3A%2F%2Freurl.cc%2FzZD6BDe&maindomain=reurl.cc
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.219.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
39.219.117.34.bc.googleusercontent.com
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
x-requested-with,content-type
access-control-allow-methods
*
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 19 Sep 2022 03:24:37 GMT
server
nginx/1.20.0
vary
Accept-Encoding
via
1.1 google
utag.js
t.ssp.hinet.net/ Frame 4D17 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:37 GMT
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 06:51:32 GMT
server
nginx
etag
W/"62de3d74-134a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
strict-transport-security
max-age=0
expires
Mon, 19 Sep 2022 03:34:37 GMT
ads.js
ad.holmesmind.com/adserver/ Frame C160 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=13848&rf=https%3A%2F%2Freurl.cc%2FzZD6BDe&n=302&o=1&d=1&b=2&ts=1&ii=3&FPCK=6856-WTcPlRd5Ejb9cvi73df9EPrtkEgUAlej&initver=210830P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.198.19.32 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-198-19-32.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
5316ebb83c8898408bf9448c5cc5879728c08cf5a6aba8673d35153ded6cde6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Mon, 19 Sep 2022 03:24:38 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame C160 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:1e00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:10 GMT
server
AmazonS3
age
42
etag
"6a605eea47197fa280f27aaf1fa1521d"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Mon, 19 Sep 2022 03:23:55 GMT
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
2773
x-amz-cf-id
PJUkqpFFV1IJYo19m-0wYVPcFWsnvk7kPAj4SjTHDrniF-7jTsB3WA==
publishertag.js
static.criteo.net/js/ld/ Frame C160 		121 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b97c981ac3016bb12cb119a9efe3960eb57c8ec9d77892c1326c4766b86702a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:37 GMT
content-encoding
gzip
last-modified
Mon, 12 Sep 2022 11:36:03 GMT
server
nginx
etag
W/"631f19a3-1e292"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 20 Sep 2022 03:24:37 GMT
criteoV2.js
cdn.holmesmind.com/js/ Frame C160 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:1e00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:12 GMT
server
AmazonS3
age
21
etag
"e8f33fcb581483ced4a09b3c8e7550e4"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Mon, 19 Sep 2022 03:24:17 GMT
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
2443
x-amz-cf-id
x5woFeX0VDHb0xOHsrAB2F-2PG1TgWYTOfpIa4IGKk7qq6_PAD7K8g==
bridgewellV3.js
cdn.holmesmind.com/js/ Frame C160 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:1e00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
last-modified
Tue, 20 Apr 2021 06:25:23 GMT
server
AmazonS3
age
42
etag
"c3b948e5a48dd0ec20c265d6d8da7add"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Mon, 19 Sep 2022 03:23:55 GMT
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
4530
x-amz-cf-id
XiTOiZ5ygtT6PrjMgaMgRF5I1-Ymqoh9tzFzY6Ps4mcUjGOOy3iHPA==
appierV2.js
cdn.holmesmind.com/js/ Frame C160 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:1e00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
last-modified
Thu, 11 Mar 2021 07:54:26 GMT
server
AmazonS3
age
21
etag
"548ed610a8571343fb3022f543174735"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Mon, 19 Sep 2022 03:24:16 GMT
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
3177
x-amz-cf-id
Rtdd7tnGZRpyrEtkvQJ9-MCNCzdP8bGoX63h_juVzFX8bdrpO_v49A==
appier_mainV3.js
cdn.holmesmind.com/js/ Frame C160 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:1e00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d541f77dd45df41c827a1c2b2899696c336c7bb3a1a06422d66ca4f37454258e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
last-modified
Fri, 15 Oct 2021 07:41:44 GMT
server
AmazonS3
age
42
etag
"adc35fd9401ac04bdb2a47c466e46174"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Mon, 19 Sep 2022 03:23:55 GMT
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
2568
x-amz-cf-id
v0qtls_r-NttFEJYThAOCIiBLW74bjbxpYHfxTsYIvIaB80NpTTk2A==
ads.js
ad.holmesmind.com/adserver/ Frame BD62 		2 KB
1001 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=13856&rf=https%3A%2F%2Freurl.cc%2FzZD6BDe&n=739&o=1&d=1&b=2&ts=1&ii=3&FPCK=6856-WTcPlRd5Ejb9cvi73df9EPrtkEgUAlej&initver=210830P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.198.19.32 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-198-19-32.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ed5055669bc0753a7b915d3188c2d48db77ec067a62694a1ad8b41c5cf9d64a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Mon, 19 Sep 2022 03:24:38 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame BD62 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:1e00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:10 GMT
server
AmazonS3
age
42
etag
"6a605eea47197fa280f27aaf1fa1521d"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Mon, 19 Sep 2022 03:23:55 GMT
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
2773
x-amz-cf-id
b7sgqgsx4blQMMlLYBeNOKKjZTgliZWQqLV3NQw6e7Sh7sHIsuy4OQ==
appierV2.js
cdn.holmesmind.com/js/ Frame BD62 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:1e00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
last-modified
Thu, 11 Mar 2021 07:54:26 GMT
server
AmazonS3
age
21
etag
"548ed610a8571343fb3022f543174735"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Mon, 19 Sep 2022 03:24:16 GMT
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
3177
x-amz-cf-id
_Y2H5w738SnnIKClPS0VvLZvTfvBuY-VHj8dbQHGsXWC75WZ3VuMaw==
events
bidder.criteo.com/csm/ Frame 4D17 		0
209 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 19 Sep 2022 03:24:37 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
events
bidder.criteo.com/csm/ Frame 4D17 		0
209 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 19 Sep 2022 03:24:37 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
prebid.aspx
prebid.scupio.com/recweb/ Frame C160 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.12819202133876617
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
210.59.219.181 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 19 Sep 2022 03:24:38 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
text/html
access-control-allow-origin
https://reurl.cc
cache-control
private
access-control-allow-credentials
true
bid
ad2.apx.appier.net/v1/prebid/ Frame C160
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=SRMxSCkZDQ21d5q29uAnYw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=SRMxSCkZDQ21d5q29uAnYw
Requested by
Host: reurl.cc
URL: https://reurl.cc/zZD6BDe
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:38 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Mon, 19 Sep 2022 03:24:38 GMT
server
nginx
access-control-allow-origin
null
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=SRMxSCkZDQ21d5q29uAnYw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame C160
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=Osv72xQrD5SLDT429uAnYw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=Osv72xQrD5SLDT429uAnYw
Requested by
Host: reurl.cc
URL: https://reurl.cc/zZD6BDe
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:38 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Mon, 19 Sep 2022 03:24:38 GMT
server
nginx
access-control-allow-origin
null
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=Osv72xQrD5SLDT429uAnYw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame BD62 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Mon, 19 Sep 2022 03:24:37 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
bid
ad2.apx.appier.net/v1/prebid/ Frame BD62
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=sV42KwVqDSqpO85p9uAnYw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=sV42KwVqDSqpO85p9uAnYw
Requested by
Host: reurl.cc
URL: https://reurl.cc/zZD6BDe
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:38 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Mon, 19 Sep 2022 03:24:38 GMT
server
nginx
access-control-allow-origin
null
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=sV42KwVqDSqpO85p9uAnYw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame C160 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Mon, 19 Sep 2022 03:24:37 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
cdb
bidder.criteo.com/ Frame C160 		177 B
424 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=130&profileId=184&cb=765341045
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
bf6751464659d5ba2f1dd4ac622b311e11e922c6270213d3c91d1506f59cf389
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 19 Sep 2022 03:24:36 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
162
currency.json
img.scupio.com/js/config/ Frame EA68 		106 B
484 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/config/currency.json
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-27.fra56.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
3310846ebc03d76aa053db0d8133f785aa438b9443c42e78c222437ec026c6ed

Request headers

Referer
https://img.scupio.com/html/ad.html?v=1.0.65
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 19 Sep 2022 03:23:22 GMT
via
1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront)
last-modified
Sun, 18 Sep 2022 19:15:05 GMT
server
nginx/1.12.1
age
75
etag
"63276e39-6a"
vary
Origin
x-cache
Hit from cloudfront
content-type
application/json
cache-control
max-age=10800
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
106
x-amz-cf-id
A81AcwrfesjaR__bcR_Hj7OekuYYu9-a2zAJWOiy8_AUJIk07WXBsg==
expires
Mon, 19 Sep 2022 06:23:22 GMT
prebid.aspx
prebid.scupio.com/recweb/ Frame EA68 		0
44 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.21715621949324415
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
210.59.219.181 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 19 Sep 2022 03:24:38 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
text/html
access-control-allow-origin
https://img.scupio.com
cache-control
private
access-control-allow-credentials
true
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame EA68 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://img.scupio.com
date
Mon, 19 Sep 2022 03:24:37 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
cdb
bidder.criteo.com/ Frame EA68 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.21.0-pre&cb=3129668009
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 19 Sep 2022 03:24:36 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://img.scupio.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
prebid.json
ad.holmesmind.com/adserver/ Frame EA68 		0
218 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/prebid.json?cb=1663557876893&hb=1&ver=1.21
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.198.19.32 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-198-19-32.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://img.scupio.com
date
Mon, 19 Sep 2022 03:24:38 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
header
hb.aralego.com/ Frame EA68 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-6272B749823AD3B6FE98336EBDD2A34A&tdid=&schain=1.0%2C1!scupio.com%2C4808%2C1%2C%2C%2C&eids=&pubcid=0affe51a-349e-4b89-bc33-f1d8e21f0b08&u=https%3A%2F%2Freurl.cc%2FzZD6BDe&host=reurl.cc&xr=0&ao=https%3A%2F%2Freurl.cc&ucfUid=032a26fb-ef21-4119-83a0-7b48a7235711&w=300&h=250
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.200.41 Washington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://img.scupio.com
Date
Mon, 19 Sep 2022 03:24:37 GMT
Access-Control-Allow-Credentials
true
Connection
close
currency.json
img.scupio.com/js/config/ Frame 22E3 		106 B
476 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/config/currency.json
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-27.fra56.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
3310846ebc03d76aa053db0d8133f785aa438b9443c42e78c222437ec026c6ed

Request headers

Referer
https://img.scupio.com/html/ad.html?v=1.0.65
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 19 Sep 2022 03:23:22 GMT
via
1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront)
last-modified
Sun, 18 Sep 2022 19:15:05 GMT
server
nginx/1.12.1
age
75
etag
"63276e39-6a"
vary
Origin
x-cache
Hit from cloudfront
content-type
application/json
cache-control
max-age=10800
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
106
x-amz-cf-id
u1BXSWB4yQzqBD0nxZGrKTB0aPIDqNHNiqfUb-lbgbiEl0hfXCa0rw==
expires
Mon, 19 Sep 2022 06:23:22 GMT
prebid.json
ad.holmesmind.com/adserver/ Frame 22E3 		0
218 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/prebid.json?cb=1663557876904&hb=1&ver=1.21
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.198.19.32 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-198-19-32.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://img.scupio.com
date
Mon, 19 Sep 2022 03:24:38 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
header
hb.aralego.com/ Frame 22E3 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-9A2A7263E9EB6DA9F4EB86E487B8648A&tdid=&schain=1.0%2C1!scupio.com%2C4808%2C1%2C%2C%2C&eids=&pubcid=0affe51a-349e-4b89-bc33-f1d8e21f0b08&u=https%3A%2F%2Freurl.cc%2FzZD6BDe&host=reurl.cc&xr=0&ao=https%3A%2F%2Freurl.cc&ucfUid=40b32cdb-e20e-4395-8325-031353071fd9&w=970&h=250
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.200.41 Washington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://img.scupio.com
Date
Mon, 19 Sep 2022 03:24:37 GMT
Access-Control-Allow-Credentials
true
Connection
close
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame 22E3 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://img.scupio.com
date
Mon, 19 Sep 2022 03:24:37 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
cdb
bidder.criteo.com/ Frame 22E3 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.21.0-pre&cb=7832403495
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 19 Sep 2022 03:24:37 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://img.scupio.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
prebid.aspx
prebid.scupio.com/recweb/ Frame 22E3 		0
27 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.07293054706166613
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
210.59.219.181 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 19 Sep 2022 03:24:38 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
text/html
access-control-allow-origin
https://img.scupio.com
cache-control
private
access-control-allow-credentials
true
events
bidder.criteo.com/csm/ Frame C160 		0
209 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 19 Sep 2022 03:24:36 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
/
t.ssp.hinet.net/ Frame FE8B 		37 B
409 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
615de20454a4fb58af5b3e8571f75f79f9e261145a6e3f4ba7a540406fff3bbc
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:37 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
/
t.ssp.hinet.net/ 		37 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
3ae37c87b4bf38458dde249a06e839caf3ce494372712f7e2fedb6740af96672
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:37 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
landing.php
fp.holmesmind.com/ Frame 7D27 		0
82 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=7270-BU3Cjg8HuRmps1EBD7WeQ4OrdR5Ne4eC&CFFPCKUUID=6856-WTcPlRd5Ejb9cvi73df9EPrtkEgUAlej&url=https%3A%2F%2Freurl.cc%2FzZD6BDe&maindomain=reurl.cc
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.219.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
39.219.117.34.bc.googleusercontent.com
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
x-requested-with,content-type
access-control-allow-methods
*
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 19 Sep 2022 03:24:37 GMT
server
nginx/1.20.0
vary
Accept-Encoding
via
1.1 google
utag.js
t.ssp.hinet.net/ Frame C160 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:37 GMT
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 06:51:32 GMT
server
nginx
etag
W/"62de3d74-134a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
strict-transport-security
max-age=0
expires
Mon, 19 Sep 2022 03:34:37 GMT
landing.php
fp.holmesmind.com/ Frame 1DF3 		0
82 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=7270-BU3Cjg8HuRmps1EBD7WeQ4OrdR5Ne4eC&CFFPCKUUID=6856-WTcPlRd5Ejb9cvi73df9EPrtkEgUAlej&url=https%3A%2F%2Freurl.cc%2FzZD6BDe&maindomain=reurl.cc
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.219.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
39.219.117.34.bc.googleusercontent.com
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
x-requested-with,content-type
access-control-allow-methods
*
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 19 Sep 2022 03:24:37 GMT
server
nginx/1.20.0
vary
Accept-Encoding
via
1.1 google
utag.js
t.ssp.hinet.net/ Frame BD62 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:37 GMT
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 06:51:32 GMT
server
nginx
etag
W/"62de3d74-134a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
strict-transport-security
max-age=0
expires
Mon, 19 Sep 2022 03:34:37 GMT
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1675200226052423&ev=PageView&dl=https%3A%2F%2Freurl.cc%2FzZD6BDe&rl=&if=false&ts=1663557877584&sw=1600&sh=1200&v=2.9.83&r=stable&ec=0&o=28&fbp=fb.1.1663557877582.297329232&it=1663557876699&coo=false&exp=a1&rqm=GET
Requested by
Host: reurl.cc
URL: https://reurl.cc/zZD6BDe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:37 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Mon, 19 Sep 2022 03:24:37 GMT
/
t.ssp.hinet.net/ Frame 4D17 		37 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
519b41fb68c8b7364f0efb9aa68ef9142eafec648bb4f1086ed70d63967da279
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:37 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
emome2
t.ssp.hinet.net/ Frame FE8B 		30 B
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=fdfbc8ee-2dfd-485e-bad9-30711cf73b8d
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:37 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
emome2
t.ssp.hinet.net/ 		30 B
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=db15abf2-3b93-4438-888f-d016bbd373dc
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:37 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
/
t.ssp.hinet.net/ Frame C160 		36 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
ea392a1485330db1b238fdbaffc24d74af06ac00d0df6b562ed358e80e88778b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:37 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
emome2
t.ssp.hinet.net/ Frame 4D17 		30 B
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=db15abf2-3b93-4438-888f-d016bbd373dc
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:38 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
cm
t.ssp.hinet.net/ 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=a546ca&cid=%%%20Partner%20Cookie%20Here%20%%&mp=db15abf2-3b93-4438-888f-d016bbd373dc
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:38 GMT
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
pixel
db15abf2-3b93-4438-888f-d016bbd373dc.t.ssp.hinet.net/ 		0
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://db15abf2-3b93-4438-888f-d016bbd373dc.t.ssp.hinet.net/pixel?bd=db15abf2-3b93-4438-888f-d016bbd373dc&t=a546ca&referrer=%25%25%20referrer%20%25%25
Requested by
Host: reurl.cc
URL: https://reurl.cc/zZD6BDe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:39 GMT
server
nginx
content-length
0
strict-transport-security
max-age=0
content-type
image/png
cm
t.ssp.hinet.net/ Frame 4D17 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=50ef57&cid=7270-BU3Cjg8HuRmps1EBD7WeQ4OrdR5Ne4eC&mp=db15abf2-3b93-4438-888f-d016bbd373dc
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:38 GMT
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
pixel
db15abf2-3b93-4438-888f-d016bbd373dc.t.ssp.hinet.net/ Frame 4D17 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://db15abf2-3b93-4438-888f-d016bbd373dc.t.ssp.hinet.net/pixel?bd=db15abf2-3b93-4438-888f-d016bbd373dc&t=50ef57&referrer=https%3A%2F%2Freurl.cc
Requested by
Host: reurl.cc
URL: https://reurl.cc/zZD6BDe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:39 GMT
server
nginx
content-length
0
strict-transport-security
max-age=0
content-type
image/png
pixel
db15abf2-3b93-4438-888f-d016bbd373dc.t.ssp.hinet.net/ Frame C160 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://db15abf2-3b93-4438-888f-d016bbd373dc.t.ssp.hinet.net/pixel?bd=db15abf2-3b93-4438-888f-d016bbd373dc&t=50ef57&referrer=https%3A%2F%2Freurl.cc
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:39 GMT
server
nginx
content-length
0
strict-transport-security
max-age=0
content-type
image/png
cm
t.ssp.hinet.net/ Frame C160 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=50ef57&cid=7270-BU3Cjg8HuRmps1EBD7WeQ4OrdR5Ne4eC&mp=db15abf2-3b93-4438-888f-d016bbd373dc
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:38 GMT
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
pixel
db15abf2-3b93-4438-888f-d016bbd373dc.t.ssp.hinet.net/ Frame BD62 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://db15abf2-3b93-4438-888f-d016bbd373dc.t.ssp.hinet.net/pixel?bd=db15abf2-3b93-4438-888f-d016bbd373dc&t=50ef57&referrer=https%3A%2F%2Freurl.cc
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:39 GMT
server
nginx
content-length
0
strict-transport-security
max-age=0
content-type
image/png
cm
t.ssp.hinet.net/ Frame BD62 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=50ef57&cid=7270-BU3Cjg8HuRmps1EBD7WeQ4OrdR5Ne4eC&mp=db15abf2-3b93-4438-888f-d016bbd373dc
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:38 GMT
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
drawV2.js
cdn.holmesmind.com/js/ Frame BD62 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13856&rf=https%3A%2F%2Freurl.cc%2FzZD6BDe&n=739&o=1&d=1&b=2&ts=1&ii=3&FPCK=6856-WTcPlRd5Ejb9cvi73df9EPrtkEgUAlej&initver=210830P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:1e00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
last-modified
Fri, 16 Oct 2020 09:58:46 GMT
server
AmazonS3
age
42
etag
"84d8b1a745228113e60f5e62f0eff6d3"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Mon, 19 Sep 2022 03:23:56 GMT
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
10359
x-amz-cf-id
K6n_yjaMttzqd9EaNNRxcU4Dr9G7Y1UlWvwIsTe6mJL7uHDi2HwCEg==
drawV2.js
cdn.holmesmind.com/js/ Frame C160 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13848&rf=https%3A%2F%2Freurl.cc%2FzZD6BDe&n=302&o=1&d=1&b=2&ts=1&ii=3&FPCK=6856-WTcPlRd5Ejb9cvi73df9EPrtkEgUAlej&initver=210830P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:1e00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
last-modified
Fri, 16 Oct 2020 09:58:46 GMT
server
AmazonS3
age
42
etag
"84d8b1a745228113e60f5e62f0eff6d3"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Mon, 19 Sep 2022 03:23:56 GMT
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
10359
x-amz-cf-id
2izgnyAw7xLniOosQMWlvW292vYJQVNA4bl-uVX5_4bkpxIL24FntQ==
adsbyscupio.js
img.scupio.com/js/ Frame 6D34 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/adsbyscupio.js?v=1.0.2
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-27.fra56.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
d7fc505653c3573f9bccca93a33e2ed14bd8b4586bdeca9180225dab01f1bbbe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/html/ad.html?v=1.0.65
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:45 GMT
content-encoding
gzip
last-modified
Mon, 19 Apr 2021 03:30:31 GMT
server
nginx/1.12.1
age
293
etag
W/"607cf957-11ab"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront)
cache-control
max-age=10800
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
_M48X9ERpq20xwZhYq9Je3yv4y12OMx9cWDjRkgHw-hJ6Cx-R3wkcA==
expires
Mon, 19 Sep 2022 06:19:45 GMT
bidinfo.aspx
bw.scupio.com/adpinline/ Frame 22E3 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bw.scupio.com/adpinline/bidinfo.aspx?cb=0.5437569614787248
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.180 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e8bf3291c3e5d4603aae9cbf79962a809b1b1f8baeaa8d2389588b4428cfca13

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Mon, 19 Sep 2022 03:24:38 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
P3P
CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin
https://img.scupio.com
Cache-Control
private
Access-Control-Allow-Credentials
true
Content-Type
application/javascript; charset=utf-8
Content-Length
1476
adsbyscupio.js
img.scupio.com/js/ Frame 8886 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/adsbyscupio.js?v=1.0.2
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-27.fra56.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
d7fc505653c3573f9bccca93a33e2ed14bd8b4586bdeca9180225dab01f1bbbe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/html/ad.html?v=1.0.65
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:45 GMT
content-encoding
gzip
last-modified
Mon, 19 Apr 2021 03:30:31 GMT
server
nginx/1.12.1
age
293
etag
W/"607cf957-11ab"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront)
cache-control
max-age=10800
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
dzYD4mTAWurfg7V03-4ZaEpLf_t1bAqeFOMPdqmBx5U-iwC1YqnJTQ==
expires
Mon, 19 Sep 2022 06:19:45 GMT
bidinfo.aspx
bw.scupio.com/adpinline/ Frame EA68 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bw.scupio.com/adpinline/bidinfo.aspx?cb=0.7967459936527299
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.180 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
6ccc91310289dd363aaef87acfff435c11e96603bf2b256bf709791da9868a8a

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Mon, 19 Sep 2022 03:24:39 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
P3P
CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin
https://img.scupio.com
Cache-Control
private
Access-Control-Allow-Credentials
true
Content-Type
application/javascript; charset=utf-8
Content-Length
1478
truncated
/ Frame EA68 		762 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4ce81ecccefb27ce0f347ef564114da2ba450a9e1d9a7260b4597e62b1f71a72

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 22E3 		762 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4ce81ecccefb27ce0f347ef564114da2ba450a9e1d9a7260b4597e62b1f71a72

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/svg+xml
970x250.jpg
img.scupio.com/img/padding/ Frame 6D34 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.scupio.com/img/padding/970x250.jpg
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-27.fra56.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
1219005b1ac715570be263a42b98d63280456e8fc7fcdfdf704536cfe5f9e9b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/html/ad.html?v=1.0.65
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:15:43 GMT
via
1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront)
last-modified
Mon, 19 Apr 2021 03:31:40 GMT
server
nginx/1.12.1
age
1094
etag
"607cf99c-b9b9"
vary
Origin
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
47545
x-amz-cf-id
jdKz4kiQWBORscB0a2n44ZuCZg46CyPboCJ4Gr3wr4vsyr6z1K8Buw==
expires
Tue, 19 Sep 2023 03:06:23 GMT
300x250.png
img.scupio.com/img/2011_gym/ Frame 8886 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.scupio.com/img/2011_gym/300x250.png
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-27.fra56.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
7684143ee568b9ce13d69133030aa4077efd37eb289bac09d70ba9364f2ae93e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/html/ad.html?v=1.0.65
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:18:16 GMT
via
1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront)
last-modified
Mon, 19 Apr 2021 03:31:40 GMT
server
nginx/1.12.1
age
383
etag
"607cf99c-bcf6"
vary
Origin
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
48374
x-amz-cf-id
QXIb7g6V7B92JaCT86e-YoyGzhFNV8-VP3tlXcmxdMhW8NktIw8IsA==
expires
Tue, 19 Sep 2023 03:18:15 GMT
publishertag.prebid.117.js
static.criteo.net/js/ld/ Frame EA68 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:39 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 20 Sep 2022 03:24:39 GMT
publishertag.prebid.117.js
static.criteo.net/js/ld/ Frame 22E3 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:39 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 20 Sep 2022 03:24:39 GMT
syncframe
gum.criteo.com/ Frame 309A 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
3c194ef9dbec4dcbd08cd14e2a2ee0f88368e8ca11b6c6600cf47019d16680c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://img.scupio.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 19 Sep 2022 03:24:39 GMT
server
Kestrel
server-processing-duration-in-ticks
523010
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ Frame EA68 		88 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
3573919f392ac2bcb14f8d9a7a54972862ce5403ffc24f3d2ccf8078b2b2bd6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:39 GMT
content-encoding
gzip
last-modified
Mon, 12 Sep 2022 11:36:03 GMT
server
nginx
etag
W/"631f19a3-160f4"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 20 Sep 2022 03:24:39 GMT
syncframe
gum.criteo.com/ Frame B302 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
3c194ef9dbec4dcbd08cd14e2a2ee0f88368e8ca11b6c6600cf47019d16680c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://img.scupio.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 19 Sep 2022 03:24:38 GMT
server
Kestrel
server-processing-duration-in-ticks
452158
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 22E3 		88 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
3573919f392ac2bcb14f8d9a7a54972862ce5403ffc24f3d2ccf8078b2b2bd6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:39 GMT
content-encoding
gzip
last-modified
Mon, 12 Sep 2022 11:36:03 GMT
server
nginx
etag
W/"631f19a3-160f4"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 20 Sep 2022 03:24:39 GMT
init.js
cdn.holmesmind.com/js/ Frame CD6C 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/zZD6BDe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:1e00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
UdwMmUAM2dmZqopCO7YOeMhqjXQRxqvB
via
1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
last-modified
Fri, 04 Mar 2022 10:10:49 GMT
server
AmazonS3
age
46
etag
"439e160b698f1ec2efb45c3b6cd6b265"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Mon, 19 Sep 2022 03:23:54 GMT
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
6552
x-amz-cf-id
wbOh4O06f8aoJH7BZ6lUHKLaBCG52rqwM2TFzvt9sPSw86d0_RsJdQ==
init.js
cdn.holmesmind.com/js/ Frame FFCF 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/zZD6BDe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:1e00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
UdwMmUAM2dmZqopCO7YOeMhqjXQRxqvB
via
1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
last-modified
Fri, 04 Mar 2022 10:10:49 GMT
server
AmazonS3
age
46
etag
"439e160b698f1ec2efb45c3b6cd6b265"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Mon, 19 Sep 2022 03:23:54 GMT
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
6552
x-amz-cf-id
DUQyPWU0pWpvF4ftUsD-vC9C8tddXM5ci0R0rpH9ERM-VTThV12Dpw==
capmapping.htm
cdn.holmesmind.com/js/ Frame 0BE3 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:1e00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cc37fba2e98f49c4d9551f72176d3aff72eacd798e5e85436837847e6b967c36

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
26
content-length
4730
content-type
text/html
date
Mon, 19 Sep 2022 03:24:18 GMT
etag
"c36f5eb091d6195fe8b68f3b263f999b"
last-modified
Mon, 22 Aug 2022 03:00:17 GMT
server
AmazonS3
via
1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
x-amz-cf-id
ehuW1bFsZBXZFynu5esfwJZQR936aUz0aD3_6pTlSnyRRmOnVo681w==
x-amz-cf-pop
FRA56-C1
x-amz-version-id
9jVaRQ2pP3sbT47ouwg8zArcPp2ddVmt
x-cache
Hit from cloudfront
edmp_init.js
cdn.holmesmind.com/js/ Frame CD6C 		662 B
1002 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/edmp_init.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:1e00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
last-modified
Fri, 12 Mar 2021 02:45:40 GMT
server
AmazonS3
age
24
etag
"f58f8a90686f8ffb3325107e8a788b71"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Mon, 19 Sep 2022 03:24:25 GMT
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
662
x-amz-cf-id
d1gcECq1bMhaQhMQ6lRcVOLXLo9zqpDrqxnp-5DsAgM64ADsBnfi-w==
presetfn.js
cdn.holmesmind.com/js/ Frame 32E2 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:1e00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
83a37c9bbe8dae0a71e95a0e6401bd5d9576a2b0e35295e640c2d807f9b4424e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
QFAcVwN57aO_RWKPah9bVgfaw1eby0J0
via
1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
last-modified
Mon, 22 Aug 2022 03:00:16 GMT
server
AmazonS3
age
46
etag
"ddf163a3d8381378b3e35e39339ad7ab"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Mon, 19 Sep 2022 03:23:54 GMT
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
9530
x-amz-cf-id
rAlL5YpatoYAtVaJRQpeCr8Aav4HSo5vnI4zDdAyugK3COUd0vVF_Q==
capmapping.htm
cdn.holmesmind.com/js/ Frame 28FD 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:1e00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cc37fba2e98f49c4d9551f72176d3aff72eacd798e5e85436837847e6b967c36

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
26
content-length
4730
content-type
text/html
date
Mon, 19 Sep 2022 03:24:18 GMT
etag
"c36f5eb091d6195fe8b68f3b263f999b"
last-modified
Mon, 22 Aug 2022 03:00:17 GMT
server
AmazonS3
via
1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
x-amz-cf-id
zpcUL3FTiWzCD9sZ6DunJeLrT5AHdru1i0Przw5Quwn-tOwzNujL_w==
x-amz-cf-pop
FRA56-C1
x-amz-version-id
9jVaRQ2pP3sbT47ouwg8zArcPp2ddVmt
x-cache
Hit from cloudfront
edmp_init.js
cdn.holmesmind.com/js/ Frame FFCF 		662 B
1004 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/edmp_init.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:1e00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
last-modified
Fri, 12 Mar 2021 02:45:40 GMT
server
AmazonS3
age
24
etag
"f58f8a90686f8ffb3325107e8a788b71"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Mon, 19 Sep 2022 03:24:25 GMT
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
662
x-amz-cf-id
xp7GoSQUePn7OIF0LBgvWtBZkqSfzZ8xGtM2Vcq6eB4tvEvoKlAzOQ==
presetfn.js
cdn.holmesmind.com/js/ Frame 748B 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:1e00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
83a37c9bbe8dae0a71e95a0e6401bd5d9576a2b0e35295e640c2d807f9b4424e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
QFAcVwN57aO_RWKPah9bVgfaw1eby0J0
via
1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
last-modified
Mon, 22 Aug 2022 03:00:16 GMT
server
AmazonS3
age
46
etag
"ddf163a3d8381378b3e35e39339ad7ab"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Mon, 19 Sep 2022 03:23:54 GMT
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
9530
x-amz-cf-id
vvKuEVJMykDt0TMLCvINP05ZkzYUHIiI_3azwTlbZMqAccefIyjtYA==
cm.php
fcm.holmesmind.com/ Frame C25E 		0
0
utag.js
t.ssp.hinet.net/ Frame 0BE3 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:39 GMT
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 06:51:32 GMT
server
nginx
etag
W/"62de3d74-134a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
strict-transport-security
max-age=0
expires
Mon, 19 Sep 2022 03:34:39 GMT
cm
c.holmesmind.com/ Frame 0BE3 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:40 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
google
m.holmesmind.com/ml/ Frame 0BE3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=923580-OZn59FAmfEvvGHtb0QePz2ZKvWpcTKLr&uu_m=undefined
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm=&cf_uid=923580-OZn59FAmfEvvGHtb0QePz2ZKvWpcTKLr&uu_m=undefined&google_tc=
  • https://m.holmesmind.com/ml/google?cf_uid=923580-OZn59FAmfEvvGHtb0QePz2ZKvWpcTKLr&uu_m=undefined&google_gid=CAESEJtvIdeU2VC0_7c0yickZr0&google_cver=1
0
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.holmesmind.com/ml/google?cf_uid=923580-OZn59FAmfEvvGHtb0QePz2ZKvWpcTKLr&uu_m=undefined&google_gid=CAESEJtvIdeU2VC0_7c0yickZr0&google_cver=1
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Server
35.227.249.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
156.249.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:39 GMT
x-guploader-uploadid
ADPycdtvrsbalx1uIOZGiyJCc1t7Uf9EG3E0eL8sOqYKGeo6GOyryKBO-sxIStycSZ0UCXx8YBDsYIgzdN3U4ZhKDFsBog
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
last-modified
Wed, 21 Feb 2018 07:36:41 GMT
server
UploadServer
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-goog-hash
crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
x-goog-generation
1519198601160228
cache-control
public, max-age=3600
x-goog-stored-content-length
0
accept-ranges
bytes
content-type
image/png
expires
Mon, 19 Sep 2022 04:24:39 GMT

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:24:39 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://m.holmesmind.com/ml/google?cf_uid=923580-OZn59FAmfEvvGHtb0QePz2ZKvWpcTKLr&uu_m=undefined&google_gid=CAESEJtvIdeU2VC0_7c0yickZr0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
358
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Preset.js
adcdn.holmesmind.com/adserver/ Frame 32E2 		1 KB
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adcdn.holmesmind.com/adserver/Preset.js?z=13857
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:2200:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
a7cac69ff4c7b905552b1915305ba548a87acdf6205efe6e5bd1eef0d4700793

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:39 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA6-C1
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
x-amz-cf-id
qQnNwOVNhDP2PazSOxbijcVArK5wW2h4-Cfk0dWQbwkmpXjC7edEnA==
via
1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
cm
c.holmesmind.com/ Frame 28FD 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:40 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
cm.php
fcm.holmesmind.com/ Frame 4D6E 		0
0
utag.js
t.ssp.hinet.net/ Frame 28FD 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:39 GMT
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 06:51:32 GMT
server
nginx
etag
W/"62de3d74-134a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
strict-transport-security
max-age=0
expires
Mon, 19 Sep 2022 03:34:39 GMT
google
m.holmesmind.com/ml/ Frame 28FD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=923580-OZn59FAmfEvvGHtb0QePz2ZKvWpcTKLr&uu_m=undefined
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm=&cf_uid=923580-OZn59FAmfEvvGHtb0QePz2ZKvWpcTKLr&uu_m=undefined&google_tc=
  • https://m.holmesmind.com/ml/google?cf_uid=923580-OZn59FAmfEvvGHtb0QePz2ZKvWpcTKLr&uu_m=undefined&google_gid=CAESECS2OA2IT5WG5_bk3au9KqE&google_cver=1
0
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.holmesmind.com/ml/google?cf_uid=923580-OZn59FAmfEvvGHtb0QePz2ZKvWpcTKLr&uu_m=undefined&google_gid=CAESECS2OA2IT5WG5_bk3au9KqE&google_cver=1
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Server
35.227.249.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
156.249.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:39 GMT
x-guploader-uploadid
ADPycduXnkVDpSlXE_-BQ0FmnEUk685O0DmqolvCoqV3zgWVF3D1lhQKHVhRUOxz0FhAAdl-DNWcIKzvHnncoFeD8YVGMw
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
last-modified
Wed, 21 Feb 2018 07:36:41 GMT
server
UploadServer
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-goog-hash
crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
x-goog-generation
1519198601160228
cache-control
public, max-age=3600
x-goog-stored-content-length
0
accept-ranges
bytes
content-type
image/png
expires
Mon, 19 Sep 2022 04:24:39 GMT

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:24:39 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://m.holmesmind.com/ml/google?cf_uid=923580-OZn59FAmfEvvGHtb0QePz2ZKvWpcTKLr&uu_m=undefined&google_gid=CAESECS2OA2IT5WG5_bk3au9KqE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
358
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Preset.js
adcdn.holmesmind.com/adserver/ Frame 748B 		1 KB
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adcdn.holmesmind.com/adserver/Preset.js?z=13849
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:2200:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
a7cac69ff4c7b905552b1915305ba548a87acdf6205efe6e5bd1eef0d4700793

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:39 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA6-C1
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
x-amz-cf-id
XSL9_J3--frWR_o2zMHvsmt3UteNdYvVP6BdC77YdueSA4WQuMXpMA==
via
1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
/
t.ssp.hinet.net/ Frame 0BE3 		36 B
409 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
ea392a1485330db1b238fdbaffc24d74af06ac00d0df6b562ed358e80e88778b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:39 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
/
t.ssp.hinet.net/ Frame 28FD 		36 B
409 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
ea392a1485330db1b238fdbaffc24d74af06ac00d0df6b562ed358e80e88778b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:39 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
ads.js
ad.holmesmind.com/adserver/ Frame 32E2 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=13857&rf=https%3A%2F%2Freurl.cc%2FzZD6BDe&n=854&o=1&d=1&b=2&ts=1&ii=2&FPCK=6856-WTcPlRd5Ejb9cvi73df9EPrtkEgUAlej&initver=210830P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.198.19.32 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-198-19-32.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
efaff732bb8f08573410b7134a1f8b63b1f1ca2c37099820003a24caa12cd5df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Mon, 19 Sep 2022 03:24:39 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame 32E2 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:1e00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:10 GMT
server
AmazonS3
age
44
etag
"6a605eea47197fa280f27aaf1fa1521d"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Mon, 19 Sep 2022 03:23:55 GMT
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
2773
x-amz-cf-id
JHuybo_unfyWUhr7IzFwAAxOzWByKg_ccrs5Rt2tJVEWKMlavOLvbQ==
publishertag.js
static.criteo.net/js/ld/ Frame 32E2 		121 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b97c981ac3016bb12cb119a9efe3960eb57c8ec9d77892c1326c4766b86702a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:39 GMT
content-encoding
gzip
last-modified
Mon, 12 Sep 2022 11:36:03 GMT
server
nginx
etag
W/"631f19a3-1e292"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 20 Sep 2022 03:24:39 GMT
criteoV2.js
cdn.holmesmind.com/js/ Frame 32E2 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:1e00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:12 GMT
server
AmazonS3
age
23
etag
"e8f33fcb581483ced4a09b3c8e7550e4"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Mon, 19 Sep 2022 03:24:17 GMT
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
2443
x-amz-cf-id
xn0Zgp1g-f_DfVhh7LGJaYXU064o1AMRkbSxcypL_lgELUfou1lilg==
bridgewellV3.js
cdn.holmesmind.com/js/ Frame 32E2 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:1e00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
last-modified
Tue, 20 Apr 2021 06:25:23 GMT
server
AmazonS3
age
44
etag
"c3b948e5a48dd0ec20c265d6d8da7add"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Mon, 19 Sep 2022 03:23:55 GMT
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
4530
x-amz-cf-id
1NKpsVKYMVjslXbBRxas0wRZHIvX0d7wit_QZH-xsVvO0bRfPbGP1w==
appierV2.js
cdn.holmesmind.com/js/ Frame 32E2 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:1e00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
last-modified
Thu, 11 Mar 2021 07:54:26 GMT
server
AmazonS3
age
23
etag
"548ed610a8571343fb3022f543174735"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Mon, 19 Sep 2022 03:24:16 GMT
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
3177
x-amz-cf-id
oiRF4s7fP2mqidRSp73YzPvvFAWYc-BxLgmMJN34ilvaG2_H15xtMg==
appier_mainV3.js
cdn.holmesmind.com/js/ Frame 32E2 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:1e00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d541f77dd45df41c827a1c2b2899696c336c7bb3a1a06422d66ca4f37454258e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
last-modified
Fri, 15 Oct 2021 07:41:44 GMT
server
AmazonS3
age
44
etag
"adc35fd9401ac04bdb2a47c466e46174"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Mon, 19 Sep 2022 03:23:55 GMT
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
2568
x-amz-cf-id
529dB0dlEzk_v06Y9vy163nN5wE972UOR--ovSxwGndpZKEoWn1YwQ==
ads.js
ad.holmesmind.com/adserver/ Frame 748B 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=13849&rf=https%3A%2F%2Freurl.cc%2FzZD6BDe&n=343&o=1&d=1&b=2&ts=1&ii=2&FPCK=6856-WTcPlRd5Ejb9cvi73df9EPrtkEgUAlej&initver=210830P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.198.19.32 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-198-19-32.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
08c18e307310dad771a99a7cf258161f7e38f15dd3d7a97715e68553ee2eb4f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Mon, 19 Sep 2022 03:24:40 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame 748B 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:1e00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:10 GMT
server
AmazonS3
age
44
etag
"6a605eea47197fa280f27aaf1fa1521d"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Mon, 19 Sep 2022 03:23:55 GMT
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
2773
x-amz-cf-id
tGiU60EFGN5QKwB8tPlIxe2wHr0g0jKwG2EpG_dBnzwRXX-euc_WMw==
publishertag.js
static.criteo.net/js/ld/ Frame 748B 		121 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b97c981ac3016bb12cb119a9efe3960eb57c8ec9d77892c1326c4766b86702a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:39 GMT
content-encoding
gzip
last-modified
Mon, 12 Sep 2022 11:36:03 GMT
server
nginx
etag
W/"631f19a3-1e292"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 20 Sep 2022 03:24:39 GMT
criteoV2.js
cdn.holmesmind.com/js/ Frame 748B 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:1e00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:12 GMT
server
AmazonS3
age
23
etag
"e8f33fcb581483ced4a09b3c8e7550e4"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Mon, 19 Sep 2022 03:24:17 GMT
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
2443
x-amz-cf-id
5kdePvnn7WbXzZ41BIztTF7x-ftPi5FudmYO2fkQhDuRI3dUwY08SQ==
bridgewellV3.js
cdn.holmesmind.com/js/ Frame 748B 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:1e00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
last-modified
Tue, 20 Apr 2021 06:25:23 GMT
server
AmazonS3
age
44
etag
"c3b948e5a48dd0ec20c265d6d8da7add"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Mon, 19 Sep 2022 03:23:55 GMT
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
4530
x-amz-cf-id
w1ypns64gA0U5HseOA7AP9PqhITpOODlO5e9SkMNJ_zQQTC4-5z8kQ==
appierV2.js
cdn.holmesmind.com/js/ Frame 748B 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:1e00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
last-modified
Thu, 11 Mar 2021 07:54:26 GMT
server
AmazonS3
age
23
etag
"548ed610a8571343fb3022f543174735"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Mon, 19 Sep 2022 03:24:16 GMT
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
3177
x-amz-cf-id
oMpHYd0JpC2qltbRZdVgKEl-VkcDQ2QpRluqtaMRLkZ2yRUVj8iwoA==
appier_mainV3.js
cdn.holmesmind.com/js/ Frame 748B 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:1e00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d541f77dd45df41c827a1c2b2899696c336c7bb3a1a06422d66ca4f37454258e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
last-modified
Fri, 15 Oct 2021 07:41:44 GMT
server
AmazonS3
age
44
etag
"adc35fd9401ac04bdb2a47c466e46174"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Mon, 19 Sep 2022 03:23:55 GMT
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
2568
x-amz-cf-id
oQZNzVhxvG8FtvtmDrqh0Gy-bLyJ0uJMKZhA6zIW7WayvQr63DWVjw==
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame 32E2 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Mon, 19 Sep 2022 03:24:39 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
prebid.aspx
prebid.scupio.com/recweb/ Frame 32E2 		0
27 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.3608325106963526
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
210.59.219.181 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 19 Sep 2022 03:24:39 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
text/html
access-control-allow-origin
https://reurl.cc
cache-control
private
access-control-allow-credentials
true
bid
ad2.apx.appier.net/v1/prebid/ Frame 32E2
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=SRMxSCkZDQ21d5q29uAnYw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=SRMxSCkZDQ21d5q29uAnYw
Requested by
Host: reurl.cc
URL: https://reurl.cc/zZD6BDe
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:40 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Mon, 19 Sep 2022 03:24:40 GMT
server
nginx
access-control-allow-origin
null
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=SRMxSCkZDQ21d5q29uAnYw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame 748B 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Mon, 19 Sep 2022 03:24:39 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
bid
ad2.apx.appier.net/v1/prebid/ Frame 32E2
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=SRMxSCkZDQ21d5q29uAnYw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=SRMxSCkZDQ21d5q29uAnYw
Requested by
Host: reurl.cc
URL: https://reurl.cc/zZD6BDe
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:40 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Mon, 19 Sep 2022 03:24:40 GMT
server
nginx
access-control-allow-origin
null
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=SRMxSCkZDQ21d5q29uAnYw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
prebid.aspx
prebid.scupio.com/recweb/ Frame 748B 		0
50 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.34461954485616975
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
210.59.219.181 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 19 Sep 2022 03:24:39 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
text/html
access-control-allow-origin
https://reurl.cc
cache-control
private
access-control-allow-credentials
true
bid
ad2.apx.appier.net/v1/prebid/ Frame 748B
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=SRMxSCkZDQ21d5q29uAnYw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=SRMxSCkZDQ21d5q29uAnYw
Requested by
Host: reurl.cc
URL: https://reurl.cc/zZD6BDe
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:40 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Mon, 19 Sep 2022 03:24:40 GMT
server
nginx
access-control-allow-origin
null
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=SRMxSCkZDQ21d5q29uAnYw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame 748B
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=SRMxSCkZDQ21d5q29uAnYw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=SRMxSCkZDQ21d5q29uAnYw
Requested by
Host: reurl.cc
URL: https://reurl.cc/zZD6BDe
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:40 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Mon, 19 Sep 2022 03:24:40 GMT
server
nginx
access-control-allow-origin
null
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=SRMxSCkZDQ21d5q29uAnYw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
cdb
bidder.criteo.com/ Frame 32E2 		177 B
425 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=130&profileId=184&cb=8078074086
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ea4aaf72c27da5a05a63aa91de5a2d7ebb934a9183cfe7ee74b12d9f0b55810b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 19 Sep 2022 03:24:39 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
163
cdb
bidder.criteo.com/ Frame 748B 		177 B
425 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=130&profileId=184&cb=46909446620
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
0a6580919cd0122d14d3d23683140887ff716341194b9edb0ea527b80f944b84
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 19 Sep 2022 03:24:38 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
163
events
bidder.criteo.com/csm/ Frame 32E2 		0
209 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 19 Sep 2022 03:24:39 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
emome2
t.ssp.hinet.net/ Frame 0BE3 		30 B
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=db15abf2-3b93-4438-888f-d016bbd373dc
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:39 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
events
bidder.criteo.com/csm/ Frame 748B 		0
209 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 19 Sep 2022 03:24:39 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
emome2
t.ssp.hinet.net/ Frame 28FD 		30 B
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=db15abf2-3b93-4438-888f-d016bbd373dc
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:39 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
landing.php
fp.holmesmind.com/ Frame F29C 		0
37 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=7270-BU3Cjg8HuRmps1EBD7WeQ4OrdR5Ne4eC&CFFPCKUUID=6856-WTcPlRd5Ejb9cvi73df9EPrtkEgUAlej&url=https%3A%2F%2Freurl.cc%2FzZD6BDe&maindomain=reurl.cc
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.219.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
39.219.117.34.bc.googleusercontent.com
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
x-requested-with,content-type
access-control-allow-methods
*
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 19 Sep 2022 03:24:40 GMT
server
nginx/1.20.0
vary
Accept-Encoding
via
1.1 google
utag.js
t.ssp.hinet.net/ Frame 32E2 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:40 GMT
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 06:51:32 GMT
server
nginx
etag
W/"62de3d74-134a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
strict-transport-security
max-age=0
expires
Mon, 19 Sep 2022 03:34:40 GMT
landing.php
fp.holmesmind.com/ Frame 4132 		0
37 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=7270-BU3Cjg8HuRmps1EBD7WeQ4OrdR5Ne4eC&CFFPCKUUID=6856-WTcPlRd5Ejb9cvi73df9EPrtkEgUAlej&url=https%3A%2F%2Freurl.cc%2FzZD6BDe&maindomain=reurl.cc
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.219.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
39.219.117.34.bc.googleusercontent.com
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
x-requested-with,content-type
access-control-allow-methods
*
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 19 Sep 2022 03:24:40 GMT
server
nginx/1.20.0
vary
Accept-Encoding
via
1.1 google
utag.js
t.ssp.hinet.net/ Frame 748B 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:40 GMT
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 06:51:32 GMT
server
nginx
etag
W/"62de3d74-134a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
strict-transport-security
max-age=0
expires
Mon, 19 Sep 2022 03:34:40 GMT
sid
mug.criteo.com/ Frame B302
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=oFfcEXxicjRNemRvaGdZZllxTmQ3dCtXNUFDNUN3YzgrYUh3elVyOGZKbmJqbnZWcm45a1JuUmJMU05zZkpaUDdRcDgrY2xtSHRkcnRBV0VLNFVPMXM2R2hsb3p2Nm1CT1VlaWdic3NIaHpTNWRENGxZVTlMYlZHUUZJZE...
431 B
653 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=oFfcEXxicjRNemRvaGdZZllxTmQ3dCtXNUFDNUN3YzgrYUh3elVyOGZKbmJqbnZWcm45a1JuUmJMU05zZkpaUDdRcDgrY2xtSHRkcnRBV0VLNFVPMXM2R2hsb3p2Nm1CT1VlaWdic3NIaHpTNWRENGxZVTlMYlZHUUZJZEJhdnVBbzQ3RVU2c0tuWnoxNElNZVdicVZFejQwd1VkUjNieG1tNk9CWE5uYkFZMld1T3BtOXN4TDFoVllaUUJsdzVDUUkwNUxCNld3bVBRc2JKWEtpVnpDVUtqU2crL0RVeVlDaWw3bXN4SFBQRjVQVUFKaU1oZVgwbVZjb3NUeHBuaEU1ME9RVEZKRVhGYkRsaytGV1RrdkNManQzVzFIdFUxNUtXRDZJZzFrTHRibFlNVT18&cppv=2
Requested by
Host: reurl.cc
URL: https://reurl.cc/zZD6BDe
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
2f77649220a6738ca05b4a2c55dbd4b7ba6c2fa3582772b243e500c8786f8a64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:24:39 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2582254
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:24:39 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
location
https://mug.criteo.com/sid?cpp=oFfcEXxicjRNemRvaGdZZllxTmQ3dCtXNUFDNUN3YzgrYUh3elVyOGZKbmJqbnZWcm45a1JuUmJMU05zZkpaUDdRcDgrY2xtSHRkcnRBV0VLNFVPMXM2R2hsb3p2Nm1CT1VlaWdic3NIaHpTNWRENGxZVTlMYlZHUUZJZEJhdnVBbzQ3RVU2c0tuWnoxNElNZVdicVZFejQwd1VkUjNieG1tNk9CWE5uYkFZMld1T3BtOXN4TDFoVllaUUJsdzVDUUkwNUxCNld3bVBRc2JKWEtpVnpDVUtqU2crL0RVeVlDaWw3bXN4SFBQRjVQVUFKaU1oZVgwbVZjb3NUeHBuaEU1ME9RVEZKRVhGYkRsaytGV1RrdkNManQzVzFIdFUxNUtXRDZJZzFrTHRibFlNVT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
283041
content-length
0
expires
0
sid
mug.criteo.com/ Frame 309A
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=Bq_EYHw3YkRaanRiTVZXRWJ1d3BSUWNvYTVPK1R4UE05L0sraUxaZzB6aDE0aDdoNTlpMVBwbHE0MVpJYWIzeHAvc2lsamg3S2xTeGdVbHZHV2MxMkdaUmlFajFNWEc1ckswV1E1aVcrWHNySmRLU1VrTjVjeXJIVVRXdz...
438 B
654 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=Bq_EYHw3YkRaanRiTVZXRWJ1d3BSUWNvYTVPK1R4UE05L0sraUxaZzB6aDE0aDdoNTlpMVBwbHE0MVpJYWIzeHAvc2lsamg3S2xTeGdVbHZHV2MxMkdaUmlFajFNWEc1ckswV1E1aVcrWHNySmRLU1VrTjVjeXJIVVRXdzR0UFIvbkpITnV1OVUxR0tWVitsWElVRkgwQ1NOUWZlUnFtdGtwS2lHWmd2aXFxWm5IYlpRRjRyZ0QyRVcwYXA3cU9YRERoWjVxbVlUTStxdE9KL2M4eWpWNFBVRXdZNnVMQi90M05CU3dDV0RtVnZoelp0bE9BSGZMZ0Vhb2xuNklROXQ1bldjZzFKRlJ1Z2dOMzk4eHdJUDdYZEc1d2hZdVp2dkJCaWkwbUVJdXFDdnJZdz18&cppv=2
Requested by
Host: reurl.cc
URL: https://reurl.cc/zZD6BDe
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
45278e68bfc82391f58be135cac22b7774ed02862b1621ab061f5f74ca0b2423
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:24:39 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2550838
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:24:39 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
location
https://mug.criteo.com/sid?cpp=Bq_EYHw3YkRaanRiTVZXRWJ1d3BSUWNvYTVPK1R4UE05L0sraUxaZzB6aDE0aDdoNTlpMVBwbHE0MVpJYWIzeHAvc2lsamg3S2xTeGdVbHZHV2MxMkdaUmlFajFNWEc1ckswV1E1aVcrWHNySmRLU1VrTjVjeXJIVVRXdzR0UFIvbkpITnV1OVUxR0tWVitsWElVRkgwQ1NOUWZlUnFtdGtwS2lHWmd2aXFxWm5IYlpRRjRyZ0QyRVcwYXA3cU9YRERoWjVxbVlUTStxdE9KL2M4eWpWNFBVRXdZNnVMQi90M05CU3dDV0RtVnZoelp0bE9BSGZMZ0Vhb2xuNklROXQ1bldjZzFKRlJ1Z2dOMzk4eHdJUDdYZEc1d2hZdVp2dkJCaWkwbUVJdXFDdnJZdz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
348614
content-length
0
expires
0
cm
t.ssp.hinet.net/ Frame 0BE3 		0
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=cf&cid=923580-OZn59FAmfEvvGHtb0QePz2ZKvWpcTKLr&mp=db15abf2-3b93-4438-888f-d016bbd373dc
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:40 GMT
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
pixel
db15abf2-3b93-4438-888f-d016bbd373dc.t.ssp.hinet.net/ Frame 0BE3 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://db15abf2-3b93-4438-888f-d016bbd373dc.t.ssp.hinet.net/pixel?bd=db15abf2-3b93-4438-888f-d016bbd373dc&t=cf&referrer=https%3A%2F%2Freurl.cc
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:40 GMT
server
nginx
content-length
0
strict-transport-security
max-age=0
content-type
image/png
pixel
db15abf2-3b93-4438-888f-d016bbd373dc.t.ssp.hinet.net/ Frame 28FD 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://db15abf2-3b93-4438-888f-d016bbd373dc.t.ssp.hinet.net/pixel?bd=db15abf2-3b93-4438-888f-d016bbd373dc&t=cf&referrer=https%3A%2F%2Freurl.cc
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:40 GMT
server
nginx
content-length
0
strict-transport-security
max-age=0
content-type
image/png
cm
t.ssp.hinet.net/ Frame 28FD 		0
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=cf&cid=923580-OZn59FAmfEvvGHtb0QePz2ZKvWpcTKLr&mp=db15abf2-3b93-4438-888f-d016bbd373dc
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:40 GMT
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
ls.html
img.scupio.com/html/ Frame 8595 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/html/ls.html
Requested by
Host: reurl.cc
URL: https://reurl.cc/zZD6BDe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-27.fra56.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce

Request headers

Referer
https://img.scupio.com/html/ad.html?v=1.0.65
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2723
cache-control
max-age=604800
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 19 Sep 2022 02:39:22 GMT
etag
W/"583295c9-4dc"
expires
Mon, 26 Sep 2022 02:39:17 GMT
last-modified
Mon, 21 Nov 2016 06:35:53 GMT
server
nginx/1.12.1
vary
Origin
via
1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront)
x-amz-cf-id
HSKSFe-QbaS8d6m0FzlAfsoZDLpESVXJFCymb0XUxbY5q2k_-Qs-cQ==
x-amz-cf-pop
FRA56-C1
x-cache
Hit from cloudfront
ggid.aspx
rec.scupio.com/recweb/ Frame 6708
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q0RBMjAyMjA5MTkxMTI0Mzk5ODAyMzY%3d&layout=js
  • https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEHF-kdHr_bJWmANSM5xJS_k&google_cver=1&google_ula=3918219,0
0
551 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEHF-kdHr_bJWmANSM5xJS_k&google_cver=1&google_ula=3918219,0
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol
HTTP/1.1
Server
210.59.219.175 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 03:24:40 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
P3P
CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control
private
Content-Type
text/javascript
Content-Length
0

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:24:40 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEHF-kdHr_bJWmANSM5xJS_k&google_cver=1&google_ula=3918219,0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame DB28
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac
  • https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Requested by
Host: reurl.cc
URL: https://reurl.cc/zZD6BDe
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://img.scupio.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 19 Sep 2022 03:24:40 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 19 Sep 2022 03:24:40 GMT
location
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
server
AkamaiGHost
/
www.facebook.com/tr/ Frame 6708 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1588263144793165&ev=ViewContent&dl=https%3A%2F%2Fimg.scupio.com%2Fhtml%2Fad.html%3Fv%3D1.0.65&rl=https%3A%2F%2Fimg.scupio.com%2Fhtml%2Fad.html%3Fv%3D1.0.65&if=true&ts=1663557880053&cd[SBST]=17&cd[PuID]=reurl
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:40 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Mon, 19 Sep 2022 03:24:40 GMT
generic
match.adsrvr.org/track/cmf/ Frame 6708
Redirect Chain
  • https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CDA20220919112439980236
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/5859e14f-13ed-3c1f-b680-339ddb332fb5?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-IvPu_LVE2oXiFVMWg4F.NiHCSeFP9PbljdFvb_w-~A&redirect=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:24:41 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
date
Mon, 19 Sep 2022 03:24:40 GMT
connection
close
content-length
111
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
ls.html
img.scupio.com/html/ Frame B052 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/html/ls.html
Requested by
Host: reurl.cc
URL: https://reurl.cc/zZD6BDe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-27.fra56.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce

Request headers

Referer
https://img.scupio.com/html/ad.html?v=1.0.65
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2723
cache-control
max-age=604800
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 19 Sep 2022 02:39:22 GMT
etag
W/"583295c9-4dc"
expires
Mon, 26 Sep 2022 02:39:17 GMT
last-modified
Mon, 21 Nov 2016 06:35:53 GMT
server
nginx/1.12.1
vary
Origin
via
1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront)
x-amz-cf-id
H5205HoppH8I7nGf4dmG6_C4HE85krxRCTGUFxcV47N3Jf8469E5KQ==
x-amz-cf-pop
FRA56-C1
x-cache
Hit from cloudfront
ggid.aspx
rec.scupio.com/recweb/ Frame 448F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q1FBMjAyMjA5MTkxMTI0MzkyMDMzMjc%3d&layout=js
  • https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEHF-kdHr_bJWmANSM5xJS_k&google_cver=1&google_ula=3918219,0
0
551 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEHF-kdHr_bJWmANSM5xJS_k&google_cver=1&google_ula=3918219,0
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol
HTTP/1.1
Server
210.59.219.175 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 03:24:40 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
P3P
CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control
private
Content-Type
text/javascript
Content-Length
0

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:24:40 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEHF-kdHr_bJWmANSM5xJS_k&google_cver=1&google_ula=3918219,0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame CCEE
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac
  • https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Requested by
Host: reurl.cc
URL: https://reurl.cc/zZD6BDe
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://img.scupio.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 19 Sep 2022 03:24:40 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 19 Sep 2022 03:24:40 GMT
location
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
server
AkamaiGHost
/
www.facebook.com/tr/ Frame 448F 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1588263144793165&ev=ViewContent&dl=https%3A%2F%2Fimg.scupio.com%2Fhtml%2Fad.html%3Fv%3D1.0.65&rl=https%3A%2F%2Fimg.scupio.com%2Fhtml%2Fad.html%3Fv%3D1.0.65&if=true&ts=1663557880067&cd[SBST]=17&cd[PuID]=reurl
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:40 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Mon, 19 Sep 2022 03:24:40 GMT
idsync
sync.aralego.com/ Frame 448F
Redirect Chain
  • https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CQA20220919112439203327
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/5859e14f-13ed-3c1f-b680-339ddb332fb5?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-1uVVv6NE2oVQ8C3rBaNEagPM8qZ7s0Lye8JKJ1I-~A&redirect=
35 B
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-1uVVv6NE2oVQ8C3rBaNEagPM8qZ7s0Lye8JKJ1I-~A&redirect=
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol
HTTP/1.1
Server
162.210.196.208 Washington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:40 GMT
connection
close
content-length
35
content-type
image/gif

Redirect headers

date
Mon, 19 Sep 2022 03:24:40 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-1uVVv6NE2oVQ8C3rBaNEagPM8qZ7s0Lye8JKJ1I-~A&redirect=
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
drawV2.js
cdn.holmesmind.com/js/ Frame 32E2 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13857&rf=https%3A%2F%2Freurl.cc%2FzZD6BDe&n=854&o=1&d=1&b=2&ts=1&ii=2&FPCK=6856-WTcPlRd5Ejb9cvi73df9EPrtkEgUAlej&initver=210830P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:1e00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
last-modified
Fri, 16 Oct 2020 09:58:46 GMT
server
AmazonS3
age
44
etag
"84d8b1a745228113e60f5e62f0eff6d3"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Mon, 19 Sep 2022 03:23:56 GMT
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
10359
x-amz-cf-id
hvrbC9UBzVTOv6TvUfx-Scmp1A055gxDAt1k4Pt30Rbu-UQuF83gAg==
chtmp.php
ccm.holmesmind.com/ Frame CD6C 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D923580-OZn59FAmfEvvGHtb0QePz2ZKvWpcTKLr%26SID%3D53865%26Tags%3D2003%2C2002
Requested by
Host: reurl.cc
URL: https://reurl.cc/zZD6BDe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.115.52.250 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-115-52-250.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Mon, 19 Sep 2022 03:24:40 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
chtmp.php
ccm.holmesmind.com/ Frame CD6C 		0
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D923580-OZn59FAmfEvvGHtb0QePz2ZKvWpcTKLr%26SID%3D53864%26Tags%3D2003%2C2002
Requested by
Host: reurl.cc
URL: https://reurl.cc/zZD6BDe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.115.52.250 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-115-52-250.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Mon, 19 Sep 2022 03:24:40 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
drawV2.js
cdn.holmesmind.com/js/ Frame 748B 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13849&rf=https%3A%2F%2Freurl.cc%2FzZD6BDe&n=343&o=1&d=1&b=2&ts=1&ii=2&FPCK=6856-WTcPlRd5Ejb9cvi73df9EPrtkEgUAlej&initver=210830P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:1e00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
last-modified
Fri, 16 Oct 2020 09:58:46 GMT
server
AmazonS3
age
44
etag
"84d8b1a745228113e60f5e62f0eff6d3"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Mon, 19 Sep 2022 03:23:56 GMT
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
10359
x-amz-cf-id
JPcm3wlBcHJBfw3SYY3MsGkKOi2Qirty-TQgvovi7huZ1vSmKKdaBw==
chtmp.php
ccm.holmesmind.com/ Frame FFCF 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D923580-OZn59FAmfEvvGHtb0QePz2ZKvWpcTKLr%26SID%3D53865%26Tags%3D2003%2C2002
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.115.52.250 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-115-52-250.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Mon, 19 Sep 2022 03:24:40 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
chtmp.php
ccm.holmesmind.com/ Frame FFCF 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D923580-OZn59FAmfEvvGHtb0QePz2ZKvWpcTKLr%26SID%3D53864%26Tags%3D2003%2C2002
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.115.52.250 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-115-52-250.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Mon, 19 Sep 2022 03:24:40 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
usync.js
eus.rubiconproject.com/ Frame DB28 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1219d714e27f186eb7bbf428f0553a2a5a32fd30e6321b10af81582c66fa173d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 03:24:40 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=32429
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9421
Expires
Mon, 19 Sep 2022 12:25:09 GMT
usync.js
eus.rubiconproject.com/ Frame CCEE 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1219d714e27f186eb7bbf428f0553a2a5a32fd30e6321b10af81582c66fa173d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 03:24:40 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=32429
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9421
Expires
Mon, 19 Sep 2022 12:25:09 GMT
khaos.jpg
token.rubiconproject.com/ Frame DB28 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Content-Type
image/jpg
khaos.jpg
token.rubiconproject.com/ Frame CCEE 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Content-Type
image/jpg
sync.php
pixel-apac.rubiconproject.com/exchange/ Frame DB28 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-apac.rubiconproject.com/exchange/sync.php?p=xapi-bridgewell
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4b9b5fe4fdc8ed94e0f7cdc225df187a
Content-Type
image/gif
sdk
cdn.aralego.net/ucfad/sdk/us-east/ Frame 3986
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
43 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by
Host: reurl.cc
URL: https://reurl.cc/zZD6BDe
Protocol
H2
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
634ce6ebcae68cecdd5e4fe82fb7745884b9ee2dbe59a51bc08e1da360cd39c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:41 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5696
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43721
last-modified
Wed, 14 Sep 2022 07:16:38 GMT
server
cloudflare
etag
"63217fd6-aac9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2yc4Id9q8yAQDOQt%2FmppyD6FXR2dmWhZcnsKmAW4VOe9jnzahl5mavt4lajBF%2FxvoT%2FyZDnoWJKZUa268%2F7VIi4B1yy%2FC9VK5ULT0VwsBLcGJyV65NatmpafeZCnbau1fTUqCXDXn1H8U0CwjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
74cf35b5d911bafd-MXP

Redirect headers

location
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
connection
close
content-length
0
sdk
cdn.aralego.net/ucfad/sdk/us-east/ Frame D2A0
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
43 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by
Host: reurl.cc
URL: https://reurl.cc/zZD6BDe
Protocol
H2
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
634ce6ebcae68cecdd5e4fe82fb7745884b9ee2dbe59a51bc08e1da360cd39c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:41 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5696
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43721
last-modified
Wed, 14 Sep 2022 07:16:38 GMT
server
cloudflare
etag
"63217fd6-aac9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ch2B51rd%2FNL30GR%2BcTkiF0zSLU%2BBx2R1AVdxijqH8thwm6fzGGq6o0jvt50epAjAm44cWnl5p30DrL%2F%2BDRkFMvordSjuiWHgkcPDh9fGdppgVpMHbwZcLVlxorxOS4QZ3W%2Fq16fNDUlgCga1kw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
74cf35b5d912bafd-MXP

Redirect headers

location
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
connection
close
content-length
0
cm
t.ssp.hinet.net/ Frame 32E2 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=50ef57&cid=7270-BU3Cjg8HuRmps1EBD7WeQ4OrdR5Ne4eC&mp=db15abf2-3b93-4438-888f-d016bbd373dc
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:40 GMT
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
pixel
db15abf2-3b93-4438-888f-d016bbd373dc.t.ssp.hinet.net/ Frame 32E2 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://db15abf2-3b93-4438-888f-d016bbd373dc.t.ssp.hinet.net/pixel?bd=db15abf2-3b93-4438-888f-d016bbd373dc&t=50ef57&referrer=https%3A%2F%2Freurl.cc
Requested by
Host: reurl.cc
URL: https://reurl.cc/zZD6BDe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:40 GMT
server
nginx
content-length
0
strict-transport-security
max-age=0
content-type
image/png
pixel
db15abf2-3b93-4438-888f-d016bbd373dc.t.ssp.hinet.net/ Frame 748B 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://db15abf2-3b93-4438-888f-d016bbd373dc.t.ssp.hinet.net/pixel?bd=db15abf2-3b93-4438-888f-d016bbd373dc&t=50ef57&referrer=https%3A%2F%2Freurl.cc
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:40 GMT
server
nginx
content-length
0
strict-transport-security
max-age=0
content-type
image/png
cm
t.ssp.hinet.net/ Frame 748B 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=50ef57&cid=7270-BU3Cjg8HuRmps1EBD7WeQ4OrdR5Ne4eC&mp=db15abf2-3b93-4438-888f-d016bbd373dc
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:40 GMT
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
ucfad-formats.css
cdn.aralego.net/css/dev/ Frame D2A0 		975 B
817 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
305
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Q%2BKc92JobdD0K5LRwT7%2Ft9ZN0v3eN8It0VRpUhlykLW9xtPQ1Z9C3VDuTWxiH4vA5n6Av%2FBRMxD2XG6bWzo3dVx6aOfYzJ7U0lLMQQcFt1L0mSo402PqL99EqgDeFRjwivOZ1QnSm%2Be%2Fkq2cQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
74cf35b64f82bae8-MXP
cf-bgj
minify
idRequest
sync.aralego.com/ Frame D2A0 		46 B
486 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Washington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
7b4ef26f925908e55582bf808fd274d2f15f6ff4d93f4ee1c907a40491f8b2b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:41 GMT
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
connection
close
content-length
46
ad_request
ads.aralego.com/ Frame D2A0 		555 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=reurl.cc&u=https%3A%2F%2Freurl.cc%2FzZD6BDe&adid=ad-BE78DB396979B34E17BE3B66A3E7D76B&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.4105746490708233&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B&ao=https%3A%2F%2Freurl.cc&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Washington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
fdfa393e5fb39c4ab607d817e8d0b5fe3573a4a2e3e8554131fbade8d615bcbf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:41 GMT
x-width
300
x-height
250
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://reurl.cc
access-control-expose-headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
x-adsource
PSA
x-sspid
5859e14f-13ed-3c1f-b680-339ddb332fb5
connection
close
access-control-allow-credentials
true
content-length
555
x-adstyle
banner
x-adtype
html
ucfad-formats.css
cdn.aralego.net/css/dev/ Frame 3986 		975 B
784 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
305
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xdZHcEv%2B1LuRuGtFa39r18MdgO4PH0KrQFuItJTPuAGY0NIxU%2BXR14ppM2yLKrR2cQKT0HyqAEfHLTj%2Bv4QNCFyOE5XzKQ%2FjySKeQuIDrBPlHAOmyGCH7XK95%2BjMutcCciZG1TrPl2LIiwCinQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
74cf35b64f83bae8-MXP
cf-bgj
minify
idRequest
sync.aralego.com/ Frame 3986 		46 B
486 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Washington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
7b4ef26f925908e55582bf808fd274d2f15f6ff4d93f4ee1c907a40491f8b2b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:41 GMT
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
connection
close
content-length
46
ad_request
ads.aralego.com/ Frame 3986 		552 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=reurl.cc&u=https%3A%2F%2Freurl.cc%2FzZD6BDe&adid=ad-BE7A8D43E47B3D23C77A9993A9B8A778&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.9398385132721634&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B&ao=https%3A%2F%2Freurl.cc&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Washington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
99ec1b27528b2883154fd166e11c3fa740d28609937a1a0287d95674ea99c2bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:41 GMT
x-width
300
x-height
250
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://reurl.cc
access-control-expose-headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
x-adsource
PSA
x-sspid
5859e14f-13ed-3c1f-b680-339ddb332fb5
connection
close
access-control-allow-credentials
true
content-length
552
x-adstyle
banner
x-adtype
html
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 413B 		714 B
773 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
age
1474
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
74cf35b81847bae8-MXP
content-encoding
br
content-type
text/html
date
Mon, 19 Sep 2022 03:24:41 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LHN41HbElc5LSNA5BWD6rLhqYFxRcjhvOAXIV1noSINNo%2BfK388D09bGb0yKLkrPiCXGJG1E4%2Foik0LkfhrrlhJv0zidFxyyIDUDGYsvTD%2BUK3fF31G7UesYDHNrNZmb0k7Jl3qeEUazY5bwlw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
idsync
sync.aralego.com/ Frame D2A0 		35 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by
Host: reurl.cc
URL: https://reurl.cc/zZD6BDe
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Washington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:41 GMT
connection
close
content-length
35
content-type
image/gif
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 632C 		714 B
775 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
age
1474
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
74cf35b8485bbae8-MXP
content-encoding
br
content-type
text/html
date
Mon, 19 Sep 2022 03:24:41 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CuLkBRel77xD8uYwgKVgErYSjdgsvtvnxaXN80EuRSGFH8vUYjKtQuCqlBLEol67BQs0KuRIS%2BIqJkcWy5TIittNIuWBr%2F4ELprH6gWfwLkhm0pLewy%2BR755uEFFfy4IrOHokIgysEbN3NThYg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
idsync
sync.aralego.com/ Frame 3986 		35 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Washington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:41 GMT
connection
close
content-length
35
content-type
image/gif
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 413B 		81 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
82a67dae51abad2836db7ff977cc143dec0e7ff3c263ba76188195677862a5f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27863
x-xss-protection
0
server
sffe
etag
"1338 / 64 of 1000 / last-modified: 1663366039"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 19 Sep 2022 03:24:41 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 398C 		119 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
e58e00d2027b40ef0f0c185bf848707abc4fee1917bb3b6aa4bd6f9b1ec7fb5c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40760
x-xss-protection
0
server
cafe
etag
18297166583639963507
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 19 Sep 2022 03:24:41 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 632C 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
a591a418c058b4516b83097ab3d4b1e839e25daca61659022cc96a693953b2ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27742
x-xss-protection
0
server
sffe
etag
"1338 / 673 of 1000 / last-modified: 1663366203"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 19 Sep 2022 03:24:41 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 4E6A 		119 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
889b8a7b422d2707b1073952eb1d7f88807476e6179345087010790f92e8f98c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40760
x-xss-protection
0
server
cafe
etag
7078048198572264195
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 19 Sep 2022 03:24:41 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/ Frame 398C 		346 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=reurl.cc
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
085d237267eb5a0678e9176b3d17e31d3ebd36ebbec8dc0ea8ab3515ea68e4ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124739
x-xss-protection
0
server
cafe
etag
1891478672670948354
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 19 Sep 2022 03:24:41 GMT
pubads_impl_2022091301.js
securepubads.g.doubleclick.net/gpt/ Frame 413B 		376 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
97b1f82921571e0f4af7289f0dce7bb7d1e3836e68f1455a78c4e291eb5b039e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 19:57:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26844
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131297
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 08:35:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 18 Sep 2023 19:57:17 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/ Frame 4E6A 		346 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=reurl.cc
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
09ad5608bc9cac00f0e3ab4d3a890315bfffbfb4a6e9186dd3ea8eadd14a1985
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124739
x-xss-protection
0
server
cafe
etag
3295160821262730233
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 19 Sep 2022 03:24:41 GMT
pubads_impl_2022091401.js
securepubads.g.doubleclick.net/gpt/ Frame 632C 		376 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091401.js?cb=31069627
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
8f7bdb9c79c5498f8a5ed7229bf62d3ab6d11dca4698bfdd0f6249f624da13c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 17:50:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34462
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131297
x-xss-protection
0
last-modified
Wed, 14 Sep 2022 08:37:15 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 18 Sep 2023 17:50:19 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://img.scupio.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://img.scupio.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 19 Sep 2022 03:24:42 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
243456
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 22E3
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=8b8BnHxwK0pWTjNWck5qdUxncnRNTTVCSUJLY1BUYmJMNXdISitxOU9rWTI1eThZaXVZYVVNaU9sUHFaeGhSc0o3RnE2WmtadWZJdEVsVFl0Vk1VWk1NYXlCd3FndzBsOHlTKzA1Z3cvWFZZaHNmQ2dSY0czdVhpTjVCN0...
431 B
698 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=8b8BnHxwK0pWTjNWck5qdUxncnRNTTVCSUJLY1BUYmJMNXdISitxOU9rWTI1eThZaXVZYVVNaU9sUHFaeGhSc0o3RnE2WmtadWZJdEVsVFl0Vk1VWk1NYXlCd3FndzBsOHlTKzA1Z3cvWFZZaHNmQ2dSY0czdVhpTjVCN0h2SklpTmtaaTRueXpIOGszNmNSaVFyNEJPMTdleGZETG1kUnV5ZUk1NUZxRTkyY3lDQy8rK2Z4cEVnZmJSZFYxdXZ1RGVCa053cWpEZnB1L3czcnRWVFpLamZXSXpWbmR5eUFLdFhXZHc0UHpiLzZWOC9xa2d2NUhCQW5mZEMrQWdkYkVvdjdBaDRMU05uZjc1dk55bjlGMGhoL0pldlFhNUJhOFhYQ1RKTFVqQjhkcUVYdz18&cppv=2
Requested by
Host: reurl.cc
URL: https://reurl.cc/zZD6BDe
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
fcbb2a052fc1abe31e4daa8ebd51a5ddfc44c06b817020f8d19a79f69a059d3e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:24:42 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1584579
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:24:42 GMT
server
Kestrel
location
https://mug.criteo.com/sid?cpp=8b8BnHxwK0pWTjNWck5qdUxncnRNTTVCSUJLY1BUYmJMNXdISitxOU9rWTI1eThZaXVZYVVNaU9sUHFaeGhSc0o3RnE2WmtadWZJdEVsVFl0Vk1VWk1NYXlCd3FndzBsOHlTKzA1Z3cvWFZZaHNmQ2dSY0czdVhpTjVCN0h2SklpTmtaaTRueXpIOGszNmNSaVFyNEJPMTdleGZETG1kUnV5ZUk1NUZxRTkyY3lDQy8rK2Z4cEVnZmJSZFYxdXZ1RGVCa053cWpEZnB1L3czcnRWVFpLamZXSXpWbmR5eUFLdFhXZHc0UHpiLzZWOC9xa2d2NUhCQW5mZEMrQWdkYkVvdjdBaDRMU05uZjc1dk55bjlGMGhoL0pldlFhNUJhOFhYQ1RKTFVqQjhkcUVYdz18&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
access-control-allow-origin
https://img.scupio.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
320622
content-length
0
expires
0
cm
c.holmesmind.com/ Frame 22E3 		0
13 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm
Requested by
Host: reurl.cc
URL: https://reurl.cc/zZD6BDe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:41 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
generic
match.adsrvr.org/track/cmf/ Frame 22E3
Redirect Chain
  • https://sync.aralego.com/idSync
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: reurl.cc
URL: https://reurl.cc/zZD6BDe
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:24:42 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
date
Mon, 19 Sep 2022 03:24:42 GMT
connection
close
content-length
111
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://img.scupio.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://img.scupio.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 19 Sep 2022 03:24:41 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
263242
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame EA68
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=IdUl9XxLeXdrdkxjSit0T1RVWmNwMzRwK3RGL0NEdTFDNUcveUtwSHFvUDR1a3M3aVNSZ2FJSytxN1h5Mk1pMVlZd1d0UnhYRjFhaVQxM3dSaWVSZ2dPV2lsNGpkRm5BbmZvbk8rVFdMaDZQOEkrbmh3Ujc4WFBNV1NpOF...
418 B
694 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=IdUl9XxLeXdrdkxjSit0T1RVWmNwMzRwK3RGL0NEdTFDNUcveUtwSHFvUDR1a3M3aVNSZ2FJSytxN1h5Mk1pMVlZd1d0UnhYRjFhaVQxM3dSaWVSZ2dPV2lsNGpkRm5BbmZvbk8rVFdMaDZQOEkrbmh3Ujc4WFBNV1NpOFluWk82UW8rVFNGUHd4bWE4eVgvc1NMUkhsL2tjZWZxVVl6Rmk1VEFYOFExZENNK2FDU28yQjd3dGpNUHNnTnRPR0pIWkhhL0drelEyeUcxU1N0SWFVQXh0czJseTBmd2JITFJGRTVDdWJUZVAwQUEvaVR1Ni8yYUVuTnZnL3lYbTJuaVlnWTQwTUJGSzdDSGJYTDdSMTE4OHV0TmlTZ3l2alZvWmd4d3dVNFk0QkhjeS9wND18&cppv=2
Requested by
Host: reurl.cc
URL: https://reurl.cc/zZD6BDe
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
20c67fa1aa370f2532349bab728b2531c976ab07ef15d1355bce4f9b51c65ca1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:24:42 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1522439
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:24:41 GMT
server
Kestrel
location
https://mug.criteo.com/sid?cpp=IdUl9XxLeXdrdkxjSit0T1RVWmNwMzRwK3RGL0NEdTFDNUcveUtwSHFvUDR1a3M3aVNSZ2FJSytxN1h5Mk1pMVlZd1d0UnhYRjFhaVQxM3dSaWVSZ2dPV2lsNGpkRm5BbmZvbk8rVFdMaDZQOEkrbmh3Ujc4WFBNV1NpOFluWk82UW8rVFNGUHd4bWE4eVgvc1NMUkhsL2tjZWZxVVl6Rmk1VEFYOFExZENNK2FDU28yQjd3dGpNUHNnTnRPR0pIWkhhL0drelEyeUcxU1N0SWFVQXh0czJseTBmd2JITFJGRTVDdWJUZVAwQUEvaVR1Ni8yYUVuTnZnL3lYbTJuaVlnWTQwTUJGSzdDSGJYTDdSMTE4OHV0TmlTZ3l2alZvWmd4d3dVNFk0QkhjeS9wND18&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
access-control-allow-origin
https://img.scupio.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
280116
content-length
0
expires
0
cm
c.holmesmind.com/ Frame EA68 		0
13 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:41 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
generic
match.adsrvr.org/track/cmf/ Frame EA68
Redirect Chain
  • https://sync.aralego.com/idSync
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: reurl.cc
URL: https://reurl.cc/zZD6BDe
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:24:42 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
date
Mon, 19 Sep 2022 03:24:42 GMT
connection
close
content-length
111
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
cookie.js
partner.googleadservices.com/gampad/ Frame 4E6A 		212 B
641 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=reurl.cc&callback=_gfp_s_&client=ca-pub-4485239425924787
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=reurl.cc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
45ae88e8a32117e0cfbbf124a5117886bc27e7a63c87e55d151f71f2c53026a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
196
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 4E6A 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=reurl.cc
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=reurl.cc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Sep 2022 03:24:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 4E6A 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=reurl.cc
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=reurl.cc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Sep 2022 03:24:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 5FF6 		17 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242782&pi=t.ma~as.2784%2F13801&w=300&lmt=1663557882&url=https%3A%2F%2Freurl.cc%2FzZD6BDe&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663557881818&bpp=11&bdt=520&idt=110&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=3929757497593&frm=23&ife=1&pv=2&ga_vid=1123884882.1663557877&ga_sid=1663557882&ga_hid=1027788124&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=269&biw=1600&bih=1200&isw=300&ish=250&ifk=1608067884&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31068921&oid=2&pvsid=2826480696244177&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.k6gjwt2u3rqq&fsb=1&dtd=274
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=reurl.cc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ee882b4d4471e9e36fa56ddd260669a7f064813b25a3b2f0eed53fd68a1f7b9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
9108
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 19 Sep 2022 03:24:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 413B 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Sep 2022 03:24:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 413B 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Sep 2022 03:24:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 413B 		492 B
262 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4222947626913200&correlator=2437154652294477&eid=31069634%2C44761478&output=ldjh&gdfp_req=1&vrg=2022091301&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-38&fsapi=false&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1663557882126&lmt=1644386353&dlt=1663557881637&idt=468&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=10mkycexvhad&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=5&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Freurl.cc%2F&top=https%3A%2F%2Freurl.cc%2F&frm=8&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1278622030.1663557882&ga_sid=1663557882&ga_hid=1942668450&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
10dd86dd0e9ce82cd907e544789adfb37f0efef37ee94813504a2f21b058896b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:42 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
233
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
c71de566b756a18b0a03ddf72d0ed323.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F59A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c71de566b756a18b0a03ddf72d0ed323.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=5
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 19 Sep 2022 03:24:42 GMT
expires
Tue, 19 Sep 2023 03:24:42 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 632C 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091401.js?cb=31069627
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Sep 2022 03:24:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 632C 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091401.js?cb=31069627
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Sep 2022 03:24:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 632C 		491 B
261 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3137102832055925&correlator=4487338970930044&eid=31068501%2C31068928%2C31069473%2C31069627%2C31067826&output=ldjh&gdfp_req=1&vrg=2022091401&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-38&fsapi=false&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1663557882165&lmt=1644386353&dlt=1663557881662&idt=482&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=u6lik9ebq1x&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=5&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Freurl.cc%2F&top=https%3A%2F%2Freurl.cc%2F&frm=8&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1716353328.1663557882&ga_sid=1663557882&ga_hid=1323031973&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091401.js?cb=31069627
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
2055a98b3dac4e38fb50e6adbb9d3d0a5ebcfb1a4992e776adc731d05a9020fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:42 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
232
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
b7512aae327f6d33ffaec59ae189f03c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 05E1 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b7512aae327f6d33ffaec59ae189f03c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=5
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091401.js?cb=31069627
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 19 Sep 2022 03:24:42 GMT
expires
Tue, 19 Sep 2023 03:24:42 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ Frame 398C 		212 B
220 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=reurl.cc&callback=_gfp_s_&client=ca-pub-4485239425924787
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=reurl.cc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
cf30e63ba200a12f0239e1f4a10ffbbdb3dc62362879c6b16fe8db195977c1b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
198
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 398C 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=reurl.cc
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=reurl.cc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Sep 2022 03:24:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 398C 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=reurl.cc
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=reurl.cc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Sep 2022 03:24:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 53B9 		31 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242783&pi=t.ma~as.2784%2F12679&w=300&lmt=1663557882&url=https%3A%2F%2Freurl.cc%2FzZD6BDe&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663557881783&bpp=20&bdt=508&idt=396&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=3929757497593&frm=23&ife=1&pv=1&ga_vid=1123884882.1663557877&ga_sid=1663557882&ga_hid=1733324567&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=269&biw=1600&bih=1200&isw=300&ish=250&ifk=3296276343&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C31068920&oid=2&pvsid=2397228612119782&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.o8tu7sj134jw&fsb=1&dtd=412
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=reurl.cc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
015e49bcb9b45171a4e903434b6a53ea927a544c0ce76833bdb318ef28c15c0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
12432
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 19 Sep 2022 03:24:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 632C 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022091401&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091401.js?cb=31069627
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
3483ffffca1df7a444dff409c9d105a03c824eb8dceb92302446163fb5220e43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Sep 2022 03:24:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11277
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 413B 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022091301&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
7e650106d0d3f9b36ac4bbdb0e859e29a9c50484a74326c554055eecd2d603f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Sep 2022 03:24:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11146
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 413B 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 19 Sep 2022 03:24:42 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 632C 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091401.js?cb=31069627
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 19 Sep 2022 03:24:42 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5FF6 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DXFvA4IPlbaP5AeIwpRJcbo5uv0zNivzdRP_tvXttGxzlDHMToz9HXOEFj9MvPX2bMOKCQ4pBpV6puq_F3LMbGJUQhdwysjQCu5MYCldeLzKykAMM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242782&pi=t.ma~as.2784%2F13801&w=300&lmt=1663557882&url=https%3A%2F%2Freurl.cc%2FzZD6BDe&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663557881818&bpp=11&bdt=520&idt=110&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=3929757497593&frm=23&ife=1&pv=2&ga_vid=1123884882.1663557877&ga_sid=1663557882&ga_hid=1027788124&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=269&biw=1600&bih=1200&isw=300&ish=250&ifk=1608067884&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31068921&oid=2&pvsid=2826480696244177&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.k6gjwt2u3rqq&fsb=1&dtd=274
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:24:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame 5FF6 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242782&pi=t.ma~as.2784%2F13801&w=300&lmt=1663557882&url=https%3A%2F%2Freurl.cc%2FzZD6BDe&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663557881818&bpp=11&bdt=520&idt=110&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=3929757497593&frm=23&ife=1&pv=2&ga_vid=1123884882.1663557877&ga_sid=1663557882&ga_hid=1027788124&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=269&biw=1600&bih=1200&isw=300&ish=250&ifk=1608067884&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31068921&oid=2&pvsid=2826480696244177&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.k6gjwt2u3rqq&fsb=1&dtd=274
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 02:20:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3857
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 03 Oct 2022 02:20:25 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame 5FF6 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242782&pi=t.ma~as.2784%2F13801&w=300&lmt=1663557882&url=https%3A%2F%2Freurl.cc%2FzZD6BDe&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663557881818&bpp=11&bdt=520&idt=110&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=3929757497593&frm=23&ife=1&pv=2&ga_vid=1123884882.1663557877&ga_sid=1663557882&ga_hid=1027788124&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=269&biw=1600&bih=1200&isw=300&ish=250&ifk=1608067884&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31068921&oid=2&pvsid=2826480696244177&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.k6gjwt2u3rqq&fsb=1&dtd=274
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 02:55:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1772
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7552
x-xss-protection
0
server
cafe
etag
1588701280721430806
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 03 Oct 2022 02:55:10 GMT
l
www.google.com/ads/measurement/ Frame 5FF6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRwaaFGJN9Vjay42LfVLiTLn94h6UEG6nvt7ClbM5EjDqq3b9Wd-QK4ZVM0Fj8fJkqsIoshsqEv31EfGuxL5xycxOt3SA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242782&pi=t.ma~as.2784%2F13801&w=300&lmt=1663557882&url=https%3A%2F%2Freurl.cc%2FzZD6BDe&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663557881818&bpp=11&bdt=520&idt=110&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=3929757497593&frm=23&ife=1&pv=2&ga_vid=1123884882.1663557877&ga_sid=1663557882&ga_hid=1027788124&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=269&biw=1600&bih=1200&isw=300&ish=250&ifk=1608067884&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31068921&oid=2&pvsid=2826480696244177&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.k6gjwt2u3rqq&fsb=1&dtd=274
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5FF6 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242782&pi=t.ma~as.2784%2F13801&w=300&lmt=1663557882&url=https%3A%2F%2Freurl.cc%2FzZD6BDe&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663557881818&bpp=11&bdt=520&idt=110&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=3929757497593&frm=23&ife=1&pv=2&ga_vid=1123884882.1663557877&ga_sid=1663557882&ga_hid=1027788124&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=269&biw=1600&bih=1200&isw=300&ish=250&ifk=1608067884&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31068921&oid=2&pvsid=2826480696244177&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.k6gjwt2u3rqq&fsb=1&dtd=274
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44609
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663155654979086"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 19 Sep 2022 03:24:42 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 8C75 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYteHDmAEwAQ&v=APEucNXQv1OJ0i14Cks_YbuRCx52DT1jxTr_ve2Yyv61jg4Mf6JCe-L-0ECKDyOxf1XuSIat8OMlXaX8TDsPVUhhlfplRfkfn_ij3LTEF6PiT8Kf-Yj7FpPJG4B9xwbJ6SVbQ70OZZcHzJr2GbTimhM8DXs4mMWnOvnaaLF3zvWqglemtpPZIFg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242782&pi=t.ma~as.2784%2F13801&w=300&lmt=1663557882&url=https%3A%2F%2Freurl.cc%2FzZD6BDe&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663557881818&bpp=11&bdt=520&idt=110&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=3929757497593&frm=23&ife=1&pv=2&ga_vid=1123884882.1663557877&ga_sid=1663557882&ga_hid=1027788124&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=269&biw=1600&bih=1200&isw=300&ish=250&ifk=1608067884&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31068921&oid=2&pvsid=2826480696244177&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.k6gjwt2u3rqq&fsb=1&dtd=274
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242782&pi=t.ma~as.2784%2F13801&w=300&lmt=1663557882&url=https%3A%2F%2Freurl.cc%2FzZD6BDe&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663557881818&bpp=11&bdt=520&idt=110&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=3929757497593&frm=23&ife=1&pv=2&ga_vid=1123884882.1663557877&ga_sid=1663557882&ga_hid=1027788124&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=269&biw=1600&bih=1200&isw=300&ish=250&ifk=1608067884&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31068921&oid=2&pvsid=2826480696244177&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.k6gjwt2u3rqq&fsb=1&dtd=274
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 19 Sep 2022 03:24:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 5FF6 		79 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CbfT1BOQk2YNQlrbspwDEMjOYjs0G80PpCtFM4UQ2jpfpzCo_iwdzH9CeoNV9CyNXGjDRRrXuZHmPtWOf_MJc2nhFYxA&cry=1&dbm_d=AKAmf-AYPL-1hLMv9J7UdEf8jErWASvZtrshqmg58YZc-3O0zNbjrO0frJNg4_32GNjr1R-TSRO_jL5_llkKGFER3_Ot3gvVKUQ7kKdayKNF_-plPIt8jqr_Gez65OO1wwzNz2fHcgnTFixevi5TT7C492Q7qssC6kdLfLhiSTrSAd6sUQJQOmXkvk47qmkIP6gnNU5GRgh7_gAn0pxygJFg1bjY6aqkVSyZxS7bR8xH4BF_XXBV-CfPsPU_qy5VDN-vUP1UXNHD3Z5g1dLUxWe-AZo9DQOvM-LXPjdFONJthsvRZrfpWtK0oga2kUCJtBHnPe-V7MpaewdFdN_VPu428RtA-FOpMcZJjPtHVe7lr8XU0rCVmgSLWQCnLEcLvVxaWmMcqkJr_IX-bkuAPp5m8SOWk-uwpTUwr_cDcWk6G8SHHfKuhAx38nTjT0HnEo7nQwT-jpRfp7nQWcKhiXBZ3Y6cl4gap86sHczIhBg17uzC8cmEtsUJDV6uQpV4hOFF2PgKU3d_5NDKR2VD7LCkiMKwDOfvps8h7knI2Kpkb4PTnJmoDIdrztqJWo3AB7tdZbMI8BU-XK9ts7NKMuH2_7Ryr3UWPRYHDEIYcQz9nrjGWVK-D54NEbTf0SQIjOZCY5014byvupfa0NVeLO0Nx48pCzM1ntKbDrHExJPi_DmpjuzgrRz6RBXWCQ2NR-F1fzjb49G8bgkR6L16cAPQU1s1H34gQgz-QLcH21trlMYXiB4Gjhei18nZOeVhp7j5S8HK6ztN_3mMmHsehI_-Bd6oTLgRTOl49AhC3wHQmnIRYlauz4FLNs8bi0eBlJ4eWGBFb1tAisBidTRG3GaY_9nJ9ND9Fyq5QnAiw8J2Hy-13R0pKWL--ljtmxL6fMNwmB0ySuCGMxmo47qLzl_TCEMcKndFQXiC-91Fpj1ic_71SapN8gG5b7sbztEi3tuo0NAUoJHakaqEeCcj2jmp2_wJ6tkn_hIVvkhzOSjBpxi5KTUFHZy0cHfdXWqVPeAUiZ38pd0YsICw2OioL5PAlYfji84wxyg9oXPqLmhS1f8hL4aZm2LW8pZVg6koybDl7CYPoKStyu5FbpM37G2hIfyiMzAW56jSq0Dr7HNvZHqdmJu_ctOgQpvn7J0NhnqhihOdz9z7HKrz29L9LFMgVNrKcqwWJ0qW6KlWLoxllEcHJA4qsZ7XnAdHruZ49Z4ZjhfwpwmzGGoL6i8uCOkoqShfFvM0ERDGD0P8GVHvCQzo9mJfu6ZrHH7bP9BgdbhyNrhfgXGOgWi3wOE2yBEw74fKueUSRhGO5cYm5lJfNzCIGSKycFEHCLWOAAzsMUPupR3JJcb78Z86-de-_Xu9yxqH5ajzojiLDPfM32IEVsLjzKlQNxxA0t2kjvgEMnlkbRNcfSaSfTZiFSPGOPWk_4glv0rNczF-Wqy9GffeVGAC1FvxCJBjNQoA9BamfQMmWDgtAuNZAjNviE_S8HE-sMx2cqWV9l00r3C65mXy2pVJRru6tyeIKBjoZQhTwmmXEr7N87E9nFGg1pDFjcW9rbEWIr8YuJyAMsIY4zMDMIY30Vw_0ftqp60xkoaUrEoPLGEpkpHKD9cSmGhH1aqtEN_Y8gItDwFjKUHg44xLIjj_d2YP8bjMw1w40Ayc9XPEopiMzEwgUTYL587r-fL2ITemVN9JUq3kNlKgfbcWhsFFBE-TfnLp_M2h4u4nizgRhmT1PhXYlJ_6_uVvGdcGMNwMmy2w3YW0Y_Y9ToP936rYUJgJDProJa7Dul4xIsaLXdpfHqcye-UYujjBAwnZwx2ylSRqLlr-O9SjlC1iSbGEVsKYO9Y-jvWe_S-7whnv3jbWJnF5TRvv_GRJX0lsgxJ_UGvxaZu7J4o_jEpXnSbTdplL6TboO9E4oE2gI6n0VJBesQ9MDUE8ILvaDi3QK13xobEBeAyc4FE3A-USsA50KKDZ0OYJOv1bpVLb5hvUQK0zOgVSU6I8JnmVAmLMHb47Soqcj8JaUzLaKGK7LGRHzL6C7oKvDonUNQJEdMChoYlHoCW3kGb2FZ-ElnBlFjcSTbMSYT-zWs3KHgl7uZ7STkb-l0M9Kwifb0NwxssDz93F0Nk3-aIXnZLftUoshpjQGqHxX6G1VfWSlymWg4YHE7gey0V9k-jert311fFpUM6E2Tb_1U7SZRhyup1sZJ90tdxyRpkut5Pk0FA00fO3YiVKoAME8jmHqsO3EvqOI74DF-JpMmDqOlL2FCBYQAQkZnqquacIG8brnCZoZBU_EPSRo6TSgx5Sl86tNZHVBVThlYIY-KeaE3XMo4smRBhO3-VTW4XeIgZjKkldp64mpOfZLSQU4bjq2m5TdFOmLEu6nMPVp9vIuA8EBVyYtKixu_FBJ-XPwrST5-3w_h9TEJpH7b97ZpgSR43j0pppP4US9yvbtaQcT-DzNpeSDHA0l6w5Zq-OXRPy5XNJ1f8aI3RD002nHXE3s7NJhfs4xuFnYoQBE5JDny_ImbhWgKNSoJvI0hpbE6Xm8VGv-RENlmWulqLbv2zhOEr5rF95WO2eF1Zrpy1R-i2q8ibdPJCU-v-ZNo3H-HCNGsxL5NDGIUVTL2Evn4ujbk3-ktoafSNekBmS_sR8EorrFYPk0EgWrBj0cw3sSWuHyCG6Axxolzvk_pxu9zTczwvfiri-UGZVF7HRFZGU-Pmb8DiM6miw8_K9pSLFUYmvjXAEEF_KEwiSUr38HvWPlMNgDZxMfhaso46FV7On3TjeDPRiRZWaouUADjE6kMhHSgCLJS5NsyakUqjkDva6Nk6GoS26OM2TxGeV&cid=CAASEuRoHXvndL2YMGsHjW8sBy25iQ&rfl=6%2Chttps%253A%252F%252Freurl.cc%242%2C%2C%2C%2C%2Chttps%253A%252F%252Freurl.cc%252F%240
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242782&pi=t.ma~as.2784%2F13801&w=300&lmt=1663557882&url=https%3A%2F%2Freurl.cc%2FzZD6BDe&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663557881818&bpp=11&bdt=520&idt=110&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=3929757497593&frm=23&ife=1&pv=2&ga_vid=1123884882.1663557877&ga_sid=1663557882&ga_hid=1027788124&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=269&biw=1600&bih=1200&isw=300&ish=250&ifk=1608067884&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31068921&oid=2&pvsid=2826480696244177&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.k6gjwt2u3rqq&fsb=1&dtd=274
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
00ea9b0b942468e84cd62c15d40535b8955f0a6fe2be58a50d2c24c597773c90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242782&pi=t.ma~as.2784%2F13801&w=300&lmt=1663557882&url=https%3A%2F%2Freurl.cc%2FzZD6BDe&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663557881818&bpp=11&bdt=520&idt=110&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=3929757497593&frm=23&ife=1&pv=2&ga_vid=1123884882.1663557877&ga_sid=1663557882&ga_hid=1027788124&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=269&biw=1600&bih=1200&isw=300&ish=250&ifk=1608067884&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31068921&oid=2&pvsid=2826480696244177&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.k6gjwt2u3rqq&fsb=1&dtd=274
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:24:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33899
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 08BE 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
15998
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 18 Sep 2022 22:58:04 GMT
expires
Mon, 18 Sep 2023 22:58:04 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame E469 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d674ba639fe4e7b02e0380ed45415ceed51ca13099b8b99fabf8c9317b6559d0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-uNP22pMYuGA0y2Vw8OCxdA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-uNP22pMYuGA0y2Vw8OCxdA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 19 Sep 2022 03:24:42 GMT
expires
Mon, 19 Sep 2022 03:24:42 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D34F 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
15998
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 18 Sep 2022 22:58:04 GMT
expires
Mon, 18 Sep 2023 22:58:04 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame AA7B 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
de298763b6cbbec83460cf059c66795e225b89bf735b9e2ce5d573ce96e0099c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-zWX3-tlOjFUIUn0rxGsGeg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-zWX3-tlOjFUIUn0rxGsGeg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 19 Sep 2022 03:24:42 GMT
expires
Mon, 19 Sep 2022 03:24:42 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
adview
googleads.g.doubleclick.net/pagead/ Frame A9B6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CsRsN-uAnY9vgDfSKjuwPrPyN0A6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3oAHCrujdA8gBCakCQyYB0hDOsD6oAwGqBKgBT9AYiY9Yw-JKN2OzIhRNiJEdg_96pIoraEjb_rynbD00HmexYpkNlSNzEEhO7q7vFxXUvehke57KWAMnR9WV96OmWlIdbdRMxT3fQMApJInZVRtplgBCshX09Y8ubtbg5y93O0r1kyQN9PCG6qT6Fws4PDPhiU8WLsnJSWpK_jrDS3kmwJe-gcNPAzgfLDnKqBy6tPg9Df62iIpOLfASOeE4EjQCt3vrgAa30KrL2bTPoU2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTQ0ODUyMzk0MjU5MjQ3ODcY4swZ&sigh=XK-nd95oCKo&uach_m=[UACH]&cid=CAQSKQCsnQUxFQXchx8DRHEmLD5WFC96R9-OJ80jNBlo3RRDnU2hnVN1_9TcGAE
Requested by
Host: reurl.cc
URL: https://reurl.cc/zZD6BDe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242783&pi=t.ma~as.2784%2F12679&w=300&lmt=1663557882&url=https%3A%2F%2Freurl.cc%2FzZD6BDe&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663557881783&bpp=20&bdt=508&idt=396&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=3929757497593&frm=23&ife=1&pv=1&ga_vid=1123884882.1663557877&ga_sid=1663557882&ga_hid=1733324567&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=269&biw=1600&bih=1200&isw=300&ish=250&ifk=3296276343&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C31068920&oid=2&pvsid=2397228612119782&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.o8tu7sj134jw&fsb=1&dtd=412
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Mon, 19 Sep 2022 03:24:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame A9B6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1hm0x8xhabxy9rg5z46zd8bm125fmawx39pk5k71mzqmameyab0mv51a5jae6ks87456zn182s2hqkv8qy5x6vxk1yfm9zx7fedr91pzxzjpqzan05wr41tks6h76ym1t70fd4v7gdz4dsw0n05wy7wnxj5wzkacxw53jfbw0qcs1r0j2wkrzt9mrkb511gv490a0px43j49wqjqf6a6fyt9ncczt3hpvge7f6kh5dbxbcdhgxds95re6afcj0wmzvz2ddpqd8m0p2mhvt2n0eq26a8w2fefrv9a32jcwcwjnnj741d5gkrwggqtmxdw6sq6n4nexdbqjtbt5fk06y9seehm3eqbcwqpb1hyjq7973qg4gcx78nax9m4b9pbhrgnrn0t9k8py90yjfs28a0fhx33809jd0&b=Yyfg-gADcFsHg4V0AAN-LJWhh1GHgK-CjyF_Tg
Requested by
Host: reurl.cc
URL: https://reurl.cc/zZD6BDe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 19 Sep 2022 03:24:42 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame 5C62 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1ka9v9hqn8mhkb8wwqwj53q0npnz4ez33tmkzchbjt74t1renbn6ngjw8wb5sf94e2387y2t63gcn97mg5mxrz20nwx2mcpw56386yc62jcxbfzsp9t9fw3880cb33m0m4g79yd3qpf8yhd2x5g33pkzjq0kj9mpcthw860anfb4d8eex70txt2nacnn4e2vc1mf7jgbzy80b5356gshws33fva3hbpc95pbt0jeq7yem716a5ds5w4cc2r86amjxq0qsz0ma0bhaa5dnh5nnczge41gs9p04g04bjghzsqtd9cbswgh28vx73wrxyevyhr0989dn8w07m04zxcxaaefa9fzjnpcnfw04bkk9bw5hzwere9ea7kx9hnek3efk7gva5n2q6s52aw16xynenmhgsrvtj28j0hvrng0cjh9ymmpn6cxj9pa2mj6g52xvpbd3y2b&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCb4L6-uAnY9vgDfSKjuwPrPyN0A6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3oAHCrujdA8gBCakCQyYB0hDOsD6oAwGqBKsBT9AYiY9Yw-JKN2OzIhRNiJEdg_96pIoraEjb_rynbD00HmexYpkNlSNzEEhO7q7vFxXUvehke57KWAMnR9WV96OmWlIdbdRMxT3fQMApJInZVRtplgBCshX09Y8ubtbg5y93O0r1kyQN9PCG6qT6Fws4PDPhiU8WLsnJSWpK_jrDSzsk4QVpeEQPy79XuuODOu6DoPKQB9CuVQqMZGLqrf8UCuHeKDsjfnHpgAa30KrL2bTPoU2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3GCmfGIMGfrM5oPoy9Z1AbQzy-xg%26client%3Dca-pub-4485239425924787%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242783&pi=t.ma~as.2784%2F12679&w=300&lmt=1663557882&url=https%3A%2F%2Freurl.cc%2FzZD6BDe&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663557881783&bpp=20&bdt=508&idt=396&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=3929757497593&frm=23&ife=1&pv=1&ga_vid=1123884882.1663557877&ga_sid=1663557882&ga_hid=1733324567&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=269&biw=1600&bih=1200&isw=300&ish=250&ifk=3296276343&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C31068920&oid=2&pvsid=2397228612119782&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.o8tu7sj134jw&fsb=1&dtd=412
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
2b575acd3c867fd2584fca98173fce77fb6881ce3ed21213298e3a7cb11f0dfe
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
74cf35bdccb5baf9-MXP
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Mon, 19 Sep 2022 03:24:42 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame A9B6 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242783&pi=t.ma~as.2784%2F12679&w=300&lmt=1663557882&url=https%3A%2F%2Freurl.cc%2FzZD6BDe&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663557881783&bpp=20&bdt=508&idt=396&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=3929757497593&frm=23&ife=1&pv=1&ga_vid=1123884882.1663557877&ga_sid=1663557882&ga_hid=1733324567&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=269&biw=1600&bih=1200&isw=300&ish=250&ifk=3296276343&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C31068920&oid=2&pvsid=2397228612119782&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.o8tu7sj134jw&fsb=1&dtd=412
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 02:20:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3857
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 03 Oct 2022 02:20:25 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 1594 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242783&pi=t.ma~as.2784%2F12679&w=300&lmt=1663557882&url=https%3A%2F%2Freurl.cc%2FzZD6BDe&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663557881783&bpp=20&bdt=508&idt=396&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=3929757497593&frm=23&ife=1&pv=1&ga_vid=1123884882.1663557877&ga_sid=1663557882&ga_hid=1733324567&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=269&biw=1600&bih=1200&isw=300&ish=250&ifk=3296276343&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C31068920&oid=2&pvsid=2397228612119782&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.o8tu7sj134jw&fsb=1&dtd=412
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
53637
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 18 Sep 2022 12:30:45 GMT
etag
48472445140208031
expires
Mon, 19 Sep 2022 12:30:45 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame A9B6 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242783&pi=t.ma~as.2784%2F12679&w=300&lmt=1663557882&url=https%3A%2F%2Freurl.cc%2FzZD6BDe&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663557881783&bpp=20&bdt=508&idt=396&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=3929757497593&frm=23&ife=1&pv=1&ga_vid=1123884882.1663557877&ga_sid=1663557882&ga_hid=1733324567&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=269&biw=1600&bih=1200&isw=300&ish=250&ifk=3296276343&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C31068920&oid=2&pvsid=2397228612119782&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.o8tu7sj134jw&fsb=1&dtd=412
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 02:55:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1772
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7552
x-xss-protection
0
server
cafe
etag
1588701280721430806
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 03 Oct 2022 02:55:10 GMT
l
www.google.com/ads/measurement/ Frame A9B6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSfitCmmlcpyxXrnwRB3Hy_GeukIH852nRxoVF6AXwyzrpvvTMT41Icc7KfTOTprDrzFU7gMuKf7wJrcVHpU6zB3vH1rg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242783&pi=t.ma~as.2784%2F12679&w=300&lmt=1663557882&url=https%3A%2F%2Freurl.cc%2FzZD6BDe&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663557881783&bpp=20&bdt=508&idt=396&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=3929757497593&frm=23&ife=1&pv=1&ga_vid=1123884882.1663557877&ga_sid=1663557882&ga_hid=1733324567&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=269&biw=1600&bih=1200&isw=300&ish=250&ifk=3296276343&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C31068920&oid=2&pvsid=2397228612119782&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.o8tu7sj134jw&fsb=1&dtd=412
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A9B6 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242783&pi=t.ma~as.2784%2F12679&w=300&lmt=1663557882&url=https%3A%2F%2Freurl.cc%2FzZD6BDe&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663557881783&bpp=20&bdt=508&idt=396&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=3929757497593&frm=23&ife=1&pv=1&ga_vid=1123884882.1663557877&ga_sid=1663557882&ga_hid=1733324567&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=269&biw=1600&bih=1200&isw=300&ish=250&ifk=3296276343&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C31068920&oid=2&pvsid=2397228612119782&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.o8tu7sj134jw&fsb=1&dtd=412
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44609
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663155654979086"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 19 Sep 2022 03:24:42 GMT
truncated
/ Frame A9B6 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4d61386d6c07727309be65f5567a8593c82650e39494ceeddcc0c9fc3bc09121

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
rum
dsum-sec.casalemedia.com/ Frame 8C75
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHmCpBkxz1VgXSs667dXU7s&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHmCpBkxz1VgXSs667dXU7s&google_cver=1&C=1
43 B
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHmCpBkxz1VgXSs667dXU7s&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYteHDmAEwAQ&v=APEucNXQv1OJ0i14Cks_YbuRCx52DT1jxTr_ve2Yyv61jg4Mf6JCe-L-0ECKDyOxf1XuSIat8OMlXaX8TDsPVUhhlfplRfkfn_ij3LTEF6PiT8Kf-Yj7FpPJG4B9xwbJ6SVbQ70OZZcHzJr2GbTimhM8DXs4mMWnOvnaaLF3zvWqglemtpPZIFg
Protocol
H3
Server
104.18.18.126 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74cf35beca4cd4fa-CDG
pragma
no-cache
date
Mon, 19 Sep 2022 03:24:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=joIxiuyOyAxnUe779hVcpAQ5tf0zZhl5NEd7t%2BQwTeGWSGqoekiqC5LL9GDaf6%2FYCTr%2BSYsfEGgV96Vy6uGvK8dKroJ9sRy9AzGo9CuKCr98cmEOw3wywYBc%2FGuUxb8fIF9Mf7tsQIVT5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:24:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iHqSSSbe74HMms3FgwQhgvK9qUn4mynU%2F%2BkyLCTj%2FslGZinnzH2by1CnCgLLcjrRjsvRohmpcU7odYkXxZDjkdNfeYwMKrN5fIiGGZBjeGz9BztpwqFxPF49NvTldzNt%2BYGrCvrTvi9n%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESEHmCpBkxz1VgXSs667dXU7s&google_cver=1&C=1
cache-control
no-cache
cf-ray
74cf35be1fbe698f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame 8C75
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yyfg.sNf0Cei7cIQq0.y9QAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHmCpBkxz1VgXSs667dXU7s&google_cver=1&google_hm=2
43 B
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHmCpBkxz1VgXSs667dXU7s&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYteHDmAEwAQ&v=APEucNXQv1OJ0i14Cks_YbuRCx52DT1jxTr_ve2Yyv61jg4Mf6JCe-L-0ECKDyOxf1XuSIat8OMlXaX8TDsPVUhhlfplRfkfn_ij3LTEF6PiT8Kf-Yj7FpPJG4B9xwbJ6SVbQ70OZZcHzJr2GbTimhM8DXs4mMWnOvnaaLF3zvWqglemtpPZIFg
Protocol
H3
Server
104.18.18.126 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74cf35bf8abed4fa-CDG
pragma
no-cache
date
Mon, 19 Sep 2022 03:24:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QAab3xV9pt%2Bm0ofR5FRAa3QAj%2FERRVgExHnzKMgO9%2B4iJZb75beT%2Fyk95IzLM6oHjjsehDxCJlzDlYyEe8WV5v1iDq00Si0JgFBCMSepyoo5RC2aUZosZH4d5%2BmlEWPvoAQ8ParbfyrRKA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:24:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHmCpBkxz1VgXSs667dXU7s&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame 8C75
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEBjDZwxPREKkAXMpzfsSO2o&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBjDZwxPREKkAXMpzfsSO2o%26google_cver%3D1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBjDZwxPREKkAXMpzfsSO2o%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYteHDmAEwAQ&v=APEucNXQv1OJ0i14Cks_YbuRCx52DT1jxTr_ve2Yyv61jg4Mf6JCe-L-0ECKDyOxf1XuSIat8OMlXaX8TDsPVUhhlfplRfkfn_ij3LTEF6PiT8Kf-Yj7FpPJG4B9xwbJ6SVbQ70OZZcHzJr2GbTimhM8DXs4mMWnOvnaaLF3zvWqglemtpPZIFg
Protocol
HTTP/1.1
Server
185.89.210.180 -, , ASN (),
Reverse DNS
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 03:24:42 GMT
X-Proxy-Origin
193.27.14.21; 193.27.14.21; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
edd650d2-8e2d-42da-a0e0-d3d20b248f6a
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 03:24:42 GMT
X-Proxy-Origin
193.27.14.21; 193.27.14.21; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
d9a6e84b-990b-4adc-9862-3161b27ef2cf
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBjDZwxPREKkAXMpzfsSO2o%26google_cver%3D1
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8C75
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzE2NjUxMDQ3MTI4MDQ5Mzc5NA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzE2NjUxMDQ3MTI4MDQ5Mzc5NA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYteHDmAEwAQ&v=APEucNXQv1OJ0i14Cks_YbuRCx52DT1jxTr_ve2Yyv61jg4Mf6JCe-L-0ECKDyOxf1XuSIat8OMlXaX8TDsPVUhhlfplRfkfn_ij3LTEF6PiT8Kf-Yj7FpPJG4B9xwbJ6SVbQ70OZZcHzJr2GbTimhM8DXs4mMWnOvnaaLF3zvWqglemtpPZIFg
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:24:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 03:24:42 GMT
X-Proxy-Origin
193.27.14.21; 193.27.14.21; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
28e3ee24-9615-494a-98ab-5235fc045e1d
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzE2NjUxMDQ3MTI4MDQ5Mzc5NA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame 1594
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEEA5-Z4kUGe26wNQDYvvExU&google_cver=1&google_push=AZmPxg-I-NWlW5Iy5wr-utIKgqVe24eHWseprYLP6b1_DG0zTroWieeM4GuWYKwqyru8NJUNYD7bBx1sphPNKrRN277LK_4yb6U&r...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEEA5-Z4kUGe26wNQDYvvExU&google_cver=1&google_push=AZmPxg-I-NWlW5Iy5wr-utIKgqVe24eHWseprYLP6b1_DG0zTroWieeM4GuWYKwqyru8NJUNYD7bBx1sphPNKrRN277LK_4yb6U...
43 B
406 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEEA5-Z4kUGe26wNQDYvvExU&google_cver=1&google_push=AZmPxg-I-NWlW5Iy5wr-utIKgqVe24eHWseprYLP6b1_DG0zTroWieeM4GuWYKwqyru8NJUNYD7bBx1sphPNKrRN277LK_4yb6U&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg-I-NWlW5Iy5wr-utIKgqVe24eHWseprYLP6b1_DG0zTroWieeM4GuWYKwqyru8NJUNYD7bBx1sphPNKrRN277LK_4yb6U%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242783&pi=t.ma~as.2784%2F12679&w=300&lmt=1663557882&url=https%3A%2F%2Freurl.cc%2FzZD6BDe&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663557881783&bpp=20&bdt=508&idt=396&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=3929757497593&frm=23&ife=1&pv=1&ga_vid=1123884882.1663557877&ga_sid=1663557882&ga_hid=1733324567&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=269&biw=1600&bih=1200&isw=300&ish=250&ifk=3296276343&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C31068920&oid=2&pvsid=2397228612119782&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.o8tu7sj134jw&fsb=1&dtd=412
Protocol
H2
Server
2606:4700:4400::ac40:98f5 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:24:42 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
cf-ray
74cf35bfaa60cc36-ZRH
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:24:42 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
5680
cf-ray
74cf35be29bacc36-ZRH
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEEA5-Z4kUGe26wNQDYvvExU&google_cver=1&google_push=AZmPxg-I-NWlW5Iy5wr-utIKgqVe24eHWseprYLP6b1_DG0zTroWieeM4GuWYKwqyru8NJUNYD7bBx1sphPNKrRN277LK_4yb6U&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg-I-NWlW5Iy5wr-utIKgqVe24eHWseprYLP6b1_DG0zTroWieeM4GuWYKwqyru8NJUNYD7bBx1sphPNKrRN277LK_4yb6U%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control
no-cache, private
content-type
text/html
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
5w3jqr4k
sync-tm.everesttech.net/upi/pid/ Frame 1594 		0
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEGEo7N-X1fd2J6ekgwRt77c&google_cver=1&google_push=AZmPxg9514sK2aOL52Efu8b_Ms3TPVhHD__gKyPfnFWqrT_UH7KKqMD4LcAZ6mghQ6p6_phP_TdPLtRkpBni6_pTL_GSCqH9tm0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242783&pi=t.ma~as.2784%2F12679&w=300&lmt=1663557882&url=https%3A%2F%2Freurl.cc%2FzZD6BDe&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663557881783&bpp=20&bdt=508&idt=396&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=3929757497593&frm=23&ife=1&pv=1&ga_vid=1123884882.1663557877&ga_sid=1663557882&ga_hid=1733324567&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=269&biw=1600&bih=1200&isw=300&ish=250&ifk=3296276343&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C31068920&oid=2&pvsid=2397228612119782&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.o8tu7sj134jw&fsb=1&dtd=412
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 -, , ASN (),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:24:42 GMT
via
1.1 varnish
server
Varnish
x-timer
S1663557883.655107,VS0,VE0
x-cache
MISS
cache-control
no-cache
x-cache-hits
0
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-cdg20760-CDG
google
match.adsrvr.org/track/cmf/ Frame 1594 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEFAFE79GN1xhlevs3JHz5Eo&google_cver=1&google_push=AZmPxg-7CW-a1ToNhTMV6QB11VYvDP1GAAtv-2fucfYdDGDhnZwGRg6n61e6cA_PErT79bDltdyFMdo8pMIjXlwmBrJbHDsD
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242783&pi=t.ma~as.2784%2F12679&w=300&lmt=1663557882&url=https%3A%2F%2Freurl.cc%2FzZD6BDe&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663557881783&bpp=20&bdt=508&idt=396&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=3929757497593&frm=23&ife=1&pv=1&ga_vid=1123884882.1663557877&ga_sid=1663557882&ga_hid=1733324567&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=269&biw=1600&bih=1200&isw=300&ish=250&ifk=3296276343&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C31068920&oid=2&pvsid=2397228612119782&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.o8tu7sj134jw&fsb=1&dtd=412
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:24:42 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 1594
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBzxqGYFziJSuh2gxxXZp04&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEBzxqGYFziJSuh2gxxXZp04&google_push=AZ...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBzxqGYFziJSuh2gxxXZp04&google_hm=Yyfg-sNf0Cei7cIQq0-y9QAABGMAAAIB&google_nid=index&google_push=AZmPxg-D-aPCVS5wHpSGvEfJcoyKYVyeI0zpU...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBzxqGYFziJSuh2gxxXZp04&google_hm=Yyfg-sNf0Cei7cIQq0-y9QAABGMAAAIB&google_nid=index&google_push=AZmPxg-D-aPCVS5wHpSGvEfJcoyKYVyeI0zpUolLQuiWn22pvOpLKB2CPK9-bGSocVx3-NGRb4_Y8QFu2cBLzxVxjg5tzk0CKq0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242783&pi=t.ma~as.2784%2F12679&w=300&lmt=1663557882&url=https%3A%2F%2Freurl.cc%2FzZD6BDe&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663557881783&bpp=20&bdt=508&idt=396&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=3929757497593&frm=23&ife=1&pv=1&ga_vid=1123884882.1663557877&ga_sid=1663557882&ga_hid=1733324567&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=269&biw=1600&bih=1200&isw=300&ish=250&ifk=3296276343&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C31068920&oid=2&pvsid=2397228612119782&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.o8tu7sj134jw&fsb=1&dtd=412
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:24:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:24:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j8S3uzGH3EbmG51eoJqYggFu0thj64g87OEnGCfpzt%2B73xKRZnQOv6jjHPEplCukZWFWrn5JPuciMiL%2BtR4G11gxM6ohqxuOId%2B6DVp3ojoEDJkoK0YAgPh15%2BpMFRJzUUHjx3Gv3GA1aA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBzxqGYFziJSuh2gxxXZp04&google_hm=Yyfg-sNf0Cei7cIQq0-y9QAABGMAAAIB&google_nid=index&google_push=AZmPxg-D-aPCVS5wHpSGvEfJcoyKYVyeI0zpUolLQuiWn22pvOpLKB2CPK9-bGSocVx3-NGRb4_Y8QFu2cBLzxVxjg5tzk0CKq0
cache-control
no-cache
cf-ray
74cf35beeec4d311-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 1594
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEEhmyfDh2Vhc20xdr-CwtQY&google_cver=1&google_push=AZmPxg8vU7pHPifzjDailgmmfDt1NMtFBNtcWxM1WPGjqKu13lV5F1hXm6yb21h2t2qgB6Cq-Gz9MACds2E8DOrYn...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEEhmyfDh2Vhc20xdr-CwtQY&google_cver=1&google_push=AZmPxg8vU7pHPifzjDailgmmfDt1NMtFBNtcWxM1WPGjqKu13lV5F1hXm6yb21h2t2qgB6Cq-Gz9MACds2E8DOrYn...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AZmPxg8vU7pHPifzjDailgmmfDt1NMtFBNtcWxM1WPGjqKu13lV5F1hXm6yb21h2t2qgB6Cq-Gz9MACds2E8DOrYnNOE43bhHYY&google_hm=FVxMsGZHojLi3NCETzWtrtMw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AZmPxg8vU7pHPifzjDailgmmfDt1NMtFBNtcWxM1WPGjqKu13lV5F1hXm6yb21h2t2qgB6Cq-Gz9MACds2E8DOrYnNOE43bhHYY&google_hm=FVxMsGZHojLi3NCETzWtrtMw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242783&pi=t.ma~as.2784%2F12679&w=300&lmt=1663557882&url=https%3A%2F%2Freurl.cc%2FzZD6BDe&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663557881783&bpp=20&bdt=508&idt=396&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=3929757497593&frm=23&ife=1&pv=1&ga_vid=1123884882.1663557877&ga_sid=1663557882&ga_hid=1733324567&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=269&biw=1600&bih=1200&isw=300&ish=250&ifk=3296276343&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C31068920&oid=2&pvsid=2397228612119782&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.o8tu7sj134jw&fsb=1&dtd=412
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:24:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 19 Sep 2022 03:24:42 GMT
pod
X-Sovrn-Pod: ad_ap4ams1
location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AZmPxg8vU7pHPifzjDailgmmfDt1NMtFBNtcWxM1WPGjqKu13lV5F1hXm6yb21h2t2qgB6Cq-Gz9MACds2E8DOrYnNOE43bhHYY&google_hm=FVxMsGZHojLi3NCETzWtrtMw
access-control-allow-methods
GET, POST, DELETE, PUT
access-control-allow-origin
*
access-control-allow-credentials
true
connection
close
access-control-allow-headers
X-Requested-With, Content-Type
pixel
cm.g.doubleclick.net/ Frame 1594
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEJyePJklUCfv1VGO7h83LtA&google_cver=1&google_push=AZmPxg_wQDecp-MUvejjQY--d3e53jdEcMP-AGlNKeGe4Mmzzlf9THZCQoTmRwI1P-UgALC9mUgMronJwX9hEM5uCVH26u...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEJyePJklUCfv1VGO7h83LtA&google_cver=1&google_push=AZmPxg_wQDecp-MUvejjQY--d3e53jdEcMP-AGlNKeGe4Mmzzlf9THZCQoTmRwI1P-UgALC9mUgMronJwX9hEM5u...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=11uCioEvQIWU7rZ4MwCJVg&google_push=AZmPxg_wQDecp-MUvejjQY--d3e53jdEcMP-AGlNKeGe4Mmzzlf9THZCQoTmRwI1P-UgALC9mUgMronJwX9hEM5...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=11uCioEvQIWU7rZ4MwCJVg&google_push=AZmPxg_wQDecp-MUvejjQY--d3e53jdEcMP-AGlNKeGe4Mmzzlf9THZCQoTmRwI1P-UgALC9mUgMronJwX9hEM5uCVH26uBb8FI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242783&pi=t.ma~as.2784%2F12679&w=300&lmt=1663557882&url=https%3A%2F%2Freurl.cc%2FzZD6BDe&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663557881783&bpp=20&bdt=508&idt=396&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=3929757497593&frm=23&ife=1&pv=1&ga_vid=1123884882.1663557877&ga_sid=1663557882&ga_hid=1733324567&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=269&biw=1600&bih=1200&isw=300&ish=250&ifk=3296276343&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C31068920&oid=2&pvsid=2397228612119782&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.o8tu7sj134jw&fsb=1&dtd=412
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:24:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=11uCioEvQIWU7rZ4MwCJVg&google_push=AZmPxg_wQDecp-MUvejjQY--d3e53jdEcMP-AGlNKeGe4Mmzzlf9THZCQoTmRwI1P-UgALC9mUgMronJwX9hEM5uCVH26uBb8FI
date
Mon, 19 Sep 2022 03:24:42 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame 1594
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEMjzHMgja1-y1WKvCwzpGUs&google_cver=1&google_push=AZmPxg8E0DDTgR_sN3IRyt_Y6g3A2nyCxIS2xcfX7D9JW4TbpSI5dutrUoHwPlCitV3LkJyr6gBj19UCqZz8RcsoFUElgcGD6IY
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AZmPxg8E0DDTgR_sN3IRyt_Y6g3A2nyCxIS2xcfX7D9JW4TbpSI5dutrUoHwPlCitV3LkJyr6gBj19UCqZz8RcsoFUElgcGD6IY...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDA4NTE2NDAzODA3NjEzMjM4ODA1OQ%3D%3D&google_push=AZmPxg8E0DDTgR_sN3IRyt_Y6g3A2nyCxIS2xcfX7D9JW4TbpSI5dutr...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDA4NTE2NDAzODA3NjEzMjM4ODA1OQ%3D%3D&google_push=AZmPxg8E0DDTgR_sN3IRyt_Y6g3A2nyCxIS2xcfX7D9JW4TbpSI5dutrUoHwPlCitV3LkJyr6gBj19UCqZz8RcsoFUElgcGD6IY
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242783&pi=t.ma~as.2784%2F12679&w=300&lmt=1663557882&url=https%3A%2F%2Freurl.cc%2FzZD6BDe&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663557881783&bpp=20&bdt=508&idt=396&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=3929757497593&frm=23&ife=1&pv=1&ga_vid=1123884882.1663557877&ga_sid=1663557882&ga_hid=1733324567&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=269&biw=1600&bih=1200&isw=300&ish=250&ifk=3296276343&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C31068920&oid=2&pvsid=2397228612119782&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.o8tu7sj134jw&fsb=1&dtd=412
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:24:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDA4NTE2NDAzODA3NjEzMjM4ODA1OQ%3D%3D&google_push=AZmPxg8E0DDTgR_sN3IRyt_Y6g3A2nyCxIS2xcfX7D9JW4TbpSI5dutrUoHwPlCitV3LkJyr6gBj19UCqZz8RcsoFUElgcGD6IY
date
Mon, 19 Sep 2022 03:24:42 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
attr
cm.g.doubleclick.net/pixel/ Frame 1594 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J8b-Bp9t4Vu3-2RRHjj4bugtxYHpdZ6RmtS8HnlaDMG70mOmfAHdjnkEtuJ-XeYsjmFW9p
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242783&pi=t.ma~as.2784%2F12679&w=300&lmt=1663557882&url=https%3A%2F%2Freurl.cc%2FzZD6BDe&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663557881783&bpp=20&bdt=508&idt=396&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=3929757497593&frm=23&ife=1&pv=1&ga_vid=1123884882.1663557877&ga_sid=1663557882&ga_hid=1733324567&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=269&biw=1600&bih=1200&isw=300&ish=250&ifk=3296276343&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C31068920&oid=2&pvsid=2397228612119782&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.o8tu7sj134jw&fsb=1&dtd=412
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:42 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 5FF6 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/zZD6BDe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 13:42:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49333
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 19 Sep 2022 13:42:29 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220914/r20110914/elements/html/ Frame 5FF6 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220914/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CbfT1BOQk2YNQlrbspwDEMjOYjs0G80PpCtFM4UQ2jpfpzCo_iwdzH9CeoNV9CyNXGjDRRrXuZHmPtWOf_MJc2nhFYxA&cry=1&dbm_d=AKAmf-AYPL-1hLMv9J7UdEf8jErWASvZtrshqmg58YZc-3O0zNbjrO0frJNg4_32GNjr1R-TSRO_jL5_llkKGFER3_Ot3gvVKUQ7kKdayKNF_-plPIt8jqr_Gez65OO1wwzNz2fHcgnTFixevi5TT7C492Q7qssC6kdLfLhiSTrSAd6sUQJQOmXkvk47qmkIP6gnNU5GRgh7_gAn0pxygJFg1bjY6aqkVSyZxS7bR8xH4BF_XXBV-CfPsPU_qy5VDN-vUP1UXNHD3Z5g1dLUxWe-AZo9DQOvM-LXPjdFONJthsvRZrfpWtK0oga2kUCJtBHnPe-V7MpaewdFdN_VPu428RtA-FOpMcZJjPtHVe7lr8XU0rCVmgSLWQCnLEcLvVxaWmMcqkJr_IX-bkuAPp5m8SOWk-uwpTUwr_cDcWk6G8SHHfKuhAx38nTjT0HnEo7nQwT-jpRfp7nQWcKhiXBZ3Y6cl4gap86sHczIhBg17uzC8cmEtsUJDV6uQpV4hOFF2PgKU3d_5NDKR2VD7LCkiMKwDOfvps8h7knI2Kpkb4PTnJmoDIdrztqJWo3AB7tdZbMI8BU-XK9ts7NKMuH2_7Ryr3UWPRYHDEIYcQz9nrjGWVK-D54NEbTf0SQIjOZCY5014byvupfa0NVeLO0Nx48pCzM1ntKbDrHExJPi_DmpjuzgrRz6RBXWCQ2NR-F1fzjb49G8bgkR6L16cAPQU1s1H34gQgz-QLcH21trlMYXiB4Gjhei18nZOeVhp7j5S8HK6ztN_3mMmHsehI_-Bd6oTLgRTOl49AhC3wHQmnIRYlauz4FLNs8bi0eBlJ4eWGBFb1tAisBidTRG3GaY_9nJ9ND9Fyq5QnAiw8J2Hy-13R0pKWL--ljtmxL6fMNwmB0ySuCGMxmo47qLzl_TCEMcKndFQXiC-91Fpj1ic_71SapN8gG5b7sbztEi3tuo0NAUoJHakaqEeCcj2jmp2_wJ6tkn_hIVvkhzOSjBpxi5KTUFHZy0cHfdXWqVPeAUiZ38pd0YsICw2OioL5PAlYfji84wxyg9oXPqLmhS1f8hL4aZm2LW8pZVg6koybDl7CYPoKStyu5FbpM37G2hIfyiMzAW56jSq0Dr7HNvZHqdmJu_ctOgQpvn7J0NhnqhihOdz9z7HKrz29L9LFMgVNrKcqwWJ0qW6KlWLoxllEcHJA4qsZ7XnAdHruZ49Z4ZjhfwpwmzGGoL6i8uCOkoqShfFvM0ERDGD0P8GVHvCQzo9mJfu6ZrHH7bP9BgdbhyNrhfgXGOgWi3wOE2yBEw74fKueUSRhGO5cYm5lJfNzCIGSKycFEHCLWOAAzsMUPupR3JJcb78Z86-de-_Xu9yxqH5ajzojiLDPfM32IEVsLjzKlQNxxA0t2kjvgEMnlkbRNcfSaSfTZiFSPGOPWk_4glv0rNczF-Wqy9GffeVGAC1FvxCJBjNQoA9BamfQMmWDgtAuNZAjNviE_S8HE-sMx2cqWV9l00r3C65mXy2pVJRru6tyeIKBjoZQhTwmmXEr7N87E9nFGg1pDFjcW9rbEWIr8YuJyAMsIY4zMDMIY30Vw_0ftqp60xkoaUrEoPLGEpkpHKD9cSmGhH1aqtEN_Y8gItDwFjKUHg44xLIjj_d2YP8bjMw1w40Ayc9XPEopiMzEwgUTYL587r-fL2ITemVN9JUq3kNlKgfbcWhsFFBE-TfnLp_M2h4u4nizgRhmT1PhXYlJ_6_uVvGdcGMNwMmy2w3YW0Y_Y9ToP936rYUJgJDProJa7Dul4xIsaLXdpfHqcye-UYujjBAwnZwx2ylSRqLlr-O9SjlC1iSbGEVsKYO9Y-jvWe_S-7whnv3jbWJnF5TRvv_GRJX0lsgxJ_UGvxaZu7J4o_jEpXnSbTdplL6TboO9E4oE2gI6n0VJBesQ9MDUE8ILvaDi3QK13xobEBeAyc4FE3A-USsA50KKDZ0OYJOv1bpVLb5hvUQK0zOgVSU6I8JnmVAmLMHb47Soqcj8JaUzLaKGK7LGRHzL6C7oKvDonUNQJEdMChoYlHoCW3kGb2FZ-ElnBlFjcSTbMSYT-zWs3KHgl7uZ7STkb-l0M9Kwifb0NwxssDz93F0Nk3-aIXnZLftUoshpjQGqHxX6G1VfWSlymWg4YHE7gey0V9k-jert311fFpUM6E2Tb_1U7SZRhyup1sZJ90tdxyRpkut5Pk0FA00fO3YiVKoAME8jmHqsO3EvqOI74DF-JpMmDqOlL2FCBYQAQkZnqquacIG8brnCZoZBU_EPSRo6TSgx5Sl86tNZHVBVThlYIY-KeaE3XMo4smRBhO3-VTW4XeIgZjKkldp64mpOfZLSQU4bjq2m5TdFOmLEu6nMPVp9vIuA8EBVyYtKixu_FBJ-XPwrST5-3w_h9TEJpH7b97ZpgSR43j0pppP4US9yvbtaQcT-DzNpeSDHA0l6w5Zq-OXRPy5XNJ1f8aI3RD002nHXE3s7NJhfs4xuFnYoQBE5JDny_ImbhWgKNSoJvI0hpbE6Xm8VGv-RENlmWulqLbv2zhOEr5rF95WO2eF1Zrpy1R-i2q8ibdPJCU-v-ZNo3H-HCNGsxL5NDGIUVTL2Evn4ujbk3-ktoafSNekBmS_sR8EorrFYPk0EgWrBj0cw3sSWuHyCG6Axxolzvk_pxu9zTczwvfiri-UGZVF7HRFZGU-Pmb8DiM6miw8_K9pSLFUYmvjXAEEF_KEwiSUr38HvWPlMNgDZxMfhaso46FV7On3TjeDPRiRZWaouUADjE6kMhHSgCLJS5NsyakUqjkDva6Nk6GoS26OM2TxGeV&cid=CAASEuRoHXvndL2YMGsHjW8sBy25iQ&rfl=6%2Chttps%253A%252F%252Freurl.cc%242%2C%2C%2C%2C%2Chttps%253A%252F%252Freurl.cc%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:22:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
105
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 03 Oct 2022 03:22:57 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220914/r20110914/ Frame 5FF6 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220914/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CbfT1BOQk2YNQlrbspwDEMjOYjs0G80PpCtFM4UQ2jpfpzCo_iwdzH9CeoNV9CyNXGjDRRrXuZHmPtWOf_MJc2nhFYxA&cry=1&dbm_d=AKAmf-AYPL-1hLMv9J7UdEf8jErWASvZtrshqmg58YZc-3O0zNbjrO0frJNg4_32GNjr1R-TSRO_jL5_llkKGFER3_Ot3gvVKUQ7kKdayKNF_-plPIt8jqr_Gez65OO1wwzNz2fHcgnTFixevi5TT7C492Q7qssC6kdLfLhiSTrSAd6sUQJQOmXkvk47qmkIP6gnNU5GRgh7_gAn0pxygJFg1bjY6aqkVSyZxS7bR8xH4BF_XXBV-CfPsPU_qy5VDN-vUP1UXNHD3Z5g1dLUxWe-AZo9DQOvM-LXPjdFONJthsvRZrfpWtK0oga2kUCJtBHnPe-V7MpaewdFdN_VPu428RtA-FOpMcZJjPtHVe7lr8XU0rCVmgSLWQCnLEcLvVxaWmMcqkJr_IX-bkuAPp5m8SOWk-uwpTUwr_cDcWk6G8SHHfKuhAx38nTjT0HnEo7nQwT-jpRfp7nQWcKhiXBZ3Y6cl4gap86sHczIhBg17uzC8cmEtsUJDV6uQpV4hOFF2PgKU3d_5NDKR2VD7LCkiMKwDOfvps8h7knI2Kpkb4PTnJmoDIdrztqJWo3AB7tdZbMI8BU-XK9ts7NKMuH2_7Ryr3UWPRYHDEIYcQz9nrjGWVK-D54NEbTf0SQIjOZCY5014byvupfa0NVeLO0Nx48pCzM1ntKbDrHExJPi_DmpjuzgrRz6RBXWCQ2NR-F1fzjb49G8bgkR6L16cAPQU1s1H34gQgz-QLcH21trlMYXiB4Gjhei18nZOeVhp7j5S8HK6ztN_3mMmHsehI_-Bd6oTLgRTOl49AhC3wHQmnIRYlauz4FLNs8bi0eBlJ4eWGBFb1tAisBidTRG3GaY_9nJ9ND9Fyq5QnAiw8J2Hy-13R0pKWL--ljtmxL6fMNwmB0ySuCGMxmo47qLzl_TCEMcKndFQXiC-91Fpj1ic_71SapN8gG5b7sbztEi3tuo0NAUoJHakaqEeCcj2jmp2_wJ6tkn_hIVvkhzOSjBpxi5KTUFHZy0cHfdXWqVPeAUiZ38pd0YsICw2OioL5PAlYfji84wxyg9oXPqLmhS1f8hL4aZm2LW8pZVg6koybDl7CYPoKStyu5FbpM37G2hIfyiMzAW56jSq0Dr7HNvZHqdmJu_ctOgQpvn7J0NhnqhihOdz9z7HKrz29L9LFMgVNrKcqwWJ0qW6KlWLoxllEcHJA4qsZ7XnAdHruZ49Z4ZjhfwpwmzGGoL6i8uCOkoqShfFvM0ERDGD0P8GVHvCQzo9mJfu6ZrHH7bP9BgdbhyNrhfgXGOgWi3wOE2yBEw74fKueUSRhGO5cYm5lJfNzCIGSKycFEHCLWOAAzsMUPupR3JJcb78Z86-de-_Xu9yxqH5ajzojiLDPfM32IEVsLjzKlQNxxA0t2kjvgEMnlkbRNcfSaSfTZiFSPGOPWk_4glv0rNczF-Wqy9GffeVGAC1FvxCJBjNQoA9BamfQMmWDgtAuNZAjNviE_S8HE-sMx2cqWV9l00r3C65mXy2pVJRru6tyeIKBjoZQhTwmmXEr7N87E9nFGg1pDFjcW9rbEWIr8YuJyAMsIY4zMDMIY30Vw_0ftqp60xkoaUrEoPLGEpkpHKD9cSmGhH1aqtEN_Y8gItDwFjKUHg44xLIjj_d2YP8bjMw1w40Ayc9XPEopiMzEwgUTYL587r-fL2ITemVN9JUq3kNlKgfbcWhsFFBE-TfnLp_M2h4u4nizgRhmT1PhXYlJ_6_uVvGdcGMNwMmy2w3YW0Y_Y9ToP936rYUJgJDProJa7Dul4xIsaLXdpfHqcye-UYujjBAwnZwx2ylSRqLlr-O9SjlC1iSbGEVsKYO9Y-jvWe_S-7whnv3jbWJnF5TRvv_GRJX0lsgxJ_UGvxaZu7J4o_jEpXnSbTdplL6TboO9E4oE2gI6n0VJBesQ9MDUE8ILvaDi3QK13xobEBeAyc4FE3A-USsA50KKDZ0OYJOv1bpVLb5hvUQK0zOgVSU6I8JnmVAmLMHb47Soqcj8JaUzLaKGK7LGRHzL6C7oKvDonUNQJEdMChoYlHoCW3kGb2FZ-ElnBlFjcSTbMSYT-zWs3KHgl7uZ7STkb-l0M9Kwifb0NwxssDz93F0Nk3-aIXnZLftUoshpjQGqHxX6G1VfWSlymWg4YHE7gey0V9k-jert311fFpUM6E2Tb_1U7SZRhyup1sZJ90tdxyRpkut5Pk0FA00fO3YiVKoAME8jmHqsO3EvqOI74DF-JpMmDqOlL2FCBYQAQkZnqquacIG8brnCZoZBU_EPSRo6TSgx5Sl86tNZHVBVThlYIY-KeaE3XMo4smRBhO3-VTW4XeIgZjKkldp64mpOfZLSQU4bjq2m5TdFOmLEu6nMPVp9vIuA8EBVyYtKixu_FBJ-XPwrST5-3w_h9TEJpH7b97ZpgSR43j0pppP4US9yvbtaQcT-DzNpeSDHA0l6w5Zq-OXRPy5XNJ1f8aI3RD002nHXE3s7NJhfs4xuFnYoQBE5JDny_ImbhWgKNSoJvI0hpbE6Xm8VGv-RENlmWulqLbv2zhOEr5rF95WO2eF1Zrpy1R-i2q8ibdPJCU-v-ZNo3H-HCNGsxL5NDGIUVTL2Evn4ujbk3-ktoafSNekBmS_sR8EorrFYPk0EgWrBj0cw3sSWuHyCG6Axxolzvk_pxu9zTczwvfiri-UGZVF7HRFZGU-Pmb8DiM6miw8_K9pSLFUYmvjXAEEF_KEwiSUr38HvWPlMNgDZxMfhaso46FV7On3TjeDPRiRZWaouUADjE6kMhHSgCLJS5NsyakUqjkDva6Nk6GoS26OM2TxGeV&cid=CAASEuRoHXvndL2YMGsHjW8sBy25iQ&rfl=6%2Chttps%253A%252F%252Freurl.cc%242%2C%2C%2C%2C%2Chttps%253A%252F%252Freurl.cc%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
7348579c41b9264b67476504697d1205b3a40f15b3442ca6457eef60542670a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:08:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
946
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11717
x-xss-protection
0
server
cafe
etag
8998177921611256807
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 03 Oct 2022 03:08:56 GMT
TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js
pagead2.googlesyndication.com/bg/ Frame D34F 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
4ea2d25cfd900cc58359b570346578a99488a7516eb9b25ab0681a95f8c61d96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 15:20:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43462
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16105
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 18 Sep 2023 15:20:20 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame E469 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022091301&jk=4222947626913200&rc=
Requested by
Host: reurl.cc
URL: https://reurl.cc/zZD6BDe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame AA7B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022091401&jk=3137102832055925&rc=
Requested by
Host: reurl.cc
URL: https://reurl.cc/zZD6BDe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js
pagead2.googlesyndication.com/bg/ Frame 08BE 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
4ea2d25cfd900cc58359b570346578a99488a7516eb9b25ab0681a95f8c61d96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 15:20:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43462
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16105
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 18 Sep 2023 15:20:20 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 5FF6 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242782&pi=t.ma~as.2784%2F13801&w=300&lmt=1663557882&url=https%3A%2F%2Freurl.cc%2FzZD6BDe&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663557881818&bpp=11&bdt=520&idt=110&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=3929757497593&frm=23&ife=1&pv=2&ga_vid=1123884882.1663557877&ga_sid=1663557882&ga_hid=1027788124&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=269&biw=1600&bih=1200&isw=300&ish=250&ifk=1608067884&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31068921&oid=2&pvsid=2826480696244177&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.k6gjwt2u3rqq&fsb=1&dtd=274
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 14:24:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
219586
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Sep 2023 14:24:56 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 0A5B 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242782&pi=t.ma~as.2784%2F13801&w=300&lmt=1663557882&url=https%3A%2F%2Freurl.cc%2FzZD6BDe&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663557881818&bpp=11&bdt=520&idt=110&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=3929757497593&frm=23&ife=1&pv=2&ga_vid=1123884882.1663557877&ga_sid=1663557882&ga_hid=1027788124&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=269&biw=1600&bih=1200&isw=300&ish=250&ifk=1608067884&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31068921&oid=2&pvsid=2826480696244177&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.k6gjwt2u3rqq&fsb=1&dtd=274
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
53637
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 18 Sep 2022 12:30:45 GMT
etag
48472445140208031
expires
Mon, 19 Sep 2022 12:30:45 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 5FF6 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
347d8daf9448c5daa3289a73a13f10c149acaf212c59ba2055e47bdc0f99faf1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
default.css
as.ad4m.at/ad/style/0.1.23/one-ad/ Frame 5C62 		85 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.23/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1ka9v9hqn8mhkb8wwqwj53q0npnz4ez33tmkzchbjt74t1renbn6ngjw8wb5sf94e2387y2t63gcn97mg5mxrz20nwx2mcpw56386yc62jcxbfzsp9t9fw3880cb33m0m4g79yd3qpf8yhd2x5g33pkzjq0kj9mpcthw860anfb4d8eex70txt2nacnn4e2vc1mf7jgbzy80b5356gshws33fva3hbpc95pbt0jeq7yem716a5ds5w4cc2r86amjxq0qsz0ma0bhaa5dnh5nnczge41gs9p04g04bjghzsqtd9cbswgh28vx73wrxyevyhr0989dn8w07m04zxcxaaefa9fzjnpcnfw04bkk9bw5hzwere9ea7kx9hnek3efk7gva5n2q6s52aw16xynenmhgsrvtj28j0hvrng0cjh9ymmpn6cxj9pa2mj6g52xvpbd3y2b&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCb4L6-uAnY9vgDfSKjuwPrPyN0A6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3oAHCrujdA8gBCakCQyYB0hDOsD6oAwGqBKsBT9AYiY9Yw-JKN2OzIhRNiJEdg_96pIoraEjb_rynbD00HmexYpkNlSNzEEhO7q7vFxXUvehke57KWAMnR9WV96OmWlIdbdRMxT3fQMApJInZVRtplgBCshX09Y8ubtbg5y93O0r1kyQN9PCG6qT6Fws4PDPhiU8WLsnJSWpK_jrDSzsk4QVpeEQPy79XuuODOu6DoPKQB9CuVQqMZGLqrf8UCuHeKDsjfnHpgAa30KrL2bTPoU2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3GCmfGIMGfrM5oPoy9Z1AbQzy-xg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
34c3ae81cd958df09f8912557b0a7c53fea002cc24b4d6058d852da53811e414
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1ka9v9hqn8mhkb8wwqwj53q0npnz4ez33tmkzchbjt74t1renbn6ngjw8wb5sf94e2387y2t63gcn97mg5mxrz20nwx2mcpw56386yc62jcxbfzsp9t9fw3880cb33m0m4g79yd3qpf8yhd2x5g33pkzjq0kj9mpcthw860anfb4d8eex70txt2nacnn4e2vc1mf7jgbzy80b5356gshws33fva3hbpc95pbt0jeq7yem716a5ds5w4cc2r86amjxq0qsz0ma0bhaa5dnh5nnczge41gs9p04g04bjghzsqtd9cbswgh28vx73wrxyevyhr0989dn8w07m04zxcxaaefa9fzjnpcnfw04bkk9bw5hzwere9ea7kx9hnek3efk7gva5n2q6s52aw16xynenmhgsrvtj28j0hvrng0cjh9ymmpn6cxj9pa2mj6g52xvpbd3y2b&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCb4L6-uAnY9vgDfSKjuwPrPyN0A6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3oAHCrujdA8gBCakCQyYB0hDOsD6oAwGqBKsBT9AYiY9Yw-JKN2OzIhRNiJEdg_96pIoraEjb_rynbD00HmexYpkNlSNzEEhO7q7vFxXUvehke57KWAMnR9WV96OmWlIdbdRMxT3fQMApJInZVRtplgBCshX09Y8ubtbg5y93O0r1kyQN9PCG6qT6Fws4PDPhiU8WLsnJSWpK_jrDSzsk4QVpeEQPy79XuuODOu6DoPKQB9CuVQqMZGLqrf8UCuHeKDsjfnHpgAa30KrL2bTPoU2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3GCmfGIMGfrM5oPoy9Z1AbQzy-xg%26client%3Dca-pub-4485239425924787%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:42 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
565646
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=86781
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Mon, 12 Sep 2022 14:17:16 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
x-download-options
noopen
vary
accept-encoding
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
expires
0
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
74cf35be7967ba89-MXP
cf-bgj
minify
r62eglto.js
ad4m.at/ Frame 5C62 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1ka9v9hqn8mhkb8wwqwj53q0npnz4ez33tmkzchbjt74t1renbn6ngjw8wb5sf94e2387y2t63gcn97mg5mxrz20nwx2mcpw56386yc62jcxbfzsp9t9fw3880cb33m0m4g79yd3qpf8yhd2x5g33pkzjq0kj9mpcthw860anfb4d8eex70txt2nacnn4e2vc1mf7jgbzy80b5356gshws33fva3hbpc95pbt0jeq7yem716a5ds5w4cc2r86amjxq0qsz0ma0bhaa5dnh5nnczge41gs9p04g04bjghzsqtd9cbswgh28vx73wrxyevyhr0989dn8w07m04zxcxaaefa9fzjnpcnfw04bkk9bw5hzwere9ea7kx9hnek3efk7gva5n2q6s52aw16xynenmhgsrvtj28j0hvrng0cjh9ymmpn6cxj9pa2mj6g52xvpbd3y2b&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCb4L6-uAnY9vgDfSKjuwPrPyN0A6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3oAHCrujdA8gBCakCQyYB0hDOsD6oAwGqBKsBT9AYiY9Yw-JKN2OzIhRNiJEdg_96pIoraEjb_rynbD00HmexYpkNlSNzEEhO7q7vFxXUvehke57KWAMnR9WV96OmWlIdbdRMxT3fQMApJInZVRtplgBCshX09Y8ubtbg5y93O0r1kyQN9PCG6qT6Fws4PDPhiU8WLsnJSWpK_jrDSzsk4QVpeEQPy79XuuODOu6DoPKQB9CuVQqMZGLqrf8UCuHeKDsjfnHpgAa30KrL2bTPoU2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3GCmfGIMGfrM5oPoy9Z1AbQzy-xg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
b9b060fea5d40ed1a199f9ffec8eedb296149c1c5289e65818742d16f24f4dc4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:42 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
492286
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 27 Jul 2022 10:39:11 GMT
server
cloudflare
etag
W/"a69f5acd9289c65e67397be142bc2c3f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=28VAMFqG4HS0UAWXkXZd%2BQ60RAadU7nBYvXa4%2B%2FYN2zQkRx2mAer17yE7fri67Wx%2BRcWL1hqRculQF7eHagaqVWRTCOFWw9EKRpdNbqhduJj6PfBrI5aP6yOCbQQKZEAOU39MaY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
74cf35be6cf1baf9-MXP
expires
Tue, 06 Sep 2022 10:39:59 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 2415 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
219586
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 16 Sep 2022 14:24:56 GMT
expires
Sat, 16 Sep 2023 14:24:56 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 0A5B
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESECRTuIcDWIl6OmWBNIgbyh8&google_cver=1&google_push=AZmPxg8GEw4iR3E3E7E8N6X-RMUr7iXoVT89orzU-Zv4Mqs2HkoeqJ-_0ziJ0kaOv6qT3PLyBBCqL3sx3VSbvC6H...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg8GEw4iR3E3E7E8N6X-RMUr7iXoVT89orzU-Zv4Mqs2HkoeqJ-_0ziJ0kaOv6qT3PLyBBCqL3sx3VSbvC6H7kc276kxR21V
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg8GEw4iR3E3E7E8N6X-RMUr7iXoVT89orzU-Zv4Mqs2HkoeqJ-_0ziJ0kaOv6qT3PLyBBCqL3sx3VSbvC6H7kc276kxR21V
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242782&pi=t.ma~as.2784%2F13801&w=300&lmt=1663557882&url=https%3A%2F%2Freurl.cc%2FzZD6BDe&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663557881818&bpp=11&bdt=520&idt=110&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=3929757497593&frm=23&ife=1&pv=2&ga_vid=1123884882.1663557877&ga_sid=1663557882&ga_hid=1027788124&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=269&biw=1600&bih=1200&isw=300&ish=250&ifk=1608067884&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31068921&oid=2&pvsid=2826480696244177&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.k6gjwt2u3rqq&fsb=1&dtd=274
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:24:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 19 Sep 2022 03:24:42 GMT
Server
MT3 4505 5b23575 master zrh-pixel-x11 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg8GEw4iR3E3E7E8N6X-RMUr7iXoVT89orzU-Zv4Mqs2HkoeqJ-_0ziJ0kaOv6qT3PLyBBCqL3sx3VSbvC6H7kc276kxR21V
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 19 Sep 2022 03:24:41 GMT
pixel
cm.g.doubleclick.net/ Frame 0A5B
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEFHHA_kJKhfzTSNZN7f2TRM&google_cver=1&google_push=AZmPxg_vE7RG4c2YwaXiO-dsi_2on9zOC_yENBLoR62JaQ7FKC4jHO88oFsvzIXswAnpqOHrHq1HuA--YS2...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AZmPxg_vE7RG4c2YwaXiO-dsi_2on9zOC_yENBLoR62JaQ7FKC4jHO88oFsvzIXswAnpqOHrHq1HuA--YS2ztHqA8ekTX_UTOGbR&google_hm=xdl5z5cgQRi0Wm4pbfDMnxU
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AZmPxg_vE7RG4c2YwaXiO-dsi_2on9zOC_yENBLoR62JaQ7FKC4jHO88oFsvzIXswAnpqOHrHq1HuA--YS2ztHqA8ekTX_UTOGbR&google_hm=xdl5z5cgQRi0Wm4pbfDMnxU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242782&pi=t.ma~as.2784%2F13801&w=300&lmt=1663557882&url=https%3A%2F%2Freurl.cc%2FzZD6BDe&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663557881818&bpp=11&bdt=520&idt=110&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=3929757497593&frm=23&ife=1&pv=2&ga_vid=1123884882.1663557877&ga_sid=1663557882&ga_hid=1027788124&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=269&biw=1600&bih=1200&isw=300&ish=250&ifk=1608067884&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31068921&oid=2&pvsid=2826480696244177&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.k6gjwt2u3rqq&fsb=1&dtd=274
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:24:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:24:41 GMT
via
1.1 google
server
Apache-Coyote/1.1
status
302
p3p
CP="NOI DSP COR NID CUR OUR NOR"
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AZmPxg_vE7RG4c2YwaXiO-dsi_2on9zOC_yENBLoR62JaQ7FKC4jHO88oFsvzIXswAnpqOHrHq1HuA--YS2ztHqA8ekTX_UTOGbR&google_hm=xdl5z5cgQRi0Wm4pbfDMnxU
cache-control
no-cache, must-revalidate
content-type
text/html;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0A5B
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEMjuMRSs4gWO3PZljzXsxuA&google_cver=1&google_push=AZmPxg-nxB3TfpJUAtOTtwvagccaisOSLUabZXfMDIV-l17X7i-EdUgptd3FO1UsIIgC-1eUfFI-jxkUkkTLrIti...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=yheLl5u1SDezZvU5e0pSjQ2&google_push=AZmPxg-nxB3TfpJUAtOTtwvagccaisOSLUabZXfMDIV-l17X7i-EdUgptd3FO1UsIIgC-1eUfFI-jxkUkkTLrItiVVDpViwo_BE3
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=yheLl5u1SDezZvU5e0pSjQ2&google_push=AZmPxg-nxB3TfpJUAtOTtwvagccaisOSLUabZXfMDIV-l17X7i-EdUgptd3FO1UsIIgC-1eUfFI-jxkUkkTLrItiVVDpViwo_BE3
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242782&pi=t.ma~as.2784%2F13801&w=300&lmt=1663557882&url=https%3A%2F%2Freurl.cc%2FzZD6BDe&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663557881818&bpp=11&bdt=520&idt=110&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=3929757497593&frm=23&ife=1&pv=2&ga_vid=1123884882.1663557877&ga_sid=1663557882&ga_hid=1027788124&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=269&biw=1600&bih=1200&isw=300&ish=250&ifk=1608067884&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31068921&oid=2&pvsid=2826480696244177&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.k6gjwt2u3rqq&fsb=1&dtd=274
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:24:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 19 Sep 2022 03:24:42 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=yheLl5u1SDezZvU5e0pSjQ2&google_push=AZmPxg-nxB3TfpJUAtOTtwvagccaisOSLUabZXfMDIV-l17X7i-EdUgptd3FO1UsIIgC-1eUfFI-jxkUkkTLrItiVVDpViwo_BE3
x-host
tde-deliveryengine-production-646f888bdc-kjk47
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 0A5B
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECJTwoVq47xGNC-7UvBD27g&google_cver=1&google_push=AZmPxg8ayQg5xdW1MoCZdBA6zjc_6-oqfq5cuIJBM3BEiQJfqhyK27oqCPpiw7Crg8yMOv7YsgRSpjp0...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESECJTwoVq47xGNC-7UvBD27g&google_cver=1&google_push=AZmPxg8ayQg5xdW1MoCZdBA6zjc_6-oqfq5cuIJBM3BEiQJfqhyK27oqCPpiw7Crg8yMOv7YsgR...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzIzODgyNjUwMjM3MjAzNDI5Mw&google_push=AZmPxg8ayQg5xdW1MoCZdBA6zjc_6-oqfq5cuIJBM3BEiQJfqhyK27oqCPpiw7Crg8yMOv7YsgRSpj...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzIzODgyNjUwMjM3MjAzNDI5Mw&google_push=AZmPxg8ayQg5xdW1MoCZdBA6zjc_6-oqfq5cuIJBM3BEiQJfqhyK27oqCPpiw7Crg8yMOv7YsgRSpjp0unDQEP21AFc6Tn5ktN1p
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242782&pi=t.ma~as.2784%2F13801&w=300&lmt=1663557882&url=https%3A%2F%2Freurl.cc%2FzZD6BDe&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663557881818&bpp=11&bdt=520&idt=110&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=3929757497593&frm=23&ife=1&pv=2&ga_vid=1123884882.1663557877&ga_sid=1663557882&ga_hid=1027788124&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=269&biw=1600&bih=1200&isw=300&ish=250&ifk=1608067884&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31068921&oid=2&pvsid=2826480696244177&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.k6gjwt2u3rqq&fsb=1&dtd=274
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:24:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:24:42 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzIzODgyNjUwMjM3MjAzNDI5Mw&google_push=AZmPxg8ayQg5xdW1MoCZdBA6zjc_6-oqfq5cuIJBM3BEiQJfqhyK27oqCPpiw7Crg8yMOv7YsgRSpjp0unDQEP21AFc6Tn5ktN1p
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 0A5B
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEM...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AZmPxg-ny2hGtfExShgR3hbQzg03Lttn_KUlBTQj8okyPVJsGqc8bNt58bgRM4hzKdogCLCd9bPHFC_2uCkmMBK_avw-nJBfCY5y&redir=https%3A%2F%2Fcm.g.doubl...
  • https://sync.targeting.unrulymedia.com/csync/RX-1a2d9519-2b8e-4421-b3bd-5d4eb88090fe-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAZmPxg-ny2hGtfExShgR3hbQz...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg-ny2hGtfExShgR3hbQzg03Lttn_KUlBTQj8okyPVJsGqc8bNt58bgRM4hzKdogCLCd9bPHFC_2uCkmMBK_avw-nJBfCY5y&google_hm=AxotlRkrjkQhs71dTriAkP4
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg-ny2hGtfExShgR3hbQzg03Lttn_KUlBTQj8okyPVJsGqc8bNt58bgRM4hzKdogCLCd9bPHFC_2uCkmMBK_avw-nJBfCY5y&google_hm=AxotlRkrjkQhs71dTriAkP4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242782&pi=t.ma~as.2784%2F13801&w=300&lmt=1663557882&url=https%3A%2F%2Freurl.cc%2FzZD6BDe&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663557881818&bpp=11&bdt=520&idt=110&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=3929757497593&frm=23&ife=1&pv=2&ga_vid=1123884882.1663557877&ga_sid=1663557882&ga_hid=1027788124&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=269&biw=1600&bih=1200&isw=300&ish=250&ifk=1608067884&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31068921&oid=2&pvsid=2826480696244177&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.k6gjwt2u3rqq&fsb=1&dtd=274
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:24:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg-ny2hGtfExShgR3hbQzg03Lttn_KUlBTQj8okyPVJsGqc8bNt58bgRM4hzKdogCLCd9bPHFC_2uCkmMBK_avw-nJBfCY5y&google_hm=AxotlRkrjkQhs71dTriAkP4
date
Mon, 19 Sep 2022 03:24:42 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX1a2d95192b8e4421b3bd5d4eb88090fe003
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 0A5B
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEAHqzs6nkKZZNJQclrFwaaw&google_cver=1&google_push=AZmPxg-2tMOgmWtNs1L8cGZOxIF7lEQ5LJZFEcDpaDjAy-5Gecv5sb1gFxb5juDtA6xiI69dZF...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS03LkRpV3ZwRTJ1Rk9Td2VHVS4wU013bEU2bzZjQlMudn5B&google_push=AZmPxg-2tMOgmWtNs1L8cGZOxIF7lEQ5LJZFEcDpaDjAy-5Gecv5sb1gF...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS03LkRpV3ZwRTJ1Rk9Td2VHVS4wU013bEU2bzZjQlMudn5B&google_push=AZmPxg-2tMOgmWtNs1L8cGZOxIF7lEQ5LJZFEcDpaDjAy-5Gecv5sb1gFxb5juDtA6xiI69dZFnClMWwdVTSAtsD_vjmYxigjLc9
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242782&pi=t.ma~as.2784%2F13801&w=300&lmt=1663557882&url=https%3A%2F%2Freurl.cc%2FzZD6BDe&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663557881818&bpp=11&bdt=520&idt=110&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=3929757497593&frm=23&ife=1&pv=2&ga_vid=1123884882.1663557877&ga_sid=1663557882&ga_hid=1027788124&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=269&biw=1600&bih=1200&isw=300&ish=250&ifk=1608067884&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31068921&oid=2&pvsid=2826480696244177&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.k6gjwt2u3rqq&fsb=1&dtd=274
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:24:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS03LkRpV3ZwRTJ1Rk9Td2VHVS4wU013bEU2bzZjQlMudn5B&google_push=AZmPxg-2tMOgmWtNs1L8cGZOxIF7lEQ5LJZFEcDpaDjAy-5Gecv5sb1gFxb5juDtA6xiI69dZFnClMWwdVTSAtsD_vjmYxigjLc9
date
Mon, 19 Sep 2022 03:24:42 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
um
sync.teads.tv/ Frame 0A5B 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEI6VoX9sO7TCV8F1iSkemXc&google_cver=1&google_push=AZmPxg_W3DEvUyYs5zN-rrZQnbW0gywJaGw-h-kDzCRNGJEiZTrom9tMgBxjzypciUgPHcY9AZ5U7QW-TpA2YNf8kIgauFykGm1a
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242782&pi=t.ma~as.2784%2F13801&w=300&lmt=1663557882&url=https%3A%2F%2Freurl.cc%2FzZD6BDe&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663557881818&bpp=11&bdt=520&idt=110&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=3929757497593&frm=23&ife=1&pv=2&ga_vid=1123884882.1663557877&ga_sid=1663557882&ga_hid=1027788124&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=269&biw=1600&bih=1200&isw=300&ish=250&ifk=1608067884&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31068921&oid=2&pvsid=2826480696244177&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.k6gjwt2u3rqq&fsb=1&dtd=274
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 -, , ASN (),
Reverse DNS
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:24:42 GMT
cache-control
max-age=0, no-cache, no-store
expires
Mon, 19 Sep 2022 03:24:42 GMT
server
akka-http/10.2.9
content-length
23
content-type
image/gif
attr
cm.g.doubleclick.net/pixel/ Frame 0A5B 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IkzAkRDlj6DDIWzkfw-96LIFes7ie7g_tXoD3umAu84P5Y4eUvJBanWvIVyhH6l0O6PXWaMug
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242782&pi=t.ma~as.2784%2F13801&w=300&lmt=1663557882&url=https%3A%2F%2Freurl.cc%2FzZD6BDe&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663557881818&bpp=11&bdt=520&idt=110&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=3929757497593&frm=23&ife=1&pv=2&ga_vid=1123884882.1663557877&ga_sid=1663557882&ga_hid=1027788124&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=269&biw=1600&bih=1200&isw=300&ish=250&ifk=1608067884&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31068921&oid=2&pvsid=2826480696244177&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.k6gjwt2u3rqq&fsb=1&dtd=274
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:42 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
index.html
s0.2mdn.net/sadbundle/11265002931640406990/ Frame BDA7 		35 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11265002931640406990/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
36dca21cf18cf318853921fc7bbab0e2bd6d3a7d0f4fcd8b002cb6e91b32087f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
480834
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5573
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 13 Sep 2022 13:50:48 GMT
expires
Wed, 13 Sep 2023 13:50:48 GMT
last-modified
Tue, 06 Sep 2022 13:49:44 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 5FF6 		0
622 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu4-kPBox_uywXiZzin9Di8Yzzz5KprxXFlxPqYBFIkYWJm6rd6Jl7ozzhQM0lAcav0dy52v1SHjz_MUUythpreldV8sVim5PfTPMhHEMXm2K775pHq47dojYP4h2IizsrHpJ214ZUDKRyxxPRzzai3nOgcVejfCvP99DT7WE-YVY6Xm4nmt3D1m77knXSR9haxGI9txrRrWXlsVqqhoXuA3z3WapVFxZX7Rupk4Gj8Q-yyMM3Q-1TD5UbODFvNQ_JO25M5jyXbojhSDf7v4mJ3GKxQKbnKB6q1ktTdn5ox77Zt5PC-tpHXYrTOG7InJ2p0l6L62-UgZXT1OrVqiXnwnrnZbzBzPe5b-oYXLC4gvfyqwbLTIC536576XwsjKdxR9z9pHECQ7H805uhXbM1igIM1Qi2U1FyeYt1lbOvWoyEe0L9kdGKNho1l_g11jZ7pIgfuLlTC4s_xUw_aZwAy-dAVGDlxZ5gwMr7Wd1V6dmX2DJ-7lMsHV3av-gRVB6ETDRHpn8keO7T8Lrjw6su5T7O_jwNiC2CC6_XZm4gASMZvQtXrHTMSwL4ZRZ3yMpDTGwMCQUQ-uE3KuWuuAVPYpNpdWfD5r7j4ZVqePBUmHn8IN4i4VZz5MOHMeN_v9qW2XLkmJclLF-oEKad-L0SuRLF5JXQWIU3AKNVJhjY6GdNvXobSyLYve3xQHqfYJTvWRA3qcBvBdkq5X-6Bwl0DnW2ImHHyEN28SvwUKmdTvJpWaD-BEuQYrlHaBRtf-gBg6I4ErSY5CAjjAvIDPP0fAOTXFtan2_XvSNMH1d8Iyr3qDr6_opAwfVdWdEj25jv_QIBsBZjij5x6pnkFaVTQ29bgf_B0paM5PZwgG_jAJR5XvDfPaU_qykFq7MBUAK6UfHz3QFbtdDFKqmQqKwlyK_xtzHn7Al9MpxYA5tWKE4InLLj0e410T64C_X9QmP-1bnnXWJG3r8CT1N06FmvElW2lH0znubLt1Ft1UVEsSFPlc907wxrgNEFSMoA0PStHpPJiLR-N4FXS_IhO7QZhhDX_ocDi9Y4dXRjYN3fNuK8V-HOMVhuGWN2NTNX6T9hhlcJoePbrn76AWg-4bma26NIySEuJ-1JIjgMTTdg9YlsQB3jyjFDBNrNBrtWN3AslMXDG4UbX1CvOCQ&sai=AMfl-YQw-7FS6oE8mKN4D79MxmngEL0NasMT14qNH55lrcc73iDWIVnrbILYPcdGwRwEsj_0W1OzuT_uPPAxVBwyFCJtBGvw5KF1huqY_9IvvsV5cavXNOuSXoG5OTjqTs-BRx4VxAiWTpWVLPT7r5fpLk6ydRCMjg9nlAQM77ITXb-JLfGVykiw&sig=Cg0ArKJSzE-1JTo42cNbEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=218&cbvp=1&cstd=215&cisv=r20220914.64515&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: reurl.cc
URL: https://reurl.cc/zZD6BDe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Mon, 19 Sep 2022 03:24:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 5C62 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.23/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:444e -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date
Mon, 19 Sep 2022 03:24:42 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
25060196
x-guploader-uploadid
ADPycds9UegxUXswK4RzZzF6mXDfQy_y0GHXQmo_7EYAAHyEQ16keq-zOTSqb6YP04oikMtdLFTYNybr6iTpruHRyi30S7TEFw
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XMmx5C2Fz8rHRc2ZkNXyRCspu6NCxLCw7hLWEXykgzvEBiIz22zmUD33dCLgWXTQvU4B17JbO88uCtYkAMc3NLSgFejmQDZDTl5I%2BhVrqpYp8n1p7sXqoR%2FTfNYzvYz60VbPzU%2B2TQWbIECS3En2BGLS"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1623242114099744
content-type
image/png
cache-control
public, max-age=31536000, immutable
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
74cf35bfce3b3756-MXP
expires
Sat, 03 Dec 2022 02:14:46 GMT
frame.html
ad4m.at/ Frame 3CBC 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2099971
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
74cf35bf69cdba89-MXP
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Mon, 19 Sep 2022 03:24:42 GMT
expires
Thu, 25 Aug 2022 20:10:16 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aSapeqlYqW11YUdIEH9GNz9qd36XfQq%2Bp5ghxIYLeVkGqv6dwI9R1e4wgCZFAJBuzeIzqcG4wGgjTwGKP6SjcY2AXrojXbHQW2GONxkCGS9z4rLNGFYOUAizIJN9%2FmylsVuOEDs%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js
pagead2.googlesyndication.com/bg/ Frame 2415 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
4ea2d25cfd900cc58359b570346578a99488a7516eb9b25ab0681a95f8c61d96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 15:20:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43462
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16105
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 18 Sep 2023 15:20:20 GMT
generate_204
tpc.googlesyndication.com/ Frame D34F 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?heZQhQ
Requested by
Host: reurl.cc
URL: https://reurl.cc/zZD6BDe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:42 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
45d92f8f595e6f0d29129d0a9e75108b.js
s0.2mdn.net/sadbundle/11265002931640406990/ Frame BDA7 		89 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11265002931640406990/45d92f8f595e6f0d29129d0a9e75108b.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11265002931640406990/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
cc5699231fdc88e30eb73ad21cd91bb3e67f8d63eca747080e88ca91643ec9da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11265002931640406990/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 13:50:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
480834
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25351
x-xss-protection
0
last-modified
Tue, 06 Sep 2022 13:49:44 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Sep 2023 13:50:48 GMT
generate_204
tpc.googlesyndication.com/ Frame 08BE 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?5H3HCA
Requested by
Host: reurl.cc
URL: https://reurl.cc/zZD6BDe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:42 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 398C 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220914&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=reurl.cc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
1d704e0a36f982e13f8b15e1738b018f1a35519119de036473bc2bb3bac926cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Sep 2022 03:24:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11145
x-xss-protection
0
css
fonts.googleapis.com/ Frame BDA7 		4 KB
846 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:900|Roboto:500
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11265002931640406990/45d92f8f595e6f0d29129d0a9e75108b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1d352797c9473d7a0f0d88d182633330a8a7058a68cd6c052a8a2e2e6ffba4e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 01:35:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 19 Sep 2022 03:24:42 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 19 Sep 2022 03:24:42 GMT
d071fe7046e1d7af466c36fcf4e2c6d9.jpg
s0.2mdn.net/sadbundle/11265002931640406990/media/ Frame BDA7 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/11265002931640406990/media/d071fe7046e1d7af466c36fcf4e2c6d9.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11265002931640406990/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
151399565e841b5bc0abe1bdd07b7f7143183fd6300518a14edc5fe665fa48bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11265002931640406990/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 13:50:48 GMT
x-content-type-options
nosniff
age
480834
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13219
x-xss-protection
0
last-modified
Tue, 06 Sep 2022 13:49:44 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Sep 2023 13:50:48 GMT
06f91b438b5c0d7fe6dff4bf6c24cf00.svg
s0.2mdn.net/sadbundle/11265002931640406990/media/ Frame BDA7 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/11265002931640406990/media/06f91b438b5c0d7fe6dff4bf6c24cf00.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11265002931640406990/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
eb4a29554c161fc6298d26273c106770fbe6c66bff37bb0db2e7826a9f84cb4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11265002931640406990/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 13:50:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
480834
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1998
x-xss-protection
0
last-modified
Tue, 06 Sep 2022 13:49:44 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Sep 2023 13:50:48 GMT
a2292ba95cee61cdff2ee6d583b99808.png
s0.2mdn.net/sadbundle/11265002931640406990/media/ Frame BDA7 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/11265002931640406990/media/a2292ba95cee61cdff2ee6d583b99808.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11265002931640406990/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
f733b80a77aeed329f3b0e4b38c7bdb342a367847fac6a8f9647bb48c333aa3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11265002931640406990/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 13:50:48 GMT
x-content-type-options
nosniff
age
480834
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2101
x-xss-protection
0
last-modified
Tue, 06 Sep 2022 13:49:44 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Sep 2023 13:50:48 GMT
d8a4848a2c6ab306e084f3f211618a69.png
s0.2mdn.net/sadbundle/11265002931640406990/media/ Frame BDA7 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/11265002931640406990/media/d8a4848a2c6ab306e084f3f211618a69.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11265002931640406990/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
b03919a01615423f8881da95bc3f1f9a9f6d8330fb18c710f1dca463e18fe6d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11265002931640406990/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 13:50:48 GMT
x-content-type-options
nosniff
age
480834
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5664
x-xss-protection
0
last-modified
Tue, 06 Sep 2022 13:49:44 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Sep 2023 13:50:48 GMT
5eded377b78fe0844535a69788efbd10.png
s0.2mdn.net/sadbundle/11265002931640406990/media/ Frame BDA7 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/11265002931640406990/media/5eded377b78fe0844535a69788efbd10.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11265002931640406990/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
28a008879e1b9e67d23125f4627ffd4c8e738d47b9820860da4f27dc8c6a037f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11265002931640406990/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 13:50:48 GMT
x-content-type-options
nosniff
age
480834
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
last-modified
Tue, 06 Sep 2022 13:49:44 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Sep 2023 13:50:48 GMT
aa449a535a846d6ae1cecb4a6549fb4c.png
s0.2mdn.net/sadbundle/11265002931640406990/media/ Frame BDA7 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/11265002931640406990/media/aa449a535a846d6ae1cecb4a6549fb4c.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11265002931640406990/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
17d57538011219c60aec91ff6d35c15abda9314d0f692f071843563e730c0858
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11265002931640406990/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 13:50:48 GMT
x-content-type-options
nosniff
age
480834
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2908
x-xss-protection
0
last-modified
Tue, 06 Sep 2022 13:49:44 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Sep 2023 13:50:48 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=IdUl9XxLeXdrdkxjSit0T1RVWmNwMzRwK3RGL0NEdTFDNUcveUtwSHFvUDR1a3M3aVNSZ2FJSytxN1h5Mk1pMVlZd1d0UnhYRjFhaVQxM3dSaWVSZ2dPV2lsNGpkRm5BbmZvbk8rVFdMaDZQOEkrbmh3Ujc4WFBNV1NpOFluWk82UW8rVFNGUHd4bWE4eVgvc1NMUkhsL2tjZWZxVVl6Rmk1VEFYOFExZENNK2FDU28yQjd3dGpNUHNnTnRPR0pIWkhhL0drelEyeUcxU1N0SWFVQXh0czJseTBmd2JITFJGRTVDdWJUZVAwQUEvaVR1Ni8yYUVuTnZnL3lYbTJuaVlnWTQwTUJGSzdDSGJYTDdSMTE4OHV0TmlTZ3l2alZvWmd4d3dVNFk0QkhjeS9wND18&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 19 Sep 2022 03:24:42 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
463249
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=8b8BnHxwK0pWTjNWck5qdUxncnRNTTVCSUJLY1BUYmJMNXdISitxOU9rWTI1eThZaXVZYVVNaU9sUHFaeGhSc0o3RnE2WmtadWZJdEVsVFl0Vk1VWk1NYXlCd3FndzBsOHlTKzA1Z3cvWFZZaHNmQ2dSY0czdVhpTjVCN0h2SklpTmtaaTRueXpIOGszNmNSaVFyNEJPMTdleGZETG1kUnV5ZUk1NUZxRTkyY3lDQy8rK2Z4cEVnZmJSZFYxdXZ1RGVCa053cWpEZnB1L3czcnRWVFpLamZXSXpWbmR5eUFLdFhXZHc0UHpiLzZWOC9xa2d2NUhCQW5mZEMrQWdkYkVvdjdBaDRMU05uZjc1dk55bjlGMGhoL0pldlFhNUJhOFhYQ1RKTFVqQjhkcUVYdz18&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 19 Sep 2022 03:24:42 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
589510
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 398C 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=reurl.cc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 19 Sep 2022 03:24:42 GMT
rs
ad4m.at/ Frame 5C62 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
89f9cba6faa7d823791105dcda797233a3e9f3ba872923a441cab92c3d93d129

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json

Response headers

cf-ray
74cf35c1086fbb2b-MXP
date
Mon, 19 Sep 2022 03:24:43 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4USVTe4tMPWVfByf9mZenMYv71I4CW7qtGGX%2F0kJcSYSYTQlcjV38DO0JJZ664Tfko3pNsCT%2FiimnCMwYoqwOL8QVkjFRfY%2BJuV0%2FVVzBd2mtjo4B%2BzWVnDDCDKeZV07z9ldqfs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
aa-reachservice-group-europe-west1-h8v1
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
74cf35c0a848bb2b-MXP
content-length
24
content-type
text/plain
date
Mon, 19 Sep 2022 03:24:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i379w7mPnZ0H1wOS90UztcpzOdch1CEuZh%2BEUIGE9Gr7T3pAv3ho2YyI%2FzXG9gezM6vx6GErEC7Ja7oms4vz0mulV%2Faw0iVP7k8lFmb4ftYf8ymmtHQ30ZA6choBATMfqqv%2BonA%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-h8v1
view
googleads4.g.doubleclick.net/pcs/ Frame 5FF6 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu4-kPBox_uywXiZzin9Di8Yzzz5KprxXFlxPqYBFIkYWJm6rd6Jl7ozzhQM0lAcav0dy52v1SHjz_MUUythpreldV8sVim5PfTPMhHEMXm2K775pHq47dojYP4h2IizsrHpJ214ZUDKRyxxPRzzai3nOgcVejfCvP99DT7WE-YVY6Xm4nmt3D1m77knXSR9haxGI9txrRrWXlsVqqhoXuA3z3WapVFxZX7Rupk4Gj8Q-yyMM3Q-1TD5UbODFvNQ_JO25M5jyXbojhSDf7v4mJ3GKxQKbnKB6q1ktTdn5ox77Zt5PC-tpHXYrTOG7InJ2p0l6L62-UgZXT1OrVqiXnwnrnZbzBzPe5b-oYXLC4gvfyqwbLTIC536576XwsjKdxR9z9pHECQ7H805uhXbM1igIM1Qi2U1FyeYt1lbOvWoyEe0L9kdGKNho1l_g11jZ7pIgfuLlTC4s_xUw_aZwAy-dAVGDlxZ5gwMr7Wd1V6dmX2DJ-7lMsHV3av-gRVB6ETDRHpn8keO7T8Lrjw6su5T7O_jwNiC2CC6_XZm4gASMZvQtXrHTMSwL4ZRZ3yMpDTGwMCQUQ-uE3KuWuuAVPYpNpdWfD5r7j4ZVqePBUmHn8IN4i4VZz5MOHMeN_v9qW2XLkmJclLF-oEKad-L0SuRLF5JXQWIU3AKNVJhjY6GdNvXobSyLYve3xQHqfYJTvWRA3qcBvBdkq5X-6Bwl0DnW2ImHHyEN28SvwUKmdTvJpWaD-BEuQYrlHaBRtf-gBg6I4ErSY5CAjjAvIDPP0fAOTXFtan2_XvSNMH1d8Iyr3qDr6_opAwfVdWdEj25jv_QIBsBZjij5x6pnkFaVTQ29bgf_B0paM5PZwgG_jAJR5XvDfPaU_qykFq7MBUAK6UfHz3QFbtdDFKqmQqKwlyK_xtzHn7Al9MpxYA5tWKE4InLLj0e410T64C_X9QmP-1bnnXWJG3r8CT1N06FmvElW2lH0znubLt1Ft1UVEsSFPlc907wxrgNEFSMoA0PStHpPJiLR-N4FXS_IhO7QZhhDX_ocDi9Y4dXRjYN3fNuK8V-HOMVhuGWN2NTNX6T9hhlcJoePbrn76AWg-4bma26NIySEuJ-1JIjgMTTdg9YlsQB3jyjFDBNrNBrtWN3AslMXDG4UbX1CvOCQ&sai=AMfl-YQw-7FS6oE8mKN4D79MxmngEL0NasMT14qNH55lrcc73iDWIVnrbILYPcdGwRwEsj_0W1OzuT_uPPAxVBwyFCJtBGvw5KF1huqY_9IvvsV5cavXNOuSXoG5OTjqTs-BRx4VxAiWTpWVLPT7r5fpLk6ydRCMjg9nlAQM77ITXb-JLfGVykiw&sig=Cg0ArKJSzE-1JTo42cNbEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=450&vt=11&dtpt=232&dett=3&cstd=215&cisv=r20220914.64515&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: reurl.cc
URL: https://reurl.cc/zZD6BDe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Sep 2022 03:24:43 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame BDA7 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:900|Roboto:500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 20:10:25 GMT
x-content-type-options
nosniff
age
371658
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Sep 2023 20:10:25 GMT
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame BDA7 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:900|Roboto:500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 08:45:00 GMT
x-content-type-options
nosniff
age
412783
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15752
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Sep 2023 08:45:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 4E6A 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220914&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=reurl.cc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
1f4c49641d5b7e4c12f2193ed0b83b16ce3e7c82967bdab03b8c1b2e3b74dbf9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Sep 2022 03:24:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11150
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4E1C 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
15999
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 18 Sep 2022 22:58:04 GMT
expires
Mon, 18 Sep 2023 22:58:04 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame F681 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5c6a519f409772c4c88e12920c3987ac8f1d0b1329cea52bbc3b04260e15de85
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-zJFw7rREf8BZOuWyI1yC2Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-zJFw7rREf8BZOuWyI1yC2Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 19 Sep 2022 03:24:43 GMT
expires
Mon, 19 Sep 2022 03:24:43 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 4E6A 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=reurl.cc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 19 Sep 2022 03:24:43 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2415 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BvX55-uAnY5uAHZjD7_UPuKKCsAoAAAAAOAHgBAI&bg=!SkmlSQ3NAAZqQh0mSkI7ACkAdvg8WsmGKP65ESwEJBrOCjL8NDZmsCnOYfVrO4gT3qe5UPiIjQpWCAIAAACdUgAAAAFoAQcKAFQrGrpWrbW2AMTPlgZHpm7qZyjyuMaNpiIT4ifUdRunCi8o1kZTLjC5o7CJEKo7xheOxPAP31U4hveJLX6_RES6aQMhMtwpwfRvQFxuVKnbvJIm892ZAx1XipkrgOU5rkI5_xrNBUD21OorxFYQAp6lvuODTNqkQDymbMCgJKgejETt18wDIjpWcNgqWeTuGEggS7V7CZhRj91mtZo8bihWLBdBIUboLW4zVJvAU6c2cOpq68KuBPfhwvapOSVoDL1s4wdd-nwMyeGkADPXWuswsQy9w9iT36KNyHLYRgQVGnDBnWAgZB7vWqtNq6yG1LYcPQlhEennEN0TKlRSYa2sPEE67_-BLVR85IvHd9gCXpj6jASwRqThDGBFuiY0gDVMUEYoBP_X29Schan8Yqb6IRxNSIjH9u4xfA-KiXwGLnZTotLBppTbvWJ5ITxceWdhhw-X2w41ERhibL72OkG_IRZAZzSaUJu0GDEHoXGDMIXJK92_raznClbY9wQ1VJ7_bg6077c5930xoUcfnjyr5dtEnT-a4w8kXmNrafkoogIFuhuQOJp7bRpGv5ZTjEPIyvzUN5yIwiLz3pULFm7Dd6-jutgUzViVwjrK8kSkgZwJMMQU8lB8BjpZpzG5YkANljE6K66IijfZknFr5eeGYDQS7UM_bkDpodmi7wsWQJOzo8WPHnq8XzV0d6k_gpDgzvhHMUB2_tEgDSaifQCTlt35qJ4Zqa6gmSTmc3QxgIRwDMZKsotvRNUr6Uk56G-tELC-lBhxrHs8u3ydVv94GYsKRNcYQ9Heez0qDrRca9ZPcxxg7YO17i-8gKD-ptbdZa1eMRn7aZr-qOWgIgIOiAvvjJyxPcxxTA5WiNtnLPzbBJTXSXBEALdgQXntsot_0E0TMlFGVTCLL7uVIypo9VHwrJQzKQCIID6M9TfQkDq6dOEL-NTUYOZFStZ3g1K1ptGzOKOguTrTbP4aBbBeCcB8CDejwQgcSIjev-_Tw_nJYeXrWcy3R4rD6cVxzZboPcYKGimy1OoeA7ukY2JsRZKcrFWRKGks5Gvbg7LB_bbY87W8Ue-JKEJ-xIJT9WFZ3U56tQ0VL9l4DLRnkb9Y_oANEZ9fT0RSp90OLp9o_x8-53-rFWnEx_4BS7o8lDcju0exDWdUmoortzIl8et8MPvMpA
Requested by
Host: reurl.cc
URL: https://reurl.cc/zZD6BDe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:24:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame F681 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220914&jk=2397228612119782&rc=
Requested by
Host: reurl.cc
URL: https://reurl.cc/zZD6BDe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js
pagead2.googlesyndication.com/bg/ Frame 4E1C 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
4ea2d25cfd900cc58359b570346578a99488a7516eb9b25ab0681a95f8c61d96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 15:20:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43463
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16105
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 18 Sep 2023 15:20:20 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2BBD 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
15999
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 18 Sep 2022 22:58:04 GMT
expires
Mon, 18 Sep 2023 22:58:04 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame A857 		783 B
532 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a0cabd8b6b0e372eaf49aab8f293929b6becf1a0a12d2384811a5d60aceedffd
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-wdBSl_xGXFcncpAQNwnFsA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
510
content-security-policy
script-src 'report-sample' 'nonce-wdBSl_xGXFcncpAQNwnFsA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 19 Sep 2022 03:24:43 GMT
expires
Mon, 19 Sep 2022 03:24:43 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
rar
as.ad4m.at/ad/ Frame E4B2 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=23576&b=dE7HEfkf8x8cEHjHwtEtbbrfeS4T59ATgVmM&f=K1mCRfZfjwju5HMHktzCBB4C7SAT84Jtp2Qx&c=300&d=50&e=&g=3e4cd23045649660e8580399bfe577bd%2F2774580295719989684&i=20774&j=14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1663557883062&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k25xz2w9r2cd8tbwstfbbn0886qqzndwak0jk97p8gcm4qtmr95x38d2bw0emsthv4xmzd65tt5wv42vfd73w6gksbes81ht95vfpd7axbcwsq2cpyfmy08qy405b9wdrq0jc3gf9h75cjs1xrsts3dt05f5e1sxx8jz6zhaeh8wkm17xzk4pq84drd0r8g6h1483jq4fj4m4477pxzt7c5t6yaq7y9estqbhzm8qzj8v4w1xs8pmqsv0587daavk6frfyd4radsfcfcxk300zr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCb4L6-uAnY9vgDfSKjuwPrPyN0A6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3oAHCrujdA8gBCakCQyYB0hDOsD6oAwGqBKsBT9AYiY9Yw-JKN2OzIhRNiJEdg_96pIoraEjb_rynbD00HmexYpkNlSNzEEhO7q7vFxXUvehke57KWAMnR9WV96OmWlIdbdRMxT3fQMApJInZVRtplgBCshX09Y8ubtbg5y93O0r1kyQN9PCG6qT6Fws4PDPhiU8WLsnJSWpK_jrDSzsk4QVpeEQPy79XuuODOu6DoPKQB9CuVQqMZGLqrf8UCuHeKDsjfnHpgAa30KrL2bTPoU2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3GCmfGIMGfrM5oPoy9Z1AbQzy-xg%2526client%253Dca-pub-4485239425924787%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
c4484b207e0c988491e39c071020d2bf4052ca8434eb73b80ea096ee7538f310
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1ka9v9hqn8mhkb8wwqwj53q0npnz4ez33tmkzchbjt74t1renbn6ngjw8wb5sf94e2387y2t63gcn97mg5mxrz20nwx2mcpw56386yc62jcxbfzsp9t9fw3880cb33m0m4g79yd3qpf8yhd2x5g33pkzjq0kj9mpcthw860anfb4d8eex70txt2nacnn4e2vc1mf7jgbzy80b5356gshws33fva3hbpc95pbt0jeq7yem716a5ds5w4cc2r86amjxq0qsz0ma0bhaa5dnh5nnczge41gs9p04g04bjghzsqtd9cbswgh28vx73wrxyevyhr0989dn8w07m04zxcxaaefa9fzjnpcnfw04bkk9bw5hzwere9ea7kx9hnek3efk7gva5n2q6s52aw16xynenmhgsrvtj28j0hvrng0cjh9ymmpn6cxj9pa2mj6g52xvpbd3y2b&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCb4L6-uAnY9vgDfSKjuwPrPyN0A6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3oAHCrujdA8gBCakCQyYB0hDOsD6oAwGqBKsBT9AYiY9Yw-JKN2OzIhRNiJEdg_96pIoraEjb_rynbD00HmexYpkNlSNzEEhO7q7vFxXUvehke57KWAMnR9WV96OmWlIdbdRMxT3fQMApJInZVRtplgBCshX09Y8ubtbg5y93O0r1kyQN9PCG6qT6Fws4PDPhiU8WLsnJSWpK_jrDSzsk4QVpeEQPy79XuuODOu6DoPKQB9CuVQqMZGLqrf8UCuHeKDsjfnHpgAa30KrL2bTPoU2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3GCmfGIMGfrM5oPoy9Z1AbQzy-xg%26client%3Dca-pub-4485239425924787%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
74cf35c17a6eba89-MXP
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Mon, 19 Sep 2022 03:24:43 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame A857 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220914&jk=2826480696244177&rc=
Requested by
Host: reurl.cc
URL: https://reurl.cc/zZD6BDe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js
pagead2.googlesyndication.com/bg/ Frame 2BBD 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
4ea2d25cfd900cc58359b570346578a99488a7516eb9b25ab0681a95f8c61d96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 15:20:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43463
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16105
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 18 Sep 2023 15:20:20 GMT
default.css
as.ad4m.at/ad/style/0.1.23/one-ad/ Frame E4B2 		85 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.23/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576&b=dE7HEfkf8x8cEHjHwtEtbbrfeS4T59ATgVmM&f=K1mCRfZfjwju5HMHktzCBB4C7SAT84Jtp2Qx&c=300&d=50&e=&g=3e4cd23045649660e8580399bfe577bd%2F2774580295719989684&i=20774&j=14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1663557883062&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k25xz2w9r2cd8tbwstfbbn0886qqzndwak0jk97p8gcm4qtmr95x38d2bw0emsthv4xmzd65tt5wv42vfd73w6gksbes81ht95vfpd7axbcwsq2cpyfmy08qy405b9wdrq0jc3gf9h75cjs1xrsts3dt05f5e1sxx8jz6zhaeh8wkm17xzk4pq84drd0r8g6h1483jq4fj4m4477pxzt7c5t6yaq7y9estqbhzm8qzj8v4w1xs8pmqsv0587daavk6frfyd4radsfcfcxk300zr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCb4L6-uAnY9vgDfSKjuwPrPyN0A6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3oAHCrujdA8gBCakCQyYB0hDOsD6oAwGqBKsBT9AYiY9Yw-JKN2OzIhRNiJEdg_96pIoraEjb_rynbD00HmexYpkNlSNzEEhO7q7vFxXUvehke57KWAMnR9WV96OmWlIdbdRMxT3fQMApJInZVRtplgBCshX09Y8ubtbg5y93O0r1kyQN9PCG6qT6Fws4PDPhiU8WLsnJSWpK_jrDSzsk4QVpeEQPy79XuuODOu6DoPKQB9CuVQqMZGLqrf8UCuHeKDsjfnHpgAa30KrL2bTPoU2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3GCmfGIMGfrM5oPoy9Z1AbQzy-xg%2526client%253Dca-pub-4485239425924787%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
34c3ae81cd958df09f8912557b0a7c53fea002cc24b4d6058d852da53811e414
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=23576&b=dE7HEfkf8x8cEHjHwtEtbbrfeS4T59ATgVmM&f=K1mCRfZfjwju5HMHktzCBB4C7SAT84Jtp2Qx&c=300&d=50&e=&g=3e4cd23045649660e8580399bfe577bd%2F2774580295719989684&i=20774&j=14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1663557883062&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k25xz2w9r2cd8tbwstfbbn0886qqzndwak0jk97p8gcm4qtmr95x38d2bw0emsthv4xmzd65tt5wv42vfd73w6gksbes81ht95vfpd7axbcwsq2cpyfmy08qy405b9wdrq0jc3gf9h75cjs1xrsts3dt05f5e1sxx8jz6zhaeh8wkm17xzk4pq84drd0r8g6h1483jq4fj4m4477pxzt7c5t6yaq7y9estqbhzm8qzj8v4w1xs8pmqsv0587daavk6frfyd4radsfcfcxk300zr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCb4L6-uAnY9vgDfSKjuwPrPyN0A6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3oAHCrujdA8gBCakCQyYB0hDOsD6oAwGqBKsBT9AYiY9Yw-JKN2OzIhRNiJEdg_96pIoraEjb_rynbD00HmexYpkNlSNzEEhO7q7vFxXUvehke57KWAMnR9WV96OmWlIdbdRMxT3fQMApJInZVRtplgBCshX09Y8ubtbg5y93O0r1kyQN9PCG6qT6Fws4PDPhiU8WLsnJSWpK_jrDSzsk4QVpeEQPy79XuuODOu6DoPKQB9CuVQqMZGLqrf8UCuHeKDsjfnHpgAa30KrL2bTPoU2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3GCmfGIMGfrM5oPoy9Z1AbQzy-xg%2526client%253Dca-pub-4485239425924787%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:43 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
565647
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=86781
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Mon, 12 Sep 2022 14:17:16 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
x-download-options
noopen
vary
accept-encoding
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
expires
0
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
74cf35c1da8dba89-MXP
cf-bgj
minify
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame E4B2 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576&b=dE7HEfkf8x8cEHjHwtEtbbrfeS4T59ATgVmM&f=K1mCRfZfjwju5HMHktzCBB4C7SAT84Jtp2Qx&c=300&d=50&e=&g=3e4cd23045649660e8580399bfe577bd%2F2774580295719989684&i=20774&j=14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1663557883062&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k25xz2w9r2cd8tbwstfbbn0886qqzndwak0jk97p8gcm4qtmr95x38d2bw0emsthv4xmzd65tt5wv42vfd73w6gksbes81ht95vfpd7axbcwsq2cpyfmy08qy405b9wdrq0jc3gf9h75cjs1xrsts3dt05f5e1sxx8jz6zhaeh8wkm17xzk4pq84drd0r8g6h1483jq4fj4m4477pxzt7c5t6yaq7y9estqbhzm8qzj8v4w1xs8pmqsv0587daavk6frfyd4radsfcfcxk300zr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCb4L6-uAnY9vgDfSKjuwPrPyN0A6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3oAHCrujdA8gBCakCQyYB0hDOsD6oAwGqBKsBT9AYiY9Yw-JKN2OzIhRNiJEdg_96pIoraEjb_rynbD00HmexYpkNlSNzEEhO7q7vFxXUvehke57KWAMnR9WV96OmWlIdbdRMxT3fQMApJInZVRtplgBCshX09Y8ubtbg5y93O0r1kyQN9PCG6qT6Fws4PDPhiU8WLsnJSWpK_jrDSzsk4QVpeEQPy79XuuODOu6DoPKQB9CuVQqMZGLqrf8UCuHeKDsjfnHpgAa30KrL2bTPoU2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3GCmfGIMGfrM5oPoy9Z1AbQzy-xg%2526client%253Dca-pub-4485239425924787%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:43 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2233382
cf-polished
origFmt=png, origSize=115129
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
54564
last-modified
Tue, 09 Feb 2021 15:11:24 GMT
server
cloudflare
etag
"0a277d59efca0369a6983645e273659e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VOwWoEtfmmhDHwbdqAgp8rzJhXHZTaan9MCuJQaeD4nwdq9fF296FpctDHL5gxj9MKZdrGihrsh%2B3ybEIAZfBoUNuk%2BmZRcNUvtTaxsqJqaX7TgZlLrfeEfCRi4CME78BG9cnA%2BuqvnLEzFR"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Tue, 20 Sep 2022 03:24:43 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
74cf35c1fe96baf9-MXP
cf-bgj
imgq:85,h2pri
F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
assets.ad4m.at/product_image/ Frame E4B2 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576&b=dE7HEfkf8x8cEHjHwtEtbbrfeS4T59ATgVmM&f=K1mCRfZfjwju5HMHktzCBB4C7SAT84Jtp2Qx&c=300&d=50&e=&g=3e4cd23045649660e8580399bfe577bd%2F2774580295719989684&i=20774&j=14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1663557883062&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k25xz2w9r2cd8tbwstfbbn0886qqzndwak0jk97p8gcm4qtmr95x38d2bw0emsthv4xmzd65tt5wv42vfd73w6gksbes81ht95vfpd7axbcwsq2cpyfmy08qy405b9wdrq0jc3gf9h75cjs1xrsts3dt05f5e1sxx8jz6zhaeh8wkm17xzk4pq84drd0r8g6h1483jq4fj4m4477pxzt7c5t6yaq7y9estqbhzm8qzj8v4w1xs8pmqsv0587daavk6frfyd4radsfcfcxk300zr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCb4L6-uAnY9vgDfSKjuwPrPyN0A6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3oAHCrujdA8gBCakCQyYB0hDOsD6oAwGqBKsBT9AYiY9Yw-JKN2OzIhRNiJEdg_96pIoraEjb_rynbD00HmexYpkNlSNzEEhO7q7vFxXUvehke57KWAMnR9WV96OmWlIdbdRMxT3fQMApJInZVRtplgBCshX09Y8ubtbg5y93O0r1kyQN9PCG6qT6Fws4PDPhiU8WLsnJSWpK_jrDSzsk4QVpeEQPy79XuuODOu6DoPKQB9CuVQqMZGLqrf8UCuHeKDsjfnHpgAa30KrL2bTPoU2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3GCmfGIMGfrM5oPoy9Z1AbQzy-xg%2526client%253Dca-pub-4485239425924787%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
39ae6b1a1ba72fc9d48b1848e9bc88f4b9da10688232ccca39d85b878db7af32

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:43 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2274541
cf-polished
qual=85, origFmt=jpeg, origSize=132437
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
23154
last-modified
Thu, 09 Dec 2021 17:51:23 GMT
server
cloudflare
etag
"c348b177953ac5720836c04e1a21673d"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ULByIislaMj0Bj5Tj2lTnTYgoDgSu4hMgAMeWE59J%2F5b59cJP1vFQ%2Ff2ICEzs2TmDgEr7C%2B9yT9qcyLXyewlds476PAMP2%2BtxvZUqm04DHNfIrqg3PTg2tYY8mxgMz6vRqZobVDcBI1TpxsG"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Tue, 20 Sep 2022 03:24:43 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
74cf35c1ee95baf9-MXP
cf-bgj
imgq:85,h2pri
B25220131.345081615;dc_pre=CKOmxoX0n_oCFYuW_QcdP0AB-Q;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consen...
ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/ Frame E4B2
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CKOmxoX0n_oCFYuW_QcdP0AB-Q;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
0
0
generate_204
tpc.googlesyndication.com/ Frame 4E1C 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?RzPG6A
Requested by
Host: reurl.cc
URL: https://reurl.cc/zZD6BDe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:43 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 2BBD 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?UtaPRw
Requested by
Host: reurl.cc
URL: https://reurl.cc/zZD6BDe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:24:43 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fcm.holmesmind.com
URL
https://fcm.holmesmind.com/cm.php
Domain
fcm.holmesmind.com
URL
https://fcm.holmesmind.com/cm.php
Domain
ad.doubleclick.net
URL
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CKOmxoX0n_oCFYuW_QcdP0AB-Q;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3DviewoneiddE7HEfkf8x8cEHjHwtEtbbrfeS4T59ATgVmMoneid__suite_Netmix_Reach118_EXTRAPUSH%26gdpr_consent=%26gdpr=0%26gdpr_pd=0

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| fbq function| _fbq string| partnerId function| hiball object| __hitagCmdQueue function| Vue object| renews function| getRenewsFeeds string| labelToken string| category string| GoogleAnalyticsObject function| ga object| SD object| device function| sitemajiDebugger string| adUnitType object| google_tag_data object| gaplugins object| gaGlobal object| gaData number| edmpvct number| edmpcct function| c_tag_mk number| cftkn function| chktkn object| ElandTracker function| stfpjs function| cookie_mapping object| Scupioads function| hasOwnProperty object| scupiosdk object| criteo_syncframe_state object| hitag object| google_reactive_ads_global_state

29 Cookies

Domain/Path Name / Value
.reurl.cc/ Name: _ga
Value: GA1.2.1123884882.1663557877
.reurl.cc/ Name: _gid
Value: GA1.2.1075165339.1663557877
.reurl.cc/ Name: _gat
Value: 1
reurl.cc/ Name: CFFPCKUUID
Value: 6856-WTcPlRd5Ejb9cvi73df9EPrtkEgUAlej
.reurl.cc/ Name: CFFPCKUUIDMAIN
Value: 7270-BU3Cjg8HuRmps1EBD7WeQ4OrdR5Ne4eC
.holmesmind.com/ Name: P
Value: 923580-OZn59FAmfEvvGHtb0QePz2ZKvWpcTKLr
.holmesmind.com/ Name: Vision
Value: 20220919-23:59,20220919-14,20220919-14,20220919-23:59
.holmesmind.com/ Name: C
Value: null
.holmesmind.com/ Name: RK
Value: null
.reurl.cc/ Name: _fbp
Value: fb.1.1663557877582.297329232
.facebook.com/ Name: fr
Value: 03Z9UQC4y6Jyp96Ap..BjJ-D1...1.0.BjJ-D1.
.reurl.cc/ Name: __htid
Value: db15abf2-3b93-4438-888f-d016bbd373dc
.reurl.cc/ Name: _ht_hi
Value: 1
.reurl.cc/ Name: _ht_a546ca
Value: 1
.reurl.cc/ Name: _ht_50ef57
Value: 1
.hinet.net/ Name: uuid
Value: db15abf2-3b93-4438-888f-d016bbd373dc
.reurl.cc/ Name: _ht_em
Value: 1
.c.appier.net/ Name: _auid
Value: SRMxSCkZDQ21d5q29uAnYw
.doubleclick.net/ Name: IDE
Value: AHWqTUnhOK-H3AG2eW7PNff8ZZVKF6SlsnvKANe_dXjaapAt1h5eNlszIYC711ie20s
.criteo.com/ Name: uid
Value: a4b5e482-6fca-4d8e-8084-099a95a1fc17
.scupio.com/ Name: fxc
Value: 1
.scupio.com/ Name: OrgKeyValue
Value: CQA20220919112439203327
.scupio.com/ Name: gx
Value: H4sIAHdRKGMA%2fxNmYGDg4ua4t%2bHwuQn%2feqwFWIVYOOwFmAAxICwwFwAAAA%3d%3d
.holmesmind.com/ Name: R
Value: null
.holmesmind.com/ Name: G
Value: we3u7ZGJymKY5J47cKd8kQ==
.holmesmind.com/ Name: d
Value: /jHzqDFxfoBZ4WTyQK3MPaD5j7NQOgUkv1Txfycvr2ReudB2dm6t0KDrpHJuqax6WjAFQ16PJy71RxDiXPBzgA==
.aralego.com/ Name: sspid
Value: 5859e14f-13ed-3c1f-b680-339ddb332fb5
.yahoo.com/ Name: A3
Value: d=AQABBPjgJ2MCEM246lr789A4JxJs0_QGMbsFEgEBAQEyKWMxYwAAAAAA_eMAAA&S=AQAAAg1nq1fEn6UMy-VC7txlnXs
.scupio.com/ Name: gxc
Value: 1

2 Console Messages

Source Level URL
Text
network error URL: https://storage.re-news.tw/feeds
Message:
Failed to load resource: the server responded with a status of 500 ()
network error URL: https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEGEo7N-X1fd2J6ekgwRt77c&google_cver=1&google_push=AZmPxg9514sK2aOL52Efu8b_Ms3TPVhHD__gKyPfnFWqrT_UH7KKqMD4LcAZ6mghQ6p6_phP_TdPLtRkpBni6_pTL_GSCqH9tm0
Message:
Failed to load resource: the server responded with a status of 503 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.doubleclick.net
ad.holmesmind.com
ad.sitemaji.com
ad2.apx.appier.net
ad4m.at
adcdn.holmesmind.com
ads.aralego.com
ads.travelaudience.com
ads.yap.yahoo.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
ap.lijit.com
as.ad4m.at
assets.ad4m.at
b7512aae327f6d33ffaec59ae189f03c.safeframe.googlesyndication.com
bidder.criteo.com
bw.scupio.com
c.holmesmind.com
c1.adform.net
c71de566b756a18b0a03ddf72d0ed323.safeframe.googlesyndication.com
ccm.holmesmind.com
cdn.aralego.net
cdn.holmesmind.com
cdn.jsdelivr.net
cm.g.doubleclick.net
connect.facebook.net
db15abf2-3b93-4438-888f-d016bbd373dc.t.ssp.hinet.net
dsum-sec.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
fcm.holmesmind.com
fonts.googleapis.com
fonts.gstatic.com
fp.holmesmind.com
gcm.ctnsnet.com
geo.yahoo.com
gocm.c.appier.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hb.aralego.com
ib.adnxs.com
img.scupio.com
m.holmesmind.com
match.360yield.com
match.adsrvr.org
mug.criteo.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-apac.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid-asia.creativecdn.com
prebid.scupio.com
prod-rtb.ad4mat.net
rec.scupio.com
reurl.cc
s.tribalfusion.com
s.yimg.com
s0.2mdn.net
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static-de.ad4mat.net
static.criteo.net
static.xx.fbcdn.net
stats.g.doubleclick.net
storage.re-news.tw
sync-tm.everesttech.net
sync.1rx.io
sync.aralego.com
sync.mathtag.com
sync.targeting.unrulymedia.com
sync.teads.tv
t.ssp.hinet.net
token.rubiconproject.com
tpc.googlesyndication.com
ups.analytics.yahoo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
ad.doubleclick.net
fcm.holmesmind.com
103.132.192.30
104.111.242.245
104.18.18.126
104.18.19.126
104.96.145.246
13.115.52.250
13.248.245.213
142.250.185.130
142.250.185.194
151.101.130.49
162.210.196.208
172.105.221.240
178.250.0.157
178.250.0.165
18.156.0.31
18.195.147.193
185.29.132.241
185.89.210.180
192.96.200.41
203.75.214.136
210.59.219.175
210.59.219.180
210.59.219.181
212.82.100.146
213.19.147.45
216.52.2.19
216.58.212.162
23.205.235.133
2406:2600:4::b
2600:1901:0:76b9::
2600:9000:2057:2200:3:1794:2540:93a1
2600:9000:206f:1e00:0:e06c:e940:93a1
2606:4700:20::ac43:444e
2606:4700:20::ac43:47fe
2606:4700:20::ac43:4a81
2606:4700:4400::ac40:98f5
2a00:1288:110:c204::b000
2a00:1288:f03d:1fa::4000
2a00:1450:4001:801::2001
2a00:1450:4001:801::2003
2a00:1450:4001:806::2002
2a00:1450:4001:808::2002
2a00:1450:4001:811::2002
2a00:1450:4001:811::2006
2a00:1450:4001:813::2001
2a00:1450:4001:813::2002
2a00:1450:4001:813::200e
2a00:1450:4001:828::2003
2a00:1450:4001:829::2002
2a00:1450:4001:829::2004
2a00:1450:4001:82a::200a
2a00:1450:4001:831::2002
2a00:1450:400c:c00::9b
2a02:2638::3
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:600::485
2a05:d018:d29:3605:7b20:c0b4:a1ec:b67a
34.117.219.39
34.95.67.231
34.96.119.68
35.185.130.121
35.186.193.173
35.186.215.140
35.190.0.66
35.201.76.93
35.227.249.156
35.244.196.223
35.71.131.137
37.157.4.28
52.198.19.32
65.9.66.27
69.173.144.165
69.173.158.64
00ea9b0b942468e84cd62c15d40535b8955f0a6fe2be58a50d2c24c597773c90
015e49bcb9b45171a4e903434b6a53ea927a544c0ce76833bdb318ef28c15c0d
085d237267eb5a0678e9176b3d17e31d3ebd36ebbec8dc0ea8ab3515ea68e4ed
08c18e307310dad771a99a7cf258161f7e38f15dd3d7a97715e68553ee2eb4f7
09ad5608bc9cac00f0e3ab4d3a890315bfffbfb4a6e9186dd3ea8eadd14a1985
0a6580919cd0122d14d3d23683140887ff716341194b9edb0ea527b80f944b84
0b7c985fafda17e8085fb6ba1cc58444ae9aad39a3f721a627db9e64d4491cea
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
10dd86dd0e9ce82cd907e544789adfb37f0efef37ee94813504a2f21b058896b
1219005b1ac715570be263a42b98d63280456e8fc7fcdfdf704536cfe5f9e9b2
1219d714e27f186eb7bbf428f0553a2a5a32fd30e6321b10af81582c66fa173d
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12e46b645dde5408be7fc6f4ce9647addac5d09c5f27dc8e3ffe9e07e6c9a935
151399565e841b5bc0abe1bdd07b7f7143183fd6300518a14edc5fe665fa48bd
17d57538011219c60aec91ff6d35c15abda9314d0f692f071843563e730c0858
1b2b6bd8fc8cf708b5f416921b25314a0269b7f77c300944f437180b8358929e
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1d352797c9473d7a0f0d88d182633330a8a7058a68cd6c052a8a2e2e6ffba4e4
1d704e0a36f982e13f8b15e1738b018f1a35519119de036473bc2bb3bac926cd
1f4c49641d5b7e4c12f2193ed0b83b16ce3e7c82967bdab03b8c1b2e3b74dbf9
204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce
2055a98b3dac4e38fb50e6adbb9d3d0a5ebcfb1a4992e776adc731d05a9020fb
20c67fa1aa370f2532349bab728b2531c976ab07ef15d1355bce4f9b51c65ca1
22d4fe7a41e1b5ac442faeccace387a6e59c4f056bc35b71f1b65cf42e7a6721
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c
28a008879e1b9e67d23125f4627ffd4c8e738d47b9820860da4f27dc8c6a037f
2b575acd3c867fd2584fca98173fce77fb6881ce3ed21213298e3a7cb11f0dfe
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2f77649220a6738ca05b4a2c55dbd4b7ba6c2fa3582772b243e500c8786f8a64
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3310846ebc03d76aa053db0d8133f785aa438b9443c42e78c222437ec026c6ed
347d8daf9448c5daa3289a73a13f10c149acaf212c59ba2055e47bdc0f99faf1
3483ffffca1df7a444dff409c9d105a03c824eb8dceb92302446163fb5220e43
34c3ae81cd958df09f8912557b0a7c53fea002cc24b4d6058d852da53811e414
3573919f392ac2bcb14f8d9a7a54972862ce5403ffc24f3d2ccf8078b2b2bd6b
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6
36dca21cf18cf318853921fc7bbab0e2bd6d3a7d0f4fcd8b002cb6e91b32087f
37f7cb504e24d04c0a0ad415ed8612013957406bceb5dc53e21ce7480ecbe46d
39ae6b1a1ba72fc9d48b1848e9bc88f4b9da10688232ccca39d85b878db7af32
3ae37c87b4bf38458dde249a06e839caf3ce494372712f7e2fedb6740af96672
3c194ef9dbec4dcbd08cd14e2a2ee0f88368e8ca11b6c6600cf47019d16680c9
3faf374da24a445e5f964940405260f379e51666b47b88c0e9df32a23c4a8f76
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
45278e68bfc82391f58be135cac22b7774ed02862b1621ab061f5f74ca0b2423
45ae88e8a32117e0cfbbf124a5117886bc27e7a63c87e55d151f71f2c53026a7
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ce81ecccefb27ce0f347ef564114da2ba450a9e1d9a7260b4597e62b1f71a72
4d61386d6c07727309be65f5567a8593c82650e39494ceeddcc0c9fc3bc09121
4ea2d25cfd900cc58359b570346578a99488a7516eb9b25ab0681a95f8c61d96
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
506daa5655732569fb03ad85945cd0206f408b698651cc7f08bbf80ebce5b536
519b41fb68c8b7364f0efb9aa68ef9142eafec648bb4f1086ed70d63967da279
5316ebb83c8898408bf9448c5cc5879728c08cf5a6aba8673d35153ded6cde6b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
5c6a519f409772c4c88e12920c3987ac8f1d0b1329cea52bbc3b04260e15de85
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
615de20454a4fb58af5b3e8571f75f79f9e261145a6e3f4ba7a540406fff3bbc
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
634ce6ebcae68cecdd5e4fe82fb7745884b9ee2dbe59a51bc08e1da360cd39c3
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6ccc91310289dd363aaef87acfff435c11e96603bf2b256bf709791da9868a8a
6e9ab8ab1d57a0695a66577e348ae4343e1a92f70cb4835a52c4863f11114037
7348579c41b9264b67476504697d1205b3a40f15b3442ca6457eef60542670a9
7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba
7684143ee568b9ce13d69133030aa4077efd37eb289bac09d70ba9364f2ae93e
7b4ef26f925908e55582bf808fd274d2f15f6ff4d93f4ee1c907a40491f8b2b9
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
7e650106d0d3f9b36ac4bbdb0e859e29a9c50484a74326c554055eecd2d603f1
8290d97b04510b940ddca9f2aea802eaafb36fc7a8f52e4466ed2b77db35c632
82a67dae51abad2836db7ff977cc143dec0e7ff3c263ba76188195677862a5f2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83a37c9bbe8dae0a71e95a0e6401bd5d9576a2b0e35295e640c2d807f9b4424e
844bfb2ff3311ad9b5611b51d8c72e0c483a8ceafe7c625a5c321637f9277399
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
889b8a7b422d2707b1073952eb1d7f88807476e6179345087010790f92e8f98c
89f9cba6faa7d823791105dcda797233a3e9f3ba872923a441cab92c3d93d129
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f7bdb9c79c5498f8a5ed7229bf62d3ab6d11dca4698bfdd0f6249f624da13c1
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
9106df425157d837db9798b2b26f25f27f9a4e803f2fb0b2851c88492bec14fd
93841e25812ee540b345d9b6cf175e5728480d03a8bdbe85d18683c43ba19c45
97a8ac3778e546a6f181085011be6050889e44dd212ac3e9782389f0b853c23d
97b1f82921571e0f4af7289f0dce7bb7d1e3836e68f1455a78c4e291eb5b039e
99ec1b27528b2883154fd166e11c3fa740d28609937a1a0287d95674ea99c2bc
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c8c0ac19964706e18280f35973180a896d74c52c760c2d7047d6a94c1329a6f
9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478
9e0156dd49c03744e79bbea60eebbbb94b5811c1b71b91f5fb38a8270dedfbaf
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0cabd8b6b0e372eaf49aab8f293929b6becf1a0a12d2384811a5d60aceedffd
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a19902458ab4a5513642a87b381b9183a2fc725849b581fd953e22d824d1c5a7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a591a418c058b4516b83097ab3d4b1e839e25daca61659022cc96a693953b2ac
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7cac69ff4c7b905552b1915305ba548a87acdf6205efe6e5bd1eef0d4700793
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b03919a01615423f8881da95bc3f1f9a9f6d8330fb18c710f1dca463e18fe6d1
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41
b6f0846f4a58ca151b3967e6e06b3f0c87ac30d0b4a346f9e7b0575000e9a5b6
b97c981ac3016bb12cb119a9efe3960eb57c8ec9d77892c1326c4766b86702a9
b9b060fea5d40ed1a199f9ffec8eedb296149c1c5289e65818742d16f24f4dc4
bf6751464659d5ba2f1dd4ac622b311e11e922c6270213d3c91d1506f59cf389
c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b
c4484b207e0c988491e39c071020d2bf4052ca8434eb73b80ea096ee7538f310
cae37df926c3b02ce00b3ce0716e995af0595dd90f3f169137f6ccb49f93e44b
cc37fba2e98f49c4d9551f72176d3aff72eacd798e5e85436837847e6b967c36
cc5699231fdc88e30eb73ad21cd91bb3e67f8d63eca747080e88ca91643ec9da
cc668c152b8285793e188115939ddfb34a31a9ac26fee8ffc3fb5e5071faeb1a
ce1e17725c0565bbdb0d7342bd669fea135d89a610c5f1c9ae7d0eed5e118267
cf30e63ba200a12f0239e1f4a10ffbbdb3dc62362879c6b16fe8db195977c1b8
d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795
d541f77dd45df41c827a1c2b2899696c336c7bb3a1a06422d66ca4f37454258e
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc
d674ba639fe4e7b02e0380ed45415ceed51ca13099b8b99fabf8c9317b6559d0
d7fc505653c3573f9bccca93a33e2ed14bd8b4586bdeca9180225dab01f1bbbe
de298763b6cbbec83460cf059c66795e225b89bf735b9e2ce5d573ce96e0099c
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41656eb2ba6c6293bf6dd928e5a88cdbc50535cab661c1969e0f598e497ed62
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e54e601faee15c866fc80659f34bf9b78048d72901b77795bb0109d4fdabccf7
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e58e00d2027b40ef0f0c185bf848707abc4fee1917bb3b6aa4bd6f9b1ec7fb5c
e8bf3291c3e5d4603aae9cbf79962a809b1b1f8baeaa8d2389588b4428cfca13
e9f1ba6944eceb7d79bd7fac7faec722717283662f05646651fa70d53e7e3796
ea392a1485330db1b238fdbaffc24d74af06ac00d0df6b562ed358e80e88778b
ea4aaf72c27da5a05a63aa91de5a2d7ebb934a9183cfe7ee74b12d9f0b55810b
eb4a29554c161fc6298d26273c106770fbe6c66bff37bb0db2e7826a9f84cb4d
ed5055669bc0753a7b915d3188c2d48db77ec067a62694a1ad8b41c5cf9d64a8
ee882b4d4471e9e36fa56ddd260669a7f064813b25a3b2f0eed53fd68a1f7b9f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efaff732bb8f08573410b7134a1f8b63b1f1ca2c37099820003a24caa12cd5df
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032
f670c1ad9fafff4387b4474fda0e68b090c975ddc416cf9f2aa64f50e1a4077c
f733b80a77aeed329f3b0e4b38c7bdb342a367847fac6a8f9647bb48c333aa3a
f7a8e9ba173126956cea416f7d8039002d47e39abd29f782ac164884ed216c5e
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399
fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818
fcbb2a052fc1abe31e4daa8ebd51a5ddfc44c06b817020f8d19a79f69a059d3e
fdfa393e5fb39c4ab607d817e8d0b5fe3573a4a2e3e8554131fbade8d615bcbf