urlscan.io logo urlscan.io
SecurityTrails logo

reurl.cc Open in urlscan Pro
35.185.130.121  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://reurl.cc/DlvRKj
Effective URL: https://reurl.cc/DlvRKj
Submission: On August 08 via manual from RS — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 44 IPs in 3 countries across 30 domains to perform 90 HTTP transactions. The main IP is 35.185.130.121, located in Taipei, Taiwan and belongs to GOOGLE, US. The main domain is reurl.cc. The Cisco Umbrella rank of the primary domain is 248163.
TLS certificate: Issued by R10 on July 16th 2024. Valid for: 3 months.
This is the only time reurl.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 35.185.130.121 15169 (GOOGLE)
2 2a04:4e42:600... 54113 (FASTLY)
5 34.149.98.30 15169 (GOOGLE)
1 151.101.129.55 54113 (FASTLY)
3 2607:f8b0:400... 15169 (GOOGLE)
6 209.85.144.157 15169 (GOOGLE)
3 133.186.12.52 10010 (TOKAI TOK...)
2 168.95.246.1 131660 (CHTCDN Da...)
2 2a03:2880:f00... 32934 (FACEBOOK)
4 2607:f8b0:400... 15169 (GOOGLE)
2 107.178.241.176 396982 (GOOGLE-CL...)
3 2a03:2880:f10... 32934 (FACEBOOK)
2 34.160.26.175 396982 (GOOGLE-CL...)
3 2607:f8b0:400... 15169 (GOOGLE)
1 103.1.220.9 131149 (YUANJHEN-...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 192.0.77.2 2635 (AUTOMATTIC)
1 2600:9000:20e... 16509 (AMAZON-02)
1 192.0.78.236 2635 (AUTOMATTIC)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 183.79.248.252 24572 (YAHOO-JP-...)
1 209.85.144.156 15169 (GOOGLE)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 3.166.192.48 16509 (AMAZON-02)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 2620:100:a00b::4 19750 (AS-CRITEO)
1 172.64.152.89 13335 (CLOUDFLAR...)
3 2607:f8b0:400... 15169 (GOOGLE)
1 18.209.253.154 14618 (AMAZON-AES)
3 119.63.193.220 38627 (BAIDUJP B...)
4 173.194.175.156 15169 (GOOGLE)
7 173.194.204.138 15169 (GOOGLE)
1 119.63.198.189 38627 (BAIDUJP B...)
1 34.111.12.34 396982 (GOOGLE-CL...)
1 34.107.150.21 396982 (GOOGLE-CL...)
3 203.75.214.136 3462 (HINET Dat...)
3 119.63.198.143 38627 (BAIDUJP B...)
3 34.102.218.41 396982 (GOOGLE-CL...)
1 119.63.198.188 38627 (BAIDUJP B...)
3 34.96.83.10 396982 (GOOGLE-CL...)
1 34.160.218.201 ()
1 74.125.192.113 15169 (GOOGLE)
90 44
1    35.185.130.121 (Taipei, Taiwan)

ASN15169 (GOOGLE, US)
PTR: 121.130.185.35.bc.googleusercontent.com
reurl.cc
2    2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
5    34.149.98.30 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 30.98.149.34.bc.googleusercontent.com
storage.reurl.cc
1    151.101.129.55 (San Francisco, United States)

ASN54113 (FASTLY, US)
anymind360.com
3    2607:f8b0:400d:c04::61 (Morganton, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    209.85.144.157 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: qv-in-f157.1e100.net
securepubads.g.doubleclick.net
3    133.186.12.52 (Yokohama, Japan)

ASN10010 (TOKAI TOKAI Communications Corporation, JP)
PTR: p052.net133186012.broadline.ne.jp
cpt.geniee.jp
2    168.95.246.1 (Los Angeles, United States)

ASN131660 (CHTCDN Data Communication Business Group, TW)
PTR: 168-95-246-1.hinet-ip.hinet.net
ad-specs.guoshipartners.com
2    2a03:2880:f003:100:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
4    2607:f8b0:400d:c00::65 (Morganton, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    107.178.241.176 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 176.241.178.107.bc.googleusercontent.com
onead.onevision.com.tw
3    2a03:2880:f103:181:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    34.160.26.175 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 175.26.160.34.bc.googleusercontent.com
re-news.tw
3    2607:f8b0:400d:c07::8b (Morganton, United States)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
1    103.1.220.9 (Taiwan)

ASN131149 (YUANJHEN-AS-TW Yuan-Jhen Info., Co., Ltd, TW)
PTR: 103-1-220-9.static.ip.net.tw
img.racingcharger.tw
1    2606:4700::6811:eec2 (United States)

ASN13335 (CLOUDFLARENET, US)
mma.prnasia.com
1    192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i0.wp.com
i0.wp.com
1    2600:9000:20ed:8600:1e:5c56:d400:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.wixstatic.com
1    192.0.78.236 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
blog.alphaloan.co
1    2607:f8b0:4004:c08::66 (Washington, United States)

ASN15169 (GOOGLE, US)
analytics.google.com
1    2607:f8b0:4004:c1d::9b (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    183.79.248.252 (Japan)

ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP)
yads.c.yimg.jp
1    209.85.144.156 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: qv-in-f156.1e100.net
securepubads.g.doubleclick.net
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
1    3.166.192.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-166-192-48.phl51.r.cloudfront.net
tags.crwdcntrl.net
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    2620:100:a00b::4 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
1    172.64.152.89 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
3    2607:f8b0:400d:c03::84 (Morganton, United States)

ASN15169 (GOOGLE, US)
f1be708e8d32cfdc224fb3f1c4ef6c85.safeframe.googlesyndication.com
1    18.209.253.154 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-209-253-154.compute-1.amazonaws.com
bcp.crwdcntrl.net
3    119.63.193.220 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)
api.popin.cc
4    173.194.175.156 (United States)

ASN15169 (GOOGLE, US)
PTR: qs-in-f156.1e100.net
pagead2.googlesyndication.com
7    173.194.204.138 (United States)

ASN15169 (GOOGLE, US)
PTR: qb-in-f138.1e100.net
fundingchoicesmessages.google.com
1    119.63.198.189 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)
tw.popin.cc
1    34.111.12.34 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 34.12.111.34.bc.googleusercontent.com
ad.tagtoo.co
1    34.107.150.21 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 21.150.107.34.bc.googleusercontent.com
uec.tagtoo.co
3    203.75.214.136 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-75-214-136.hinet-ip.hinet.net
t.ssp.hinet.net
3    119.63.198.143 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)
log.popin.cc
3    34.102.218.41 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 41.218.102.34.bc.googleusercontent.com
ecs.tagtoo.co
1    119.63.198.188 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)
r.popin.cc
3    34.96.83.10 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 10.83.96.34.bc.googleusercontent.com
event.tagtoo.co
1    34.160.218.201 (None, )

ASN- ()
ttd-cm.tagtoo.com.tw
1    74.125.192.113 (United States)

ASN15169 (GOOGLE, US)
PTR: qn-in-f113.1e100.net
www.google-analytics.com
Apex Domain
Subdomains		 Transfer
11 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 662
analytics.google.com — Cisco Umbrella Rank: 238
76 KB
8 tagtoo.co
ad.tagtoo.co — Cisco Umbrella Rank: 222829
uec.tagtoo.co — Cisco Umbrella Rank: 257124
ecs.tagtoo.co — Cisco Umbrella Rank: 176779
event.tagtoo.co — Cisco Umbrella Rank: 189491
88 KB
8 popin.cc
api.popin.cc — Cisco Umbrella Rank: 10377
tw.popin.cc — Cisco Umbrella Rank: 114096
log.popin.cc — Cisco Umbrella Rank: 75223
r.popin.cc — Cisco Umbrella Rank: 77595
105 KB
8 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 280
stats.g.doubleclick.net — Cisco Umbrella Rank: 252
286 KB
7 googlesyndication.com
f1be708e8d32cfdc224fb3f1c4ef6c85.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 157
63 KB
6 reurl.cc
reurl.cc — Cisco Umbrella Rank: 248163
storage.reurl.cc — Cisco Umbrella Rank: 372191
7 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 104
21 KB
3 hinet.net
t.ssp.hinet.net — Cisco Umbrella Rank: 86773
3 KB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
3 KB
3 geniee.jp
cpt.geniee.jp — Cisco Umbrella Rank: 38665
55 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
310 KB
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1256
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1296
13 KB
2 re-news.tw
re-news.tw
31 KB
2 onevision.com.tw
onead.onevision.com.tw — Cisco Umbrella Rank: 145316
1 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 236
76 KB
2 guoshipartners.com
ad-specs.guoshipartners.com — Cisco Umbrella Rank: 164062
22 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 410
58 KB
1 tagtoo.com.tw
ttd-cm.tagtoo.com.tw
161 B
1 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1594
7 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 992
13 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 2913
8 KB
1 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 3616
1 KB
1 yimg.jp
yads.c.yimg.jp — Cisco Umbrella Rank: 32262
53 KB
1 alphaloan.co
blog.alphaloan.co
181 KB
1 wixstatic.com
static.wixstatic.com — Cisco Umbrella Rank: 8496
1005 KB
1 wp.com
i0.wp.com — Cisco Umbrella Rank: 5176
17 KB
1 prnasia.com
mma.prnasia.com
24 KB
1 racingcharger.tw
img.racingcharger.tw
129 KB
1 anymind360.com
anymind360.com — Cisco Umbrella Rank: 11046
41 KB
0 creditcards.com.tw Failed
creditcards.com.tw Failed
90 30
Domain Requested by
10 fundingchoicesmessages.google.com securepubads.g.doubleclick.net
7 securepubads.g.doubleclick.net reurl.cc
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
5 www.google-analytics.com storage.reurl.cc
www.google-analytics.com
reurl.cc
www.googletagmanager.com
5 storage.reurl.cc reurl.cc
4 pagead2.googlesyndication.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
3 event.tagtoo.co ecs.tagtoo.co
3 ecs.tagtoo.co ad.tagtoo.co
ecs.tagtoo.co
3 log.popin.cc reurl.cc
3 t.ssp.hinet.net api.popin.cc
t.ssp.hinet.net
3 api.popin.cc reurl.cc
api.popin.cc
3 f1be708e8d32cfdc224fb3f1c4ef6c85.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 www.facebook.com reurl.cc
3 cpt.geniee.jp reurl.cc
cpt.geniee.jp
3 www.googletagmanager.com reurl.cc
www.googletagmanager.com
2 re-news.tw storage.reurl.cc
reurl.cc
2 onead.onevision.com.tw ad-specs.guoshipartners.com
2 connect.facebook.net storage.reurl.cc
connect.facebook.net
2 ad-specs.guoshipartners.com reurl.cc
2 cdn.jsdelivr.net reurl.cc
1 ttd-cm.tagtoo.com.tw uec.tagtoo.co
1 r.popin.cc reurl.cc
1 uec.tagtoo.co api.popin.cc
1 ad.tagtoo.co api.popin.cc
1 tw.popin.cc api.popin.cc
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 cdn-ima.33across.com securepubads.g.doubleclick.net
1 static.criteo.net securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 yads.c.yimg.jp cpt.geniee.jp
1 stats.g.doubleclick.net www.googletagmanager.com
1 analytics.google.com www.googletagmanager.com
1 blog.alphaloan.co reurl.cc
1 static.wixstatic.com reurl.cc
1 i0.wp.com reurl.cc
1 mma.prnasia.com reurl.cc
1 img.racingcharger.tw reurl.cc
1 anymind360.com reurl.cc
1 reurl.cc
0 creditcards.com.tw Failed reurl.cc
90 41

This site contains links to these domains. Also see Links.

Domain
re-news.tw
youtils.cc
www.comptw.com
stockinfo.tw
Subject Issuer Validity Valid
reurl.cc
R10		 2024-07-16 -
2024-10-14		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2024 Q3		 2024-07-30 -
2025-08-31		 a year crt.sh
storage.reurl.cc
WR3		 2024-07-27 -
2024-10-25		 3 months crt.sh
anymind360.com
R10		 2024-06-21 -
2024-09-19		 3 months crt.sh
*.google-analytics.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.geniee.jp
GeoTrust TLS RSA CA G1		 2024-07-30 -
2025-08-30		 a year crt.sh
ad-specs.guoshipartners.com
Go Daddy Secure Certificate Authority - G2		 2024-01-02 -
2025-01-21		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-05-17 -
2024-08-15		 3 months crt.sh
onead.onevision.com.tw
R10		 2024-07-10 -
2024-10-08		 3 months crt.sh
wp.re-news.tw
WR3		 2024-07-08 -
2024-10-06		 3 months crt.sh
*.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
img.racingcharger.tw
cPanel, Inc. Certification Authority		 2024-06-07 -
2024-09-05		 3 months crt.sh
*.prnasia.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-25 -
2024-11-24		 a year crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA		 2023-11-28 -
2024-12-28		 a year crt.sh
*.wixstatic.com
Sectigo RSA Domain Validation Secure Server CA		 2024-05-27 -
2024-11-23		 6 months crt.sh
tls.automattic.com
E5		 2024-07-23 -
2024-10-21		 3 months crt.sh
edge01.yahoo.co.jp
Cybertrust Japan SureServer CA G4		 2024-07-02 -
2025-08-01		 a year crt.sh
invstatic101.creativecdn.com
WR3		 2024-06-18 -
2024-09-16		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
oa.openxcdn.net
WR3		 2024-07-18 -
2024-10-16		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-06-27 -
2024-09-24		 3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
*.popin.cc
Secure Site Pro CA G2		 2023-09-27 -
2024-10-27		 a year crt.sh
ad.tagtoo.co
WR3		 2024-06-27 -
2024-09-25		 3 months crt.sh
uec.tagtoo.co
WR3		 2024-07-05 -
2024-10-03		 3 months crt.sh
*.t.ssp.hinet.net
 2024-03-11 -
2025-03-11		 a year crt.sh
ecs.tagtoo.co
WR3		 2024-07-29 -
2024-10-27		 3 months crt.sh
*.tagtoo.co
Go Daddy Secure Certificate Authority - G2		 2024-04-29 -
2025-05-31		 a year crt.sh
*.tagtoo.com.tw
Go Daddy Secure Certificate Authority - G2		 2024-04-14 -
2025-05-16		 a year crt.sh

This page contains 7 frames:

Primary Page: https://reurl.cc/DlvRKj
Frame ID: 2852F091CFF0C77D0AB4A13BD4183970
Requests: 60 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Frame ID: 3BB187E3D35BE2585E76D19CA91F671E
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: 602A9CE1A399ECC773DE98D413223D08
Requests: 1 HTTP requests in this frame

Frame: https://f1be708e8d32cfdc224fb3f1c4ef6c85.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8CAE8A4D2F1F524B75548FD4C0C2F815
Requests: 1 HTTP requests in this frame

Frame: https://f1be708e8d32cfdc224fb3f1c4ef6c85.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: EFBE3BDB8F2EE780EA8A9AE17A2C3DBA
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvtoR4bWvjKC36dMuxmcfMgLUpgjK-FlQGrBO4z5JQhVixaiooiBNNtSdBj52TFD_RVQX3yPNK-JH-Lv-1dlg2szICC5Gw-eD-T2amtX-JCQYzYEBpRkbcD2SK1Y4fGRemQjO0vvJHeYRgnKSLh529ESOnRJpXzkuQFPcXbX3mHjhJtxtuGsijNzOLGLS4qwzyJ32G_pfUsDhlQvrUVyImje2pi8LmnIyLDAh2kEElvp0cMlxUL4BmOQF_AEacRv3osWiDfdrWNixF2dh9eVKmsFiN5Sgn6mO15Rxg1uNxwJeLT6O7yXlkU3jcS43qytasVH4fTxOSoXMiIKZ6ArTvlQmTZXsGvy76fchmNdGPkkxxNtqSnj1OCFp6OO3x3Wp-6nI7liA&sai=AMfl-YTKvjWEycvnyvtaSdVDkQdzFEduNlCYvGQO0b0SugWSxysVAyXt7XBtG-SYTxiWuYablA_Vtkll3t3jD1o3-khYl51_Kx-aYGicrdmnP6P5WHnq4qknpALDNCDzDDkBbp8KGJaq3gvV9MDogNCB3Q4&sig=Cg0ArKJSzN1VG4M-PjTgEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 5660F619810C1D50E2F90431A8C4E7D4
Requests: 25 HTTP requests in this frame

Frame: https://f1be708e8d32cfdc224fb3f1c4ef6c85.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4F1B94222F947FCA457F24DA78A7DA02
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

URL Shortener - reurl

Page URL History Show full URLs

  1. http://reurl.cc/DlvRKj HTTP 307
    https://reurl.cc/DlvRKj Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/vue(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

90
Requests

99 %
HTTPS

28 %
IPv6

30
Domains

41
Subdomains

44
IPs

3
Countries

2697 kB
Transfer

5716 kB
Size

32
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://reurl.cc/DlvRKj HTTP 307
    https://reurl.cc/DlvRKj Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

90 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request DlvRKj
reurl.cc/
Redirect Chain
  • http://reurl.cc/DlvRKj
  • https://reurl.cc/DlvRKj
14 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/DlvRKj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
ef94014f66ef80478d6778ca742c20149a887d566c241a70df892c0f069495ee

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
*, Authorization, X-Authorization
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 08 Aug 2024 07:54:09 GMT
referrer-policy
no-referrer-when-downgrade
server
nginx/1.18.0 (Ubuntu)
target
https://cdn.discordapp.com/attachments/1270727831344906294/1270727970469707838/newnewnewnewnewnewnewnewVID_20240719_compressed_1_online-video-cutter.com_compressed_1_2.mp4?ex=66b4c125&is=66b36fa5&hm=a25e732592aee5547e445f969e38af9de8d0471cb7f15acdc46ff8a7b536f76a&
vary
Accept-Encoding Origin
x-request-id
5f0fa4a8-db37-47a1-a371-37b376c46de1

Redirect headers

Location
https://reurl.cc/DlvRKj
Non-Authoritative-Reason
HttpsUpgrades
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/ 		152 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/bootstrap.min.css
Requested by
Host: reurl.cc
URL: https://reurl.cc/DlvRKj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://reurl.cc/DlvRKj
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 08 Aug 2024 07:54:09 GMT
x-content-type-options
nosniff
content-encoding
br
age
3807173
x-jsd-version
4.3.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
25648
x-served-by
cache-fra-eddf8230028-FRA, cache-mia-kmia1760084-MIA
x-jsd-version-type
version
etag
W/"2606e-bhA1SChFSJj9qA9V897LNH/Z7SE"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
style.css
storage.reurl.cc/stylesheets/rwd/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://storage.reurl.cc/stylesheets/rwd/style.css?v=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/DlvRKj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.98.30 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
30.98.149.34.bc.googleusercontent.com
Software
/
Resource Hash
749079c4e18ad34ac381e98d3fa23e070937ae17b73e27bb066eae5350ed667d

Request headers

Referer
https://reurl.cc/DlvRKj
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 01:14:00 GMT
content-encoding
gzip
via
1.1 google
age
24009
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
904
x-request-id
83d1f46c-3138-42a2-bc4d-82bf3e02496b
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*, Authorization, X-Authorization
cache-control
public,max-age=28800
access-control-allow-credentials
true
accept-ranges
bytes
ats.js
anymind360.com/js/9479/ 		170 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://anymind360.com/js/9479/ats.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/DlvRKj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.55 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
eeb28450fdbef7b4cf78391f932bfb87bb7e8f8fa3854bfcf5bad6d7d13f442e
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

Referer
https://reurl.cc/DlvRKj
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-cache-hits
69, 0
date
Thu, 08 Aug 2024 07:54:09 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=31557600
age
25348
x-guploader-uploadid
AHxI1nNKJriCR8R5JEVYxJkZNMUe2cuaTEdr5PyQZc7xRTKPt0AAo9ZjfS9prElhrh_WtUxNTEP7kRqUtQ
x-cache
HIT, HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
41740
x-served-by
cache-tyo11954-TYO, cache-mia-kmia1760081-MIA
last-modified
Mon, 03 Jun 2024 07:21:04 GMT
server
UploadServer
x-timer
S1723103650.501211,VS0,VE488
etag
"0e0a1dc9fe664e3ab200426f1def4e4e"
vary
Accept-Encoding
x-goog-generation
1717399264559337
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=fI7CAQ==, md5=Dgodyf5mTjqyAEJvHe9OTg==
access-control-expose-headers
Content-Type
cache-control
max-age=1200
x-goog-stored-content-length
41740
accept-ranges
bytes
expires
Wed, 07 Aug 2024 00:50:42 GMT
pixel.js
storage.reurl.cc/javascripts/ 		429 B
416 B 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.reurl.cc/javascripts/pixel.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/DlvRKj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.98.30 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
30.98.149.34.bc.googleusercontent.com
Software
/
Resource Hash
3050a5556edc5876cd83e63f15e56fe19cb428129345a58d1f57687414504698

Request headers

Referer
https://reurl.cc/DlvRKj
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 06:48:50 GMT
content-encoding
gzip
via
1.1 google
age
3920
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
322
x-request-id
4b51509b-9926-4cd0-9484-a7cfa65a6a7e
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*, Authorization, X-Authorization
cache-control
public,max-age=28800
access-control-allow-credentials
true
accept-ranges
bytes
ga2.js
storage.reurl.cc/javascripts/ 		536 B
444 B 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.reurl.cc/javascripts/ga2.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/DlvRKj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.98.30 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
30.98.149.34.bc.googleusercontent.com
Software
/
Resource Hash
16cf673198b29bb08e83f5d8f74182d97d9c6dfa729c60f90f6195e739de9d20

Request headers

Referer
https://reurl.cc/DlvRKj
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 01:03:06 GMT
content-encoding
gzip
via
1.1 google
age
24664
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
348
x-request-id
eb725668-0ee8-47a6-9886-0c37cccefc53
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*, Authorization, X-Authorization
cache-control
public,max-age=28800
access-control-allow-credentials
true
accept-ranges
bytes
js
www.googletagmanager.com/gtag/ 		307 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-ZDFZCDVDK1
Requested by
Host: reurl.cc
URL: https://reurl.cc/DlvRKj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c04::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
39e740625ab759d5f275b6b559a2094e2ee96a704bbe3d01de1679c23d8db4c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/DlvRKj
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 07:54:10 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
104077
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 08 Aug 2024 07:54:10 GMT
js
www.googletagmanager.com/gtag/ 		313 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Requested by
Host: reurl.cc
URL: https://reurl.cc/DlvRKj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c04::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2921515fb91f18916a2b8aff6c3140edf07d6218d57d04778068cff819b49cb2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/DlvRKj
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 07:54:10 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
106387
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 08 Aug 2024 07:54:10 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		100 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/DlvRKj
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.144.157 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qv-in-f157.1e100.net
Software
cafe /
Resource Hash
12526e3cd5b68567e4f04f1e7341ddf33d68162f0954090823f19271ad63e59f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/DlvRKj
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 07:54:10 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32238
x-xss-protection
0
server
cafe
etag
148 / 19943 / 31085955 / config-hash: 4825155690521937780
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 08 Aug 2024 07:54:10 GMT
wrapper.min.js
cpt.geniee.jp/hb/v1/219632/1441/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cpt.geniee.jp/hb/v1/219632/1441/wrapper.min.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/DlvRKj
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
133.186.12.52 Yokohama, Japan, ASN10010 (TOKAI TOKAI Communications Corporation, JP),
Reverse DNS
p052.net133186012.broadline.ne.jp
Software
nginx /
Resource Hash
bf91e4f9f62d08f4bac63bd2ab68280a5513249b3896d0982f28aa69e25c34c0

Request headers

Referer
https://reurl.cc/DlvRKj
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 07:54:10 GMT
content-encoding
gzip
last-modified
Wed, 07 Aug 2024 12:03:54 GMT
server
nginx
etag
W/"66b362aa-2363"
content-type
application/javascript
cache-control
max-age=3600, private
cross-origin-resource-policy
cross-origin
expires
Thu, 08 Aug 2024 08:54:10 GMT
ad-serv.min.js
ad-specs.guoshipartners.com/static/js/ 		45 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad-specs.guoshipartners.com/static/js/ad-serv.min.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/DlvRKj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
168.95.246.1 Los Angeles, United States, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
168-95-246-1.hinet-ip.hinet.net
Software
HiNetCDN/2405 / OneAD
Resource Hash
9e46144e70508e349c9e0c94ab439412da135aecc8c3409b7f8c35503c984c2c

Request headers

Referer
https://reurl.cc/DlvRKj
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 07:54:10 GMT
via
1.1 google
content-encoding
br
age
0
x-powered-by
OneAD
x-cache
HIT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
last-modified
Tue, 09 Jul 2024 05:51:05 GMT
server
HiNetCDN/2405
etag
W/"668ccfc9-b33c"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-varnish
1704881
cache-control
public, max-age=360
access-control-allow-credentials
true
onead-lib.min.js
ad-specs.guoshipartners.com/static/js/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad-specs.guoshipartners.com/static/js/onead-lib.min.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/DlvRKj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
168.95.246.1 Los Angeles, United States, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
168-95-246-1.hinet-ip.hinet.net
Software
HiNetCDN/2405 / OneAD
Resource Hash
71f5d274b99ffcbfbc7251fd4927c243179c8b0b1154e93247f4a73f3d7b6ec7

Request headers

Referer
https://reurl.cc/DlvRKj
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 07:54:10 GMT
via
1.1 google
content-encoding
br
age
0
x-powered-by
OneAD
x-cache
HIT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
last-modified
Tue, 23 Jul 2024 03:14:29 GMT
server
HiNetCDN/2405
etag
W/"669f2015-59a6"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-varnish
590829
cache-control
public, max-age=360
access-control-allow-credentials
true
vue.min.js
cdn.jsdelivr.net/npm/vue@2.5.16/dist/ 		84 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/vue@2.5.16/dist/vue.min.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/DlvRKj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://reurl.cc/DlvRKj
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 08 Aug 2024 07:54:09 GMT
x-content-type-options
nosniff
content-encoding
br
age
551083
x-jsd-version
2.5.16
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
33184
x-served-by
cache-fra-eddf8230020-FRA, cache-mia-kmia1760084-MIA
x-jsd-version-type
version
etag
W/"151b4-KLsckeN7U/TrtIzkgtzLJAAD4Hg"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
renews.js
storage.reurl.cc/javascripts/ 		404 B
529 B 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.reurl.cc/javascripts/renews.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/DlvRKj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.98.30 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
30.98.149.34.bc.googleusercontent.com
Software
/
Resource Hash
22743d9dc93a38d7096ec7c9a02146da7a721ada15192d87e81d78ff53cb2f2a

Request headers

Referer
https://reurl.cc/DlvRKj
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 00:13:27 GMT
via
1.1 google
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 09 Jul 2024 09:45:35 GMT
age
27642
vary
Origin
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*, Authorization, X-Authorization
cache-control
public,max-age=28800
access-control-allow-credentials
true
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
404
x-request-id
24a265b7-6364-4061-a2a9-d01e3257e8bb
loading.js
storage.reurl.cc/javascripts/ 		134 B
253 B 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.reurl.cc/javascripts/loading.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/DlvRKj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.98.30 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
30.98.149.34.bc.googleusercontent.com
Software
/
Resource Hash
ddd9d29beabaeecc9c76408242dfc2b76305ec52511992d3cfbc81a500ee0670

Request headers

Referer
https://reurl.cc/DlvRKj
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 03:27:29 GMT
content-encoding
gzip
via
1.1 google
age
16000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134
x-request-id
75f5e77c-fc28-4dec-9e65-8e436490cfa4
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*, Authorization, X-Authorization
cache-control
public,max-age=28800
access-control-allow-credentials
true
accept-ranges
bytes
fbevents.js
connect.facebook.net/en_US/ 		225 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: storage.reurl.cc
URL: https://storage.reurl.cc/javascripts/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/DlvRKj
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 08 Aug 2024 07:54:10 GMT
document-policy
force-load-at-top
x-fb-server-load
20
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58865
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=56, rtx=0, c=12, mss=1297, tbw=2785, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
XHFVXqa51sdosdOgVwcw306lcPesBMPbBHZXnhBLfCAqNxwbrGsLsBV0BlIJFW3XhwRUyLo6q7hKsKmvT9zlHg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: storage.reurl.cc
URL: https://storage.reurl.cc/javascripts/ga2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c00::65 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://reurl.cc/DlvRKj
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 08 Aug 2024 07:46:10 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
480
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 08 Aug 2024 09:46:10 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408060101/ 		473 KB
148 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408060101/pubads_impl.js?cb=31085955
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.144.157 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qv-in-f157.1e100.net
Software
cafe /
Resource Hash
ccee77f4b5d83cb6e274010848ee8baeefbb7d99199d78b22d798676591d36d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/DlvRKj
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 10:14:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
77955
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
151286
x-xss-protection
0
server
cafe
etag
16318545838041958494
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 07 Aug 2025 10:14:55 GMT
oid
onead.onevision.com.tw/v2/et/ 		371 B
977 B 		Script
General
Check archive.org
Download Go to
Full URL
https://onead.onevision.com.tw/v2/et/oid?cb=window.text_etag_callback_4p0br
Requested by
Host: ad-specs.guoshipartners.com
URL: https://ad-specs.guoshipartners.com/static/js/ad-serv.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.241.176 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
176.241.178.107.bc.googleusercontent.com
Software
gws / OneAD
Resource Hash
0765230487b7ff2de24a672b702f5dda8c280bd8ef0f750193da44023c7464ad

Request headers

Referer
https://reurl.cc/DlvRKj
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 07:54:10 GMT
via
1.1 google
age
0
x-powered-by
OneAD
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-onead-backend
onead-http-event-vm0v-gohttp
content-length
371
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma
no-cache
last-modified
Thu, 08 Aug 2024 07:54:10 GMT
server
gws
etag
65802e0b-555b-11ef-8856-0242ac130002
content-type
application/javascript
access-control-allow-origin
*
x-varnish
6045002
cache-control
max-age=600
access-control-allow-credentials
true
x-onead-version
b435d042
accept-ranges
bytes
expires
Mon, 01 Jan 1990 00:00:00 GMT
page.php
www.facebook.com/plugins/ Frame 3BB1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Requested by
Host: reurl.cc
URL: https://reurl.cc/DlvRKj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/DlvRKj
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
zstd
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none;report-to="coop_report"
cross-origin-resource-policy
cross-origin
date
Thu, 08 Aug 2024 07:54:10 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
pragma
no-cache
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7400673825733430744"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7400673825733430744", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-connection-quality
GOOD; q=0.7, rtt=55, rtx=0, c=10, mss=1297, tbw=2776, tp=-1, tpl=-1, uplat=70, ullat=0
x-fb-debug
Sn1YO2d5iHvYqcv07CpwFzjnrmGfD/od7S0ZxYSvUrZJeOBjtIWIdpT7c2ZAzO2HOZivUhsCzTI24NOsAsgXtA==
x-fb-server-load
31
x-xss-protection
0
feeds
re-news.tw/ 		6 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://re-news.tw/feeds
Requested by
Host: storage.reurl.cc
URL: https://storage.reurl.cc/javascripts/renews.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.26.175 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
175.26.160.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
2d64196cd0752b69ecaae8a608e5d5e97d6123cfe4557d6b2c878161e3d9116a

Request headers

Referer
https://reurl.cc/DlvRKj
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 06:34:10 GMT
via
1.1 google
age
4800
x-powered-by
Express
etag
W/"1966-YZ0vYWMZl2EYs8Mn7uo313cimfg"
vary
Origin
content-type
text/html; charset=utf-8
access-control-allow-origin
https://reurl.cc
cache-control
public,max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6502
collect
www.google-analytics.com/j/ 		3 B
203 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1442370934&t=pageview&_s=1&dl=https%3A%2F%2Freurl.cc%2FDlvRKj&ul=en-us&de=UTF-8&dt=URL%20Shortener%20-%20reurl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=697012651&gjid=1700298034&cid=1205502744.1723103650&tid=UA-102456694-1&_gid=687963343.1723103650&_r=1&_slc=1&z=583782532
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c00::65 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://reurl.cc/DlvRKj
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 08 Aug 2024 07:54:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1442370934&t=event&_s=2&dl=https%3A%2F%2Freurl.cc%2FDlvRKj&ul=en-us&de=UTF-8&dt=URL%20Shortener%20-%20reurl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=pause&ea=3&el=MzguMTMyLjExOC43MA&ev=1&_u=IEBAAEABAAAAACAAI~&jid=&gjid=&cid=1205502744.1723103650&tid=UA-102456694-1&_gid=687963343.1723103650&z=1064075650
Requested by
Host: reurl.cc
URL: https://reurl.cc/DlvRKj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c00::65 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://reurl.cc/DlvRKj
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Aug 2024 05:21:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
9141
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-ZDFZCDVDK1&gtm=45je4851v9181474282za200&_p=1723103650053&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=1205502744.1723103650&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1723103650&sct=1&seg=0&dl=https%3A%2F%2Freurl.cc%2FDlvRKj&dt=URL%20Shortener%20-%20reurl&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1891
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZDFZCDVDK1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c00::65 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://reurl.cc/DlvRKj
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Aug 2024 07:54:10 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		313 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZDFZCDVDK1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c04::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7c82c1debb8f08292174e61cd88a6aed77638b87eafc43f60d8cb391181a2c24
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/DlvRKj
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 07:54:10 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
106432
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 08 Aug 2024 07:54:10 GMT
128002626
fundingchoicesmessages.google.com/i/ 		202 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/128002626?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408060101/pubads_impl.js?cb=31085955
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c07::8b Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1dd7a14984430cb6eb7dcef332a866ef535b1c9809a44c813b221d000083f2a9
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-l3anNIkG6jb1pZhaF8hfoA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/DlvRKj
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 07:54:10 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-l3anNIkG6jb1pZhaF8hfoA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjStDikmII1JBiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiJP-nWctAGJ3rYus_kC8JOIi64HEi6yGCpdY7YF4ev0l1vlAvPfjJdajQCzEw7Ho88WtbAI7Nmy8xqSkkZRfGJ-cn1dSlJlUWpJflJacllqcWlSWWhRvZGBkYmBhYKZnYBRfYAAA1uM93A"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
renews-title1.png
re-news.tw/images/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://re-news.tw/images/renews-title1.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/DlvRKj
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.26.175 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
175.26.160.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
e9b96bc538ceb220fc5caff0d0a67916b74cf07b2bada0b3296a17b1b99c9990

Request headers

Referer
https://reurl.cc/DlvRKj
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 07:02:48 GMT
via
1.1 google
last-modified
Wed, 10 Jul 2024 09:50:30 GMT
age
3082
x-powered-by
Express
etag
W/"5fad-1909c0d3670"
content-type
image/png
cache-control
public,max-age=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24493
%E6%97%85%E9%81%8A%E6%8A%98%E6%89%A3-KLOOK-kkday-%E6%8E%A8%E8%96%A6%E5%84%AA%E6%83%A0%E4%BF%A1%E7%94%A8%E5%8D%A1-1080x630.jpg
creditcards.com.tw/wp-content/uploads/2019/12/ 		0
0
202408070543054.jpg
img.racingcharger.tw/wp-content/uploads/2024/08/ 		129 KB
129 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.racingcharger.tw/wp-content/uploads/2024/08/202408070543054.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/DlvRKj
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.1.220.9 , Taiwan, ASN131149 (YUANJHEN-AS-TW Yuan-Jhen Info., Co., Ltd, TW),
Reverse DNS
103-1-220-9.static.ip.net.tw
Software
Apache /
Resource Hash
79065d384d5ec4460762dae5a9f3270baa13c366d16d9dade0abff93196e519b

Request headers

Referer
https://reurl.cc/DlvRKj
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 07:54:10 GMT
last-modified
Wed, 07 Aug 2024 05:43:11 GMT
server
Apache
accept-ranges
bytes
content-length
131910
content-type
image/jpeg
TOKEN2049_Singapore_Logo.jpg
mma.prnasia.com/media2/2476065/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mma.prnasia.com/media2/2476065/TOKEN2049_Singapore_Logo.jpg?p=medium600
Requested by
Host: reurl.cc
URL: https://reurl.cc/DlvRKj
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6811:eec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
b25c4079e5697ee92be2dd08ca93d0a45c2cfb7c4abea5e88a9281cabce3b61c

Request headers

Referer
https://reurl.cc/DlvRKj
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 07:54:10 GMT
cf-cache-status
HIT
age
65759
x-powered-by
ASP.NET
server-timing
intid;desc=dd9e1eb788d29335
content-length
24149
cf-bgj
h2pri
last-modified
Wed, 07 Aug 2024 13:36:40 GMT
server
cloudflare
vary
*, Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
cf-ray
8afdefd8ba2125b8-MIA
access-control-allow-headers
Content-Type
expires
Wed, 07 Aug 2024 13:36:41 GMT
2024072005495157.jpg
i0.wp.com/golike.tw/wp-content/uploads/2024/07/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/golike.tw/wp-content/uploads/2024/07/2024072005495157.jpg?resize=1024%2C535&ssl=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/DlvRKj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
731627e22c6c2e25154c9fd3dd3f51bc89185d16b8ec16c643d29a98a65657bb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://reurl.cc/DlvRKj
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 07:54:10 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
16912
x-nc
HIT mia 2
last-modified
Fri, 26 Jul 2024 08:43:23 GMT
server
nginx
etag
"4caec1135a504686"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://golike.tw/wp-content/uploads/2024/07/2024072005495157.jpg>; rel="canonical"
expires
Sun, 26 Jul 2026 20:43:23 GMT
file.png
static.wixstatic.com/media/8d2acb_14291b4e7dcf40f1a7a32791a67c437a~mv2.png/v1/fit/w_1000,h_1000,al_c,q_80/ 		1003 KB
1005 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.wixstatic.com/media/8d2acb_14291b4e7dcf40f1a7a32791a67c437a~mv2.png/v1/fit/w_1000,h_1000,al_c,q_80/file.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/DlvRKj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:8600:1e:5c56:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
0971a7a527ce94f3f46f03a77211ef80ee3f91cd9edce9bb4bafbbedfa005ce2

Request headers

Referer
https://reurl.cc/DlvRKj
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 26 Jun 2024 11:03:53 GMT
via
1.1 google, 1.1 a5f21c3d06407705927942b02b1d5048.cloudfront.net (CloudFront)
x-amz-cf-id
Ja950mLCKL-gvKmWU4yx3kEhNB19w1ZXLR_KeNeLCGijuOzYXN3eJw==
server
openresty/1.21.4.1
x-amz-cf-pop
PHL50-C1
age
3703817
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=15552000, immutable
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
1027287
wix-tracer
2iPkvyP0gcSAE1ZZwVGFsVPpl4t
x-seen-by
image-manipulator-7848c6d757-s8nqm
%E6%A8%82%E5%A4%A9%E8%B2%B8-%E4%BF%A1%E7%94%A8%E7%AE%A1%E7%90%86%E6%8C%87%E5%8D%97-1.jpg
blog.alphaloan.co/wp-content/uploads/2021/04/ 		180 KB
181 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.alphaloan.co/wp-content/uploads/2021/04/%E6%A8%82%E5%A4%A9%E8%B2%B8-%E4%BF%A1%E7%94%A8%E7%AE%A1%E7%90%86%E6%8C%87%E5%8D%97-1.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/DlvRKj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.236 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
90102b36c17b8182fcb580b55b917d4807fb037df4dd104a6815ad305e2bea20
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://reurl.cc/DlvRKj
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 07:54:10 GMT
strict-transport-security
max-age=31536000
x-ac
3.mia _atomic_dca HIT
last-modified
Thu, 27 Apr 2023 05:06:22 GMT
server
nginx
etag
"644a02ce-2d1f7"
access-control-allow-methods
GET, HEAD
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
184823
expires
Thu, 13 Jun 2024 20:31:25 GMT
1675200226052423
connect.facebook.net/signals/config/ 		73 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1675200226052423?v=2.9.164&r=stable&domain=reurl.cc&hme=61ff4e692c87a9a2ce7b19822df2b04638e3ca38b23c1be6c0f1945ccadb2ad5&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C167%2C170%2C182%2C178%2C179%2C181%2C29%2C98%2C52%2C75%2C180%2C162%2C165%2C175%2C176%2C183%2C127%2C40%2C34%2C139%2C15%2C49%2C189%2C188%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C163%2C166%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e823debde751c0ae7879aa68f2a6298a405bc7b08ccd6f48afbc7c9899f0b7f4
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/DlvRKj
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 08 Aug 2024 07:54:10 GMT
document-policy
force-load-at-top
x-fb-server-load
25
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
16070
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=58, rtx=0, c=64, mss=1297, tbw=64393, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
qx6U6g5RBm6Z0r42JcPAgZ+ekejJRsZH4x/1ItcUJ8IS2tiKdJ2qxWnBvHcalrinaqcP+SXwwla7fNoBhShHAw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-N394QBRGC0&gtm=45je4851v897965293za200zb9181474282&_p=1723103650053&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=1205502744.1723103650&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1723103650&sct=1&seg=0&dl=https%3A%2F%2Freurl.cc%2FDlvRKj&dt=URL%20Shortener%20-%20reurl&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2039
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::66 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://reurl.cc/DlvRKj
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Aug 2024 07:54:10 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
240 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-N394QBRGC0&cid=1205502744.1723103650&gtm=45je4851v897965293za200zb9181474282&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0&tag_exp=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/DlvRKj
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Aug 2024 07:54:10 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1675200226052423&ev=PageView&dl=https%3A%2F%2Freurl.cc&rl=&if=false&ts=1723103650653&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4124&fbp=fb.1.1723103650649.529936812956485470&cs_est=true&pm=1&hrl=76bb62&ler=empty&cdl=API_unavailable&it=1723103650563&coo=false&cs_cc=1&rqm=GET
Requested by
Host: reurl.cc
URL: https://reurl.cc/DlvRKj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
GOOD; q=0.7, rtt=55, rtx=0, c=10, mss=1297, tbw=2832, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 08 Aug 2024 07:54:10 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1675200226052423&ev=PageView&dl=https%3A%2F%2Freurl.cc&rl=&if=false&ts=1723103650653&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4124&fbp=fb.1.1723103650649.529936812956485470&cs_est=true&pm=1&hrl=76bb62&ler=empty&cdl=API_unavailable&it=1723103650563&coo=false&cs_cc=1&rqm=FGET
Requested by
Host: reurl.cc
URL: https://reurl.cc/DlvRKj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
zstd
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
date
Thu, 08 Aug 2024 07:54:10 GMT
document-policy
force-load-at-top
x-fb-server-load
23
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7400673825195276699", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=55, rtx=0, c=10, mss=1297, tbw=3145, tp=-1, tpl=-1, uplat=44, ullat=0
pragma
no-cache
x-fb-debug
N4QgZugueOjqAanvzrs+2uFw4Pru5oUtKUYXph4gbw8MSPbOCX+EfTdlN77IuAfa2AF3EMIBLvX64YjxOns7Nw==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7400673825195276699"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
adsrv
onead.onevision.com.tw/v2/ 		176 B
472 B 		Script
General
Check archive.org
Download Go to
Full URL
https://onead.onevision.com.tw/v2/adsrv?version=20130731&category=&cookie=true&uid=1000480&ad_id=&ip=&channel=0&volume=0.5&response_freq_multiple=native-drive.0&dedicated_pid=&web_location=https%3A%2F%2Freurl.cc%2FDlvRKj&r=&title=URL%20Shortener%20-%20reurl&guid=65802e18-555b-11ef-8856-0242ac130002&fp=11d55d723c82db3188b22564d7f1ec57&_t=1723103650664&bgid=0&cb=ONEAD_text_response_4p0br&spid=
Requested by
Host: ad-specs.guoshipartners.com
URL: https://ad-specs.guoshipartners.com/static/js/ad-serv.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.241.176 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
176.241.178.107.bc.googleusercontent.com
Software
gws / OneAD
Resource Hash
443509ad2852999c6d62f4a1e34ddcd91d5bfad80ee23cfa039ca942f3027414

Request headers

Referer
https://reurl.cc/DlvRKj
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 07:54:11 GMT
via
1.1 google
age
0
x-powered-by
OneAD
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-onead-hit-counter
1
x-onead-backend
onead-http-query-pc4x-gohttp
content-length
176
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma
no-cache
server
gws
x-onead-guid
65802e18-555b-11ef-8856-0242ac130002
content-type
application/javascript
x-varnish
69607
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
x-onead-force-backend
false
x-onead-version
b435d042
accept-ranges
bytes
expires
Mon, 01 Jan 1990 00:00:00 GMT
yads-async.js
yads.c.yimg.jp/js/ 		186 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yads.c.yimg.jp/js/yads-async.js
Requested by
Host: cpt.geniee.jp
URL: https://cpt.geniee.jp/hb/v1/219632/1441/wrapper.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
183.79.248.252 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),
Reverse DNS
Software
DragonStorage /
Resource Hash
e27689f3e1c898d9148fac7a1ea74ddbe218aba35849ff4e24ba05d3b07f3d86

Request headers

Referer
https://reurl.cc/DlvRKj
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

ats-carp-promotion
1
date
Thu, 08 Aug 2024 07:53:37 GMT
content-encoding
gzip
last-modified
Mon, 05 Aug 2024 06:35:25 GMT
server
DragonStorage
accept-ch
Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
x-amz-request-id
1aa928db-b0ab-44ef-927b-259058e17f62
age
34
etag
"ca36279777fbc7c22694de28ec78c1c0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=600, stale-while-revalidate=1200
permissions-policy
ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
accept-ranges
bytes
content-length
53878
gnshbrequest-v3.17.3.js
cpt.geniee.jp/hb/v1/lib/ 		141 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cpt.geniee.jp/hb/v1/lib/gnshbrequest-v3.17.3.js
Requested by
Host: cpt.geniee.jp
URL: https://cpt.geniee.jp/hb/v1/219632/1441/wrapper.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
133.186.12.52 Yokohama, Japan, ASN10010 (TOKAI TOKAI Communications Corporation, JP),
Reverse DNS
p052.net133186012.broadline.ne.jp
Software
nginx /
Resource Hash
6931528f2e8c2fecf67ced7e34874f015cb86d14861543bb8f4b57be7079445a

Request headers

Referer
https://reurl.cc/DlvRKj
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 07:54:10 GMT
content-encoding
gzip
last-modified
Thu, 08 Aug 2024 07:13:09 GMT
server
nginx
etag
W/"66b47005-2343e"
content-type
application/javascript
cache-control
max-age=86400, private
cross-origin-resource-policy
cross-origin
expires
Fri, 09 Aug 2024 07:54:10 GMT
AGSKWxXAAUPRZ-9CP3F7bLBegbWipqttPkwdxLHEQY4w_T6v-6bLyszkuX5CHib9ohCBCyxs9fYA6UZ7WCf2ZWZcmwGBmsxyEHPC1q44Hi0g67Xtk48L2Xm8xiaTL85BqhmcToGl5Bu_ZA==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXAAUPRZ-9CP3F7bLBegbWipqttPkwdxLHEQY4w_T6v-6bLyszkuX5CHib9ohCBCyxs9fYA6UZ7WCf2ZWZcmwGBmsxyEHPC1q44Hi0g67Xtk48L2Xm8xiaTL85BqhmcToGl5Bu_ZA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzIzMTAzNjUwLDkwNjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9yZXVybC5jYy9EbHZSS2oiLG51bGwsW1s4LCJfQUlfM0ZBLUlEdyJdLFs5LCJlbi1VUyJdLFsyMiwidHJ1ZSJdLFsyMCwiW251bGwsbnVsbCxbMzEwODQxODhdLG51bGwsMTJdIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US._AI_3FA-IDw.es5.O/am=Phg/d=1/rs=AJlcJMzPOKRQGDxwekI4N1e9rxCZI7CpDA/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c07::8b Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2ff57c3aff43b38bfea1659ef8ebb63b7d3782598a485de8a0c73d09ea2bd65a
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-PYN6n1aduapYSjFpgZvJnA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/DlvRKj
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 07:54:10 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-PYN6n1aduapYSjFpgZvJnA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmJw1pBiOHHrNtMFID7vdIfpOhBLfH3JpAbETukzWAOA2Kd-BmsUELfePMc6GYiT_p1nLQBid62LrP5AvCTiIuuBxIushgqXWO2BeHr9Jdb5QLz34yXWo0AsxMOx6PPFrWwCLz5NPsaspJGUXxifnJ9XUpSZVFqSX5SWnJZanFpUlloUb2RgZGJgYWCmZ2AUX2AAANcJQyE"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 602A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408060101/pubads_impl.js?cb=31085955
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.144.156 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qv-in-f156.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/DlvRKj
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
1747
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000, stale-while-revalidate=3600
content-encoding
br
content-length
28915
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 08 Aug 2024 07:25:04 GMT
expires
Thu, 08 Aug 2024 08:15:04 GMT
last-modified
Mon, 05 Aug 2024 19:44:26 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408060101/pubads_impl.js?cb=31085955
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
e388e19ca38c825b329e762c79c66bbd41bd334f18312c5e97fde0a8f64bca36

Request headers

Referer
https://reurl.cc/DlvRKj
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 07:54:11 GMT
via
1.1 google
last-modified
Mon, 05 Feb 2024 22:07:56 GMT
server
Google Frontend
etag
cd19e0900da0cdbc6697310fd9330fb6
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
dd5d66d26f4209449ad215c5ac3cc88a
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1195
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		41 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408060101/pubads_impl.js?cb=31085955
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.166.192.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-166-192-48.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2ab6a80f08f72f0a47856fdbfe7e52033241a90ca535d580fb0804f699cbab79

Request headers

Referer
https://reurl.cc/DlvRKj
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 10:40:58 GMT
content-encoding
gzip
via
1.1 fe74f3ccfbd9d104594063bce27ccdf0.cloudfront.net (CloudFront)
last-modified
Tue, 30 Jul 2024 19:29:30 GMT
server
AmazonS3
x-amz-cf-pop
PHL51-P2
age
76394
x-amz-server-side-encryption
AES256
etag
W/"3abe05c75d17416205a8d140e793bf74"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
fyt7fbjDrA_X_CmQPK3y2uajQnkaSpq27h2QddRhXOmPO694NOoATw==
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408060101/pubads_impl.js?cb=31085955
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

Referer
https://reurl.cc/DlvRKj
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 09:33:33 GMT
content-encoding
gzip
age
1549238
x-guploader-uploadid
ACJd0Nqi6kElivjaKgHfVDDpFCSQGMdOdRvlSGAg5Mr3siMZUIPV6upWXBA-YXtq5tF_lV-qFLQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Mon, 21 Jul 2025 09:33:33 GMT
publishertag.ids.js
static.criteo.net/js/ld/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408060101/pubads_impl.js?cb=31085955
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a00b::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
276dfaa2390543f63fe63b939b9c8d33768b297b93b433330c9648cf97c5c6cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/DlvRKj
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 07:54:11 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 11 Jul 2024 14:14:53 GMT
server
nginx
etag
W/"668fe8dd-a6cc"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 09 Aug 2024 07:54:11 GMT
ob.js
cdn-ima.33across.com/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ob.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408060101/pubads_impl.js?cb=31085955
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.89 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c028be06e7b67ab8124b1e546683f243b82dafb79a4dd026c818c00b4cf86590

Request headers

Referer
https://reurl.cc/DlvRKj
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 07:54:11 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 06 Aug 2024 14:55:17 GMT
server
cloudflare
age
146772
etag
W/"66b23955-43fe"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
8afdefdb18504988-MIA
expires
Sun, 11 Aug 2024 07:54:11 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		369 KB
106 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=481044761484875&correlator=519976000536611&eid=31079957%2C31085908%2C31085772%2C31085955%2C31084180%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202408060101&ptt=17&impl=fifs&gdpr=0&iu_parts=128002626%2CGPT_%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8reurl%2C13848%2C18535%2C13856%2C13860%2C14209%2C14210&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5%2C%2F0%2F1%2F6%2C%2F0%2F1%2F7&prev_iu_szs=300x250%2C1x1%7C320x480%2C300x250%2C300x250%2C1x1%7C320x50%7C300x100%7C320x100%2C300x250&ifi=1&didk=3663017418~954026992~3220679602~2335188262~1073006158~4279657583&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1723103650932&lmt=1723103650&adxs=1005%2C-9%2C245%2C-9%2C-9%2C625&adys=171%2C-9%2C171%2C-9%2C-9%2C171&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C-1%7C0%7C-1%7C-1%7C0&ucis=1%7C2%7C3%7C4%7C5%7C6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Freurl.cc%2FDlvRKj&vis=1&psz=380x250%7C0x-1%7C380x250%7C0x-1%7C0x-1%7C380x250&msz=350x250%7C0x-1%7C350x250%7C0x-1%7C0x-1%7C350x250&fws=0%2C2%2C0%2C2%2C2%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0&topics=9&tps=9&htps=10&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1723103649387&idt=1083&cust_params=url%3D%252FDlvRKj%26ref%3Dnull&adks=1451399479%2C4066066610%2C827794272%2C3475397127%2C3271617715%2C3242553145&frm=20&eoidce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408060101/pubads_impl.js?cb=31085955
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.144.157 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qv-in-f157.1e100.net
Software
cafe /
Resource Hash
b676acf278a2a21e87b61f32d7cb17f0c3c150b5e72c7a0ddcca80621f66b408
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/DlvRKj
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 07:54:11 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
108184
x-xss-protection
0
google-lineitem-id
-1,-1,6424070779,6690069789,6499557592,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-1,138456634296,138468304473,138462658624,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://reurl.cc
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		1 KB
403 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=481044761484875&correlator=519976000536611&eid=31079957%2C31085908%2C31085772%2C31085955%2C31084180%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202408060101&ptt=17&impl=fifs&gdpr=0&iu_parts=21787810958%2CTW_reurl.cc_res_all_truvid_1x1%2CTW_reurl.cc_res_allsite_top_avs&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=300x250%7C336x280%7C1x1%2C1x1&ifi=7&didk=3347717449~2825456951&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1723103650945&lmt=1723103650&adxs=15%2C800&adys=33%2C171&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0&ucis=7%7C8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Freurl.cc%2FDlvRKj&vis=1&psz=1570x0%7C1600x0&msz=1570x0%7C1600x0&fws=0%2C0&ohw=0%2C0&topics=9&tps=9&htps=10&a3p=EhwKDWNyd2RjbnRybC5uZXQY7sjsh5MySABSAghkEhsKDDMzYWNyb3NzLmNvbRjuyOyHkzJIAFICCGQSFwoIcnRiaG91c2UY7cjsh5MySABSAghkEh0KDmVzcC5jcml0ZW8uY29tGO7I7IeTMkgAUgIIZBIUCgVvcGVueBjuyOyHkzJIAFICCGQ.&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1723103649387&idt=1083&cust_params=url%3D%252FDlvRKj%26ref%3Dnull&adks=3936558959%2C940499867&frm=20&eoidce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408060101/pubads_impl.js?cb=31085955
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.144.157 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qv-in-f157.1e100.net
Software
cafe /
Resource Hash
a90168b20862be8b8e0d56dfc1b7a05f120b9bbd7f66c8aed254c7cd81b61d0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/DlvRKj
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 07:54:11 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
372
x-xss-protection
0
google-lineitem-id
-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
f1be708e8d32cfdc224fb3f1c4ef6c85.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8CAE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://f1be708e8d32cfdc224fb3f1c4ef6c85.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408060101/pubads_impl.js?cb=31085955
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c03::84 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/DlvRKj
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 08 Aug 2024 07:54:11 GMT
expires
Thu, 08 Aug 2024 07:54:11 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
AGSKWxWXU0Sd5hayQ_lV58DkjbHpNlbClSL5baMxcwP4zKtHmnrXC0KUceXEjLMIlDJ6tacTwKisg_vZmZ2r93R3T2jSejHhXkzWyIjWdWw-i-rDWyKT5rtCam5qR0SCWmDMiT2ovKX2Jw==
fundingchoicesmessages.google.com/f/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWXU0Sd5hayQ_lV58DkjbHpNlbClSL5baMxcwP4zKtHmnrXC0KUceXEjLMIlDJ6tacTwKisg_vZmZ2r93R3T2jSejHhXkzWyIjWdWw-i-rDWyKT5rtCam5qR0SCWmDMiT2ovKX2Jw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzIzMTAzNjUwLDk5MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vcmV1cmwuY2MvRGx2UktqIixudWxsLFtbOCwiX0FJXzNGQS1JRHciXSxbOSwiZW4tVVMiXSxbMjIsInRydWUiXSxbMjAsIltudWxsLG51bGwsWzMxMDg0MTg4XSxudWxsLDEyXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US._AI_3FA-IDw.es5.O/am=Phg/d=1/rs=AJlcJMzPOKRQGDxwekI4N1e9rxCZI7CpDA/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c07::8b Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f2cc7a1ccf414cfa62412a2485155b8e4e387b6f3e4392d97b27baa2e8188a80
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-g6bcJ88JDCXJR6GQRjSMzg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/DlvRKj
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 07:54:11 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-g6bcJ88JDCXJR6GQRjSMzg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmLw05BiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiJP-nWctAGJ3rYus_kC8JOIi64HEi6yGCpdY7YF4ev0l1vlAvPfjJdajQOzIcZnVE4iFuDkWf764lU2gY_YhUSWNpPzC-OT8vJKizKTSkvyitOS01OLUorLUongjAyMTAwsDMz0Do_gCAwBSkz80"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
map
bcp.crwdcntrl.net/6/ 		156 B
610 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.209.253.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-209-253-154.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2ec8e8bdfb26b7fe36ba4004a2dfbf9c10278d72ead0a3b8821ad7ea7f60bcd2

Request headers

Referer
https://reurl.cc/DlvRKj
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 08 Aug 2024 07:54:11 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://reurl.cc
cache-control
no-cache
x-server
10.40.3.249
access-control-allow-credentials
true
content-length
156
expires
0
policy-check
cpt.geniee.jp/hb/v1/ 		12 B
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cpt.geniee.jp/hb/v1/policy-check?loc=https%3A%2F%2Freurl.cc%2FDlvRKj&list_id=mid-219632&gam_id=gam-424536528%2Cgam-0
Requested by
Host: cpt.geniee.jp
URL: https://cpt.geniee.jp/hb/v1/lib/gnshbrequest-v3.17.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
133.186.12.52 Yokohama, Japan, ASN10010 (TOKAI TOKAI Communications Corporation, JP),
Reverse DNS
p052.net133186012.broadline.ne.jp
Software
nginx /
Resource Hash
3108e15dfc911f1a730106ee1e44c941639e0b7add838d095680425e86d086c3

Request headers

Referer
https://reurl.cc/DlvRKj
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 08 Aug 2024 07:54:11 GMT
cache-control
max-age=10800, private
cross-origin-resource-policy
cross-origin
server
nginx
content-length
12
content-type
application/json
container.html
f1be708e8d32cfdc224fb3f1c4ef6c85.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EFBE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://f1be708e8d32cfdc224fb3f1c4ef6c85.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408060101/pubads_impl.js?cb=31085955
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c03::84 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/DlvRKj
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 08 Aug 2024 07:54:11 GMT
expires
Thu, 08 Aug 2024 07:54:11 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 5660 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvtoR4bWvjKC36dMuxmcfMgLUpgjK-FlQGrBO4z5JQhVixaiooiBNNtSdBj52TFD_RVQX3yPNK-JH-Lv-1dlg2szICC5Gw-eD-T2amtX-JCQYzYEBpRkbcD2SK1Y4fGRemQjO0vvJHeYRgnKSLh529ESOnRJpXzkuQFPcXbX3mHjhJtxtuGsijNzOLGLS4qwzyJ32G_pfUsDhlQvrUVyImje2pi8LmnIyLDAh2kEElvp0cMlxUL4BmOQF_AEacRv3osWiDfdrWNixF2dh9eVKmsFiN5Sgn6mO15Rxg1uNxwJeLT6O7yXlkU3jcS43qytasVH4fTxOSoXMiIKZ6ArTvlQmTZXsGvy76fchmNdGPkkxxNtqSnj1OCFp6OO3x3Wp-6nI7liA&sai=AMfl-YTKvjWEycvnyvtaSdVDkQdzFEduNlCYvGQO0b0SugWSxysVAyXt7XBtG-SYTxiWuYablA_Vtkll3t3jD1o3-khYl51_Kx-aYGicrdmnP6P5WHnq4qknpALDNCDzDDkBbp8KGJaq3gvV9MDogNCB3Q4&sig=Cg0ArKJSzN1VG4M-PjTgEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: reurl.cc
URL: https://reurl.cc/DlvRKj
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.144.157 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qv-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/DlvRKj
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 07:54:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 08 Aug 2024 07:54:11 GMT
cf_reurl_tw_gam.js
api.popin.cc/searchbox/ Frame 5660 		128 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.popin.cc/searchbox/cf_reurl_tw_gam.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/DlvRKj
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
4f847a3c200bef99c96aa5933cb3e644573bc1d326f117812031381830f58b7e

Request headers

Referer
https://reurl.cc/DlvRKj
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Thu, 08 Aug 2024 07:54:12 GMT
x-amz-version-id
kHIiRgSTwDSqkOiYc7XUHfapAfBgeCDV
Content-Encoding
gzip
x-amz-server-side-encryption
AES256
X-Cache-Status
HIT from 10.252.55.25
Transfer-Encoding
chunked
x-amz-replication-status
COMPLETED
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Last-Modified
Thu, 25 Jul 2024 08:05:31 GMT
Server
nginx
ETag
W/"6ad419cc35504ef8d5ba12eda8c21aaa"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=3600
Timing-Allow-Origin
*
Expires
Thu, 08 Aug 2024 08:54:12 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 5660 		203 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408060101/pubads_impl.js?cb=31085955
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.175.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qs-in-f156.1e100.net
Software
cafe /
Resource Hash
3ad9142bdbe3474b92ef9c3b36d3ae8986cd2bf1582b47078ac9c06cebf2d2f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/DlvRKj
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 07:44:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
555
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64474
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 08 Aug 2024 08:44:56 GMT
container.html
f1be708e8d32cfdc224fb3f1c4ef6c85.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4F1B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://f1be708e8d32cfdc224fb3f1c4ef6c85.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408060101/pubads_impl.js?cb=31085955
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c03::84 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/DlvRKj
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 08 Aug 2024 07:54:11 GMT
expires
Thu, 08 Aug 2024 07:54:11 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bnr_ad_
fundingchoicesmessages.google.com/f/AGSKWxUij3wAarr0W946MLmnxRqMpViPSprT7VXL6onqkwyIAYkL20lOT9u97-T2fvzGT1IDkMbQ2ypf0W7vDz3dlyob0RAwEkkY5m4D1SH4rtWLi44ED1Hjv0nV0h8TeKggGpqmSA2ECvaH2wAbNirMsMkUFot9Y... 		54 B
109 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUij3wAarr0W946MLmnxRqMpViPSprT7VXL6onqkwyIAYkL20lOT9u97-T2fvzGT1IDkMbQ2ypf0W7vDz3dlyob0RAwEkkY5m4D1SH4rtWLi44ED1Hjv0nV0h8TeKggGpqmSA2ECvaH2wAbNirMsMkUFot9Ygxt1wzJih3TO6iYlUUZ5JrTeg8xtAtO/_/defersds./hw-ads./ad-utilities./ad-identifier./bnr_ad_
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US._AI_3FA-IDw.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMw722AxF2pldMwnOPD84NaQklHqCA/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.204.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qb-in-f138.1e100.net
Software
ESF /
Resource Hash
23f70fc4df73cce6979302e6c74889021b10de67be5c040492489decb094fc9c
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-UovXblJ4qZ6vZN4bPk9cYA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/DlvRKj
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 07:54:11 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-UovXblJ4qZ6vZN4bPk9cYA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStDikmJw1pBiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiJP-nWctAGJ3rYus_kC8JOIi64HEi6yGCpdY7YF4ev0l1vlAvPfjJdajQCzEw7H488WtbAIb-vreMylpJOUXxifn55UUZSaVluQXpSWnpRanFpWlFsUbGRiZGFgYmOkZGMUXGAAAxZE9mw"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
osd.js
pagead2.googlesyndication.com/pagead/ 		61 B
76 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/osd.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US._AI_3FA-IDw.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMw722AxF2pldMwnOPD84NaQklHqCA/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.175.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qs-in-f156.1e100.net
Software
cafe /
Resource Hash
c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/DlvRKj
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 07:44:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
592
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51
x-xss-protection
0
server
cafe
etag
16023549773543154165
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Thu, 08 Aug 2024 08:44:19 GMT
AGSKWxVD05yWgetzDN7kuBdcEQ2cQ3k9oK0NMmOA4y72BHIGcvHpruYxiCOawTXLcqMzDNwDp4jbzJ3vP_XLRniSRyYSEp8MYX2xnvTUw90wRDZCpzzfqWzCo3wd1FczWGm8BVKNiPnOxg==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVD05yWgetzDN7kuBdcEQ2cQ3k9oK0NMmOA4y72BHIGcvHpruYxiCOawTXLcqMzDNwDp4jbzJ3vP_XLRniSRyYSEp8MYX2xnvTUw90wRDZCpzzfqWzCo3wd1FczWGm8BVKNiPnOxg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US._AI_3FA-IDw.es5.O/am=Phg/d=1/rs=AJlcJMzPOKRQGDxwekI4N1e9rxCZI7CpDA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.204.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qb-in-f138.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-J6hgstLHmKWmKvr-b7cYww' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/DlvRKj
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 08 Aug 2024 07:54:11 GMT
content-security-policy
script-src 'report-sample' 'nonce-J6hgstLHmKWmKvr-b7cYww' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtDikmJw05BicEqfwRoExO5aF1n9gXhJxEXWQ4kXWafXX2KdD8R7P15iPQrEQjwciz9f3Mom8ONz-2xmJZek_ML45Py8ktS8Et3ElGJdELsoM6m0JL8IhZ1aBlKRk5-enpmXHm9kYGRiYGFgpmdgFl9gAABO4jKM"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVD05yWgetzDN7kuBdcEQ2cQ3k9oK0NMmOA4y72BHIGcvHpruYxiCOawTXLcqMzDNwDp4jbzJ3vP_XLRniSRyYSEp8MYX2xnvTUw90wRDZCpzzfqWzCo3wd1FczWGm8BVKNiPnOxg==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVD05yWgetzDN7kuBdcEQ2cQ3k9oK0NMmOA4y72BHIGcvHpruYxiCOawTXLcqMzDNwDp4jbzJ3vP_XLRniSRyYSEp8MYX2xnvTUw90wRDZCpzzfqWzCo3wd1FczWGm8BVKNiPnOxg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US._AI_3FA-IDw.es5.O/am=Phg/d=1/rs=AJlcJMzPOKRQGDxwekI4N1e9rxCZI7CpDA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.204.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qb-in-f138.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-wpZ4_BBkj7DHDsnSTAgT1g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/DlvRKj
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 08 Aug 2024 07:54:11 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-wpZ4_BBkj7DHDsnSTAgT1g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtDikmLw15BicEqfwRoExO5aF1n9gXhJxEXWQ4kXWafXX2KdD8R7P15iPQrEQjwciz9f3MomsOHh1NnMSi5J-YXxyfl5Jal5JbqJKcW6IHZRZlJpSX4RCju1DKQiJz89PTMvPd7IwMjEwMLATM_ALL7AAAA9FDJJ"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5660 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.175.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qs-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/DlvRKj
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Aug 2024 07:54:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 5660 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
352cd8ea585a95b5b9a31a6ee6f0297f1323d658cadbe7437402149bae56f8a8

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
AGSKWxVD05yWgetzDN7kuBdcEQ2cQ3k9oK0NMmOA4y72BHIGcvHpruYxiCOawTXLcqMzDNwDp4jbzJ3vP_XLRniSRyYSEp8MYX2xnvTUw90wRDZCpzzfqWzCo3wd1FczWGm8BVKNiPnOxg==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVD05yWgetzDN7kuBdcEQ2cQ3k9oK0NMmOA4y72BHIGcvHpruYxiCOawTXLcqMzDNwDp4jbzJ3vP_XLRniSRyYSEp8MYX2xnvTUw90wRDZCpzzfqWzCo3wd1FczWGm8BVKNiPnOxg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US._AI_3FA-IDw.es5.O/am=Phg/d=1/rs=AJlcJMzPOKRQGDxwekI4N1e9rxCZI7CpDA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.204.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qb-in-f138.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-A_TWSDiV5PZBU8NkroV3ng' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/DlvRKj
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 08 Aug 2024 07:54:11 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-A_TWSDiV5PZBU8NkroV3ng' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtDikmJw0JBicEqfwRoExO5aF1n9gXhJxEXWQ4kXWafXX2KdD8R7P15iPQrEQjwciz9f3MomcGHV28XMSi5J-YXxyfl5Jal5JbqJKcW6IHZRZlJpSX4RCju1DKQiJz89PTMvPd7IwMjEwMLATM_ALL7AAABKZjKD"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVD05yWgetzDN7kuBdcEQ2cQ3k9oK0NMmOA4y72BHIGcvHpruYxiCOawTXLcqMzDNwDp4jbzJ3vP_XLRniSRyYSEp8MYX2xnvTUw90wRDZCpzzfqWzCo3wd1FczWGm8BVKNiPnOxg==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVD05yWgetzDN7kuBdcEQ2cQ3k9oK0NMmOA4y72BHIGcvHpruYxiCOawTXLcqMzDNwDp4jbzJ3vP_XLRniSRyYSEp8MYX2xnvTUw90wRDZCpzzfqWzCo3wd1FczWGm8BVKNiPnOxg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US._AI_3FA-IDw.es5.O/am=Phg/d=1/rs=AJlcJMzPOKRQGDxwekI4N1e9rxCZI7CpDA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.204.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qb-in-f138.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-GexYtNnU4TyBUjoRHbDDxw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/DlvRKj
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 08 Aug 2024 07:54:11 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-GexYtNnU4TyBUjoRHbDDxw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtDikmII1pBicEqfwRoExO5aF1n9gXhJxEXWQ4kXWafXX2KdD8R7P15iPQrEQjwciz9f3MomsOFQyyZmJZek_ML45Py8ktS8Et3ElGJdELsoM6m0JL8IhZ1aBlKRk5-enpmXHm9kYGRiYGFgpmdgFl9gAAA3vTI0"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXhmRYZXVbDRPM1yzQufDbjelH2oCGzqNxhIZyX_L28u1QzsFfxXGHNXnWz1CLfohQVB-O2axCSUuKpbAlRb_VM_UarIqFiKcfNGBHeEQ8BBEXuOutIY3O703ylHLnOw1KcmgtdSg==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXhmRYZXVbDRPM1yzQufDbjelH2oCGzqNxhIZyX_L28u1QzsFfxXGHNXnWz1CLfohQVB-O2axCSUuKpbAlRb_VM_UarIqFiKcfNGBHeEQ8BBEXuOutIY3O703ylHLnOw1KcmgtdSg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzIzMTAzNjUxLDg0NTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9yZXVybC5jYy9EbHZSS2oiLG51bGwsW1s4LCJfQUlfM0ZBLUlEdyJdLFs5LCJlbi1VUyJdLFsyMiwidHJ1ZSJdLFsyMCwiW251bGwsbnVsbCxbMzEwODQxODhdLG51bGwsMTJdIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US._AI_3FA-IDw.es5.O/am=Phg/d=1/rs=AJlcJMzPOKRQGDxwekI4N1e9rxCZI7CpDA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.204.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qb-in-f138.1e100.net
Software
ESF /
Resource Hash
d08ed2366d744a4b07844cf6e167274145def5c5fe8c3d6d4de8ba52df9aa275
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-dZwgw5RCGD95NoeT3t5npA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/DlvRKj
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 07:54:11 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-dZwgw5RCGD95NoeT3t5npA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmJw0ZBiOHHrNtMFID7vdIfpOhBLfH3JpAbETukzWAOA2Kd-BmsUELfePMc6GYiT_p1nLQBid62LrP5AvCTiIuuBxIushgqXWO2BeHr9Jdb5QLz34yXWo0AsxMOx-PPFrWwCNx4fW8espJGUXxifnJ9XUpSZVFqSX5SWnJZanFpUlloUb2RgZGJgYWCmZ2AUX2AAANcPQx8"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUHRctJ4kssk3SCuHX2in1aQzQ1u60PQeF6I-c-syHX4_5fhHMrq_vloL0RLbLanc4oQyXCo24liIK7_CgkK-OQ3hhUlNWdkaJCDKmblXq7TcdXwiHXWJEQiLDj5B_7MEKj7nm-gw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUHRctJ4kssk3SCuHX2in1aQzQ1u60PQeF6I-c-syHX4_5fhHMrq_vloL0RLbLanc4oQyXCo24liIK7_CgkK-OQ3hhUlNWdkaJCDKmblXq7TcdXwiHXWJEQiLDj5B_7MEKj7nm-gw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US._AI_3FA-IDw.es5.O/am=Phg/d=1/rs=AJlcJMzPOKRQGDxwekI4N1e9rxCZI7CpDA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.204.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qb-in-f138.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-uIuRPaQzFoDslH_Om0sspQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/DlvRKj
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 08 Aug 2024 07:54:11 GMT
content-security-policy
script-src 'report-sample' 'nonce-uIuRPaQzFoDslH_Om0sspQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtDikmII0JBicEqfwRoExO5aF1n9gXhJxEXWQ4kXWafXX2KdD8R7P15iPQrEQjwciz9f3Mom8GNy00VmJZek_ML45Py8ktS8Et3ElGJdELsoM6m0JL8IhZ1aBlKRk5-enpmXHm9kYGRiYGFgpmdgFl9gAABF5TJn"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
td_js_sdk_171.js
api.popin.cc/ Frame 5660 		68 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.popin.cc/td_js_sdk_171.js
Requested by
Host: api.popin.cc
URL: https://api.popin.cc/searchbox/cf_reurl_tw_gam.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
3402df1af7b8665c51ac7e2d4fed5dc6cac147d61966672d9cf32a34acafedfe

Request headers

Referer
https://reurl.cc/DlvRKj
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Thu, 08 Aug 2024 07:54:12 GMT
Content-Encoding
gzip
Last-Modified
Tue, 28 May 2024 09:22:02 GMT
Server
nginx
ETag
W/"d7d7ebc58d77dc27a2c068acdf41021d"
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache-Status
HIT from 10.252.55.25
Cache-Control
max-age=3600
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Timing-Allow-Origin
*
Expires
Thu, 08 Aug 2024 08:54:12 GMT
recommend
tw.popin.cc/popin_discovery/ Frame 5660 		689 B
893 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tw.popin.cc/popin_discovery/recommend?mode=new&url=https%3A%2F%2Freurl.cc%2FDlvRKj&&device=pc&media=reurl.cc&extra=other&agency=popinag&topn=50&ad=10&r_category=all&country=tw&redirect=true&uid=22d3004389b9a249fd61723139652838&info=eyJ1c2VyX3RkX29zIjoib3RoZXIiLCJ1c2VyX3RkX29zX3ZlcnNpb24iOiIwLjAuMCIsInVzZXJfdGRfYnJvd3NlciI6IkNocm9tZSIsInVzZXJfdGRfYnJvd3Nlcl92ZXJzaW9uIjoiMTI3LjAuMCIsInVzZXJfdGRfc2NyZWVuIjoiMTYwMHgxMjAwIiwidXNlcl90ZF92aWV3cG9ydCI6IjMwMHgyNTAiLCJ1c2VyX3RkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoWDExOyBMaW51eCB4ODZfNjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjcuMC4wLjAgU2FmYXJpLzUzNy4zNiIsInVzZXJfdGRfcmVmZXJyZXIiOiJodHRwczovL3JldXJsLmNjL0RsdlJLaiIsInVzZXJfdGRfcGF0aCI6Ii9EbHZSS2oiLCJ1c2VyX3RkX2NoYXJzZXQiOiJ1dGYtOCIsInVzZXJfdGRfbGFuZ3VhZ2UiOiJlbi11cyIsInVzZXJfdGRfY29sb3IiOiIyNC1iaXQiLCJ1c2VyX3RkX3RpdGxlIjoiIiwidXNlcl90ZF91cmwiOiJodHRwczovL3JldXJsLmNjL0RsdlJLaiIsInVzZXJfdGRfcGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ1c2VyX3RkX2hvc3QiOiJyZXVybC5jYyIsInVzZXJfZGV2aWNlIjoicGMiLCJ1c2VyX3RpbWUiOjE3MjMxMDM2NTI4MzksImZydWl0X2JveF9wb3NpdGlvbiI6IiIsImZydWl0X3N0eWxlIjoiIn0=&alg=ltr&uis=%7B%7D&callback=_p6_9cb7221d2750
Requested by
Host: api.popin.cc
URL: https://api.popin.cc/searchbox/cf_reurl_tw_gam.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.189 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx/1.13.5 /
Resource Hash
24ec53d82a8b89e784dba9f0f3ac18686a49e4a0dd5e80e9a405720ae22afaf0

Request headers

Referer
https://reurl.cc/DlvRKj
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 07:54:13 GMT
cross-origin-resource-policy
cross-origin
server
nginx/1.13.5
content-length
689
content-type
application/javascript;charset=UTF-8
track.js
ad.tagtoo.co/media/ad/ Frame 5660 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.tagtoo.co/media/ad/track.js
Requested by
Host: api.popin.cc
URL: https://api.popin.cc/searchbox/cf_reurl_tw_gam.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.12.34 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
34.12.111.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
88beb5bf3e366289b64941441bd3f1ee2b8e710348b75fbacbe040e2a884380f

Request headers

Referer
https://reurl.cc/DlvRKj
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 07:14:56 GMT
content-encoding
gzip
via
1.1 google
age
2356
x-guploader-uploadid
AHxI1nNXNcKg6Y2q3U1TJA8PHmEk0rjpDXgVhXg64Twjwgf_tawK_XPc8aCr6EVAJhDbzw24mCc
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1932
last-modified
Mon, 05 Aug 2024 07:20:30 GMT
server
UploadServer
etag
"26d5ae6192938ae3e8a194b9c2c5e4e6"
vary
Accept-Encoding
x-goog-generation
1722842429989231
x-goog-hash
crc32c=7fSpDw==, md5=JtWuYZKTiuPooZS5wsXk5g==
access-control-allow-origin
*
access-control-expose-headers
Content-Type,Access-Control-Allow-Origin
cache-control
public, max-age=3600
x-goog-stored-content-length
1932
accept-ranges
bytes
content-type
text/javascript; charset=utf-8
expires
Thu, 08 Aug 2024 08:14:56 GMT
tuec.js
uec.tagtoo.co/ Frame 5660 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uec.tagtoo.co/tuec.js
Requested by
Host: api.popin.cc
URL: https://api.popin.cc/searchbox/cf_reurl_tw_gam.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.150.21 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
21.150.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
698fe0a6500f771d98d1ca713a5445d523fac649207572b69123699702854c0b

Request headers

Referer
https://reurl.cc/DlvRKj
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 07:04:50 GMT
content-encoding
gzip
age
2962
x-guploader-uploadid
AHxI1nOmEu4zp7CLaEV6aqZK8kX5hbgU8ObG3sn9PNAEXpOUQOj77xnN79YzmXW0L7RtRI3JBZ2VhDviVg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3770
last-modified
Tue, 12 Dec 2023 09:08:46 GMT
server
UploadServer
etag
"2fa133db50cd81d87b8ffb8729a6ab35"
vary
Accept-Encoding
x-goog-generation
1702372126688115
x-goog-hash
crc32c=IxwxIw==, md5=L6Ez21DNgdh7j/uHKaarNQ==
content-type
application/javascript
cache-control
public,max-age=3600
x-goog-stored-content-length
3770
accept-ranges
bytes
utag.js
t.ssp.hinet.net/ Frame 5660 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: api.popin.cc
URL: https://api.popin.cc/searchbox/cf_reurl_tw_gam.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
73ae392d3e6fd2a480cd5e6eb0077f17af084abfda5e3bb5487f76c0277be87c
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://reurl.cc/DlvRKj
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 07:54:13 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Tue, 05 Mar 2024 06:51:38 GMT
server
nginx
etag
W/"65e6c0fa-15e4"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Thu, 08 Aug 2024 08:04:13 GMT
popin_discovery5-min.js
api.popin.cc/ Frame 5660 		235 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.popin.cc/popin_discovery5-min.js
Requested by
Host: api.popin.cc
URL: https://api.popin.cc/searchbox/cf_reurl_tw_gam.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
490591c52cd60da5e7055c5b77b7ec0b0e96c6035b62f9f2774992c6e2286969

Request headers

Referer
https://reurl.cc/DlvRKj
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Thu, 08 Aug 2024 07:54:13 GMT
Content-Encoding
gzip
Last-Modified
Tue, 28 May 2024 09:28:37 GMT
Server
nginx
ETag
W/"0592717d783f969588268cdc2474be05"
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache-Status
HIT from 10.252.55.25
Cache-Control
max-age=3600
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Timing-Allow-Origin
*
Expires
Thu, 08 Aug 2024 08:54:13 GMT
discoverylogs
log.popin.cc/log/popin_media/ Frame 5660 		66 B
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjoxNCwidWEiOiJNb3ppbGxhLzUuMCAoWDExOyBMaW51eCB4ODZfNjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjcuMC4wLjAgU2FmYXJpLzUzNy4zNiIsImFwaV9ob3N0IjoidHcucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoicmV1cmwuY2MiLCJ1cmwiOiJodHRwczovL3JldXJsLmNjL0RsdlJLaiIsImxvYyI6Imh0dHBzOi8vcmV1cmwuY2MvRGx2UktqIiwidGRfb3MiOiJvdGhlciIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoWDExOyBMaW51eCB4ODZfNjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjcuMC4wLjAgU2FmYXJpLzUzNy4zNiIsInRkX29zX3ZlcnNpb24iOiIwLjAuMCIsInRkX2Jyb3dzZXIiOiJDaHJvbWUiLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiIxMjcuMC4wIn0=&t=1723103652840
Requested by
Host: reurl.cc
URL: https://reurl.cc/DlvRKj
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx/1.13.5 /
Resource Hash
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

Referer
https://reurl.cc/DlvRKj
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 07:54:13 GMT
last-modified
Mon, 07 Jan 2019 09:48:08 GMT
server
nginx/1.13.5
etag
"5c332058-42"
content-type
image/jpeg
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
66
discoverylogs
log.popin.cc/log/popin_media/ Frame 5660 		66 B
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjoxNSwicGFyYW0xIjowLCJhcGlfaG9zdCI6InR3LnBvcGluLmNjIiwiZGV2aWNlIjoicGMiLCJtZWRpYSI6InJldXJsLmNjIiwidXJsIjoiaHR0cHM6Ly9yZXVybC5jYy9EbHZSS2oiLCJ1aWQiOiIyMmQzMDA0Mzg5YjlhMjQ5ZmQ2MTcyMzEzOTY1MjgzOCIsInRkX3RpdGxlIjoiIiwiZXh0cmEiOiIiLCJpbnRlcmFjdGlvbl9udW1iZXIiOjAsInBvcGluX3ZlcnNpb24iOjYsInRkX29zIjoib3RoZXIiLCJ0ZF9vc192ZXJzaW9uIjoiMC4wLjAiLCJ0ZF9icm93c2VyIjoiQ2hyb21lIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoiMTI3LjAuMCIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoWDExOyBMaW51eCB4ODZfNjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjcuMC4wLjAgU2FmYXJpLzUzNy4zNiJ9&t=1723103652843
Requested by
Host: reurl.cc
URL: https://reurl.cc/DlvRKj
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx/1.13.5 /
Resource Hash
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

Referer
https://reurl.cc/DlvRKj
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 07:54:13 GMT
last-modified
Mon, 07 Jan 2019 09:48:08 GMT
server
nginx/1.13.5
etag
"5c332058-42"
content-type
image/jpeg
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
66
3134.js
ecs.tagtoo.co/js/ Frame 5660 		220 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecs.tagtoo.co/js/3134.js
Requested by
Host: ad.tagtoo.co
URL: https://ad.tagtoo.co/media/ad/track.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.218.41 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.218.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
ceeac7ff25c02a525e7336f0bfa66e87c30fb53a2b722bfcc99f2a006ddd8d9c

Request headers

Referer
https://reurl.cc/DlvRKj
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 07:00:27 GMT
content-encoding
gzip
age
3226
x-guploader-uploadid
AHxI1nNvF_JraraQSsCBsReP7RT9yuS49eQ09eq7vehw3RxV3-ajFhhty5rxS714xqdhaiWjbhV0fQqD0w
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60491
last-modified
Mon, 05 Aug 2024 06:52:08 GMT
server
UploadServer
etag
"35d07d26e5f8822faecbb5afc8909f48"
vary
Accept-Encoding
x-goog-generation
1722840728310700
x-goog-hash
crc32c=clkHug==, md5=NdB9JuX4gi+uy7WvyJCfSA==
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Access-Control-Allow-Origin
cache-control
public, max-age=5400
x-goog-stored-content-length
60491
accept-ranges
bytes
content-type
text/javascript; charset=utf-8
expires
Thu, 08 Aug 2024 08:30:27 GMT
unitrack.js
ecs.tagtoo.co/js/ Frame 5660 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecs.tagtoo.co/js/unitrack.js
Requested by
Host: ecs.tagtoo.co
URL: https://ecs.tagtoo.co/js/3134.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.218.41 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.218.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
2eab2b7adfd71b5cf3fe3747f993d26520691d544bb7fc4338dc049b4f0d1c2c

Request headers

Referer
https://reurl.cc/DlvRKj
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 07:36:35 GMT
content-encoding
gzip
age
1058
x-guploader-uploadid
AHxI1nONlPA6eWTceEDcD8QcssChMYs6Pl5z00rGHRHZH8ZvwaZtNJtdNrRK35WuKyq1kuvG-vE
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8725
last-modified
Wed, 17 May 2023 07:38:52 GMT
server
UploadServer
etag
"ccd513edbe3eb66c17d73c94d6462526"
vary
Accept-Encoding
x-goog-generation
1684309132134575
x-goog-hash
crc32c=Uh9iNA==, md5=zNUT7b4+tmwX1zyU1kYlJg==
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Access-Control-Allow-Origin
cache-control
public,max-age=5400
x-goog-stored-content-length
8725
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
expires
Thu, 08 Aug 2024 09:06:35 GMT
discoverylogs
log.popin.cc/log/popin_media/ Frame 5660 		66 B
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjoxNSwicGFyYW0xIjoyLCJhcGlfaG9zdCI6InR3LnBvcGluLmNjIiwiZGV2aWNlIjoicGMiLCJtZWRpYSI6InJldXJsLmNjIiwidXJsIjoiaHR0cHM6Ly9yZXVybC5jYy9EbHZSS2oiLCJ1aWQiOiIyMmQzMDA0Mzg5YjlhMjQ5ZmQ2MTcyMzEzOTY1MjgzOCIsInRkX3ZlcnNpb24iOiIxLjcuMSIsInRkX2NsaWVudF9pZCI6IjNhNzlkMGU2LTJhZjMtNDU1NS1hNWU2LTM5YWExYTEwYzY2NCIsInRkX2NoYXJzZXQiOiJ1dGYtOCIsInRkX2xhbmd1YWdlIjoiZW4tdXMiLCJ0ZF9jb2xvciI6IjI0LWJpdCIsInRkX3NjcmVlbiI6IjE2MDB4MTIwMCIsInRkX3ZpZXdwb3J0IjoiMzAweDI1MCIsInRkX3RpdGxlIjoiIiwidGRfdXJsIjoiaHR0cHM6Ly9yZXVybC5jYy9EbHZSS2oiLCJ0ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTI3LjAuMC4wIFNhZmFyaS81MzcuMzYiLCJ0ZF9wbGF0Zm9ybSI6IkxpbnV4IHg4Nl82NCIsInRkX2hvc3QiOiJyZXVybC5jYyIsInRkX3BhdGgiOiIvRGx2UktqIiwidGRfcmVmZXJyZXIiOiJodHRwczovL3JldXJsLmNjL0RsdlJLaiIsInRkX2Jyb3dzZXIiOiJDaHJvbWUiLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiIxMjcuMC4wIiwidGRfb3MiOiJvdGhlciIsInRkX29zX3ZlcnNpb24iOiIwLjAuMCIsImNsaWVudF9pZCI6IjNhNzlkMGU2LTJhZjMtNDU1NS1hNWU2LTM5YWExYTEwYzY2NCIsImV4dHJhIjoiIiwiaW50ZXJhY3Rpb25fbnVtYmVyIjowLCJwb3Bpbl92ZXJzaW9uIjo2fQ==&t=1723103653625
Requested by
Host: reurl.cc
URL: https://reurl.cc/DlvRKj
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx/1.13.5 /
Resource Hash
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

Referer
https://reurl.cc/DlvRKj
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 07:54:13 GMT
last-modified
Mon, 07 Jan 2019 09:48:08 GMT
server
nginx/1.13.5
etag
"5c332058-42"
content-type
image/jpeg
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
66
log.gif
r.popin.cc/ Frame 5660 		35 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.popin.cc/log.gif?type=related-tw&uid=22d3004389b9a249fd61723139652838&url=https%3A%2F%2Freurl.cc%2FDlvRKj&t=1723103653629
Requested by
Host: reurl.cc
URL: https://reurl.cc/DlvRKj
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://reurl.cc/DlvRKj
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 07:54:14 GMT
last-modified
Thu, 29 Aug 2019 01:59:39 GMT
server
nginx
etag
"5d67318b-23"
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
35
/
t.ssp.hinet.net/ Frame 5660 		37 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
33bb4a32b24f69fabec9d73f40277dd6db392f5fb9dac46cf42d390d918dbfe6
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://reurl.cc/DlvRKj
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 07:54:13 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
emome2
t.ssp.hinet.net/ Frame 5660 		30 B
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=81228898-ba12-4600-9c7c-99f8494a1cd4
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://reurl.cc/DlvRKj
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 07:54:14 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
fp.min.js
ecs.tagtoo.co/js/ Frame 5660 		31 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecs.tagtoo.co/js/fp.min.js
Requested by
Host: ecs.tagtoo.co
URL: https://ecs.tagtoo.co/js/unitrack.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.218.41 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.218.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
561df1b2a900c7564a7c7ce397c38d145d1fd19e9dace210902125bd5b5a8df4

Request headers

Referer
https://reurl.cc/DlvRKj
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 07:52:00 GMT
content-encoding
gzip
age
134
x-guploader-uploadid
AHxI1nOtVGQbAtCx9XfWm8vAnAvTsYzU3pPq4YVDxnubqK4miUVarc_pp5pylArSCXvPgosdcLzx6qPyyw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12950
last-modified
Thu, 16 Sep 2021 09:25:47 GMT
server
UploadServer
etag
"5d9159073c44e4858b07d4445a1adceb"
vary
Accept-Encoding
x-goog-generation
1631784347603860
x-goog-hash
crc32c=paC+Ww==, md5=XZFZBzxE5IWLB9REWhrc6w==
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Access-Control-Allow-Origin
cache-control
public, max-age=300
x-goog-stored-content-length
12950
accept-ranges
bytes
content-type
text/javascript; charset=utf-8
expires
Thu, 08 Aug 2024 07:57:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 5660 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsurv5rsqNePeRmiYjYKe-PJiaITDAwtnWxuXmqrLm2UNu7YkrXbI5GPCHH2uU_wLZr_g0QJSgpqO-7UkjuBWwdEGC0Z9wvRrHs8HFPnkA4O99w0v18YgI9kdg6Ljj-P1cwO1V6V4p9UqrA1UMSjSReLlLuS3Q-JYkAWRy6ZPDO8O-BCMab6JTTVjte6kUfZ0Tv7BHmQSf_8ELpubK3picPV-N2Nv7MOS0_xoH4Ap_s5KgqpsWsUx--IIffqPkYo1rxHau4TckwbHaY0TPHM0GV1kLAsfYvD3l3PWMWJQZqPwOYYBjsNnm51Hh2ckLx6RKjasAHhMThjCwWIro7QROFCQ2OG0iqevjw69dKGCC3diXQDBge9e22jAQ1IzdvJIRvuUu_AIybN&sai=AMfl-YTjj6oFcb0xVvIBOTxuFwrjjvF2inRuBVUoEt_1msRy801V0Nbcu47rmXvt45qVFzo5jD8HohZxVy9Dik4GE2PNXFC4BUOWOdRVN8RSqLroynEYOGD2C34taA21Y7hdpxQto0pmvoeHwJFnFCfTTgk&sig=Cg0ArKJSzG1idlLSU5rGEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.144.157 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qv-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/DlvRKj
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 07:54:14 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 08 Aug 2024 07:54:14 GMT
permanent
event.tagtoo.co/ Frame 5660 		48 B
113 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.tagtoo.co/permanent?fp=0b226c2368e2bd1d88d07b78d898b017
Requested by
Host: ecs.tagtoo.co
URL: https://ecs.tagtoo.co/js/unitrack.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.83.10 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
10.83.96.34.bc.googleusercontent.com
Software
uvicorn /
Resource Hash
929e09dd06ec347f9d742d18e1d61b8a0e9d0cb45a048b15d4d4d49fdc96d706

Request headers

Referer
https://reurl.cc/DlvRKj
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
X-TOKEN
a5808d50cbd8897ace6b6b62abf51d37c19e599aea49012c32a74de228b9

Response headers

access-control-allow-origin
*
date
Thu, 08 Aug 2024 07:54:08 GMT
via
1.1 google
server
uvicorn
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48
content-type
application/json
permanent
event.tagtoo.co/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.tagtoo.co/permanent?fp=0b226c2368e2bd1d88d07b78d898b017
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.83.10 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
10.83.96.34.bc.googleusercontent.com
Software
uvicorn /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-token
Access-Control-Request-Method
GET
Origin
https://reurl.cc
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Accept, Accept-Language, Content-Language, Content-Type, X-TOKEN
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
content-type
text/plain; charset=utf-8
date
Thu, 08 Aug 2024 07:54:10 GMT
server
uvicorn
via
1.1 google
v1
event.tagtoo.co/event/ Frame 5660 		2 B
16 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://event.tagtoo.co/event/v1
Requested by
Host: ecs.tagtoo.co
URL: https://ecs.tagtoo.co/js/unitrack.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.83.10 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
10.83.96.34.bc.googleusercontent.com
Software
uvicorn /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://reurl.cc/DlvRKj
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 08 Aug 2024 07:54:09 GMT
via
1.1 google
server
uvicorn
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
content-type
application/json
/
ttd-cm.tagtoo.com.tw/prn/uidm/ Frame 5660 		21 B
161 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ttd-cm.tagtoo.com.tw/prn/uidm/?tuid=c8fea535d6db8ee9037f27ca466168ca&pid=1008&puid=22d3004389b9a249fd61723139652838&
Requested by
Host: uec.tagtoo.co
URL: https://uec.tagtoo.co/tuec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.218.201 -, , ASN (),
Reverse DNS
Software
gunicorn/19.9.0 /
Resource Hash
de8a41e157ef0da2ade162ac2dc3a95e99ae93f24be2e671deef7a0df9677c12

Request headers

Referer
https://reurl.cc/DlvRKj
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 07:54:15 GMT
via
1.1 google
server
gunicorn/19.9.0
vary
Origin
content-type
application/json
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21
activeview
pagead2.googlesyndication.com/pcs/ Frame 5660 		42 B
65 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuKxOadEG2VAzYXUVGtlhujYyt6IaFjW-rr_kKao6MBF9oqh32E-vu5nFqLtfJxvTIaEqQQVb8evXzYT6SHeAvDbusEI2GJxUmo1uP4IbmK-nQJupFAFVsrdGr_FI-qbzKm0LWWZIOisckJBfItC5lFIh1TpLB-yjc&sig=Cg0ArKJSzP3OzulR1q_nEAE&id=lidar2&mcvt=1000&p=172,270,422,570&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240805&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=827794272&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=1903645100&rst=1723103651554&rpt=2767&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.175.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qs-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/DlvRKj
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Aug 2024 07:54:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-ZDFZCDVDK1&gtm=45je4851v9181474282za200&_p=1723103650053&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=1205502744.1723103650&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1723103650&sct=1&seg=0&dl=https%3A%2F%2Freurl.cc%2FDlvRKj&dt=URL%20Shortener%20-%20reurl&en=scroll&epn.percent_scrolled=90&_et=10&tfd=6906
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZDFZCDVDK1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.192.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qn-in-f113.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://reurl.cc/DlvRKj
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Aug 2024 07:54:15 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
creditcards.com.tw
URL
https://creditcards.com.tw/wp-content/uploads/2019/12/%E6%97%85%E9%81%8A%E6%8A%98%E6%89%A3-KLOOK-kkday-%E6%8E%A8%E8%96%A6%E5%84%AA%E6%83%A0%E4%BF%A1%E7%94%A8%E5%8D%A1-1080x630.jpg

Verdicts & Comments Add Verdict or Comment

209 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| sas object| googletag object| adloox_pubint object| anymindTS function| startAnymindTS function| gtag object| dataLayer object| gnshbrequest function| custom_call_ND object| ONEAD_TEXT object| ONEAD_text_pubs function| fbq function| _fbq string| labelToken string| category string| GoogleAnalyticsObject function| ga object| ggeac object| google_tag_data object| google_js_reporting_queue function| ONEAD_text_response object| ONEAD_TEXT_INFO function| ONEAD_text_response_4p0br function| text_etag_callback_4p0br function| custom_call_MIR object| _ONEAD object| ONEAD_pubs function| Vue object| renews function| getRenewsFeeds object| app object| gaplugins object| gaGlobal object| gaData object| google_tag_manager function| onYouTubeIframeAPIReady object| google_reactive_ads_global_state function| __gnSendWrapperJSBeacon object| __gn_config object| gnpb string| gn_pvid string| gn_native_template boolean| gnslibincluded number| gn_aladdin_vendor_id number| gn_beacon_rate object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| YTk3NmUzMjkyZTQyZjBlNWxvYWRlcl9qcw== string| YTk3NmUzMjkyZTQyZjBlNWNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| google_tag_topics_state number| google_unique_id object| regeneratorRuntime object| ox_esp object| _33across object| criteo_pubtag object| criteo_identitytag_156 object| Criteo object| Criteo_identitytag_156 function| lotameIsCompatible function| sync16589_aa function| sync16589_c function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ja object| sync16589_ka object| sync16589_r object| sync16589_xa function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_ea function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_ga function| sync16589_fa function| sync16589_ha function| sync16589_ia function| sync16589_s function| sync16589_u function| sync16589_v function| sync16589_w function| sync16589_la function| sync16589_ma function| sync16589_x function| sync16589_na function| sync16589_y function| sync16589_z function| sync16589_t function| sync16589_B function| sync16589_oa function| sync16589_pa function| sync16589_qa function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_ra function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_J function| sync16589_L function| sync16589_K function| sync16589_M function| sync16589_N function| sync16589_I function| sync16589_sa function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_O function| sync16589_P function| sync16589_ya function| sync16589_Q function| sync16589_za function| sync16589_Aa function| sync16589_Ba function| sync16589_R function| sync16589_Ca function| sync16589_Da function| sync16589_Ea function| sync16589_Fa function| sync16589_S function| sync16589_Ga function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_W function| sync16589_Ha function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_1 function| sync16589_Ia function| sync16589_2 function| sync16589_Ka function| sync16589_Ja function| sync16589_3 function| sync16589_4 function| sync16589_La function| sync16589_Oa function| sync16589_Na function| sync16589_Ma function| sync16589_Qa function| sync16589_Sa function| sync16589_Pa function| sync16589_6 function| sync16589_Ra function| sync16589_Va function| sync16589_Ua function| sync16589_Ta function| sync16589_7 function| sync16589_5 function| sync16589_8 function| sync16589_Wa function| sync16589_Xa function| sync16589_Ya function| sync16589_Za function| sync16589_9 function| sync16589__a function| sync16589_$ function| sync16589_0a function| sync16589_1a function| sync16589_2a object| lotame_sync_16589 object| YJ_YADS function| getGnshbrequestSlots object| gecptparams boolean| 3dc5d4a1-dc26-42da-9979-a29e8e3de5a2 object| YAHOO function| YadsTimelineManager function| yadsTimelinePoolAds object| YJ_UADF function| gAdController function| yadsDispatchDeliverProduct function| yadsRenderAd_v2 object| yadsInnerFuncs function| yadsRequestAsync

32 Cookies

Domain/Path Name / Value
.reurl.cc/ Name: _gid
Value: GA1.2.687963343.1723103650
.reurl.cc/ Name: _gat
Value: 1
.reurl.cc/ Name: _ga
Value: GA1.1.1205502744.1723103650
.reurl.cc/ Name: _ga_ZDFZCDVDK1
Value: GS1.1.1723103650.1.0.1723103650.0.0.0
.reurl.cc/ Name: _ga_N394QBRGC0
Value: GS1.1.1723103650.1.0.1723103650.60.0.0
.reurl.cc/ Name: _fbp
Value: fb.1.1723103650649.529936812956485470
onead.onevision.com.tw/ Name: onevision_guid
Value: 65802e18-555b-11ef-8856-0242ac130002
onead.onevision.com.tw/ Name: oid
Value: 65802e0b-555b-11ef-8856-0242ac130002
reurl.cc/ Name: oid
Value: %257B%2522oid%2522%253A%252265802e18-555b-11ef-8856-0242ac130002%2522%252C%2522ts%2522%253A-62135596800%252C%2522v%2522%253A%252220201117%2522%257D
.prnasia.com/ Name: __cf_bm
Value: exoMJt5mWq1LoaLkAKglZchiXW0oThAkE_HP180VCP4-1723103650-1.0.1.1-vwXu6dBHTlrHP0Fodm5ZuP4CllVfmM2fuL3Yce6w2Ardy0q1V0FVG30.92qglgknD3xIvBGEH.48eXNVVDWCCQ
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 3752281edd8e4df967bf29cc84ada23d
.reurl.cc/ Name: _cc_id
Value: 3752281edd8e4df967bf29cc84ada23d
.reurl.cc/ Name: panoramaId_expiry
Value: 1723190051341
.reurl.cc/ Name: __gads
Value: ID=37c2fdc20b351f41:T=1723103650:RT=1723103650:S=ALNI_MbtfmShYU7XqlF9lS8raTLxtlXogg
.reurl.cc/ Name: __gpi
Value: UID=00000ec828baf3f5:T=1723103650:RT=1723103650:S=ALNI_Mbj5dYQtfxKf1A8COBBT3_0KTc7fA
.reurl.cc/ Name: __eoi
Value: ID=16f52d26b8c20f9b:T=1723103650:RT=1723103650:S=AA-AfjYBHx8XJTpGHqENT8avEQX3
.doubleclick.net/ Name: IDE
Value: AHWqTUlY_errpPejoj2TVWJ4bJ1vyu4Oux30ULGzQpGlnI_JVokVU5HVUEMoTFVp
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.casalemedia.com/ Name: CMPS
Value: 1538
.reurl.cc/ Name: FCNEC
Value: %5B%5B%22AKsRol9CQiJzimCvBO3xY77Xy_WoS-pCfrkekl22rsi6r5YDBNcg_zT0hXlZkCjXL_gS1VesG3Yxq12K-p9U-9VvkDfIMP8LTrttvQNf7hGXV_jALcMX_JMbh9l0di7z4QGw9TV6MBv1aYggwhN_YrnCSQqGdbDvLQ%3D%3D%22%5D%5D
.casalemedia.com/ Name: CMID
Value: ZrR5o9HM5SsAAATjAYrROAAA
.casalemedia.com/ Name: CMPRO
Value: 5602
.doubleclick.net/ Name: ar_debug
Value: 1
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.reurl.cc/ Name: _ss_pp_id
Value: 22d3004389b9a249fd61723139652838
.reurl.cc/ Name: _td
Value: 3a79d0e6-2af3-4555-a5e6-39aa1a10c664
.reurl.cc/ Name: _tg_csi
Value: 1
.popin.cc/ Name: uid
Value: 22d3004389b9a249fd61723139652838
.hinet.net/ Name: uuid
Value: 81228898-ba12-4600-9c7c-99f8494a1cd4
.reurl.cc/ Name: __htid
Value: 81228898-ba12-4600-9c7c-99f8494a1cd4
.reurl.cc/ Name: _ht_em
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad-specs.guoshipartners.com
ad.tagtoo.co
analytics.google.com
anymind360.com
api.popin.cc
bcp.crwdcntrl.net
blog.alphaloan.co
cdn-ima.33across.com
cdn.jsdelivr.net
connect.facebook.net
cpt.geniee.jp
creditcards.com.tw
ecs.tagtoo.co
event.tagtoo.co
f1be708e8d32cfdc224fb3f1c4ef6c85.safeframe.googlesyndication.com
fundingchoicesmessages.google.com
i0.wp.com
img.racingcharger.tw
invstatic101.creativecdn.com
log.popin.cc
mma.prnasia.com
oa.openxcdn.net
onead.onevision.com.tw
pagead2.googlesyndication.com
r.popin.cc
re-news.tw
reurl.cc
securepubads.g.doubleclick.net
static.criteo.net
static.wixstatic.com
stats.g.doubleclick.net
storage.reurl.cc
t.ssp.hinet.net
tags.crwdcntrl.net
ttd-cm.tagtoo.com.tw
tw.popin.cc
uec.tagtoo.co
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
yads.c.yimg.jp
creditcards.com.tw
103.1.220.9
107.178.241.176
119.63.193.220
119.63.198.143
119.63.198.188
119.63.198.189
133.186.12.52
151.101.129.55
168.95.246.1
172.64.152.89
173.194.175.156
173.194.204.138
18.209.253.154
183.79.248.252
192.0.77.2
192.0.78.236
203.75.214.136
209.85.144.156
209.85.144.157
2600:9000:20ed:8600:1e:5c56:d400:93a1
2606:4700::6811:eec2
2607:f8b0:4004:c08::66
2607:f8b0:4004:c1d::9b
2607:f8b0:400d:c00::65
2607:f8b0:400d:c03::84
2607:f8b0:400d:c04::61
2607:f8b0:400d:c07::8b
2620:100:a00b::4
2a03:2880:f003:100:face:b00c:0:3
2a03:2880:f103:181:face:b00c:0:25de
2a04:4e42:600::485
3.166.192.48
34.102.146.192
34.102.218.41
34.107.150.21
34.111.12.34
34.149.98.30
34.160.218.201
34.160.26.175
34.96.70.87
34.96.83.10
35.185.130.121
74.125.192.113
0765230487b7ff2de24a672b702f5dda8c280bd8ef0f750193da44023c7464ad
0971a7a527ce94f3f46f03a77211ef80ee3f91cd9edce9bb4bafbbedfa005ce2
12526e3cd5b68567e4f04f1e7341ddf33d68162f0954090823f19271ad63e59f
16cf673198b29bb08e83f5d8f74182d97d9c6dfa729c60f90f6195e739de9d20
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1dd7a14984430cb6eb7dcef332a866ef535b1c9809a44c813b221d000083f2a9
22743d9dc93a38d7096ec7c9a02146da7a721ada15192d87e81d78ff53cb2f2a
23f70fc4df73cce6979302e6c74889021b10de67be5c040492489decb094fc9c
24ec53d82a8b89e784dba9f0f3ac18686a49e4a0dd5e80e9a405720ae22afaf0
276dfaa2390543f63fe63b939b9c8d33768b297b93b433330c9648cf97c5c6cf
2921515fb91f18916a2b8aff6c3140edf07d6218d57d04778068cff819b49cb2
2ab6a80f08f72f0a47856fdbfe7e52033241a90ca535d580fb0804f699cbab79
2d64196cd0752b69ecaae8a608e5d5e97d6123cfe4557d6b2c878161e3d9116a
2eab2b7adfd71b5cf3fe3747f993d26520691d544bb7fc4338dc049b4f0d1c2c
2ec8e8bdfb26b7fe36ba4004a2dfbf9c10278d72ead0a3b8821ad7ea7f60bcd2
2ff57c3aff43b38bfea1659ef8ebb63b7d3782598a485de8a0c73d09ea2bd65a
3050a5556edc5876cd83e63f15e56fe19cb428129345a58d1f57687414504698
3108e15dfc911f1a730106ee1e44c941639e0b7add838d095680425e86d086c3
33bb4a32b24f69fabec9d73f40277dd6db392f5fb9dac46cf42d390d918dbfe6
3402df1af7b8665c51ac7e2d4fed5dc6cac147d61966672d9cf32a34acafedfe
352cd8ea585a95b5b9a31a6ee6f0297f1323d658cadbe7437402149bae56f8a8
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
39e740625ab759d5f275b6b559a2094e2ee96a704bbe3d01de1679c23d8db4c3
3ad9142bdbe3474b92ef9c3b36d3ae8986cd2bf1582b47078ac9c06cebf2d2f2
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
443509ad2852999c6d62f4a1e34ddcd91d5bfad80ee23cfa039ca942f3027414
490591c52cd60da5e7055c5b77b7ec0b0e96c6035b62f9f2774992c6e2286969
4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4
4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55
4f847a3c200bef99c96aa5933cb3e644573bc1d326f117812031381830f58b7e
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
561df1b2a900c7564a7c7ce397c38d145d1fd19e9dace210902125bd5b5a8df4
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e
6931528f2e8c2fecf67ced7e34874f015cb86d14861543bb8f4b57be7079445a
698fe0a6500f771d98d1ca713a5445d523fac649207572b69123699702854c0b
71f5d274b99ffcbfbc7251fd4927c243179c8b0b1154e93247f4a73f3d7b6ec7
731627e22c6c2e25154c9fd3dd3f51bc89185d16b8ec16c643d29a98a65657bb
73ae392d3e6fd2a480cd5e6eb0077f17af084abfda5e3bb5487f76c0277be87c
749079c4e18ad34ac381e98d3fa23e070937ae17b73e27bb066eae5350ed667d
79065d384d5ec4460762dae5a9f3270baa13c366d16d9dade0abff93196e519b
7c82c1debb8f08292174e61cd88a6aed77638b87eafc43f60d8cb391181a2c24
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88beb5bf3e366289b64941441bd3f1ee2b8e710348b75fbacbe040e2a884380f
90102b36c17b8182fcb580b55b917d4807fb037df4dd104a6815ad305e2bea20
929e09dd06ec347f9d742d18e1d61b8a0e9d0cb45a048b15d4d4d49fdc96d706
9e46144e70508e349c9e0c94ab439412da135aecc8c3409b7f8c35503c984c2c
a90168b20862be8b8e0d56dfc1b7a05f120b9bbd7f66c8aed254c7cd81b61d0f
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b25c4079e5697ee92be2dd08ca93d0a45c2cfb7c4abea5e88a9281cabce3b61c
b676acf278a2a21e87b61f32d7cb17f0c3c150b5e72c7a0ddcca80621f66b408
bf91e4f9f62d08f4bac63bd2ab68280a5513249b3896d0982f28aa69e25c34c0
c028be06e7b67ab8124b1e546683f243b82dafb79a4dd026c818c00b4cf86590
c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac
ccee77f4b5d83cb6e274010848ee8baeefbb7d99199d78b22d798676591d36d5
ceeac7ff25c02a525e7336f0bfa66e87c30fb53a2b722bfcc99f2a006ddd8d9c
d08ed2366d744a4b07844cf6e167274145def5c5fe8c3d6d4de8ba52df9aa275
ddd9d29beabaeecc9c76408242dfc2b76305ec52511992d3cfbc81a500ee0670
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de8a41e157ef0da2ade162ac2dc3a95e99ae93f24be2e671deef7a0df9677c12
e27689f3e1c898d9148fac7a1ea74ddbe218aba35849ff4e24ba05d3b07f3d86
e388e19ca38c825b329e762c79c66bbd41bd334f18312c5e97fde0a8f64bca36
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e823debde751c0ae7879aa68f2a6298a405bc7b08ccd6f48afbc7c9899f0b7f4
e9b96bc538ceb220fc5caff0d0a67916b74cf07b2bada0b3296a17b1b99c9990
eeb28450fdbef7b4cf78391f932bfb87bb7e8f8fa3854bfcf5bad6d7d13f442e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef94014f66ef80478d6778ca742c20149a887d566c241a70df892c0f069495ee
f2cc7a1ccf414cfa62412a2485155b8e4e387b6f3e4392d97b27baa2e8188a80