reurl.cc Open in urlscan Pro
35.185.130.121 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ya.mba/8A5
Effective URL:
https://reurl.cc/qZ40Kn
Submission: On December 29 via automatic, source phishtank (December 29th 2022, 3:07:06 pm UTC) — Scanned from NL

Summary HTTP 305 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 58 IPs in 10 countries across 47 domains to perform 305 HTTP transactions. The main IP is 35.185.130.121, located in Taipei, Taiwan and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is reurl.cc. The Cisco Umbrella rank of the primary domain is 209488.
TLS certificate: Issued by R3 on November 22nd 2022. Valid for: 3 months.

This is the only time reurl.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	188.114.97.12 188.114.97.12	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	35.185.130.121 35.185.130.121	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
25	203.75.214.136 203.75.214.136	3462 (HINET Dat...) (HINET Data Communication Business Group)
1	2a00:1450:400... 2a00:1450:400d:802::2008	15169 (GOOGLE) (GOOGLE)
1	35.186.215.140 35.186.215.140	15169 (GOOGLE) (GOOGLE)
15	13.32.110.109 13.32.110.109	16509 (AMAZON-02) (AMAZON-02)
34	2600:9000:206... 2600:9000:206f:f400:0:e06c:e940:93a1	16509 (AMAZON-02) (AMAZON-02)
33	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
7	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	35.244.196.223 35.244.196.223	15169 (GOOGLE) (GOOGLE)
2	34.95.67.231 34.95.67.231	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 5	35.201.76.93 35.201.76.93	15169 (GOOGLE) (GOOGLE)
5	2600:9000:205... 2600:9000:2057:8c00:3:1794:2540:93a1	16509 (AMAZON-02) (AMAZON-02)
4	210.59.219.180 210.59.219.180	3462 (HINET Dat...) (HINET Data Communication Business Group)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
7	52.196.193.254 52.196.193.254	16509 (AMAZON-02) (AMAZON-02)
7	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	103.132.192.30 103.132.192.30	138552 (RTBHOUSE-...) (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD.)
10 20	34.96.119.68 34.96.119.68	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
10 10	172.105.203.31 172.105.203.31	63949 (AKAMAI-AP...) (AKAMAI-AP Akamai Technologies)
4	203.75.213.62 203.75.213.62	3462 (HINET Dat...) (HINET Data Communication Business Group)
6	210.59.219.181 210.59.219.181	3462 (HINET Dat...) (HINET Data Communication Business Group)
10	2a02:2638:1::1a 2a02:2638:1::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a06:98c1:312... 2a06:98c1:3120::c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.0.78.236 192.0.78.236	2635 (AUTOMATTIC) (AUTOMATTIC)
1	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2a06:98c1:312... 2a06:98c1:3121::9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.0.78.244 192.0.78.244	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2606:4700::68... 2606:4700::6810:fc04	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.197.227.153 35.197.227.153	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.102.176.152 34.102.176.152	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
8	192.96.203.13 192.96.203.13	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
19	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
4 8	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5 14	142.250.201.194 142.250.201.194	15169 (GOOGLE) (GOOGLE)
1	35.227.249.156 35.227.249.156	15169 (GOOGLE) (GOOGLE)
6	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400d:80d::2002	15169 (GOOGLE) (GOOGLE)
2	210.59.219.175 210.59.219.175	3462 (HINET Dat...) (HINET Data Communication Business Group)
2 2	2.19.35.65 2.19.35.65	16625 (AKAMAI-AS) (AKAMAI-AS)
4	23.37.42.132 23.37.42.132	16625 (AKAMAI-AS) (AKAMAI-AS)
2	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
2	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1 2	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 3	35.158.31.44 35.158.31.44	16509 (AMAZON-02) (AMAZON-02)
2 2	54.229.65.185 54.229.65.185	16509 (AMAZON-02) (AMAZON-02)
2 2	104.18.33.19 104.18.33.19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	72.251.249.13 72.251.249.13	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
2 2	3.76.140.5 3.76.140.5	16509 (AMAZON-02) (AMAZON-02)
2 2	185.89.210.141 185.89.210.141	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
1 2	162.210.196.208 162.210.196.208	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
3	2606:4700:20:... 2606:4700:20::681a:567	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:400d:802::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:807::2001	() ()
1	2620:116:800d... 2620:116:800d:21:5ed4:8d5d:fed7:f5ef	() ()
1	52.223.40.198 52.223.40.198	() ()
1 1	2a05:d018:d29... 2a05:d018:d29:3601:4379:fd12:b154:f230	() ()
305	58

1 188.114.97.12 (Amsterdam, Netherlands) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ya.mba	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.185.130.121 (Taipei, Taiwan)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 121.130.185.35.bc.googleusercontent.com

reurl.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 203.75.214.136 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-75-214-136.hinet-ip.hinet.net

t.ssp.hinet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
77782381-65c7-46c9-99c3-0831e89b8f3b.t.ssp.hinet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
4ef255ad-cf1a-49d5-907a-ec3b6da91e67.t.ssp.hinet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:802::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.215.140 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 140.215.186.35.bc.googleusercontent.com

ad.sitemaji.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 13.32.110.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-110-109.vie50.r.cloudfront.net

img.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2600:9000:206f:f400:0:e06c:e940:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
scontent.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.196.223 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 223.196.244.35.bc.googleusercontent.com

storage.re-news.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.67.231 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 231.67.95.34.bc.googleusercontent.com

fcm.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.201.76.93 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 93.76.201.35.bc.googleusercontent.com

c.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2057:8c00:3:1794:2540:93a1 (United States)

ASN16509 (AMAZON-02, US)

adcdn.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 210.59.219.180 (New Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)

bw.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.196.193.254 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-196-193-254.ap-northeast-1.compute.amazonaws.com

ad.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net

prebid-asia.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 34.96.119.68 (Kansas City, United States) 10 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.119.96.34.bc.googleusercontent.com

ad2.apx.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 172.105.203.31 (Tokyo, Japan) 10 redirects

ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG)
PTR: li1857-31.members.linode.com

gocm.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 203.75.213.62 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)

prebid.cht.hinet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 210.59.219.181 (New Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)

prebid.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:2638:1::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::c (United States)

ASN13335 (CLOUDFLARENET, US)

img.gbyhn.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.78.236 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

blog.alphaloan.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i0.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::9 (United States)

ASN13335 (CLOUDFLARENET, US)

img.racingcharger.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.78.244 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

creditcards.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:fc04 (United States)

ASN13335 (CLOUDFLARENET, US)

mma.prnasia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.197.227.153 (London, United Kingdom)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.227.197.35.bc.googleusercontent.com

www.rayskyinvest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.176.152 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 152.176.102.34.bc.googleusercontent.com

static.wixstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 192.96.203.13 (Bethesda, United States)

ASN30633 (LEASEWEB-USA-WDC, US)

hb.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:2638:1::13 (France) 4 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.201.194 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s35-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.249.156 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 156.249.227.35.bc.googleusercontent.com

m.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:80d::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 210.59.219.175 (New Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)

rec.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.19.35.65 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.96.105.8 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.158.31.44 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-31-44.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.229.65.185 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-65-185.eu-west-1.compute.amazonaws.com

ads.avct.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.33.19 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.249.13 (Amsterdam, Netherlands) 2 redirects

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.76.140.5 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-76-140-5.eu-central-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.141 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.210.196.208 (Ft. Washington, United States) 1 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

ads.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:567 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.aralego.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:802::2002 (Ireland)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:807::2001 (None, )

ASN- ()

a5c41a1a4d13c25ad37323867579fa52.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:5ed4:8d5d:fed7:f5ef (None, )

ASN- ()

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (None, )

ASN- ()

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:4379:fd12:b154:f230 (None, ) 1 redirects

ASN- ()

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
54	holmesmind.com 1 redirects cdn.holmesmind.com — Cisco Umbrella Rank: 98297 fcm.holmesmind.com — Cisco Umbrella Rank: 110798 c.holmesmind.com — Cisco Umbrella Rank: 81956 adcdn.holmesmind.com — Cisco Umbrella Rank: 101160 ad.holmesmind.com — Cisco Umbrella Rank: 72961 m.holmesmind.com — Cisco Umbrella Rank: 211395	196 KB
34	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 145 tpc.googlesyndication.com — Cisco Umbrella Rank: 187 a5c41a1a4d13c25ad37323867579fa52.safeframe.googlesyndication.com	487 KB
31	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 548 scontent.xx.fbcdn.net — Cisco Umbrella Rank: 249	559 KB
30	appier.net 20 redirects ad2.apx.appier.net — Cisco Umbrella Rank: 35689 gocm.c.appier.net — Cisco Umbrella Rank: 3355	4 KB
29	hinet.net t.ssp.hinet.net — Cisco Umbrella Rank: 60608 prebid.cht.hinet.net — Cisco Umbrella Rank: 146604 77782381-65c7-46c9-99c3-0831e89b8f3b.t.ssp.hinet.net 4ef255ad-cf1a-49d5-907a-ec3b6da91e67.t.ssp.hinet.net	27 KB
27	scupio.com img.scupio.com — Cisco Umbrella Rank: 57084 bw.scupio.com — Cisco Umbrella Rank: 114023 prebid.scupio.com — Cisco Umbrella Rank: 58237 rec.scupio.com — Cisco Umbrella Rank: 81684	385 KB
24	criteo.com 4 redirects bidder.criteo.com — Cisco Umbrella Rank: 834 gum.criteo.com — Cisco Umbrella Rank: 446 mug.criteo.com — Cisco Umbrella Rank: 1856	20 KB
19	doubleclick.net 5 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 321 googleads.g.doubleclick.net — Cisco Umbrella Rank: 64 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 285	214 KB
10	aralego.com 1 redirects hb.aralego.com — Cisco Umbrella Rank: 17534 sync.aralego.com — Cisco Umbrella Rank: 4367 ads.aralego.com — Cisco Umbrella Rank: 27676	4 KB
8	rubiconproject.com 2 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1267 eus.rubiconproject.com — Cisco Umbrella Rank: 832 token.rubiconproject.com — Cisco Umbrella Rank: 858	23 KB
7	google.com adservice.google.com — Cisco Umbrella Rank: 142 www.google.com — Cisco Umbrella Rank: 16	2 KB
7	criteo.net static.criteo.net — Cisco Umbrella Rank: 743	233 KB
7	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	30 KB
6	creativecdn.com prebid-asia.creativecdn.com — Cisco Umbrella Rank: 13130	1 KB
5	reurl.cc reurl.cc — Cisco Umbrella Rank: 209488	5 KB
4	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 520 fonts.googleapis.com — Cisco Umbrella Rank: 127	193 KB
3	aralego.net cdn.aralego.net — Cisco Umbrella Rank: 11232	47 KB
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 411	2 KB
3	gstatic.com www.gstatic.com fonts.gstatic.com	57 KB
3	google.nl adservice.google.nl — Cisco Umbrella Rank: 10588	1 KB
2	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 670	2 KB
2	360yield.com 2 redirects match.360yield.com — Cisco Umbrella Rank: 3351	787 B
2	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 866	1 KB
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 690	2 KB
2	avct.cloud 2 redirects ads.avct.cloud — Cisco Umbrella Rank: 5182	890 B
2	blismedia.com 1 redirects tr.blismedia.com — Cisco Umbrella Rank: 3008	184 B
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 1147 r.turn.com — Cisco Umbrella Rank: 4328	869 B
2	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1011	739 B
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2124	359 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 173	35 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 488	57 KB
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com	711 B
1	adsrvr.org match.adsrvr.org	265 B
1	quantserve.com cms.quantserve.com	463 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 221	47 KB
1	wixstatic.com static.wixstatic.com — Cisco Umbrella Rank: 7235	2 MB
1	rayskyinvest.com www.rayskyinvest.com	39 KB
1	prnasia.com mma.prnasia.com — Cisco Umbrella Rank: 651646	22 KB
1	creditcards.com.tw creditcards.com.tw	56 KB
1	racingcharger.tw img.racingcharger.tw	117 KB
1	wp.com i0.wp.com — Cisco Umbrella Rank: 3746	433 KB
1	alphaloan.co blog.alphaloan.co	19 KB
1	gbyhn.com.tw img.gbyhn.com.tw	96 KB
1	re-news.tw storage.re-news.tw	7 KB
1	sitemaji.com ad.sitemaji.com — Cisco Umbrella Rank: 92372	6 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 123	78 KB
1	ya.mba 1 redirects ya.mba	492 B
305	47

	Domain	Requested by
34	cdn.holmesmind.com	reurl.cc cdn.holmesmind.com ad.holmesmind.com
29	static.xx.fbcdn.net	www.facebook.com static.xx.fbcdn.net
21	t.ssp.hinet.net	reurl.cc cdn.holmesmind.com t.ssp.hinet.net
20	ad2.apx.appier.net	10 redirects reurl.cc
17	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com reurl.cc securepubads.g.doubleclick.net
16	pagead2.googlesyndication.com	reurl.cc pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com ads.aralego.com securepubads.g.doubleclick.net
15	img.scupio.com	reurl.cc img.scupio.com
14	cm.g.doubleclick.net	5 redirects reurl.cc googleads.g.doubleclick.net
10	bidder.criteo.com	static.criteo.net img.scupio.com
10	gocm.c.appier.net	10 redirects
8	gum.criteo.com	4 redirects static.criteo.net
7	static.criteo.net	cdn.holmesmind.com img.scupio.com static.criteo.net
7	ad.holmesmind.com	cdn.holmesmind.com img.scupio.com
7	www.facebook.com	reurl.cc static.xx.fbcdn.net img.scupio.com
6	sync.aralego.com	img.scupio.com ads.aralego.com reurl.cc
6	mug.criteo.com	reurl.cc
6	prebid.scupio.com	cdn.holmesmind.com img.scupio.com
6	prebid-asia.creativecdn.com	cdn.holmesmind.com img.scupio.com
5	adcdn.holmesmind.com	cdn.holmesmind.com
5	c.holmesmind.com	1 redirects cdn.holmesmind.com reurl.cc img.scupio.com
5	reurl.cc	reurl.cc
4	www.google.com	googleads.g.doubleclick.net tpc.googlesyndication.com
4	eus.rubiconproject.com	reurl.cc eus.rubiconproject.com
4	prebid.cht.hinet.net	cdn.holmesmind.com
4	bw.scupio.com	img.scupio.com ajax.googleapis.com
3	securepubads.g.doubleclick.net	cdn.aralego.net securepubads.g.doubleclick.net
3	cdn.aralego.net	reurl.cc ads.aralego.com
3	x.bidswitch.net	3 redirects
3	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
3	adservice.google.nl	pagead2.googlesyndication.com securepubads.g.doubleclick.net
3	77782381-65c7-46c9-99c3-0831e89b8f3b.t.ssp.hinet.net	reurl.cc t.ssp.hinet.net
2	ads.aralego.com	1 redirects ads.aralego.com
2	secure.adnxs.com	2 redirects
2	match.360yield.com	2 redirects
2	ap.lijit.com	2 redirects
2	ssum-sec.casalemedia.com	2 redirects
2	ads.avct.cloud	2 redirects
2	tr.blismedia.com	1 redirects googleads.g.doubleclick.net
2	www.gstatic.com	googleads.g.doubleclick.net
2	fonts.googleapis.com	googleads.g.doubleclick.net
2	token.rubiconproject.com	eus.rubiconproject.com
2	secure-assets.rubiconproject.com	2 redirects
2	rec.scupio.com	img.scupio.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	partner.googleadservices.com	pagead2.googlesyndication.com
2	hb.aralego.com	img.scupio.com
2	scontent.xx.fbcdn.net	www.facebook.com
2	ajax.googleapis.com	img.scupio.com
2	region1.google-analytics.com	www.googletagmanager.com
2	fcm.holmesmind.com	cdn.holmesmind.com
2	connect.facebook.net	reurl.cc connect.facebook.net
2	cdn.jsdelivr.net	reurl.cc
1	pr-bh.ybp.yahoo.com	1 redirects
1	match.adsrvr.org	googleads.g.doubleclick.net
1	cms.quantserve.com	googleads.g.doubleclick.net
1	a5c41a1a4d13c25ad37323867579fa52.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	fonts.gstatic.com	fonts.googleapis.com
1	r.turn.com	reurl.cc
1	ad.turn.com	1 redirects
1	www.googletagservices.com	googleads.g.doubleclick.net
1	4ef255ad-cf1a-49d5-907a-ec3b6da91e67.t.ssp.hinet.net	cdn.holmesmind.com
1	m.holmesmind.com	cdn.holmesmind.com
1	static.wixstatic.com	reurl.cc
1	www.rayskyinvest.com	reurl.cc
1	mma.prnasia.com	reurl.cc
1	creditcards.com.tw	reurl.cc
1	img.racingcharger.tw	reurl.cc
1	i0.wp.com	reurl.cc
1	blog.alphaloan.co	reurl.cc
1	img.gbyhn.com.tw	reurl.cc
1	storage.re-news.tw	reurl.cc
1	ad.sitemaji.com	reurl.cc
1	www.googletagmanager.com	reurl.cc
1	ya.mba	1 redirects
305	74

This site contains links to these domains. Also see Links.

Domain
re-news.tw
youtils.cc
stockinfo.tw

Subject Issuer	Validity	Valid
reurl.cc R3	`2022-11-22` - `2023-02-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-02` - `2023-06-01`	a year	crt.sh
*.t.ssp.hinet.net	`2022-04-14` - `2023-04-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
feebee.com.tw R3	`2022-12-27` - `2023-03-27`	3 months	crt.sh
*.scupio.com Sectigo RSA Organization Validation Secure Server CA	`2022-09-26` - `2023-10-27`	a year	crt.sh
*.holmesmind.com Go Daddy Secure Certificate Authority - G2	`2022-05-19` - `2023-06-20`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-10-07` - `2023-01-05`	3 months	crt.sh
storage.re-news.tw GTS CA 1D4	`2022-12-17` - `2023-03-17`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-08` - `2023-02-04`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-17` - `2023-04-12`	a year	crt.sh
*.cht.hinet.net	`2022-03-15` - `2023-03-15`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-31` - `2023-01-26`	3 months	crt.sh
*.gbyhn.com.tw E1	`2022-11-30` - `2023-02-28`	3 months	crt.sh
tls.automattic.com R3	`2022-11-12` - `2023-02-10`	3 months	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-14` - `2023-12-15`	a year	crt.sh
*.prnasia.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-08` - `2023-12-08`	a year	crt.sh
*.rayskyinvest.com R3	`2022-11-09` - `2023-02-07`	3 months	crt.sh
*.wixstatic.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-30` - `2023-03-29`	6 months	crt.sh
*.aralego.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-19` - `2023-11-19`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-17` - `2023-04-04`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
tr.blismedia.com GTS CA 1D4	`2022-12-14` - `2023-03-14`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh

This page contains 38 frames:

Primary Page: https://reurl.cc/qZ40Kn
Frame ID: DA1BC7DC266F3DADF43814E41765F406
Requests: 35 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FCreditCards.com.tw%252F%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId
Frame ID: DA83F6C80D3582A4F4E623290C4DD524
Requests: 37 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 4F33DED4A05287DC0AC8CE6FB5FF94FC
Requests: 4 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: A638BF8B1D65E7AC1ADA9C7C3BBD29C8
Requests: 10 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 50A7938CDE1437DCAF7C69BB73AD8E60
Requests: 22 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: B04026AA8E2EFC46B7EED63DD076F527
Requests: 5 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 93B5BEDAC27BEBF33A2BCFEFECDDD936
Requests: 27 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: F8D9EFE46D13141E616EC3CEBAB314BE
Requests: 1 HTTP requests in this frame

Frame: https://img.scupio.com/html/ad.html?v=1.0.65
Frame ID: 443A483CFA4EF32735EFCA9DFB155EFA
Requests: 16 HTTP requests in this frame

Frame: https://img.scupio.com/html/ad.html?v=1.0.65
Frame ID: 34932EC0A403F8277D0591E88DC583BC
Requests: 16 HTTP requests in this frame

Frame: https://img.scupio.com/js/adsbyscupio.js?v=1.0.2
Frame ID: 8BC5AE984AF17965956369885FCE3569
Requests: 2 HTTP requests in this frame

Frame: https://img.scupio.com/js/adsbyscupio.js?v=1.0.2
Frame ID: B116A33227F4BECAE7A3AAD4966C856E
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: CCEB9B0CA200BD7EB2E7CBFAF98B2781
Requests: 8 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/init.js
Frame ID: E6062C98986F024F819E95079C8CC885
Requests: 2 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 6ED45097247E7BDD240D7EF7A21B3B4C
Requests: 7 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 84E34D8B4E36798CB9A2989F6BB4D89B
Requests: 21 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: 1CE987BEC83423835D3BE6A32172E3C4
Requests: 2 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: 2B3BD7E2646D006D8DC0F3B9D42E1F32
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: 598B38A58BA7A89A468A0D529EF69CB4
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F14210&adk=2180255949&adf=3653020618&pi=t.ma~as.2784%2F14210&w=300&lmt=1672326422&url=https%3A%2F%2Freurl.cc%2FqZ40Kn&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672326422221&bpp=11&bdt=272&idt=280&shv=r20221207&mjsv=m202212060101&ptt=5&saldr=sa&correlator=1326261119059&frm=23&ife=1&pv=2&ga_vid=1999424911.1672326420&ga_sid=1672326423&ga_hid=420027472&ga_fc=1&nhd=2&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=108&biw=1600&bih=1200&isw=300&ish=250&ifk=2913668735&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44773809%2C44768832%2C31071250%2C44780792&oid=2&pvsid=60883554846238&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.uqioabg75558&fsb=1&dtd=296
Frame ID: 1D9114896246F4BB482000116AD14B85
Requests: 16 HTTP requests in this frame

Frame: https://img.scupio.com/html/ls.html
Frame ID: 600DF9FC16065A4E96DFCE2F320DB9ED
Requests: 1 HTTP requests in this frame

Frame: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESENcki6qIMNUjhfJtUJ2HHI4&google_cver=1&google_ula=3918219,0
Frame ID: 56008E9103566FA464EA13EA2D46509E
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Frame ID: 753A7C2021F96CC1E4A1A5A12402BE69
Requests: 3 HTTP requests in this frame

Frame: https://img.scupio.com/html/ls.html
Frame ID: 8F1D73F2B56DB3D6171AA40D7F43C6E1
Requests: 1 HTTP requests in this frame

Frame: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEMag5qN6WtVCZ_yV0wrgzhs&google_cver=1&google_ula=3918219,0
Frame ID: A3A7695966A08042B9B8F2DE669F8655
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Frame ID: C50C4CFC22EF8238CCCBEC77FE048C17
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 25A4ABAB16B54357C12046C3DB0424A2
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js
Frame ID: 455904598A177FA4ECBE2ADFC689692A
Requests: 1 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Frame ID: AA80DE41225FA19D3C7681B8DE835CF7
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: AF5045DA9350F2614BC408D30B6C7733
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 74EE13010857D74E98E421E0CA8AA216
Requests: 2 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 4E9BAD247062B86709B80B086709A5AF
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 7DBCE4AA449D1ECA21BD56D7A1768556
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2648653007&pi=t.ma~as.2784%2F13801&w=300&lmt=1672326424&url=https%3A%2F%2Freurl.cc%2FqZ40Kn&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672326424768&bpp=12&bdt=463&idt=205&shv=r20221207&mjsv=m202212080101&ptt=5&saldr=sa&cookie=ID%3D956afb26acd50ecc-222a26cc6eda009a%3AT%3D1672326422%3ART%3D1672326422%3AS%3DALNI_MbvqunRxbTqqiSdbVeT7Yo416Mfng&gpic=UID%3D00000b99a2005972%3AT%3D1672326422%3ART%3D1672326422%3AS%3DALNI_Ma11g0YI01SIT6M2qrI_NOq6umI9A&correlator=1326261119059&frm=23&ife=1&pv=1&ga_vid=1999424911.1672326420&ga_sid=1672326425&ga_hid=561235373&ga_fc=1&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=108&biw=1600&bih=1200&isw=300&ish=250&ifk=671361513&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C31071277%2C44780792&oid=2&pvsid=3853356421769777&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.173jsu6rlxjc&fsb=1&dtd=225
Frame ID: 114904F9B0C5CEBBBEF288B77AC8D8C9
Requests: 12 HTTP requests in this frame

Frame: https://a5c41a1a4d13c25ad37323867579fa52.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5
Frame ID: 998E0A6BDF46599EE2AE581612C38C6A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3DDEC4008065D1E0BA6FC87797AF105B
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C15E32A4B86437438983B58EF22F4A3E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AA2328658E5DAA5B682410844C85DFD1
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home

Page URL History Show full URLs

https://ya.mba/8A5 HTTP 302
https://reurl.cc/qZ40Kn Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/vue(?:\.min)?\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

305
Requests

90 %
HTTPS

45 %
IPv6

47
Domains

74
Subdomains

58
IPs

10
Countries

5104 kB
Transfer

9484 kB
Size

46
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: https://re-news.tw/
Title: 離開此頁

Search URL Search Domain Scan URL

URL: https://re-news.tw/gbyhn/46198

Search URL Search Domain Scan URL

URL: https://re-news.tw/alphaloan/25171

Search URL Search Domain Scan URL

URL: https://re-news.tw/golike/13516

Search URL Search Domain Scan URL

URL: https://re-news.tw/racingcharger/35146

Search URL Search Domain Scan URL

URL: https://re-news.tw/creditcard/281686

Search URL Search Domain Scan URL

URL: https://re-news.tw/prnasia/3973403_XG73403_2

Search URL Search Domain Scan URL

URL: https://re-news.tw/rayskyinvest/93678

Search URL Search Domain Scan URL

URL: https://re-news.tw/zocha/637f43543e6b15c5503081c8

Search URL Search Domain Scan URL

URL: https://youtils.cc/emoji
Title: 表情符號(emoji)

Search URL Search Domain Scan URL

URL: https://youtils.cc/geoip
Title: IP查詢

Search URL Search Domain Scan URL

URL: https://youtils.cc/big5gb
Title: 繁簡轉換

Search URL Search Domain Scan URL

URL: https://youtils.cc/qrcode
Title: QRCode

Search URL Search Domain Scan URL

URL: https://youtils.cc/length
Title: 身高/長度換算

Search URL Search Domain Scan URL

URL: https://stockinfo.tw/
Title: 台股資訊網

Search URL Search Domain Scan URL

URL: https://youtils.cc/wordcounter/zh-Hants
Title: 字數統計

Search URL Search Domain Scan URL

URL: https://youtils.cc/password/zh-Hants
Title: 密碼序號產生器

Search URL Search Domain Scan URL

URL: https://youtils.cc/dateCalculator
Title: 日期計算機

Search URL Search Domain Scan URL

URL: https://youtils.cc/lunarCalendar
Title: 農曆轉國曆

Search URL Search Domain Scan URL

URL: https://youtils.cc/utm
Title: UTM網址

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ya.mba/8A5 HTTP 302
https://reurl.cc/qZ40Kn Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23

https://c.holmesmind.com/cm HTTP 302
https://c.holmesmind.com/cm?tc=getIn&

Request Chain 61

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=Bc2btXjeAVmgHtePFa2tYw

Request Chain 63

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=Du71vSUDAKa3rHwaFq2tYw

Request Chain 64

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=JAawvSMrB2KFgrCFFq2tYw

Request Chain 65

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=RnQ27-73C6C4NBJPFq2tYw

Request Chain 73

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=SzhF8S7_CWOZAAusFq2tYw

Request Chain 76

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=1EcBfsL1DHmVu9AzFq2tYw

Request Chain 77

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=tuOyO1fUA1CwGkS8Fq2tYw

Request Chain 178

https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=937034-Unb0oh93L7EQLdTpPuoA9mZ0MIYHt8PO&uu_m=undefined HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm=&cf_uid=937034-Unb0oh93L7EQLdTpPuoA9mZ0MIYHt8PO&uu_m=undefined&google_tc= HTTP 302
https://m.holmesmind.com/ml/google?cf_uid=937034-Unb0oh93L7EQLdTpPuoA9mZ0MIYHt8PO&uu_m=undefined&google_gid=CAESEKOi9uAQOb4VGL6fewPEo-w&google_cver=1

Request Chain 182

https://gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=XRKKy3x0N0llVXNhOUlGOFpKZUdNVGxkWW12TVhGbktBRkN6WHFRbUV3c0J1MTZiei9mN1BDSHMzVXEzUmg2aGRKcG1UNjZUU29VbHpsODlYZEJ5QXVNMmEvTEhSUnpFT0VaUkJJSVgxc3E5ZnFNSXYyOGJaL3RZME5wY2g3ZkZOUklIcExXVTZMZGtlZWZjTitLVHBNdHlvV25jNEZWSEtpM1N5aEFzRXg0WWpIdkhVSEE4WnNZYlZtMFdUTDdYdWZ1SnB3QkQ2aDJaZjNxOE16Slo3SzBqU1N3bllLd0VvNjlBbFlvY2ZyNGQ1ZEsxRlhTZGJ5OWdZVGtuNm92UU11LzFKZmpHa1VuODNwbE5vY3FWak84UHJTQUMrcW1GYzNiNjhGN2NvTk90SDcwUT18&cppv=2

Request Chain 183

https://gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=i4L2snxyQnMzOTFGT2FhYkpNWS80a3RkM3NEZnY1ODgwckoxUGdUc25idmpNTzNweXNldEE1WFlmZWQ2MXJRWG1RQXVWRWdOUjNjRitPbDNoclpRNkV4ZVFSR1QrMW1SdlhlY1BkMDBWTUJVT01KVzdBRTVDd2VrQWFGdXdncnNoTEsxZWFocXltSGJTdUdiWFpNN1VXbGR6bmNweDdtTkdRYmhaekV3OHNmeVA2UkhLUCtrUk5oa1hTR2tlbGtHeUFhUTh6RFRCOXhrOGJwaUNBYWl0RXJFOFJhSXRYb2w2MFc1R3FXWXBHbWFQOHBxc0psVE95Tm91R2JwZ1NCWFhlWGJWUG9iaVk3VU1vWE5CNVRTY0RhWFBkdnFkRzQwWm1md2hGM0REMC9MMk91MD18&cppv=2

Request Chain 190

https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q1RBMjAyMjEyMjkyMzA3MDI1OTY4NzU%3d&layout=js HTTP 302
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESENcki6qIMNUjhfJtUJ2HHI4&google_cver=1&google_ula=3918219,0

Request Chain 191

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac HTTP 301
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac

Request Chain 195

https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q0pBMjAyMjEyMjkyMzA3MDI2NjQ3ODQ%3d&layout=js HTTP 302
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEMag5qN6WtVCZ_yV0wrgzhs&google_cver=1&google_ula=3918219,0

Request Chain 196

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac HTTP 301
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac

Request Chain 209

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=tuOyO1fUA1CwGkS8Fq2tYw

Request Chain 210

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=tuOyO1fUA1CwGkS8Fq2tYw

Request Chain 212

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=tuOyO1fUA1CwGkS8Fq2tYw

Request Chain 238

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEDsJT-TVWQzIXDbf0g4JRLY&google_cver=1&google_push=AavPq0MON7pKkFJ5TYWlXggyuBviFZ7vDCmjy_tE8KrtbnoDFtL8CcEPrB4QirxAFWSmuE3_3B95ISZzAt_J4W11oonTaswTNfiq HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzA5NzQzNDY5Mzg4ODE5MjU1OQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDsJT-TVWQzIXDbf0g4JRLY&google_cver=1

Request Chain 240

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEEvy4VsvJM0P_JFqEZHQYz0&google_cver=1&google_push=AavPq0Nk-0RKipE6Wp369fYQQ0rxaFsNi9ZR9f2J_S0AX0eCLHgI6ph_7GNR8BYjEyllyXUk0ovexxIySD6vwFdn2mhnhlWvQHOo HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEEvy4VsvJM0P_JFqEZHQYz0&google_cver=1&google_push=AavPq0Nk-0RKipE6Wp369fYQQ0rxaFsNi9ZR9f2J_S0AX0eCLHgI6ph_7GNR8BYjEyllyXUk0ovexxIySD6vwFdn2mhnhlWvQHOo HTTP 302
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle HTTP 307
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle HTTP 302
https://x.bidswitch.net/sync?dsp_id=59&user_id=b4b9ebb7-c814-4572-9c05-ba902f3553d6&ssp=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0Nk-0RKipE6Wp369fYQQ0rxaFsNi9ZR9f2J_S0AX0eCLHgI6ph_7GNR8BYjEyllyXUk0ovexxIySD6vwFdn2mhnhlWvQHOo&google_hm=FxahWQvRSK62OXyxvqywjg==

Request Chain 241

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENBJPdT6nVzyN5JJeWU9Z1U&google_cver=1&google_push=AavPq0PyXNbmVncvPGV6dgtCa9uoSvTNDZZiYYEICwUZncKg-LoqrRnO3rEVmYN8RJthwg0_wvjxpIrRF2A4teyyM8NoTV_IcvQ HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESENBJPdT6nVzyN5JJeWU9Z1U&google_push=AavPq0PyXNbmVncvPGV6dgtCa9uoSvTNDZZiYYEICwUZncKg-LoqrRnO3rEVmYN8RJthwg0_wvjxpIrRF2A4teyyM8NoTV_IcvQ&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENBJPdT6nVzyN5JJeWU9Z1U&google_hm=Y62tFyZWJkbbBaIwt-m3xAAABGcAAAIB&google_nid=index&google_push=AavPq0PyXNbmVncvPGV6dgtCa9uoSvTNDZZiYYEICwUZncKg-LoqrRnO3rEVmYN8RJthwg0_wvjxpIrRF2A4teyyM8NoTV_IcvQ

Request Chain 242

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEKtCUB54FhlezOkuPtekXa0&google_cver=1&google_push=AavPq0PiAdNzKlW_u9cWd0rC537pAYHYorCx9UQRNEGZNSDDXUnvJ3neUQHTlWeEsKm12eqnflK0_WiSU8yGDflZSutXMFYdIgx1 HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEKtCUB54FhlezOkuPtekXa0&google_cver=1&google_push=AavPq0PiAdNzKlW_u9cWd0rC537pAYHYorCx9UQRNEGZNSDDXUnvJ3neUQHTlWeEsKm12eqnflK0_WiSU8yGDflZSutXMFYdIgx1&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AavPq0PiAdNzKlW_u9cWd0rC537pAYHYorCx9UQRNEGZNSDDXUnvJ3neUQHTlWeEsKm12eqnflK0_WiSU8yGDflZSutXMFYdIgx1&google_hm=F5crqGZH9L9NMoy6SFSJKWXr

Request Chain 243

https://match.360yield.com/match/ebda?google_gid=CAESEBcR9lNFSGQK1-oZpESkq5Q&google_cver=1&google_push=AavPq0Pu1yxdnT3JlgdOwp7WWQhTkZK1x-BJX4cYQ6sD8P83kGSDk0iXual94NrV0jP465bkzV1OBvz2ZPgIeEslcwFbSOULXeA HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEBcR9lNFSGQK1-oZpESkq5Q&google_cver=1&google_push=AavPq0Pu1yxdnT3JlgdOwp7WWQhTkZK1x-BJX4cYQ6sD8P83kGSDk0iXual94NrV0jP465bkzV1OBvz2ZPgIeEslcwFbSOULXeA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TjqLR8wvRHKT8t66HwI6Kg&google_push=AavPq0Pu1yxdnT3JlgdOwp7WWQhTkZK1x-BJX4cYQ6sD8P83kGSDk0iXual94NrV0jP465bkzV1OBvz2ZPgIeEslcwFbSOULXeA

Request Chain 244

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEMKC0cYx5zCcUrUfBsmhHfk&google_cver=1&google_push=AavPq0OZjI9qX5eiM3BvdwPYEXsiINYWf83fKidiMnMmweupsoXIwsk3U-a1nOXmkyzWSoikMvIOCpfMjo0lWsT9p_fsuFxoD6jNPA HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEMKC0cYx5zCcUrUfBsmhHfk%26google_cver%3D1%26google_push%3DAavPq0OZjI9qX5eiM3BvdwPYEXsiINYWf83fKidiMnMmweupsoXIwsk3U-a1nOXmkyzWSoikMvIOCpfMjo0lWsT9p_fsuFxoD6jNPA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MTkwNjQ2OTA2Njg2NzU3MjY0Ng%3D%3D&google_gid=CAESEMKC0cYx5zCcUrUfBsmhHfk&google_cver=1&google_push=AavPq0OZjI9qX5eiM3BvdwPYEXsiINYWf83fKidiMnMmweupsoXIwsk3U-a1nOXmkyzWSoikMvIOCpfMjo0lWsT9p_fsuFxoD6jNPA

Request Chain 250

https://ads.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 260

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=-cf_dHx4R2Y0TCtJa3grV01JalFvQ0F2OCs0dDJZUFRTTlhwT1VGSnFTSnF1MXRQcTVlcm1VWi91QzltYUYvd2lTWWpQbE9wbWdrTlk5ZUhQUFplaTNHTi9HOGVoa1dObXlmRHNHcU5UQ01PS1ZreFFGb3ZOVE5vRHB1aGpBUVcrZjNMWHNVYmRxRHFzTkNFenROSVMyOHVXZVpaSERkdnJzWXFGUHpJU08vOXpUVWUzVGRPc0V2cWF0RTZuU2NxYjMzOTVya1l6YXZyRTR5VzlPenAwR2doSlkzMzF6ODQ3MzhNNlFrTnhsTnRZNVdCZXBTaVVFTzBUSHNjc2JNckJmS0VTUWRvTm1kUVViZXV5dnZTZ1NKZkxwMGhianFpWWVvQVNYSlVyUnYxQ1ROaz18&cppv=2

Request Chain 264

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=d1GxMHxPSXE0Z05nOVlOSEd6SFZZQVFyQlh0T3liejdJWmhDUGorQTNJeTc3WUt4TWtkMkljb0Y4ekxUdXY5S2hMMXF3djJibGVrOVk3NTFuRXU1ZC9qSTIvbngzYUluOWpIV1l0TzdhK3Y3M2w1eXFraUtrYlgyL3V3QmVuanE2YkNIb2ViTUJTNDFSc20ybk9ObUN1dkdxdWdrQlhvaTRLZ3hoS29USWVpemhZVlY5YXNldkJsVjdsaFFUTkYvNWR0SmY3bXRpeC9DWURXNTlkSkpNMGlhN3l1VjNmc1dSV1NXUmtPNnVNdkl2ZGJPWU40QVp5WDh1SStRVWNkSzRmT0l6SFJ0SVdHRmJ3U1ppUFBRZ2ljc0g0V3FyWlgzN3hNc1c0UGhSK2w5VWV2az18&cppv=2

Request Chain 301

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESENcOacYgdVrGQnWJtAPIzVg&google_cver=1&google_push=AavPq0PrZIRhtxMcmfNasMCKqEeD6P0eF1AH_rY7cv-Rf-gYSMmXqEEiwZPEphO6104vuesInARZTwyP8SpgfglXUJa-8eE6dYtL HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AavPq0PrZIRhtxMcmfNasMCKqEeD6P0eF1AH_rY7cv-Rf-gYSMmXqEEiwZPEphO6104vuesInARZTwyP8SpgfglXUJa-8eE6dYtL&google_hm=hmOtrRcqSx8fOrzRnw&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D63ADAD172A4B1F1F3ABCD19FBLIS

Request Chain 302

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEINH13g2Fk0Wo8BW4QoLgXs&google_cver=1&google_push=AavPq0OBGMoST022brC2mbwcxTXt9PxEPKgMKDCKHkIW92ywBDTVgH3ivTPCSX6WKckOyiIWfB0BAfs6W9jYdk3-x_CLuZkVfVQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0OBGMoST022brC2mbwcxTXt9PxEPKgMKDCKHkIW92ywBDTVgH3ivTPCSX6WKckOyiIWfB0BAfs6W9jYdk3-x_CLuZkVfVQ&google_hm=eS13UXRrU1FKRTJwSFAuSzQ4ZGRscmQ4cEhMWnNlY0hlVH5B

305 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request qZ40Kn Show response
reurl.cc/
Redirect Chain

https://ya.mba/8A5
https://reurl.cc/qZ40Kn

8 KB
3 KB

866ms
285ms

Document
text/html

35.185.130.121
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/qZ40Kn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: cb26bd481d3c0d4dbef7d8cd161bee006cb383e246a544266830d21656288658

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 29 Dec 2022 15:06:59 GMT
server: nginx/1.18.0 (Ubuntu)
target: https://shrtco.de/94CBnY
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 781371545dea0a5c-AMS
content-type: text/html; charset=utf-8
date: Thu, 29 Dec 2022 15:06:58 GMT
location: https://reurl.cc/qZ40Kn
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RQSfCAAiFsEseVmGlSo5%2BDiEyRSVtPZEqPktLwcv6b7mb4XDTP%2BGu9yhKn09KvOA10u5Xk6BS188RIZwgu5g7OXAqiVvH8Oyunv5rzVJ8rNgPnzNO5qn408%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept
x-powered-by: Express

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/ 152 KB
25 KB 100ms
44ms Stylesheet
text/css 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/bootstrap.min.css

Requested by

Host: reurl.cc
URL: https://reurl.cc/qZ40Kn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:06:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5564194
x-jsd-version: 4.3.1
content-encoding: br
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19143-FRA, cache-yyz4530-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"2606e-bhA1SChFSJj9qA9V897LNH/Z7SE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A8XhBM2Wf806amJ6883pIdn3%2Bnrmko30rweTsSDZJd%2FK5byJSGOZBtOAeZr1Wu%2FJnqYS6%2FNUVP7sv65UgUz3ifMDxFJwsb3CHmOEPy9SCDtla9W0io%2BIQuwA2K2Mgm2tR4HLA7oTEaY2%2B1pNcWg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 7813715b9b291c80-AMS

GET
H2 200 style.css
reurl.cc/stylesheets/rwd/ 2 KB
1 KB 282ms
281ms Stylesheet
text/css 35.185.130.121
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/stylesheets/rwd/style.css?v=1
Requested by: Host: reurl.cc
URL: https://reurl.cc/qZ40Kn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 749079c4e18ad34ac381e98d3fa23e070937ae17b73e27bb066eae5350ed667d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/qZ40Kn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:06:59 GMT
content-encoding: gzip
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"63356adf-9f6"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
expires: Fri, 29 Dec 2023 15:06:59 GMT

GET
H2 200 pixel.js Show response
reurl.cc/javascripts/ 429 B
524 B 283ms
282ms Script
application/javascript 35.185.130.121
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/javascripts/pixel.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/qZ40Kn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3050a5556edc5876cd83e63f15e56fe19cb428129345a58d1f57687414504698

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/qZ40Kn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:06:59 GMT
content-encoding: gzip
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"63356adf-1ad"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Fri, 29 Dec 2023 15:06:59 GMT

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ 5 KB
3 KB 907ms
230ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/qZ40Kn

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:00 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Thu, 29 Dec 2022 15:17:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 224 KB
78 KB 196ms
83ms Script
application/javascript 2a00:1450:400d:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0

Requested by

Host: reurl.cc
URL: https://reurl.cc/qZ40Kn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9e0a8cc50507728bb58d0e6646b1562cb5e90647ccb172b28802c656c4af1d13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79047
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 29 Dec 2022 15:07:00 GMT

GET
H2 200 ysm_reurl.js Show response
ad.sitemaji.com/ 17 KB
6 KB 88ms
27ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/ysm_reurl.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/qZ40Kn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 8290d97b04510b940ddca9f2aea802eaafb36fc7a8f52e4466ed2b77db35c632

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 14:01:37 GMT
content-encoding: br
via: 1.1 google
last-modified: Thu, 20 Jun 2019 08:48:16 GMT
server: nginx/1.12.1 (Ubuntu)
age: 3923
etag: W/"5d0b4850-4488"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5880
expires: Fri, 30 Dec 2022 14:01:37 GMT

GET
H2 200 ad.js Show response
img.scupio.com/js/ 76 KB
24 KB 214ms
44ms Script
application/javascript 13.32.110.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/ad.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/qZ40Kn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-109.vie50.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 0b7c985fafda17e8085fb6ba1cc58444ae9aad39a3f721a627db9e64d4491cea

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:06:34 GMT
content-encoding: gzip
via: 1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront)
last-modified: Mon, 19 Sep 2022 02:16:55 GMT
server: nginx/1.12.1
x-amz-cf-pop: VIE50-C2
age: 42
etag: W/"6327d117-12f95"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=900
x-amz-cf-id: T7nBDqHb0RYrRJfkAOHESt6WmPMCAu3NbRJ7IvCldZHytjK_VpUszg==
expires: Thu, 29 Dec 2022 15:21:17 GMT

GET
H2 200 init.js Show response
cdn.holmesmind.com/js/ 6 KB
7 KB 161ms
34ms Script
application/javascript 2600:9000:206f:f400:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/init.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/qZ40Kn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:f400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: UdwMmUAM2dmZqopCO7YOeMhqjXQRxqvB
date: Thu, 29 Dec 2022 15:06:31 GMT
via: 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
last-modified: Fri, 04 Mar 2022 10:10:49 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 45
etag: "439e160b698f1ec2efb45c3b6cd6b265"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 6552
x-amz-cf-id: PFKMdhGuE8XXxsPd3gY_gCxrsnn8KbptjJF6aSOjTXvfJBtFueC87Q==

GET
H2 200 vue.min.js Show response
cdn.jsdelivr.net/npm/vue@2.5.16/dist/ 84 KB
32 KB 106ms
50ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/vue@2.5.16/dist/vue.min.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/qZ40Kn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:06:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5563148
x-jsd-version: 2.5.16
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19174-FRA, cache-yyz4525-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"151b4-KLsckeN7U/TrtIzkgtzLJAAD4Hg"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zy2MOE%2BAAgHWbPlGZ2JzA0Og%2FBR847tGMNuWwB6h26njpE7WQBFsypQhlHwzXAa06QRsthokhCfZn7T2FugQWf3c1vQFFI%2FsI%2BRHpgHVynj2pwXQkAv3Q2nq3dC6Qh9v6dMNMvW%2FImgtsw44ois%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 7813715b9b2c1c80-AMS

GET
H2 200 renews.js Show response
reurl.cc/javascripts/ 412 B
493 B 283ms
282ms Script
application/javascript 35.185.130.121
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/javascripts/renews.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/qZ40Kn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 52bb2d07b65ec544edeb2a33f4103397a28f036f0d100090f3e17e4364aea1fb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/qZ40Kn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:06:59 GMT
content-encoding: gzip
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"63356adf-19c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Fri, 29 Dec 2023 15:06:59 GMT

GET
H2 200 loading.js Show response
reurl.cc/javascripts/ 134 B
339 B 283ms
283ms Script
application/javascript 35.185.130.121
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/javascripts/loading.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/qZ40Kn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: ddd9d29beabaeecc9c76408242dfc2b76305ec52511992d3cfbc81a500ee0670

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/qZ40Kn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:06:59 GMT
content-encoding: gzip
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"63356adf-86"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Fri, 29 Dec 2023 15:06:59 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
28 KB 124ms
39ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/javascripts/pixel.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 29 Dec 2022 15:07:00 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27298
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 1PJNnWXrsYM/4CaBECWOKkDdrVqaULnBgNAFo9sJWdTNvGuIL1CGRuueuPp5/k+u+8sO336wVsTjlQcftEx42w==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 page.php Show response
www.facebook.com/plugins/ Frame DA83 99 KB
28 KB 355ms
285ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId

Requested by

Host: reurl.cc
URL: https://reurl.cc/qZ40Kn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a905fe71579087be2b4d01b456e84d2a73ed93828fa61fad27988e735c5d9f15

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Thu, 29 Dec 2022 15:07:00 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: M0e5FpndpYCSAtVxiaHBEN7ymwqi4W6vz3IchCgY35FOtjOD3mxFeU1rBgemUvY3ITFw7YHL8AGG6TeUGodqMQ==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H2 200 feeds Show response
storage.re-news.tw/ 7 KB
7 KB 529ms
284ms XHR
text/html 35.244.196.223
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.re-news.tw/feeds
Requested by: Host: reurl.cc
URL: https://reurl.cc/javascripts/renews.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.196.223 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 223.196.244.35.bc.googleusercontent.com
Software: / Express
Resource Hash: c50e8fc3906bba3c7568133086418064afc8886326bb130e25ba286d767458e9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:00 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"1a2b-jQHX0DM6kXnv5Z87PBkQYgL83m8"
vary: Origin
content-type: text/html; charset=utf-8
access-control-allow-origin: https://reurl.cc
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6699

GET
H2 200 1675200226052423 Show response
connect.facebook.net/signals/config/ 25 KB
7 KB 33ms
33ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1675200226052423?v=2.9.90&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7a2db02963f2f12d0dd92de006ce4f55c77ab91d0d1296edf60beb58e56747d8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 29 Dec 2022 15:07:00 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7208
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 8az6Wr2A3L4D2WnJB0OZl6Jo0SCT/mi4I7iZ/VPYstQXBUObPOXBeMb4XJZopH6IfiipT55ne5DPb/ryfc2l6A==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 capmapping.htm Show response
cdn.holmesmind.com/js/ Frame 4F33 5 KB
5 KB 34ms
34ms Document
text/html 2600:9000:206f:f400:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/capmapping.htm
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:f400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cc37fba2e98f49c4d9551f72176d3aff72eacd798e5e85436837847e6b967c36

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 16
content-length: 4730
content-type: text/html
date: Thu, 29 Dec 2022 15:06:54 GMT
etag: "c36f5eb091d6195fe8b68f3b263f999b"
last-modified: Mon, 22 Aug 2022 03:00:17 GMT
server: AmazonS3
via: 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
x-amz-cf-id: MydXVn2TJnk1tL-y8GsV8Y0u9lxHkb3ZaOtGWseh9mikdPIoIDDkaQ==
x-amz-cf-pop: FRA56-C1
x-amz-version-id: 9jVaRQ2pP3sbT47ouwg8zArcPp2ddVmt
x-cache: Hit from cloudfront

GET
H2 200 edmp_init.js Show response
cdn.holmesmind.com/js/ 662 B
1013 B 34ms
34ms Script
application/javascript 2600:9000:206f:f400:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/edmp_init.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:f400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: null
date: Thu, 29 Dec 2022 15:06:54 GMT
via: 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
last-modified: Fri, 12 Mar 2021 02:45:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 13
etag: "f58f8a90686f8ffb3325107e8a788b71"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 662
x-amz-cf-id: 9FMC55LRNvr4hz2jgGtq9WdCc1R3ADquOohVnrKTCt2WCzbR7x_4aQ==

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame A638 9 KB
10 KB 38ms
38ms Script
application/javascript 2600:9000:206f:f400:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:f400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f13d5cccdee5742a69ce1d727428ae1e3064434cde08d1f18e03ba2c80621e85

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: nu3Q4FExJPU4AxPv2qvAu17GSCRePZwj
date: Thu, 29 Dec 2022 15:07:00 GMT
via: 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
last-modified: Fri, 23 Dec 2022 03:56:55 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 56
etag: "c1c5e1f8e39229c17de1058941ef4aea"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 9724
x-amz-cf-id: JphPiefV6GUQ4LSszVzNLBFLS2l4-qtWKD8Q5VPvSH7RLpUu51snkA==

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame 50A7 9 KB
10 KB 35ms
35ms Script
application/javascript 2600:9000:206f:f400:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:f400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f13d5cccdee5742a69ce1d727428ae1e3064434cde08d1f18e03ba2c80621e85

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: nu3Q4FExJPU4AxPv2qvAu17GSCRePZwj
date: Thu, 29 Dec 2022 15:07:00 GMT
via: 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
last-modified: Fri, 23 Dec 2022 03:56:55 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 56
etag: "c1c5e1f8e39229c17de1058941ef4aea"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 9724
x-amz-cf-id: yJ2O3n7Kk-zsO0KmtvOMa_BXYLzwSASob1MyWeQKmLv0xA9CZar7RA==

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame B040 9 KB
10 KB 36ms
35ms Script
application/javascript 2600:9000:206f:f400:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:f400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f13d5cccdee5742a69ce1d727428ae1e3064434cde08d1f18e03ba2c80621e85

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: nu3Q4FExJPU4AxPv2qvAu17GSCRePZwj
date: Thu, 29 Dec 2022 15:07:00 GMT
via: 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
last-modified: Fri, 23 Dec 2022 03:56:55 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 56
etag: "c1c5e1f8e39229c17de1058941ef4aea"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 9724
x-amz-cf-id: 5MWI8d_uXfn0nd7djbRfToItrNDUh6W1O14nkrqKiMi6A8JZDCifPg==

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame 93B5 9 KB
10 KB 43ms
43ms Script
application/javascript 2600:9000:206f:f400:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:f400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f13d5cccdee5742a69ce1d727428ae1e3064434cde08d1f18e03ba2c80621e85

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: nu3Q4FExJPU4AxPv2qvAu17GSCRePZwj
date: Thu, 29 Dec 2022 15:07:00 GMT
via: 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
last-modified: Fri, 23 Dec 2022 03:56:55 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 56
etag: "c1c5e1f8e39229c17de1058941ef4aea"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 9724
x-amz-cf-id: OmgsLw55T4Kil5DXmes1Af2Fgd9304mzIag9OJkAaKq7GLjuRcAyTg==

GET
H2 200 cm.php Show response
fcm.holmesmind.com/ Frame F8D9 39 B
191 B 3191ms
3123ms Document
text/html 34.95.67.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fcm.holmesmind.com/cm.php
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.67.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.67.95.34.bc.googleusercontent.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795

Request headers

Referer: https://cdn.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39
content-type: text/html; charset=UTF-8
date: Thu, 29 Dec 2022 15:07:03 GMT
server: Apache/2.4.29 (Ubuntu)
via: 1.1 google

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 4F33 5 KB
3 KB 690ms
232ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:00 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Thu, 29 Dec 2022 15:17:00 GMT

GET
H3

200

cm
c.holmesmind.com/ Frame 4F33
Redirect Chain

https://c.holmesmind.com/cm
https://c.holmesmind.com/cm?tc=getIn&

0
16 B

166ms
139ms

Image
text/html

35.201.76.93
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm?tc=getIn&
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H3
Server: 35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:00 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

Redirect headers

location: https://c.holmesmind.com/cm?tc=getIn&
date: Thu, 29 Dec 2022 15:07:00 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 33ms
33ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1675200226052423&ev=PageView&dl=https%3A%2F%2Freurl.cc%2FqZ40Kn&rl=&if=false&ts=1672326420219&sw=1600&sh=1200&v=2.9.90&r=stable&ec=0&o=28&fbp=fb.1.1672326420217.1473722305&it=1672326420139&coo=false&rqm=GET

Requested by

Host: reurl.cc
URL: https://reurl.cc/qZ40Kn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 29 Dec 2022 15:07:00 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 Preset.js Show response
adcdn.holmesmind.com/adserver/ Frame A638 575 B
643 B 159ms
34ms Script
text/html 2600:9000:2057:8c00:3:1794:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adcdn.holmesmind.com/adserver/Preset.js?z=13856
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8c00:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 22d4fe7a41e1b5ac442faeccace387a6e59c4f056bc35b71f1b65cf42e7a6721

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:03:18 GMT
content-encoding: gzip
via: 1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA6-C1
age: 222
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
x-amz-cf-id: 41fRqTo4jJnpQh_QyWxGRu3wMdSStMBsqzdVKXt6lRvknjRGRCjv8w==

GET
H2 200 Preset.js Show response
adcdn.holmesmind.com/adserver/ Frame 50A7 933 B
733 B 162ms
38ms Script
text/html 2600:9000:2057:8c00:3:1794:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adcdn.holmesmind.com/adserver/Preset.js?z=14210
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8c00:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e0e1c20c2b43f156e52a318090077f333099dfa88bcab94d37f9aea7a4f99728

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:03:18 GMT
content-encoding: gzip
via: 1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA6-C1
age: 222
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
x-amz-cf-id: YCzxc5N_SSwrsErMHAN0W8OkUs24vQ86YPgWpbx0k7m6v7gLMq4pCA==

GET
H2 200 17229.json Show response
img.scupio.com/js/config/ 461 B
868 B 149ms
63ms XHR
application/json 13.32.110.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/config/17229.json?v=1.0.3839
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-109.vie50.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 70b009957abf3e7b797880a0a62477205041b07ccbf05cf69f2ecb049234a030

Request headers

Accept: application/json, text/javascript, */*
Referer: https://reurl.cc/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 29 Dec 2022 15:03:18 GMT
via: 1.1 4a902cabdcc0eca6e00cc44c2a8b91da.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 222
x-cache: Hit from cloudfront
content-length: 461
last-modified: Thu, 29 Dec 2022 03:55:12 GMT
server: nginx/1.12.1
etag: "63ad0fa0-1cd"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=10800
accept-ranges: bytes
x-amz-cf-id: 0eP3UML0g5YKz5P1h4_kF2xZkoeJNmlvVt4Mw2LYLaA3J-nqzWEzsQ==
expires: Thu, 29 Dec 2022 18:03:18 GMT

POST
H/1.1 200
OK adreqlog.aspx Show response
bw.scupio.com/adpinline/ 0
711 B 1223ms
237ms XHR
application/json 210.59.219.180
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://bw.scupio.com/adpinline/adreqlog.aspx?cid=17229&cb=0.3554056756384236
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 210.59.219.180 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/javascript, */*
Referer: https://reurl.cc/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Thu, 29 Dec 2022 15:07:00 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: application/json
Access-Control-Allow-Origin: https://reurl.cc
P3P: CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Length: 0

GET
H2 200 ad.html Show response
img.scupio.com/html/ Frame 443A 83 KB
22 KB 56ms
51ms Document
text/html 13.32.110.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/html/ad.html?v=1.0.65
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-109.vie50.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: f670c1ad9fafff4387b4474fda0e68b090c975ddc416cf9f2aa64f50e1a4077c

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 1253
cache-control: max-age=2592000
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 29 Dec 2022 14:46:21 GMT
etag: W/"62fdf772-14d93"
expires: Sat, 28 Jan 2023 14:46:07 GMT
last-modified: Thu, 18 Aug 2022 08:25:22 GMT
server: nginx/1.12.1
vary: Origin
via: 1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront)
x-amz-cf-id: 8um_yI5I1VTVhKcfQFQ8HEEIPumkBOKmok6SEwLAQuOL8X1OWu35lQ==
x-amz-cf-pop: VIE50-C2
x-cache: Hit from cloudfront

GET
H2 200 17253.json Show response
img.scupio.com/js/config/ 461 B
869 B 135ms
61ms XHR
application/json 13.32.110.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/config/17253.json?v=1.0.3839
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-109.vie50.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 767ef04ea9ffdd0bc81756d2738945cf14dca7fdf7164879731b2e925159ffe0

Request headers

Accept: application/json, text/javascript, */*
Referer: https://reurl.cc/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 29 Dec 2022 15:03:18 GMT
via: 1.1 4a902cabdcc0eca6e00cc44c2a8b91da.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 222
x-cache: Hit from cloudfront
content-length: 461
last-modified: Thu, 29 Dec 2022 03:55:12 GMT
server: nginx/1.12.1
etag: "63ad0fa0-1cd"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=10800
accept-ranges: bytes
x-amz-cf-id: QMGbkbdcA0qGnaVmgIQOrdAZ-Rl9L8_AhsCW3V4gP4k9TuiRKLGHaw==
expires: Thu, 29 Dec 2022 18:03:18 GMT

POST
H/1.1 200
OK adreqlog.aspx Show response
bw.scupio.com/adpinline/ 0
711 B 1212ms
237ms XHR
application/json 210.59.219.180
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://bw.scupio.com/adpinline/adreqlog.aspx?cid=17253&cb=0.9080515446756012
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 210.59.219.180 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/javascript, */*
Referer: https://reurl.cc/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Thu, 29 Dec 2022 15:07:00 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: application/json
Access-Control-Allow-Origin: https://reurl.cc
P3P: CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Length: 0

GET
H2 200 ad.html Show response
img.scupio.com/html/ Frame 3493 83 KB
22 KB 61ms
60ms Document
text/html 13.32.110.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/html/ad.html?v=1.0.65
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-109.vie50.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: f670c1ad9fafff4387b4474fda0e68b090c975ddc416cf9f2aa64f50e1a4077c

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 1253
cache-control: max-age=2592000
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 29 Dec 2022 14:46:21 GMT
etag: W/"62fdf772-14d93"
expires: Sat, 28 Jan 2023 14:46:07 GMT
last-modified: Thu, 18 Aug 2022 08:25:22 GMT
server: nginx/1.12.1
vary: Origin
via: 1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront)
x-amz-cf-id: bc04zGGYhBwqfcx8-4PdhzQDJVv74l6Z6-6_OkSdaivVR_tOK-nr8A==
x-amz-cf-pop: VIE50-C2
x-cache: Hit from cloudfront

GET
H2 200 Preset.js Show response
adcdn.holmesmind.com/adserver/ Frame B040 6 KB
1 KB 134ms
36ms Script
text/html 2600:9000:2057:8c00:3:1794:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adcdn.holmesmind.com/adserver/Preset.js?z=14209
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8c00:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 26bebb3041ca9f054a20a3622385eaf9f8aa7a61b2fac7026111c9ebced41848

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:03:18 GMT
content-encoding: gzip
via: 1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA6-C1
age: 222
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
x-amz-cf-id: thP1l-XIvdsY1WYF3xNLR5zAqSpBAbbE7OkLPgAtNJ9J9tuc655A6A==

GET
H2 200 Preset.js Show response
adcdn.holmesmind.com/adserver/ Frame 93B5 784 B
693 B 135ms
38ms Script
text/html 2600:9000:2057:8c00:3:1794:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adcdn.holmesmind.com/adserver/Preset.js?z=13847
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8c00:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 5394648ec6d57a0077c7c0b8fa3bb894a86d224088c201c433a21bc58fd079f9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:03:18 GMT
content-encoding: gzip
via: 1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA6-C1
age: 222
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
x-amz-cf-id: eZV0BRwNfluYyJcElOWa1OTg_5-uHguffq3d6MngIZT76nTHMMC23w==

POST
H2 204 collect
region1.google-analytics.com/g/ 0
342 B 83ms
29ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-N394QBRGC0&gtm=2oebu0&_p=1369788673&cid=1999424911.1672326420&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1672326420&sct=1&seg=0&dl=https%3A%2F%2Freurl.cc%2FqZ40Kn&dt=Home&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Dec 2022 15:07:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame 443A 95 KB
96 KB 107ms
33ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 02:21:22 GMT
x-content-type-options: nosniff
age: 45938
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97163
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Dec 2023 02:21:22 GMT

GET
H2 200 prebid.js Show response
img.scupio.com/js/ Frame 443A 236 KB
83 KB 51ms
51ms Script
application/javascript 13.32.110.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-109.vie50.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 97a8ac3778e546a6f181085011be6050889e44dd212ac3e9782389f0b853c23d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://img.scupio.com/html/ad.html?v=1.0.65
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:06:16 GMT
content-encoding: gzip
via: 1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront)
last-modified: Tue, 28 Jun 2022 05:54:43 GMT
server: nginx/1.12.1
x-amz-cf-pop: VIE50-C2
age: 128
etag: W/"62ba97a3-3b047"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
x-amz-cf-id: WOteAWN-kPQj-CmtNCjDbyzO-xZPAQG40aMe5LAfk0HgHDBUAXlGLQ==
expires: Sat, 28 Jan 2023 15:04:52 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame 3493 95 KB
95 KB 132ms
69ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 02:21:22 GMT
x-content-type-options: nosniff
age: 45938
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97163
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Dec 2023 02:21:22 GMT

GET
H2 200 prebid.js Show response
img.scupio.com/js/ Frame 3493 236 KB
83 KB 81ms
80ms Script
application/javascript 13.32.110.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-109.vie50.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 97a8ac3778e546a6f181085011be6050889e44dd212ac3e9782389f0b853c23d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://img.scupio.com/html/ad.html?v=1.0.65
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:06:16 GMT
content-encoding: gzip
via: 1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront)
last-modified: Tue, 28 Jun 2022 05:54:43 GMT
server: nginx/1.12.1
x-amz-cf-pop: VIE50-C2
age: 128
etag: W/"62ba97a3-3b047"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
x-amz-cf-id: 6d5M7VednYMRDFJsUrVJTqLgWSbhJDXEnxHjMhmLuNkF4gOunwfU6w==
expires: Sat, 28 Jan 2023 15:04:52 GMT

GET
H2 200 ads.js Show response
ad.holmesmind.com/adserver/ Frame A638 2 KB
999 B 1157ms
530ms Script
text/html 52.196.193.254
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/ads.js?z=13856&rf=https%3A%2F%2Freurl.cc%2FqZ40Kn&n=519&o=1&d=1&b=2&ts=1&ii=3&FPCK=4330-miw3nKpsMAgVM7pzHomV2J6IiR1F9EVW&initver=210830P
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.196.193.254 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-196-193-254.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 06b4fcf0c85b5bdedb3840a5697e089f15dfaf17a6b9b366ba8331f9ea54e4d4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Thu, 29 Dec 2022 15:07:01 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 rtbhouseV2.js Show response
cdn.holmesmind.com/js/ Frame A638 3 KB
3 KB 34ms
33ms Script
application/javascript 2600:9000:206f:f400:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:f400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: null
date: Thu, 29 Dec 2022 15:06:38 GMT
via: 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
last-modified: Tue, 04 Aug 2020 09:25:10 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 54
etag: "6a605eea47197fa280f27aaf1fa1521d"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2773
x-amz-cf-id: cxekSYO34TUNJyew7pJZ_sX4AnJ16PT13YEqw2EDbgHQIVRUAs6T-A==

GET
H2 200 appierV2.js Show response
cdn.holmesmind.com/js/ Frame A638 3 KB
3 KB 34ms
34ms Script
application/javascript 2600:9000:206f:f400:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appierV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:f400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: null
date: Thu, 29 Dec 2022 15:06:38 GMT
via: 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
last-modified: Thu, 11 Mar 2021 07:54:26 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 54
etag: "548ed610a8571343fb3022f543174735"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 3177
x-amz-cf-id: XUGyw61mp41F5War_SLTMBHR1WgzF51afX6hwfnatjQcFbebSNsdzg==

GET
H2 200 ads.js Show response
ad.holmesmind.com/adserver/ Frame B040 0
214 B 1155ms
531ms Script
text/html 52.196.193.254
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/ads.js?z=14209&rf=https%3A%2F%2Freurl.cc%2FqZ40Kn&n=453&o=1&d=1&b=2&ts=1&ii=3&FPCK=4330-miw3nKpsMAgVM7pzHomV2J6IiR1F9EVW&initver=210830P
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.196.193.254 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-196-193-254.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Thu, 29 Dec 2022 15:07:01 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 ads.js Show response
ad.holmesmind.com/adserver/ Frame 93B5 0
214 B 1154ms
532ms Script
text/html 52.196.193.254
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/ads.js?z=13847&rf=https%3A%2F%2Freurl.cc%2FqZ40Kn&n=114&o=1&d=1&b=2&ts=1&ii=3&FPCK=4330-miw3nKpsMAgVM7pzHomV2J6IiR1F9EVW&initver=210830P
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.196.193.254 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-196-193-254.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Thu, 29 Dec 2022 15:07:01 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 rtbhouseV2.js Show response
cdn.holmesmind.com/js/ Frame 93B5 3 KB
3 KB 33ms
32ms Script
application/javascript 2600:9000:206f:f400:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:f400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: null
date: Thu, 29 Dec 2022 15:06:38 GMT
via: 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
last-modified: Tue, 04 Aug 2020 09:25:10 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 54
etag: "6a605eea47197fa280f27aaf1fa1521d"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2773
x-amz-cf-id: tQZFXvZbdIF5H7vzsgNGXBmm-RKwZt5K2CRDqfSeZtu0HRNDHLSQYw==

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame 93B5 121 KB
40 KB 120ms
67ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

87f31cded62015a1d11cce6be7a32b77405de2fb36f4b8a7c2c5a4ccabd6a403

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
server: nginx
etag: W/"6356752f-1e444"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 30 Dec 2022 15:07:00 GMT

GET
H2 200 criteoV2.js Show response
cdn.holmesmind.com/js/ Frame 93B5 2 KB
3 KB 36ms
35ms Script
application/javascript 2600:9000:206f:f400:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/criteoV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:f400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: null
date: Thu, 29 Dec 2022 15:06:38 GMT
via: 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
last-modified: Tue, 04 Aug 2020 09:25:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 54
etag: "e8f33fcb581483ced4a09b3c8e7550e4"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2443
x-amz-cf-id: zQkH0It-MSNC8DskJRbr5VPrtY9bHUXemvAhcf-ydghBLpr4GNlXVg==

GET
H2 200 bridgewellV3.js Show response
cdn.holmesmind.com/js/ Frame 93B5 4 KB
5 KB 35ms
34ms Script
application/javascript 2600:9000:206f:f400:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:f400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: null
date: Thu, 29 Dec 2022 15:06:41 GMT
via: 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
last-modified: Tue, 20 Apr 2021 06:25:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 38
etag: "c3b948e5a48dd0ec20c265d6d8da7add"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 4530
x-amz-cf-id: 4LocWIKCCwUyRzQzmYHCro0mMv4518aM3JPEGpa8tfi9bzjmfNalpw==

GET
H2 200 appierV2.js Show response
cdn.holmesmind.com/js/ Frame 93B5 3 KB
3 KB 33ms
32ms Script
application/javascript 2600:9000:206f:f400:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appierV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:f400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: null
date: Thu, 29 Dec 2022 15:06:38 GMT
via: 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
last-modified: Thu, 11 Mar 2021 07:54:26 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 54
etag: "548ed610a8571343fb3022f543174735"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 3177
x-amz-cf-id: H8N1uB6lCAGedH9W7nb46B27l8mxwsMqIIaUFP80J9PHjqgnudWkIQ==

GET
H2 200 appier_mainV3.js Show response
cdn.holmesmind.com/js/ Frame 93B5 6 KB
7 KB 39ms
39ms Script
application/javascript 2600:9000:206f:f400:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:f400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7d1b32ac68941e60bacfe0ab1c5eab749868a0278495eaf50a17da2c95b8f3e1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: OsKd1EEmixEwNImqE_Ez2qHyKZ95G9Ob
date: Thu, 29 Dec 2022 15:06:41 GMT
via: 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
last-modified: Mon, 05 Dec 2022 08:02:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 52
etag: "dfd6bf39aeff48b2d3414a18a5a4d36e"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 6650
x-amz-cf-id: lkzv1razQ24dextFnW6hBNR2lhj5dyMQEonGSdhP9uc9YUcKyVEO0A==

GET
H2 200 prebid_mainV3.js Show response
cdn.holmesmind.com/js/ Frame 93B5 3 KB
4 KB 35ms
35ms Script
application/javascript 2600:9000:206f:f400:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/prebid_mainV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:f400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 389b91144853a1a80fad740f12a1404d1643762544449957f4f3f83a0dae6407

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: FYGexi3MgMd3Tp0dXQOYmVyXAUdSSAgT
date: Thu, 29 Dec 2022 15:06:41 GMT
via: 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
last-modified: Thu, 29 Dec 2022 03:00:51 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 25
etag: "7753ff9974b2c2ef1e17c8d4794535cf"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 3396
x-amz-cf-id: sBBwAH0CjYluGAzUq_ZIQl4cwtvNabYnAqh5ryFCa4nEmNCBLzItag==

GET
H2 200 ads.js Show response
ad.holmesmind.com/adserver/ Frame 50A7 2 KB
1 KB 905ms
287ms Script
text/html 52.196.193.254
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/ads.js?z=14210&rf=https%3A%2F%2Freurl.cc%2FqZ40Kn&n=182&o=1&d=1&b=2&ts=1&ii=3&FPCK=4330-miw3nKpsMAgVM7pzHomV2J6IiR1F9EVW&initver=210830P
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.196.193.254 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-196-193-254.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 8c072638766e19e619b658fbbe0ff10a96fa3ad2a26994a318d16f67a2b8a5a2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Thu, 29 Dec 2022 15:07:01 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 rtbhouseV2.js Show response
cdn.holmesmind.com/js/ Frame 50A7 3 KB
3 KB 39ms
37ms Script
application/javascript 2600:9000:206f:f400:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:f400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: null
date: Thu, 29 Dec 2022 15:06:38 GMT
via: 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
last-modified: Tue, 04 Aug 2020 09:25:10 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 54
etag: "6a605eea47197fa280f27aaf1fa1521d"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2773
x-amz-cf-id: mOLoeKO6aHUQHCpBu-k9fuJw_EiV8AXckg6dm5EgnUnLbYW1VOhQ_w==

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame 50A7 121 KB
40 KB 98ms
49ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

87f31cded62015a1d11cce6be7a32b77405de2fb36f4b8a7c2c5a4ccabd6a403

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
server: nginx
etag: W/"6356752f-1e444"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 30 Dec 2022 15:07:00 GMT

GET
H2 200 criteoV2.js Show response
cdn.holmesmind.com/js/ Frame 50A7 2 KB
3 KB 39ms
37ms Script
application/javascript 2600:9000:206f:f400:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/criteoV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:f400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: null
date: Thu, 29 Dec 2022 15:06:38 GMT
via: 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
last-modified: Tue, 04 Aug 2020 09:25:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 54
etag: "e8f33fcb581483ced4a09b3c8e7550e4"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2443
x-amz-cf-id: ZUhTDu8MrO46d7s4TpJxJss969H3z6DdNNgT_7w3O6WA4FxpIOVyOg==

GET
H2 200 bridgewellV3.js Show response
cdn.holmesmind.com/js/ Frame 50A7 4 KB
5 KB 55ms
53ms Script
application/javascript 2600:9000:206f:f400:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:f400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: null
date: Thu, 29 Dec 2022 15:06:41 GMT
via: 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
last-modified: Tue, 20 Apr 2021 06:25:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 38
etag: "c3b948e5a48dd0ec20c265d6d8da7add"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 4530
x-amz-cf-id: -9Y5XN4SqW_Nx0tzWrl9QDYvnZ9nsImslgUW-cnnOy1mavalyopUig==

GET
H2 200 appierV2.js Show response
cdn.holmesmind.com/js/ Frame 50A7 3 KB
3 KB 55ms
54ms Script
application/javascript 2600:9000:206f:f400:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appierV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:f400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: null
date: Thu, 29 Dec 2022 15:06:38 GMT
via: 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
last-modified: Thu, 11 Mar 2021 07:54:26 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 54
etag: "548ed610a8571343fb3022f543174735"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 3177
x-amz-cf-id: ZfQTFVgLY6MWN1D32sKZiTW_jgKmMyy6VBkPZ_9___AX6ZFbB1iXSw==

GET
H2 200 appier_mainV3.js Show response
cdn.holmesmind.com/js/ Frame 50A7 6 KB
7 KB 57ms
56ms Script
application/javascript 2600:9000:206f:f400:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:f400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7d1b32ac68941e60bacfe0ab1c5eab749868a0278495eaf50a17da2c95b8f3e1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: OsKd1EEmixEwNImqE_Ez2qHyKZ95G9Ob
date: Thu, 29 Dec 2022 15:06:41 GMT
via: 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
last-modified: Mon, 05 Dec 2022 08:02:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 52
etag: "dfd6bf39aeff48b2d3414a18a5a4d36e"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 6650
x-amz-cf-id: eogGpSIZ1oW_-0IZcbKxUrwfkE7KkTyO1RwdxAt6fuxJ6sc_M6QP5g==

GET
H2 200 prebid_mainV3.js Show response
cdn.holmesmind.com/js/ Frame 50A7 3 KB
4 KB 58ms
57ms Script
application/javascript 2600:9000:206f:f400:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/prebid_mainV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:f400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 389b91144853a1a80fad740f12a1404d1643762544449957f4f3f83a0dae6407

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: FYGexi3MgMd3Tp0dXQOYmVyXAUdSSAgT
date: Thu, 29 Dec 2022 15:06:41 GMT
via: 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
last-modified: Thu, 29 Dec 2022 03:00:51 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 25
etag: "7753ff9974b2c2ef1e17c8d4794535cf"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 3396
x-amz-cf-id: -UdPx1Ae6F2__uDVOndcyf0kPYT5wDrnWbOVwqETV_X_9LOuaZcnrQ==

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame A638 0
170 B 542ms
177ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://reurl.cc
date: Thu, 29 Dec 2022 15:07:00 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame A638
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=Bc2btXjeAVmgHtePFa2tYw

2 B
19 B

333ms
280ms

XHR
application/json

34.96.119.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=Bc2btXjeAVmgHtePFa2tYw
Requested by: Host: reurl.cc
URL: https://reurl.cc/qZ40Kn
Protocol: H3
Server: 34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:02 GMT
via: 1.1 google
server: nginx/1.19.0
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Thu, 29 Dec 2022 15:07:01 GMT
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=Bc2btXjeAVmgHtePFa2tYw
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame 93B5 0
170 B 537ms
176ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://reurl.cc
date: Thu, 29 Dec 2022 15:07:00 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame 93B5
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=Du71vSUDAKa3rHwaFq2tYw

2 B
19 B

287ms
287ms

XHR
application/json

34.96.119.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=Du71vSUDAKa3rHwaFq2tYw
Requested by: Host: reurl.cc
URL: https://reurl.cc/qZ40Kn
Protocol: H3
Server: 34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:02 GMT
via: 1.1 google
server: nginx/1.19.0
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Thu, 29 Dec 2022 15:07:02 GMT
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=Du71vSUDAKa3rHwaFq2tYw
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame 93B5
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=JAawvSMrB2KFgrCFFq2tYw

2 B
19 B

286ms
285ms

XHR
application/json

34.96.119.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=JAawvSMrB2KFgrCFFq2tYw
Requested by: Host: reurl.cc
URL: https://reurl.cc/qZ40Kn
Protocol: H3
Server: 34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:02 GMT
via: 1.1 google
server: nginx/1.19.0
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Thu, 29 Dec 2022 15:07:02 GMT
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=JAawvSMrB2KFgrCFFq2tYw
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame 93B5
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=RnQ27-73C6C4NBJPFq2tYw

2 B
19 B

296ms
296ms

XHR
application/json

34.96.119.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=RnQ27-73C6C4NBJPFq2tYw
Requested by: Host: reurl.cc
URL: https://reurl.cc/qZ40Kn
Protocol: H3
Server: 34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:02 GMT
via: 1.1 google
server: nginx/1.19.0
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Thu, 29 Dec 2022 15:07:02 GMT
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=RnQ27-73C6C4NBJPFq2tYw
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

GET
H2 200 JZyaxFmgdUX.css
static.xx.fbcdn.net/rsrc.php/v3/yu/l/0,cross/ Frame DA83 19 KB
5 KB 107ms
39ms Stylesheet
text/css 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yu/l/0,cross/JZyaxFmgdUX.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1d33e7a8a23c1fc4d5387ac8f94f3d23f32150ea835e6b782d5c49c504e9d2be

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:00 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: TY+M0GQ1evujbIhmaRyGvg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4973
x-fb-rlafr: 0
x-fb-debug: Ha5fAJyjQz7Tqx2RwMBLPPXNqZvPuEpJNbaZiK7VCStK2lwueMC7Vb/Rkdj4uvpkwKhfcVrFlNLqTMRmaBQo/w==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 28 Dec 2023 19:19:28 GMT

GET
H2 200 k9frVvgZWTr.css
static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/ Frame DA83 2 KB
1 KB 102ms
34ms Stylesheet
text/css 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/k9frVvgZWTr.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cb5c67ccd076f55e9436fb016a51b3c33f646751187a7e0053908ca5e265108b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:00 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: q6bCky1+00PrRbx3auADnQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 833
x-fb-rlafr: 0
x-fb-debug: hGJFGWeWZqdqXgT35aAKO8vmBWBrD1WdMlmKwOgejuoGKcAaj3hg0Mp/umptpS+SJd1g3Abx5hztTCSkr62YKQ==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 15 Dec 2023 15:27:28 GMT

GET
H2 200 5Efu-Dd9ERG.css
static.xx.fbcdn.net/rsrc.php/v3/yZ/l/0,cross/ Frame DA83 33 KB
6 KB 106ms
38ms Stylesheet
text/css 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yZ/l/0,cross/5Efu-Dd9ERG.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0dbdba4e3ae519ca99e112e64fc41409518bc3356804b0a52116c4d88def2774

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:00 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: fl5R7gBdn+7q3joF/eO71w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6398
x-fb-rlafr: 0
x-fb-debug: Mf8TgPHjwljDYtIIBtjqLC1eEFL6fITr+BRd5CuHWp7Gy7JtrRNQ12IpTwngjZ1bZkXpedV6nrx9ZcN1d2uDQA==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 27 Dec 2023 16:02:08 GMT

POST
H/1.1 200
OK prebid.json Show response
prebid.cht.hinet.net/api/v1/request/ Frame 93B5 2 B
498 B 773ms
234ms XHR
application/json 203.75.213.62
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://prebid.cht.hinet.net/api/v1/request/prebid.json

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/prebid_mainV3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.213.62 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

nginx/1.21.1 /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://reurl.cc/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 29 Dec 2022 15:07:01 GMT
Strict-Transport-Security: max-age=0
Server: nginx/1.21.1
vary: Origin
Content-Type: application/json
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 2

POST
H/1.1 200
OK prebid.json Show response
prebid.cht.hinet.net/api/v1/request/ Frame 93B5 2 B
498 B 799ms
245ms XHR
application/json 203.75.213.62
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://prebid.cht.hinet.net/api/v1/request/prebid.json

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/prebid_mainV3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.213.62 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

nginx/1.21.1 /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://reurl.cc/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 29 Dec 2022 15:07:01 GMT
Strict-Transport-Security: max-age=0
Server: nginx/1.21.1
vary: Origin
Content-Type: application/json
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 2

POST
H2 204 prebid.aspx Show response
prebid.scupio.com/recweb/ Frame 93B5 0
27 B 762ms
259ms XHR
text/html 210.59.219.181
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.scupio.com/recweb/prebid.aspx?cb=0.59163026925996
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 210.59.219.181 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 29 Dec 2022 15:07:01 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: text/html
access-control-allow-origin: https://reurl.cc
cache-control: private
access-control-allow-credentials: true

POST
H2 204 prebid.aspx Show response
prebid.scupio.com/recweb/ Frame 93B5 0
27 B 761ms
259ms XHR
text/html 210.59.219.181
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.scupio.com/recweb/prebid.aspx?cb=0.2214905393581048
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 210.59.219.181 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 29 Dec 2022 15:07:01 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: text/html
access-control-allow-origin: https://reurl.cc
cache-control: private
access-control-allow-credentials: true

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame 93B5
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=SzhF8S7_CWOZAAusFq2tYw

2 B
19 B

284ms
284ms

XHR
application/json

34.96.119.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=SzhF8S7_CWOZAAusFq2tYw
Requested by: Host: reurl.cc
URL: https://reurl.cc/qZ40Kn
Protocol: H3
Server: 34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:02 GMT
via: 1.1 google
server: nginx/1.19.0
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Thu, 29 Dec 2022 15:07:02 GMT
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=SzhF8S7_CWOZAAusFq2tYw
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame 50A7 0
171 B 487ms
176ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://reurl.cc
date: Thu, 29 Dec 2022 15:07:00 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 204 prebid.aspx Show response
prebid.scupio.com/recweb/ Frame 50A7 0
159 B 759ms
258ms XHR
text/html 210.59.219.181
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.scupio.com/recweb/prebid.aspx?cb=0.1523807239384587
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 210.59.219.181 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 29 Dec 2022 15:07:01 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: text/html
access-control-allow-origin: https://reurl.cc
cache-control: private
access-control-allow-credentials: true

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame 50A7
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=1EcBfsL1DHmVu9AzFq2tYw

2 B
19 B

289ms
289ms

XHR
application/json

34.96.119.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=1EcBfsL1DHmVu9AzFq2tYw
Requested by: Host: reurl.cc
URL: https://reurl.cc/qZ40Kn
Protocol: H3
Server: 34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:02 GMT
via: 1.1 google
server: nginx/1.19.0
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Thu, 29 Dec 2022 15:07:02 GMT
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=1EcBfsL1DHmVu9AzFq2tYw
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame 50A7
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=tuOyO1fUA1CwGkS8Fq2tYw

2 B
19 B

286ms
286ms

XHR
application/json

34.96.119.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=tuOyO1fUA1CwGkS8Fq2tYw
Requested by: Host: reurl.cc
URL: https://reurl.cc/qZ40Kn
Protocol: H3
Server: 34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:02 GMT
via: 1.1 google
server: nginx/1.19.0
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Thu, 29 Dec 2022 15:07:02 GMT
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=tuOyO1fUA1CwGkS8Fq2tYw
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK prebid.json Show response
prebid.cht.hinet.net/api/v1/request/ Frame 50A7 2 B
498 B 825ms
254ms XHR
application/json 203.75.213.62
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://prebid.cht.hinet.net/api/v1/request/prebid.json

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/prebid_mainV3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.213.62 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

nginx/1.21.1 /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://reurl.cc/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 29 Dec 2022 15:07:01 GMT
Strict-Transport-Security: max-age=0
Server: nginx/1.21.1
vary: Origin
Content-Type: application/json
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 2

GET
H2 200 w2P8R1pWsSd.css
static.xx.fbcdn.net/rsrc.php/v3/yD/l/0,cross/ Frame DA83 18 KB
5 KB 82ms
34ms Stylesheet
text/css 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yD/l/0,cross/w2P8R1pWsSd.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

18bde83594a1ac0625022ccd5b99af4d2b17f989aef1ede4016a1349af84b992

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:00 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: YfXCH7F+rwEGe/pyHhwUlQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4784
x-fb-rlafr: 0
x-fb-debug: CqbUfKsEf+hL9rJ7HusfvuWodCzJoXRpMyK+0TA9a/xlN625FQgaulvTZVfDSINNfxJ4XCYL6PYWLz+A8pzxgg==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 28 Dec 2023 19:20:24 GMT

GET
H2 200 Qzn2RIyQjXT.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yE/r/ Frame DA83 305 KB
81 KB 88ms
39ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yE/r/Qzn2RIyQjXT.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

08bd4dabba430e39f74aa9770bfafa097db6326d0d5593e841d7f2d4a801dad2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:00 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: KrVT92UrAudZwVhYX85qpQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 82832
x-fb-rlafr: 0
x-fb-debug: CmoUJDXXNefV3Q4eBKyKjMuBf1L3D+UWNAUEmOmKUXGknwv1+cZvzF0j+pHr7kcC5+7/VVvPr2rSFcllvt4Ilg==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 27 Dec 2023 20:05:54 GMT

GET
H2 200 8LoDHCcRMmF.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y6/r/ Frame DA83 38 KB
12 KB 88ms
40ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y6/r/8LoDHCcRMmF.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f93df2735d94cf2ebfc2f07b0f8038e4c9e177d89e3e8b7cd1604e23c556f63b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:00 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: GtFa/ANPMQQnyBsHWWA6Kw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 12334
x-fb-rlafr: 0
x-fb-debug: HgQe1kFIPVWoMR/ddokq+u2Fs79VYiM0U8uLy7HY7eTitsP151iYhqTsBPjg2JbZBVemYfNfEDk+qqD9izThIw==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 29 Dec 2023 13:29:04 GMT

GET
H2 200 bPhRbIw5d4Y.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yR/r/ Frame DA83 51 KB
16 KB 154ms
106ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yR/r/bPhRbIw5d4Y.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dc07d382f00a25c7cab4993b3675027b7ba9fdf978474e9611aadde6383d9a57

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:00 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: yS75TjCi3ZRz/Z/lM0crcw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 16232
x-fb-rlafr: 0
x-fb-debug: +EkNuky58kfhUUrwb8YQ88PTFDcK5Ckh0Gd16CcMyJSJtSBAij3i1yVLLLHdco1XmvYdb+UtxxsOspDMHV7rAQ==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 21 Dec 2023 16:16:46 GMT

GET
H2 200 0cKQbVrk19s.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yZ/r/ Frame DA83 18 KB
6 KB 162ms
115ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yZ/r/0cKQbVrk19s.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

42319f941cd9da4e2937e856dbb573f3fa9fb05e6784a5fb3761f7b8c91ac724

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:00 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: q8AcXLnh9lqBhL0/oorl3w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6166
x-fb-rlafr: 0
x-fb-debug: tzLlLQEsc2Ryk19RXrTzf9M3Geiuw/ZVT4zswPdoaSyHudCctOxEoSWMW6w7zcTY1QL5dkWX2rVhxYIKNPIXxQ==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sat, 16 Dec 2023 16:24:39 GMT

GET
H2 200 roLd2lgDwFd.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y1/r/ Frame DA83 25 KB
8 KB 154ms
107ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y1/r/roLd2lgDwFd.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d604a45ee42c0e5018298e6c8ef96bbaa5cfab2781f4ff324eb088c45ab02526

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:00 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: tPH/GJw3/iK0U/qYlDPIiA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 8476
x-fb-rlafr: 0
x-fb-debug: WeeH2vLLG1tj0VyWvYZsPdoQwZMNWuGE7tIE79huYrgMjpcv4w0YyQBkKqTeftIkFp9nRRleexEnatAgBa5YHg==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 19 Dec 2023 15:19:32 GMT

GET
H2 200 PlsnJC666Fj.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yL/r/ Frame DA83 22 KB
7 KB 154ms
107ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yL/r/PlsnJC666Fj.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

97e2c43cec6a899062fa577fa6ea91618ffdcd2d3d335ad82568fc5357ecee31

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:00 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: hVuam4DUwYYlPrpODRSxjQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6772
x-fb-rlafr: 0
x-fb-debug: Iug0zhX0rbygAoJKMNTaOv4Jue/Nd5IqJfUDO5cNTx1578Bk/8RDjMsFkrV0LneKfs8PMDdFIzUObTCd4LI6Qg==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 16 Dec 2023 09:46:44 GMT

GET
H2 200 p55HfXW__mM.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame DA83 507 B
485 B 158ms
111ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:00 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: L5E9gSgR735vyjAzTFly4g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 293
x-fb-rlafr: 0
x-fb-debug: KD2gZV48bOYu3N/hqTeisqWoOZ7UJyEPptGARisN8FmcxSQ7zhFOTyblhaC/E2wi0lt+Y1wnJrcIRRo8QGyNZQ==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 15 Dec 2023 16:54:48 GMT

GET
H2 200 h-L8FQ7MyJY.js Show response
static.xx.fbcdn.net/rsrc.php/v3ioBv4/yZ/l/nl_NL/ Frame DA83 25 KB
7 KB 162ms
115ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3ioBv4/yZ/l/nl_NL/h-L8FQ7MyJY.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e50f293387564c263be501922cbc3241720dd251b9dd876bcbd10f9c27b6189

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:00 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: z/8XPEtELS9VZNkauDtcWg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7101
x-fb-rlafr: 0
x-fb-debug: egUiPE4CflV92WqrtohjqHIpHYzLEXzX7TBwhzuJ3+CwRSMGU/9tVb7NSSTfWdC92LAZE/++hlB9Ds8w7KoRoQ==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 29 Dec 2023 01:40:35 GMT

GET
H2 200 GG1Y0sYc7My.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yv/r/ Frame DA83 5 KB
2 KB 85ms
40ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8b95825e949e0d6c15b2cea8657756404426fe621d9c187dafb1c7b5133fad87

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:00 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: koakLGY1v5R2GWTxsSnA3g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1615
x-fb-rlafr: 0
x-fb-debug: k24In7YtTC0lTM11wv8/vTZm/viWziNGFz4sXJP5NUjf+Amq/3sC1CllBaUpTnGKDRv6U+wHn24BKU1e/AFBtw==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 29 Dec 2023 01:35:30 GMT

GET
H2 200 ACK0uX4zgFf.js Show response
static.xx.fbcdn.net/rsrc.php/v3i2tE4/yw/l/nl_NL/ Frame DA83 84 KB
23 KB 161ms
116ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i2tE4/yw/l/nl_NL/ACK0uX4zgFf.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2cd3dd86a10bed2c8cbfd3ddf70c234670f352fb4490599b152385509a1da420

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:00 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: sOCW3Aac3zEcoFhrldlUZw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 23535
x-fb-rlafr: 0
x-fb-debug: 3tC+rXenUCoV+4ky/CvvYhhLCK4FV1Qb4silbHq8JQ1zopaxluUKiarOJesgU/KIp7A5ZQtDj8MIeq1aV1Cqsg==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Wed, 27 Dec 2023 20:31:13 GMT

GET
H2 200 7Nmln25n6YE.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yY/r/ Frame DA83 22 KB
7 KB 85ms
39ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yY/r/7Nmln25n6YE.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7e0085a77923b9e5a13ae8105a8e54337d44464f114e6d9c58a3c06a9cbcbc61

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:00 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: fLiXl86iqEuUjfrlPQyQ1A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7199
x-fb-rlafr: 0
x-fb-debug: DX0Boq+QGfxct2bY2+lJiqvIhlE3sj6yj71qIFSLYbkaS6nYa4LEugFbjuJ7dIOoRtOh3EfaAWaizvIijtw1sQ==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 28 Dec 2023 19:58:06 GMT

GET
H2 200 9fMM4A3C7jT.js Show response
static.xx.fbcdn.net/rsrc.php/v3iHcB4/yv/l/nl_NL/ Frame DA83 335 KB
78 KB 160ms
115ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iHcB4/yv/l/nl_NL/9fMM4A3C7jT.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c14bf9e053b0b1a11a226f181bd3e533edf602b1a07199a51d6bd19bfdc6326a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:00 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: CfXwYiCEnnhIIN7KwUIPRQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 79937
x-fb-rlafr: 0
x-fb-debug: AlBI9WcduvwqsVy2duYAI2sr7UVVd35mOIvhhhqxfOxL4Fq36ZQT/YShnJP1lawn6a5t+LWxAd6lTUkOTQtGjg==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 15 Dec 2023 17:53:04 GMT

GET
H2 200 e1jyP5qyt3T.js Show response
static.xx.fbcdn.net/rsrc.php/v3iLmk4/ye/l/nl_NL/ Frame DA83 424 KB
99 KB 161ms
116ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iLmk4/ye/l/nl_NL/e1jyP5qyt3T.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

86f50126ec8550b0e0fee6731eee0dac01dcf47ee6fb41f15fbe50a73481e6a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:00 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: ffh3ey4kCh93CNOL8KuQ0A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 101436
x-fb-rlafr: 0
x-fb-debug: 9Q/SPmuB2PotMulNA/kYs48kj+K0LfVURrqyyymEDSzDtFAbHS7xI1L2umIArMPat26w18TKD3gu5LOSqkAVOw==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 15 Dec 2023 17:53:04 GMT

GET
H2 200 O-20ODj3dPM.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y6/r/ Frame DA83 17 KB
6 KB 157ms
112ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y6/r/O-20ODj3dPM.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

60b60e33276403903eb7698874db345fd8b8cc458137803ea5a992ee1b76e47a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:00 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 4bd5tExZaGGDVNP02k9ZcQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6065
x-fb-rlafr: 0
x-fb-debug: G6l+WrzUvWbYtq0nL9BLv551OwwdB5VIPc8BSGjzRNo2YiR+G63Ehi+2gSAMDvyCgwRDhkKhUx5m0ILVStWWVg==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 28 Dec 2023 19:17:32 GMT

GET
H2 200 C8hbKUiuCgi.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame DA83 11 KB
4 KB 159ms
114ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/C8hbKUiuCgi.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bb7f6e1486453d58409d542e4822f5d950eea4a9465ba9fead09fcb2c8ebdae3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:00 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: j8waFmx0KszZbUVlzw+m+A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3575
x-fb-rlafr: 0
x-fb-debug: X5Y9LEWZab61XqM9qDNhTVpRzSwdPzmMTI98wsm0kL7QAeM++g9mQAjr/FSs0x3fxEtk72/w+hDA1GDmNTO42A==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 15 Dec 2023 16:15:34 GMT

GET
H2 200 2f61oWyjOj5.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yy/r/ Frame DA83 14 KB
5 KB 156ms
111ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yy/r/2f61oWyjOj5.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8f6a6fda1fdc0a8a8ba1494660498fd978611bf1046409dd648cb7829716f5b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:00 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: LzvT9doqy1WCjF3O/eiidA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5358
x-fb-rlafr: 0
x-fb-debug: Augj4t7Ls9R7jzb0rnYlXGBp18hN8XjDQLc3bfXzvEOCVR57ePucfF0Fpeoux8a1Hm/grLpAjKR/Hx6NU8Oghw==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 26 Dec 2023 19:18:46 GMT

GET
H2 200 -UiReSjdfva.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame DA83 896 B
585 B 156ms
111ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/-UiReSjdfva.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7bfaad9ea52eb81c6c2d16774a2800c33a170e8790f449f04e14630bf5796960

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:00 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: CYSkyKSmzRWXTIWFtwAzrQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 390
x-fb-rlafr: 0
x-fb-debug: 9yP63i/ph8FHLM2kwWx/5Mst8Ffm5aTY3rAhJiRF4XpEPxSWjCmZeOpsSAdvnJGDq+TjWhfZRzCDRIYEj+TtLQ==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 21 Dec 2023 19:11:41 GMT

GET
H2 200 h8ulkmpky8f.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yG/r/ Frame DA83 55 KB
15 KB 159ms
115ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yG/r/h8ulkmpky8f.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

de22251de744ea11cc272908446d053d0a9012b7356ee1ba8b7561337d0f71fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:00 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: lbhbphR1BNPxW6RqDJiiow==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 15174
x-fb-rlafr: 0
x-fb-debug: ezfLKHRadM1/DAuQlX4T0jzdhpj/8Qc3QDt6EhydVbu3ZqMGnEMiqYnn6CuPK/BTktnObeDZIVQqutAHptcmQw==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sun, 24 Dec 2023 15:52:06 GMT

GET
H2 200 269546106_682875953118913_5806549178849375890_n.jpg
scontent.xx.fbcdn.net/v/t39.30808-6/ Frame DA83 18 KB
18 KB 35ms
34ms Image
image/jpeg 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.xx.fbcdn.net/v/t39.30808-6/269546106_682875953118913_5806549178849375890_n.jpg?stp=dst-jpg_s350x350&_nc_cat=106&ccb=1-7&_nc_sid=dd9801&_nc_ohc=rc89i7cGnewAX-BWq7_&_nc_ht=scontent.xx&edm=ADwHzz8EAAAA&oh=00_AfDmKbV5Rbma_v3l9jDrK2MHEYxmk0xdcn09p73BYpOVuw&oe=63B33ACC
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 571da35bdddda7ec4fccd594181c04e2c5db4285be67907abea45daad789ebf7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-haystack-needlechecksum: 2787905246
date: Thu, 29 Dec 2022 15:07:00 GMT
x-fb-trip-id: 917726464
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Fri, 24 Dec 2021 06:59:33 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=3014635661
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 250743086
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 18831

GET
H2 200 305964663_450890893727816_1742559653774706626_n.jpg
scontent.xx.fbcdn.net/v/t39.30808-1/ Frame DA83 1 KB
2 KB 33ms
32ms Image
image/jpeg 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.xx.fbcdn.net/v/t39.30808-1/305964663_450890893727816_1742559653774706626_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=1&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=lldV06Va-W0AX91-dQ1&_nc_ht=scontent.xx&edm=ADwHzz8EAAAA&oh=00_AfCfZTV1H8RSkU9fOIp7aHbVxB9seGVh5yDjI1fJbi9rnA&oe=63B369D5
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 4636fb9df5ae103fbad3764c9f98400be1c9384cbe77fdb6951b96adcac788b1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-haystack-needlechecksum: 760809244
date: Thu, 29 Dec 2022 15:07:00 GMT
x-fb-trip-id: 917726464
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Thu, 08 Sep 2022 19:16:03 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=2540016234
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 88386505
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 1345

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 50A7 177 B
426 B 294ms
39ms XHR
application/json 2a02:2638:1::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=132&profileId=184&cb=40608053544

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

b855519c41df12dd59dbb1cdcc7fc09a2cc55a4e4737ca510cd38fb8dffc43ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 29 Dec 2022 15:07:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 164

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 93B5 177 B
426 B 246ms
35ms XHR
application/json 2a02:2638:1::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=132&profileId=184&cb=20670438366

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

fe1f19d5e575f15242f91fff59b0b3be586a586e2ac8ea192bafce4e4850eaa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 29 Dec 2022 15:07:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 163

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 93B5 177 B
425 B 253ms
43ms XHR
application/json 2a02:2638:1::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=132&profileId=184&cb=86179301634

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

fa3468ea422c09f79d2e84cea9903ca17acb7f9bb27fda0de35129893e55f6c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 29 Dec 2022 15:06:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 163

GET
H2 200 1672308694-98fde3436dd407b3e2a0ba518ec8ec86-840x525.jpg
img.gbyhn.com.tw/2022/12/ 96 KB
96 KB 644ms
35ms Image
image/jpeg 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gbyhn.com.tw/2022/12/1672308694-98fde3436dd407b3e2a0ba518ec8ec86-840x525.jpg
Requested by: Host: reurl.cc
URL: https://reurl.cc/qZ40Kn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c67c92403e57e7d689d10f3e6ede0781b6a106aa3e698470bf591d71da9aec75

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:01 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 14176
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 97927
last-modified: Thu, 29 Dec 2022 10:11:35 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BdRGjY5hizhUmGTT2NQXcd9j%2BqMEFPDJpV9OCMfg4elVtGcwseGbCfYZszO0lVco%2Bhrksf08Qo8wop6O1qdHgh5AVxF0VJxLtcP1ZQeUWGgXj6QgHzm3BswmG5V3vrRJ6OK%2FnpOPjm7L8jmc4NxE"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 781371648a860a4c-AMS
expires: Thu, 05 Jan 2023 10:26:14 GMT

GET
H2 200 %E5%B9%A3%E5%AE%89LOGO.jpg
blog.alphaloan.co/wp-content/uploads/2022/12/ 19 KB
19 KB 436ms
278ms Image
image/jpeg 192.0.78.236
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.alphaloan.co/wp-content/uploads/2022/12/%E5%B9%A3%E5%AE%89LOGO.jpg

Requested by

Host: reurl.cc
URL: https://reurl.cc/qZ40Kn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.236 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

ceb3e134330633f08e1a0cf4219b6dbc47e4acf59e0a49d0e47ff96182e89d3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:01 GMT
strict-transport-security: max-age=31536000
x-ac: 5.ams _atomic_ams BYPASS
last-modified: Wed, 28 Dec 2022 13:01:07 GMT
server: nginx
etag: "63ac3e13-4c4c"
access-control-allow-methods: GET, HEAD
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 19532
expires: Thu, 05 Jan 2023 15:07:00 GMT

GET
H2 200 img_1627-scaled.jpg
i0.wp.com/golike.tw/wp-content/uploads/2022/12/ 432 KB
433 KB 113ms
37ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/golike.tw/wp-content/uploads/2022/12/img_1627-scaled.jpg?fit=2560%2C1920&ssl=1

Requested by

Host: reurl.cc
URL: https://reurl.cc/qZ40Kn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

7083ce4852a7799cf8b96dbb510285ae1648f7e18eef47437035924a16a13f49

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-nc: HIT ams 3
date: Thu, 29 Dec 2022 15:07:00 GMT
x-content-type-options: nosniff
last-modified: Thu, 29 Dec 2022 09:06:03 GMT
server: nginx
etag: "ba86ea47f4b9c98c"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://golike.tw/wp-content/uploads/2022/12/img_1627-scaled.jpg>; rel="canonical"
content-length: 442124
expires: Sat, 28 Dec 2024 21:06:03 GMT

GET
H2 200 2022032302510635.jpg
img.racingcharger.tw/wp-content/uploads/ 117 KB
117 KB 265ms
40ms Image
image/jpeg 2a06:98c1:3121::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.racingcharger.tw/wp-content/uploads/2022032302510635.jpg
Requested by: Host: reurl.cc
URL: https://reurl.cc/qZ40Kn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dca08fdaefe17d482d397a2c05ed26612b4b4092411100248ec61f5b32623bac

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:00 GMT
cf-cache-status: HIT
last-modified: Wed, 23 Mar 2022 02:51:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 21334
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p%2FZYKjTEv%2FI2JEun%2BFIv25o%2FN85iqLTvINNRz%2BKsJAwmYnCncpNJ10uectmfMVE1olgdPbjYXlObuePWZ5eBsLzHKJAaaOyhkNzEcBVLjdbrFSKulZOvJF3h2wIveqGUeTzjlpgmzLgY9bxoMCFdL5f9HA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 781371621da51b07-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 119356

GET
H2 200 %E8%81%AF%E9%82%A6%E5%90%89%E9%B6%B4%E5%8D%A1%EF%BC%8C%E6%97%A5%E6%9C%AC%E6%B6%88%E8%B2%BB%E6%9C%80%E9%AB%98-5-%E5%9B%9E%E9%A5%8B-1-1080x630.jpg
creditcards.com.tw/wp-content/uploads/2022/07/ 55 KB
56 KB 937ms
322ms Image
image/webp 192.0.78.244
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://creditcards.com.tw/wp-content/uploads/2022/07/%E8%81%AF%E9%82%A6%E5%90%89%E9%B6%B4%E5%8D%A1%EF%BC%8C%E6%97%A5%E6%9C%AC%E6%B6%88%E8%B2%BB%E6%9C%80%E9%AB%98-5-%E5%9B%9E%E9%A5%8B-1-1080x630.jpg?crop=1

Requested by

Host: reurl.cc
URL: https://reurl.cc/qZ40Kn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.244 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

f5efe2c9976adff2b5ac0fd36185e5fd53b03f2662bd7c8f8592bbb49ea78dac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:01 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-ac: 5.ams _atomic_ams BYPASS
content-length: 56556
x-nc: HIT bur 1
last-modified: Thu, 28 Jul 2022 04:57:35 GMT
server: nginx
etag: "6cfa8b61f3d24759"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
expires: Sat, 27 Jul 2024 16:57:35 GMT

GET
H2 200 China_Internet_Development_Foundation_Logo.jpg
mma.prnasia.com/media2/1747128/ 22 KB
22 KB 129ms
52ms Image
image/jpeg 2606:4700::6810:fc04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mma.prnasia.com/media2/1747128/China_Internet_Development_Foundation_Logo.jpg?p=medium600
Requested by: Host: reurl.cc
URL: https://reurl.cc/qZ40Kn
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:fc04 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 6adeab38deea553cfa8b1475105f346f34f7377789ebf2735c19702689f19d97

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:00 GMT
cf-cache-status: HIT
age: 14456
x-powered-by: ASP.NET
server-timing: intid;desc=ca83b74d6ee4ef8d
content-length: 22089
cf-bgj: h2pri
last-modified: Thu, 29 Dec 2022 11:03:12 GMT
server: cloudflare
vary: *, Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
cf-ray: 781371613dc60a7b-AMS
access-control-allow-headers: Content-Type
expires: Thu, 29 Dec 2022 11:03:13 GMT

GET
H2 200 %E5%A4%A7%E6%9D%AF%E5%8F%AF%E6%A8%82%E5%B0%81%E9%9D%A2-2-1-750x375.jpg
www.rayskyinvest.com/wp-content/uploads/2022/12/ 39 KB
39 KB 477ms
61ms Image
image/jpeg 35.197.227.153
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rayskyinvest.com/wp-content/uploads/2022/12/%E5%A4%A7%E6%9D%AF%E5%8F%AF%E6%A8%82%E5%B0%81%E9%9D%A2-2-1-750x375.jpg
Requested by: Host: reurl.cc
URL: https://reurl.cc/qZ40Kn
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.197.227.153 London, United Kingdom, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 153.227.197.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3b4403121cd7f1e22c72999fb10c655254a89ca81febd0ced8a9c42b054bd8e8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Thu, 29 Dec 2022 15:07:01 GMT
expires: Tue, 26 Dec 2023 19:33:22 GMT
last-modified: Mon, 12 Dec 2022 16:03:58 GMT
server: nginx
etag: "639750ee-9a8c"
content-type: image/jpeg
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 39564
x-cdn-c: static
x-sg-cdn: 1

GET
H2 200 file.png
static.wixstatic.com/media/08c74d_17598fe2b9f24f218e4aadcf3648f936~mv2.png/v1/fit/w_1000,h_720,al_c,q_80/ 2 MB
2 MB 108ms
30ms Image
image/png 34.102.176.152
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.wixstatic.com/media/08c74d_17598fe2b9f24f218e4aadcf3648f936~mv2.png/v1/fit/w_1000,h_720,al_c,q_80/file.png
Requested by: Host: reurl.cc
URL: https://reurl.cc/qZ40Kn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.176.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 152.176.102.34.bc.googleusercontent.com
Software: openresty/1.21.4.1 /
Resource Hash: f6d5fa3bc05476a7bb9894788535fae58701600e82c3b7ec846943daeca25530

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 16:17:33 GMT
via: 1.1 google
server: openresty/1.21.4.1
age: 341367
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=15552000, immutable
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1649061
wix-tracer: 2JPgIhJcpAoW4qLmUFtQBc8NyZB
x-seen-by: image-manipulator-77c4b7b444-s5vmp

GET
H2 200 currency.json Show response
img.scupio.com/js/config/ Frame 443A 108 B
504 B 46ms
46ms XHR
application/json 13.32.110.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/config/currency.json
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-109.vie50.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 5f901005b7498892afa018a6777f8df63bb4bb67a7658abc3f78bb8f6941841d

Request headers

Referer: https://img.scupio.com/html/ad.html?v=1.0.65
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 29 Dec 2022 15:02:33 GMT
via: 1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront)
last-modified: Wed, 28 Dec 2022 19:15:04 GMT
server: nginx/1.12.1
x-amz-cf-pop: VIE50-C2
age: 270
etag: "63ac95b8-6c"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/json
cache-control: max-age=10800
accept-ranges: bytes
content-length: 108
x-amz-cf-id: wO2lsD1ag4mK6_Q5-hHLnoszqHKM8lcQ-Kd430sqNOngtvCIpZUn8A==
expires: Thu, 29 Dec 2022 18:02:30 GMT

GET
H2 200 currency.json Show response
img.scupio.com/js/config/ Frame 3493 108 B
496 B 42ms
42ms XHR
application/json 13.32.110.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/config/currency.json
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-109.vie50.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 5f901005b7498892afa018a6777f8df63bb4bb67a7658abc3f78bb8f6941841d

Request headers

Referer: https://img.scupio.com/html/ad.html?v=1.0.65
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 29 Dec 2022 15:02:33 GMT
via: 1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront)
last-modified: Wed, 28 Dec 2022 19:15:04 GMT
server: nginx/1.12.1
x-amz-cf-pop: VIE50-C2
age: 270
etag: "63ac95b8-6c"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/json
cache-control: max-age=10800
accept-ranges: bytes
content-length: 108
x-amz-cf-id: _PLdLebf5RuCwj2SAOXYYOW3DESis47wnGgtvhiF3z_z4nsCeA1pgw==
expires: Thu, 29 Dec 2022 18:02:30 GMT

POST
H2 200 prebid.json Show response
ad.holmesmind.com/adserver/ Frame 443A 3 KB
1 KB 665ms
284ms XHR
text/html 52.196.193.254
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/prebid.json?cb=1672326420559&hb=1&ver=1.21
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.196.193.254 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-196-193-254.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 341a2ff921508a96f44c4dd3b43440a85959be50a757c6863408ef81c18e65b9

Request headers

Referer: https://img.scupio.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Thu, 29 Dec 2022 15:07:01 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 443A 0
215 B 199ms
56ms XHR
text/plain 2a02:2638:1::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.21.0-pre&cb=95118355038

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://img.scupio.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 29 Dec 2022 15:07:00 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://img.scupio.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H/1.1 204
No Content header Show response
hb.aralego.com/ Frame 443A 0
176 B 527ms
132ms XHR
text/plain 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-6272B749823AD3B6FE98336EBDD2A34A&tdid=&schain=1.0%2C1!scupio.com%2C4808%2C1%2C%2C%2C&eids=&pubcid=da96bd60-8d67-4060-8dda-63a666c6ecee&u=https%3A%2F%2Freurl.cc%2FqZ40Kn&host=reurl.cc&xr=0&ao=https%3A%2F%2Freurl.cc&ucfUid=52f8baa5-208f-43d4-a8fb-bcda16a2e613&w=300&h=250
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Bethesda, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://img.scupio.com
Date: Thu, 29 Dec 2022 15:07:00 GMT
Access-Control-Allow-Credentials: true
Connection: close

POST
H2 204 prebid.aspx Show response
prebid.scupio.com/recweb/ Frame 443A 0
27 B 790ms
449ms XHR
text/html 210.59.219.181
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.scupio.com/recweb/prebid.aspx?cb=0.8459779001605681
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 210.59.219.181 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 29 Dec 2022 15:07:01 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: text/html
access-control-allow-origin: https://img.scupio.com
cache-control: private
access-control-allow-credentials: true

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame 443A 0
176 B 499ms
350ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Thu, 29 Dec 2022 15:07:01 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame A638 5 KB
3 KB 248ms
231ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:00 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Thu, 29 Dec 2022 15:17:00 GMT

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame B040 5 KB
3 KB 247ms
231ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:00 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Thu, 29 Dec 2022 15:17:00 GMT

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 93B5 5 KB
3 KB 471ms
456ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:00 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Thu, 29 Dec 2022 15:17:00 GMT

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 50A7 5 KB
3 KB 465ms
455ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:00 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Thu, 29 Dec 2022 15:17:00 GMT

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame 3493 0
176 B 476ms
350ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Thu, 29 Dec 2022 15:07:01 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

GET
H/1.1 204
No Content header Show response
hb.aralego.com/ Frame 3493 0
176 B 497ms
128ms XHR
text/plain 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-9A2A7263E9EB6DA9F4EB86E487B8648A&tdid=&schain=1.0%2C1!scupio.com%2C4808%2C1%2C%2C%2C&eids=&pubcid=da96bd60-8d67-4060-8dda-63a666c6ecee&u=https%3A%2F%2Freurl.cc%2FqZ40Kn&host=reurl.cc&xr=0&ao=https%3A%2F%2Freurl.cc&ucfUid=03c9ddd6-6145-404b-a11d-2b4a55324d89&w=970&h=250
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Bethesda, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://img.scupio.com
Date: Thu, 29 Dec 2022 15:07:00 GMT
Access-Control-Allow-Credentials: true
Connection: close

POST
H2 200 prebid.json Show response
ad.holmesmind.com/adserver/ Frame 3493 0
219 B 627ms
277ms XHR
text/html 52.196.193.254
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/prebid.json?cb=1672326420570&hb=1&ver=1.21
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.196.193.254 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-196-193-254.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Thu, 29 Dec 2022 15:07:01 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 3493 0
215 B 169ms
57ms XHR
text/plain 2a02:2638:1::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.21.0-pre&cb=39521270219

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://img.scupio.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 29 Dec 2022 15:07:00 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://img.scupio.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H2 204 prebid.aspx Show response
prebid.scupio.com/recweb/ Frame 3493 0
44 B 762ms
448ms XHR
text/html 210.59.219.181
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.scupio.com/recweb/prebid.aspx?cb=0.4047912578377051
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 210.59.219.181 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 29 Dec 2022 15:07:01 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: text/html
access-control-allow-origin: https://img.scupio.com
cache-control: private
access-control-allow-credentials: true

GET
H3 200 UXtr_j2Fwe-.png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame DA83 573 B
628 B 37ms
36ms Image
image/png 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yu/l/0,cross/JZyaxFmgdUX.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yu/l/0,cross/JZyaxFmgdUX.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:00 GMT
x-content-type-options: nosniff
content-md5: 07aG/2AEtDHVAZ5LUajMDQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 573
x-fb-rlafr: 0
x-fb-debug: mDbrbbZp31KHstiZwAAxbfDKE0jZBN9rr77mMEf70GvUpLyFWBAbG+QI/KGFxMgIgKCc5D6ettBKknIwzbaKjQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Mon, 25 Dec 2023 06:45:34 GMT

GET
H3 200 VasG165Eq9J.js Show response
static.xx.fbcdn.net/rsrc.php/v3iD1j4/yH/l/nl_NL/ Frame DA83 182 KB
53 KB 82ms
36ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iD1j4/yH/l/nl_NL/VasG165Eq9J.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yE/r/Qzn2RIyQjXT.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

872fbc4a5df7cc6d142c84b3a5d728119b40b7b35806388adc51c0c565dfc682

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:00 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: cl6fshht0CJaSspFvvElpg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54307
x-fb-rlafr: 0
x-fb-debug: 2nR4XN3dOKW2ZSOQJa96/OI1B30kuuBOBj54Ey1XvPGt3kf1RHc/mSSUNDl9hwlS5nSz6hJLhMvBbhRqHLt5/g==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 28 Dec 2023 19:36:28 GMT

GET
H3 200 smKzmPnmZ-7.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yI/r/ Frame DA83 344 KB
75 KB 80ms
35ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yI/r/smKzmPnmZ-7.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yE/r/Qzn2RIyQjXT.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ecfb75e22f818b951efebc894f3071187a0982c2921f7f5f894b9b5e8ca4351d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:00 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: wIWh/Q7I0WCml2pvdS8nmg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 76790
x-fb-rlafr: 0
x-fb-debug: kX2sql/US5vhB3KPyvU8xkxKU9O36BppRghH9NVOaLWQHJie6LiPADg0a+OnSv2E/CLRA/e9HSvpdj66OYw4DA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 28 Dec 2023 20:10:25 GMT

GET
H3 200 BqEjD1dj1pL.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yY/r/ Frame DA83 840 B
410 B 81ms
36ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yY/r/BqEjD1dj1pL.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yE/r/Qzn2RIyQjXT.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5e6b64548a659799b21cada8e58a9fd1f53faf3208219c395c147194f7acbfe0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:00 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: uknKQ5sJ+8vBWLiIBWWBIg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 356
x-fb-rlafr: 0
x-fb-debug: X2ijW3bVxe7pTf7rdP1YL38WnTqCpGITJQlryvmhqKZ6FMEPvQFkcv4PRtfqF04uFuBjsQUcfiCtEtNc0FY/cA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Fri, 29 Dec 2023 03:04:17 GMT

POST
H2 204 events
bidder.criteo.com/csm/ Frame 93B5 0
209 B 34ms
33ms Ping
text/plain 2a02:2638:1::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 29 Dec 2022 15:06:59 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H2 204 events
bidder.criteo.com/csm/ Frame 50A7 0
209 B 34ms
34ms Ping
text/plain 2a02:2638:1::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 29 Dec 2022 15:07:00 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H2 204 events
bidder.criteo.com/csm/ Frame 93B5 0
209 B 38ms
38ms Ping
text/plain 2a02:2638:1::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 29 Dec 2022 15:07:00 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 / Show response
t.ssp.hinet.net/ 37 B
402 B 228ms
228ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

275a99b4824087581bc2e38dde8d940b6617b0cde76ac6b304999602fceb810b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:01 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame B040 37 B
401 B 238ms
230ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

dd0711a88a80fb18fd41a44c0ab57612e2e5291b9785fd487535fc179150e2c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:01 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame A638 37 B
402 B 235ms
229ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

4c3f492cf836384f71365a96245f91f1f759eccc55459fd0cd27e553610f9ff4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:01 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame 4F33 37 B
408 B 235ms
231ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

1b5b366aef37ff6657c0221ad14c1be77ec87c03fe1a1afa541c2093e05ccfbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:01 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true

POST
H3 200 / Show response
www.facebook.com/pages/call_to_action/fetch_dialog_data/ Frame DA83 907 B
560 B 182ms
147ms XHR
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/pages/call_to_action/fetch_dialog_data/?id=136500184423162&surface=pagePlugin&unit_type=VIEWER

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3i2tE4/yw/l/nl_NL/ACK0uX4zgFf.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8ba002cdd5d6c9f704cfa76d774e7d2d50c4e7b9ec1d7247ad11268e91025e85

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-FB-LSD: BvpfiIp56VEiqLNSOn0Xsv
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
date: Thu, 29 Dec 2022 15:07:01 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: uLvXSD95rPHSHQbcybMjoh+uBV0qszqDUiGPz9zEeNjzV7/ylUR9YcVzDETWxi5YcnDm42j8o3w9LV+5YWBXLA==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
access-control-allow-methods: OPTIONS
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin, Accept-Encoding
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET /
www.facebook.com/platform/plugin/tab/renderer/ Frame DA83 0
0

POST
H3 200 / Show response
www.facebook.com/platform/plugin/page/logging/ Frame DA83 907 B
553 B 177ms
150ms XHR
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/platform/plugin/page/logging/

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3i2tE4/yw/l/nl_NL/ACK0uX4zgFf.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e7ade59c5479aef85eb7908a254a6ce8a0554962f240e83d4e92ea07733f177a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-FB-LSD: BvpfiIp56VEiqLNSOn0Xsv
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
date: Thu, 29 Dec 2022 15:07:01 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: jYZ3XYOVpF2UoK8rql80NJNClBPBEcY3ZDk5Nw2F9HBTgF0b6bHK8KAgX64UWCFGOIDgZNuviJIST6VJv39mEg==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
access-control-allow-methods: OPTIONS
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin, Accept-Encoding
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 1igfs7II_g6.png
static.xx.fbcdn.net/rsrc.php/v3/yd/r/ Frame DA83 12 KB
12 KB 34ms
33ms Image
image/png 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yd/r/1igfs7II_g6.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yZ/l/0,cross/5Efu-Dd9ERG.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e13547eec8879c9b576c2e06837303ad06ea15905d4eb075291ff21686a5b3da

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yZ/l/0,cross/5Efu-Dd9ERG.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:01 GMT
x-content-type-options: nosniff
content-md5: Bsv/k/2TeJemYEeLUt4www==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 12027
x-fb-rlafr: 0
x-fb-debug: wLurXhVDB9nEbz2tfSLFwGN363hXKtsTTEaGpu2I90s46tVcFsPJsJs7F0Cy5HDGl8vPreCp9LD7cCd1oDsI9w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 26 Dec 2023 21:43:53 GMT

GET
H3 200 xgVgalBG80z.png
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ Frame DA83 1 KB
1 KB 34ms
34ms Image
image/png 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/xgVgalBG80z.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yu/l/0,cross/JZyaxFmgdUX.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yu/l/0,cross/JZyaxFmgdUX.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:01 GMT
x-content-type-options: nosniff
content-md5: rB4cTW8WNZcBsFntToJGtA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1315
x-fb-rlafr: 0
x-fb-debug: OD/47Z6CbV+GcOqGQAY1fs/ZrQQO0C2X/7as5qI8UhNfgksRs4VLxY7az5ym8KAgUmYT/MFDYtL6u9TbulOIgw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 26 Dec 2023 07:08:43 GMT

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame 50A7 37 B
402 B 228ms
228ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

516f98bd391d1736604bafabfc9b690637ad69aedeb6a9ce62f2138d40c43b68

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:01 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame 93B5 37 B
401 B 229ms
228ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e1a83eea95ed624c95feaeed2c32ed29a586b47db333ee6d7f92cc2342a68dd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:01 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H3 200 OZcLupMIkEN.js Show response
static.xx.fbcdn.net/rsrc.php/v3/ya/r/ Frame DA83 198 B
251 B 37ms
37ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/OZcLupMIkEN.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yE/r/Qzn2RIyQjXT.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

31f2f76d99d19fe98a0917f2b785a37c683b85fae29d66dd476ffa84c9a999fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:01 GMT
x-content-type-options: nosniff
content-md5: gixzAcHA/hBBjzjO9Ez8tQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 198
x-fb-rlafr: 0
x-fb-debug: 4pWhAOr+AqJ/x8Lvcikv6awv3IcyQ1Cdpgrvofnbc1+kv8G9kzvyGZRwPBrQpTS1yzSXFd3iQ/hLM1qmx3PC4A==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Mon, 25 Dec 2023 04:20:34 GMT

GET
H2 200 emome2 Show response
t.ssp.hinet.net/ 30 B
271 B 229ms
229ms XHR
application/json 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/emome2?u=77782381-65c7-46c9-99c3-0831e89b8f3b

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:01 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

GET /
www.facebook.com/login/ Frame DA83 0
0

GET
H3 200 /
www.facebook.com/login/ Frame DA83 0
0 222ms
222ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FCreditCards.com.tw%252F%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yE/r/Qzn2RIyQjXT.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 29 Dec 2022 15:07:01 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=0
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: fA0G4c6uu/usg8xbkmM3fvUS1BlZpZPA9oUmrIaSA6qBEiqn3nzMq5CLZeU8QheMEW8UdQHGVewrmZIuW50KAg==
x-frame-options: DENY
x-xss-protection: 0

GET
H2 200 drawV2.js Show response
cdn.holmesmind.com/js/ Frame 50A7 10 KB
10 KB 40ms
40ms Script
application/javascript 2600:9000:206f:f400:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/drawV2.js
Requested by: Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=14210&rf=https%3A%2F%2Freurl.cc%2FqZ40Kn&n=182&o=1&d=1&b=2&ts=1&ii=3&FPCK=4330-miw3nKpsMAgVM7pzHomV2J6IiR1F9EVW&initver=210830P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:f400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: null
date: Thu, 29 Dec 2022 15:07:01 GMT
via: 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
last-modified: Fri, 16 Oct 2020 09:58:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 10
etag: "84d8b1a745228113e60f5e62f0eff6d3"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 10359
x-amz-cf-id: Y-GHuI_Jpc9S8H6IpXIjBPXqeaUgtG6sDB4jJMtWtY228V0XvX_jSg==

GET
H2 200 adsbyscupio.js Show response
img.scupio.com/js/ Frame 8BC5 4 KB
2 KB 44ms
44ms Script
application/javascript 13.32.110.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/adsbyscupio.js?v=1.0.2
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-109.vie50.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: d7fc505653c3573f9bccca93a33e2ed14bd8b4586bdeca9180225dab01f1bbbe

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://img.scupio.com/html/ad.html?v=1.0.65
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:03:41 GMT
content-encoding: gzip
via: 1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront)
last-modified: Mon, 19 Apr 2021 03:30:31 GMT
server: nginx/1.12.1
x-amz-cf-pop: VIE50-C2
age: 203
etag: W/"607cf957-11ab"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=10800
x-amz-cf-id: O8eoUBTrBXpgp9W8AJhAAZtYjZP9SGUHYQtFe4k0ZKjT_Qx-ksG2Qw==
expires: Thu, 29 Dec 2022 18:03:38 GMT

POST
H/1.1 200
OK bidinfo.aspx Show response
bw.scupio.com/adpinline/ Frame 3493 2 KB
2 KB 1188ms
239ms XHR
application/javascript 210.59.219.180
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://bw.scupio.com/adpinline/bidinfo.aspx?cb=0.4461953076872529
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 210.59.219.180 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 945d55b8a31854bc8a79f65f29ed73240196ee90a5ef309d4768be02d885bcd0

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://img.scupio.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Thu, 29 Dec 2022 15:07:01 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin: https://img.scupio.com
Content-Type: application/javascript; charset=utf-8
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Length: 1478

GET
H2 200 adsbyscupio.js Show response
img.scupio.com/js/ Frame B116 4 KB
2 KB 43ms
43ms Script
application/javascript 13.32.110.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/adsbyscupio.js?v=1.0.2
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-109.vie50.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: d7fc505653c3573f9bccca93a33e2ed14bd8b4586bdeca9180225dab01f1bbbe

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://img.scupio.com/html/ad.html?v=1.0.65
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:03:41 GMT
content-encoding: gzip
via: 1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront)
last-modified: Mon, 19 Apr 2021 03:30:31 GMT
server: nginx/1.12.1
x-amz-cf-pop: VIE50-C2
age: 203
etag: W/"607cf957-11ab"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=10800
x-amz-cf-id: _wEGdSSKXx74Kup3-Clz_IYicDopDNQNnavPRUC12uXrVcYjKjtJqw==
expires: Thu, 29 Dec 2022 18:03:38 GMT

POST
H/1.1 200
OK bidinfo.aspx Show response
bw.scupio.com/adpinline/ Frame 443A 3 KB
3 KB 1238ms
250ms XHR
application/javascript 210.59.219.180
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://bw.scupio.com/adpinline/bidinfo.aspx?cb=0.35881999739711445
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 210.59.219.180 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 1021a963cfc952ef8008a6fe86bd144cb8386a5c96e20002cf9539fa51ced0bb

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://img.scupio.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Thu, 29 Dec 2022 15:07:01 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin: https://img.scupio.com
Content-Type: application/javascript; charset=utf-8
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Length: 1624

GET
DATA 200
OK truncated
/ Frame 443A 762 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ce81ecccefb27ce0f347ef564114da2ba450a9e1d9a7260b4597e62b1f71a72

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 3493 762 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ce81ecccefb27ce0f347ef564114da2ba450a9e1d9a7260b4597e62b1f71a72

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 cm Show response
t.ssp.hinet.net/ 0
187 B 230ms
229ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=a546ca&cid=%%%20Partner%20Cookie%20Here%20%%&mp=77782381-65c7-46c9-99c3-0831e89b8f3b

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:01 GMT
strict-transport-security: max-age=0
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 pixel
77782381-65c7-46c9-99c3-0831e89b8f3b.t.ssp.hinet.net/ 0
79 B 747ms
227ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://77782381-65c7-46c9-99c3-0831e89b8f3b.t.ssp.hinet.net/pixel?bd=77782381-65c7-46c9-99c3-0831e89b8f3b&t=a546ca&referrer=%25%25%20referrer%20%25%25

Requested by

Host: reurl.cc
URL: https://reurl.cc/qZ40Kn

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:02 GMT
strict-transport-security: max-age=0
server: nginx
content-length: 0
content-type: image/png

GET
H2 200 970x250.png
img.scupio.com/img/2011_gym/ Frame 8BC5 86 KB
86 KB 60ms
60ms Image
image/png 13.32.110.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.scupio.com/img/2011_gym/970x250.png
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-109.vie50.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 5c4e555f2cdb1d2c4bc4bd48cf25afb9944c1faed58be0725a8222e9fe2dd67e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://img.scupio.com/html/ad.html?v=1.0.65
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 14:45:09 GMT
via: 1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront)
last-modified: Mon, 19 Apr 2021 03:31:40 GMT
server: nginx/1.12.1
x-amz-cf-pop: VIE50-C2
age: 1312
etag: "607cf99c-156c7"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 87751
x-amz-cf-id: qym59DtJ0U4zRtqkS0ZRGCEXX-_xMkHip4jiXUC3BsC6xOELSgabFA==
expires: Fri, 29 Dec 2023 14:45:09 GMT

GET
H2 200 300x250.png
img.scupio.com/img/2011_gym/ Frame B116 47 KB
48 KB 82ms
82ms Image
image/png 13.32.110.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.scupio.com/img/2011_gym/300x250.png
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-109.vie50.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 7684143ee568b9ce13d69133030aa4077efd37eb289bac09d70ba9364f2ae93e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://img.scupio.com/html/ad.html?v=1.0.65
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:01 GMT
via: 1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront)
last-modified: Mon, 19 Apr 2021 03:31:40 GMT
server: nginx/1.12.1
x-amz-cf-pop: VIE50-C2
age: 56
etag: "607cf99c-bcf6"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 48374
x-amz-cf-id: En40xgomU71xfDR3NuXpAtJVRZVW-L0-J94gaAUtCRDgIckX7jPhfA==
expires: Fri, 29 Dec 2023 15:06:05 GMT

GET
H2 200 drawV2.js Show response
cdn.holmesmind.com/js/ Frame A638 10 KB
10 KB 33ms
33ms Script
application/javascript 2600:9000:206f:f400:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/drawV2.js
Requested by: Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13856&rf=https%3A%2F%2Freurl.cc%2FqZ40Kn&n=519&o=1&d=1&b=2&ts=1&ii=3&FPCK=4330-miw3nKpsMAgVM7pzHomV2J6IiR1F9EVW&initver=210830P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:f400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: null
date: Thu, 29 Dec 2022 15:07:01 GMT
via: 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
last-modified: Fri, 16 Oct 2020 09:58:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 10
etag: "84d8b1a745228113e60f5e62f0eff6d3"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 10359
x-amz-cf-id: G2WrH2TIiw9KNd5TWrH5SBXwqmuwoj9c_Cd8OM1AaBNtrPj9hOe2PA==

GET
H2 200 cm Show response
t.ssp.hinet.net/ Frame 50A7 0
187 B 233ms
232ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=50ef57&cid=5540-abc9mAzY8Rbgg4LCSMfJE95SGYtUcRr1&mp=77782381-65c7-46c9-99c3-0831e89b8f3b

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:01 GMT
strict-transport-security: max-age=0
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 pixel
77782381-65c7-46c9-99c3-0831e89b8f3b.t.ssp.hinet.net/ Frame 50A7 0
79 B 586ms
228ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://77782381-65c7-46c9-99c3-0831e89b8f3b.t.ssp.hinet.net/pixel?bd=77782381-65c7-46c9-99c3-0831e89b8f3b&t=50ef57&referrer=https%3A%2F%2Freurl.cc

Requested by

Host: reurl.cc
URL: https://reurl.cc/qZ40Kn

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:02 GMT
strict-transport-security: max-age=0
server: nginx
content-length: 0
content-type: image/png

GET
H2 200 pixel
77782381-65c7-46c9-99c3-0831e89b8f3b.t.ssp.hinet.net/ Frame 93B5 0
79 B 585ms
227ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://77782381-65c7-46c9-99c3-0831e89b8f3b.t.ssp.hinet.net/pixel?bd=77782381-65c7-46c9-99c3-0831e89b8f3b&t=50ef57&referrer=https%3A%2F%2Freurl.cc

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:02 GMT
strict-transport-security: max-age=0
server: nginx
content-length: 0
content-type: image/png

GET
H2 200 cm Show response
t.ssp.hinet.net/ Frame 93B5 0
187 B 229ms
229ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=50ef57&cid=5540-abc9mAzY8Rbgg4LCSMfJE95SGYtUcRr1&mp=77782381-65c7-46c9-99c3-0831e89b8f3b

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:01 GMT
strict-transport-security: max-age=0
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame CCEB 99 KB
34 KB 224ms
81ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/qZ40Kn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

71c7f4b1cffa2a198205040fe1a997c5a89aea0a9be0cb2bf247c4a0759b9b58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34210
x-xss-protection: 0
server: cafe
etag: 12017168599632688609
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 29 Dec 2022 15:07:02 GMT

GET
H2 200 init.js Show response
cdn.holmesmind.com/js/ Frame E606 6 KB
7 KB 32ms
32ms Script
application/javascript 2600:9000:206f:f400:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/init.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/qZ40Kn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:f400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: UdwMmUAM2dmZqopCO7YOeMhqjXQRxqvB
date: Thu, 29 Dec 2022 15:06:31 GMT
via: 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
last-modified: Fri, 04 Mar 2022 10:10:49 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 47
etag: "439e160b698f1ec2efb45c3b6cd6b265"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 6552
x-amz-cf-id: boeUybPmIvdbLwytA1WGCLUmSEmlSwaMJisfQrHhbPLv-DMEwcGjyg==

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/ Frame CCEB 356 KB
117 KB 168ms
102ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=reurl.cc&bust=31071250

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a59554af95924e6774c0cfdccece993bbb0c88ef337d4d035ea4b5f6ff40af75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120012
x-xss-protection: 0
server: cafe
etag: 1780416415226393372
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 29 Dec 2022 15:07:02 GMT

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame 443A 87 KB
28 KB 29ms
29ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:02 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 30 Dec 2022 15:07:02 GMT

GET
H2 200 capmapping.htm Show response
cdn.holmesmind.com/js/ Frame 6ED4 5 KB
5 KB 33ms
33ms Document
text/html 2600:9000:206f:f400:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/capmapping.htm
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:f400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cc37fba2e98f49c4d9551f72176d3aff72eacd798e5e85436837847e6b967c36

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 18
content-length: 4730
content-type: text/html
date: Thu, 29 Dec 2022 15:06:54 GMT
etag: "c36f5eb091d6195fe8b68f3b263f999b"
last-modified: Mon, 22 Aug 2022 03:00:17 GMT
server: AmazonS3
via: 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
x-amz-cf-id: sMoGDpb0LNNd8DtMJ-5wFvXuf-vS-oWXbsciwcFjHkACgp-QLty6xw==
x-amz-cf-pop: FRA56-C1
x-amz-version-id: 9jVaRQ2pP3sbT47ouwg8zArcPp2ddVmt
x-cache: Hit from cloudfront

GET
H2 200 edmp_init.js Show response
cdn.holmesmind.com/js/ Frame E606 662 B
1004 B 33ms
32ms Script
application/javascript 2600:9000:206f:f400:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/edmp_init.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:f400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: null
date: Thu, 29 Dec 2022 15:06:54 GMT
via: 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
last-modified: Fri, 12 Mar 2021 02:45:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 15
etag: "f58f8a90686f8ffb3325107e8a788b71"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 662
x-amz-cf-id: rJVnGtVX73Pj1iQUbZBvfqfGT9HGiDik5rcq_agsasrxFwTY2Lqjlg==

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame 84E3 9 KB
10 KB 33ms
33ms Script
application/javascript 2600:9000:206f:f400:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:f400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f13d5cccdee5742a69ce1d727428ae1e3064434cde08d1f18e03ba2c80621e85

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: nu3Q4FExJPU4AxPv2qvAu17GSCRePZwj
date: Thu, 29 Dec 2022 15:07:00 GMT
via: 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
last-modified: Fri, 23 Dec 2022 03:56:55 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 58
etag: "c1c5e1f8e39229c17de1058941ef4aea"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 9724
x-amz-cf-id: 8QOMb_9z0xju0vG1pzjMp80H93LTb_Yc5a7Tr6le1j57Co9soKbtGQ==

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame 3493 87 KB
28 KB 28ms
28ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:02 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 30 Dec 2022 15:07:02 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 1CE9 15 KB
6 KB 83ms
30ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://img.scupio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 29 Dec 2022 15:07:01 GMT
server: Kestrel
server-processing-duration-in-ticks: 973702
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 443A 89 KB
29 KB 126ms
75ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:02 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
server: nginx
etag: W/"6356752f-16294"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 30 Dec 2022 15:07:02 GMT

GET
H2 200 cm.php Show response
fcm.holmesmind.com/ Frame 2B3B 95 B
241 B 3123ms
3121ms Document
text/html 34.95.67.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fcm.holmesmind.com/cm.php
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.67.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.67.95.34.bc.googleusercontent.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: b73e6cb22f3ae22bcbe36217e226c082f813a2a8a7961644093d849bcbd30294

Request headers

Referer: https://cdn.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 86
content-type: text/html; charset=UTF-8
date: Thu, 29 Dec 2022 15:07:05 GMT
server: Apache/2.4.29 (Ubuntu)
vary: Accept-Encoding
via: 1.1 google

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 6ED4 5 KB
3 KB 228ms
226ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:02 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Thu, 29 Dec 2022 15:17:02 GMT

GET
H3 200 cm
c.holmesmind.com/ Frame 6ED4 0
15 B 474ms
472ms Image
text/html 35.201.76.93
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:02 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

GET
H2

200

google
m.holmesmind.com/ml/ Frame 6ED4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=937034-Unb0oh93L7EQLdTpPuoA9mZ0MIYHt8PO&uu_m=undefined
https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm=&cf_uid=937034-Unb0oh93L7EQLdTpPuoA9mZ0MIYHt8PO&uu_m=undefined&google_tc=
https://m.holmesmind.com/ml/google?cf_uid=937034-Unb0oh93L7EQLdTpPuoA9mZ0MIYHt8PO&uu_m=undefined&google_gid=CAESEKOi9uAQOb4VGL6fewPEo-w&google_cver=1

0
467 B

1032ms
960ms

Image
image/png

35.227.249.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.holmesmind.com/ml/google?cf_uid=937034-Unb0oh93L7EQLdTpPuoA9mZ0MIYHt8PO&uu_m=undefined&google_gid=CAESEKOi9uAQOb4VGL6fewPEo-w&google_cver=1
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Server: 35.227.249.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 156.249.227.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:03 GMT
x-guploader-uploadid: ADPycdtMh6bsa2XL9XOGH026CHHQrsbmk7JMRVdSUQnmWArjttSZEy3LH3hqPYwlzJEGkOkuSPinXW9EhVL3Edz9IS9pfQ
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
last-modified: Wed, 21 Feb 2018 07:36:41 GMT
server: UploadServer
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-goog-generation: 1519198601160228
content-type: image/png
x-goog-hash: crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
cache-control: public, max-age=3600
x-goog-stored-content-length: 0
accept-ranges: bytes
expires: Thu, 29 Dec 2022 16:07:03 GMT

Redirect headers

pragma: no-cache
date: Thu, 29 Dec 2022 15:07:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://m.holmesmind.com/ml/google?cf_uid=937034-Unb0oh93L7EQLdTpPuoA9mZ0MIYHt8PO&uu_m=undefined&google_gid=CAESEKOi9uAQOb4VGL6fewPEo-w&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 358
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Preset.js Show response
adcdn.holmesmind.com/adserver/ Frame 84E3 1 KB
749 B 489ms
488ms Script
text/html 2600:9000:2057:8c00:3:1794:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adcdn.holmesmind.com/adserver/Preset.js?z=13857
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8c00:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: c35a02e424f2c1e7cee1c4613c9926402cf204cb139bb68313306892639857fd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:02 GMT
content-encoding: gzip
via: 1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA6-C1
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
x-amz-cf-id: IPA0RRGTAUQJc8nFVWOMBP0D3RyDxiP26S3SN1GmqgxzOkOSB6wGcw==

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 598B 15 KB
6 KB 63ms
27ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://img.scupio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 29 Dec 2022 15:07:02 GMT
server: Kestrel
server-processing-duration-in-ticks: 870977
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 3493 89 KB
29 KB 84ms
50ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:02 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
server: nginx
etag: W/"6356752f-16294"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 30 Dec 2022 15:07:02 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 598B
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=XRKKy3x0N0llVXNhOUlGOFpKZUdNVGxkWW12TVhGbktBRkN6WHFRbUV3c0J1MTZiei9mN1BDSHMzVXEzUmg2aGRKcG1UNjZUU29VbHpsODlYZEJ5QXVNMmEvTEhSUnpFT0VaUkJJSVgxc3E5ZnFNSXYyOGJaL3RZME5wY2...

425 B
649 B

91ms
29ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=XRKKy3x0N0llVXNhOUlGOFpKZUdNVGxkWW12TVhGbktBRkN6WHFRbUV3c0J1MTZiei9mN1BDSHMzVXEzUmg2aGRKcG1UNjZUU29VbHpsODlYZEJ5QXVNMmEvTEhSUnpFT0VaUkJJSVgxc3E5ZnFNSXYyOGJaL3RZME5wY2g3ZkZOUklIcExXVTZMZGtlZWZjTitLVHBNdHlvV25jNEZWSEtpM1N5aEFzRXg0WWpIdkhVSEE4WnNZYlZtMFdUTDdYdWZ1SnB3QkQ2aDJaZjNxOE16Slo3SzBqU1N3bllLd0VvNjlBbFlvY2ZyNGQ1ZEsxRlhTZGJ5OWdZVGtuNm92UU11LzFKZmpHa1VuODNwbE5vY3FWak84UHJTQUMrcW1GYzNiNjhGN2NvTk90SDcwUT18&cppv=2

Requested by

Host: reurl.cc
URL: https://reurl.cc/qZ40Kn

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

404e4f726776c8a46185207c115a86efe16f2d5ca85804f785e1d50c64db932a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Dec 2022 15:07:01 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3714974
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 29 Dec 2022 15:07:02 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=XRKKy3x0N0llVXNhOUlGOFpKZUdNVGxkWW12TVhGbktBRkN6WHFRbUV3c0J1MTZiei9mN1BDSHMzVXEzUmg2aGRKcG1UNjZUU29VbHpsODlYZEJ5QXVNMmEvTEhSUnpFT0VaUkJJSVgxc3E5ZnFNSXYyOGJaL3RZME5wY2g3ZkZOUklIcExXVTZMZGtlZWZjTitLVHBNdHlvV25jNEZWSEtpM1N5aEFzRXg0WWpIdkhVSEE4WnNZYlZtMFdUTDdYdWZ1SnB3QkQ2aDJaZjNxOE16Slo3SzBqU1N3bllLd0VvNjlBbFlvY2ZyNGQ1ZEsxRlhTZGJ5OWdZVGtuNm92UU11LzFKZmpHa1VuODNwbE5vY3FWak84UHJTQUMrcW1GYzNiNjhGN2NvTk90SDcwUT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 713687
content-length: 0
expires: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame 1CE9
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=i4L2snxyQnMzOTFGT2FhYkpNWS80a3RkM3NEZnY1ODgwckoxUGdUc25idmpNTzNweXNldEE1WFlmZWQ2MXJRWG1RQXVWRWdOUjNjRitPbDNoclpRNkV4ZVFSR1QrMW1SdlhlY1BkMDBWTUJVT01KVzdBRTVDd2VrQWFGdX...

449 B
658 B

93ms
33ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=i4L2snxyQnMzOTFGT2FhYkpNWS80a3RkM3NEZnY1ODgwckoxUGdUc25idmpNTzNweXNldEE1WFlmZWQ2MXJRWG1RQXVWRWdOUjNjRitPbDNoclpRNkV4ZVFSR1QrMW1SdlhlY1BkMDBWTUJVT01KVzdBRTVDd2VrQWFGdXdncnNoTEsxZWFocXltSGJTdUdiWFpNN1VXbGR6bmNweDdtTkdRYmhaekV3OHNmeVA2UkhLUCtrUk5oa1hTR2tlbGtHeUFhUTh6RFRCOXhrOGJwaUNBYWl0RXJFOFJhSXRYb2w2MFc1R3FXWXBHbWFQOHBxc0psVE95Tm91R2JwZ1NCWFhlWGJWUG9iaVk3VU1vWE5CNVRTY0RhWFBkdnFkRzQwWm1md2hGM0REMC9MMk91MD18&cppv=2

Requested by

Host: reurl.cc
URL: https://reurl.cc/qZ40Kn

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

f89613498a52b70a80f9a6f876ad9d0d71fe5b1ede83ca52c2f0c08fa71a75da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Dec 2022 15:07:01 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 6890318
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 29 Dec 2022 15:07:01 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=i4L2snxyQnMzOTFGT2FhYkpNWS80a3RkM3NEZnY1ODgwckoxUGdUc25idmpNTzNweXNldEE1WFlmZWQ2MXJRWG1RQXVWRWdOUjNjRitPbDNoclpRNkV4ZVFSR1QrMW1SdlhlY1BkMDBWTUJVT01KVzdBRTVDd2VrQWFGdXdncnNoTEsxZWFocXltSGJTdUdiWFpNN1VXbGR6bmNweDdtTkdRYmhaekV3OHNmeVA2UkhLUCtrUk5oa1hTR2tlbGtHeUFhUTh6RFRCOXhrOGJwaUNBYWl0RXJFOFJhSXRYb2w2MFc1R3FXWXBHbWFQOHBxc0psVE95Tm91R2JwZ1NCWFhlWGJWUG9iaVk3VU1vWE5CNVRTY0RhWFBkdnFkRzQwWm1md2hGM0REMC9MMk91MD18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 422722
content-length: 0
expires: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame CCEB 383 B
686 B 117ms
43ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=reurl.cc&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=reurl.cc&bust=31071250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d124f734f123591aefec637e2daa17db932469ab3009469109b15c35a9415dfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 242
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ Frame CCEB 107 B
792 B 216ms
43ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=reurl.cc

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame CCEB 107 B
549 B 114ms
42ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=reurl.cc

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1D91 75 KB
28 KB 582ms
466ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F14210&adk=2180255949&adf=3653020618&pi=t.ma~as.2784%2F14210&w=300&lmt=1672326422&url=https%3A%2F%2Freurl.cc%2FqZ40Kn&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672326422221&bpp=11&bdt=272&idt=280&shv=r20221207&mjsv=m202212060101&ptt=5&saldr=sa&correlator=1326261119059&frm=23&ife=1&pv=2&ga_vid=1999424911.1672326420&ga_sid=1672326423&ga_hid=420027472&ga_fc=1&nhd=2&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=108&biw=1600&bih=1200&isw=300&ish=250&ifk=2913668735&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44773809%2C44768832%2C31071250%2C44780792&oid=2&pvsid=60883554846238&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.uqioabg75558&fsb=1&dtd=296

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b06980648ee7011ca5d3988309804aa1eb731109fd36596e8496409168a3022

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 27947
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 29 Dec 2022 15:07:03 GMT
expires: Thu, 29 Dec 2022 15:07:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame 6ED4 36 B
407 B 228ms
228ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

85d64ff83275d7e066020878cb285acda6cf7879653dc3b7cfe372eaef006078

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:02 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 ls.html Show response
img.scupio.com/html/ Frame 600D 1 KB
1 KB 46ms
45ms Document
text/html 13.32.110.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/html/ls.html
Requested by: Host: reurl.cc
URL: https://reurl.cc/qZ40Kn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-109.vie50.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce

Request headers

Referer: https://img.scupio.com/html/ad.html?v=1.0.65
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 1831
cache-control: max-age=604800
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 29 Dec 2022 14:38:15 GMT
etag: W/"583295c9-4dc"
expires: Thu, 05 Jan 2023 14:36:31 GMT
last-modified: Mon, 21 Nov 2016 06:35:53 GMT
server: nginx/1.12.1
vary: Origin
via: 1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront)
x-amz-cf-id: 88_2LgkykkXx0rEVPHc7-AMdIXXcJcOFL0_-37QI3gYksx-h4xVfSw==
x-amz-cf-pop: VIE50-C2
x-cache: Hit from cloudfront

GET
H/1.1

200
OK

ggid.aspx Show response
rec.scupio.com/recweb/ Frame 5600
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q1RBMjAyMjEyMjkyMzA3MDI1OTY4NzU%3d&layout=js
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESENcki6qIMNUjhfJtUJ2HHI4&google_cver=1&google_ula=3918219,0

0
551 B

1171ms
227ms

Script
text/javascript

210.59.219.175
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESENcki6qIMNUjhfJtUJ2HHI4&google_cver=1&google_ula=3918219,0
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol: HTTP/1.1
Server: 210.59.219.175 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 29 Dec 2022 15:07:03 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: text/javascript
P3P: CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control: private
Content-Length: 0

Redirect headers

pragma: no-cache
date: Thu, 29 Dec 2022 15:07:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESENcki6qIMNUjhfJtUJ2HHI4&google_cver=1&google_ula=3918219,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 332
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 753A
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac

281 B
554 B

111ms
32ms

Document
text/html

23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Requested by: Host: reurl.cc
URL: https://reurl.cc/qZ40Kn
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://img.scupio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 29 Dec 2022 15:07:02 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Thu, 29 Dec 2022 15:07:02 GMT
location: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
server: AkamaiGHost

GET
H3 200 /
www.facebook.com/tr/ Frame 5600 0
15 B 33ms
32ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1588263144793165&ev=ViewContent&dl=https%3A%2F%2Fimg.scupio.com%2Fhtml%2Fad.html%3Fv%3D1.0.65&rl=https%3A%2F%2Fimg.scupio.com%2Fhtml%2Fad.html%3Fv%3D1.0.65&if=true&ts=1672326422642&cd[SBST]=17&cd[PuID]=reurl

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 29 Dec 2022 15:07:02 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H/1.1 200
OK /
sync.aralego.com/idSync/ Frame 5600 35 B
413 B 424ms
103ms Image
image/gif 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CTA20221229230702596875
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Bethesda, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 29 Dec 2022 15:07:03 GMT
Connection: close
Content-Length: 35
Content-Type: image/gif

GET
H2 200 ls.html Show response
img.scupio.com/html/ Frame 8F1D 1 KB
1 KB 43ms
42ms Document
text/html 13.32.110.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/html/ls.html
Requested by: Host: reurl.cc
URL: https://reurl.cc/qZ40Kn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-109.vie50.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce

Request headers

Referer: https://img.scupio.com/html/ad.html?v=1.0.65
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 1831
cache-control: max-age=604800
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 29 Dec 2022 14:38:15 GMT
etag: W/"583295c9-4dc"
expires: Thu, 05 Jan 2023 14:36:31 GMT
last-modified: Mon, 21 Nov 2016 06:35:53 GMT
server: nginx/1.12.1
vary: Origin
via: 1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront)
x-amz-cf-id: 0p7QI2LzIQZtxUSNhjhUVo8cUqftOv8D4Oe1UqJ8k-U5uoq3pa_XDw==
x-amz-cf-pop: VIE50-C2
x-cache: Hit from cloudfront

GET
H/1.1

200
OK

ggid.aspx Show response
rec.scupio.com/recweb/ Frame A3A7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q0pBMjAyMjEyMjkyMzA3MDI2NjQ3ODQ%3d&layout=js
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEMag5qN6WtVCZ_yV0wrgzhs&google_cver=1&google_ula=3918219,0

0
551 B

1185ms
237ms

Script
text/javascript

210.59.219.175
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEMag5qN6WtVCZ_yV0wrgzhs&google_cver=1&google_ula=3918219,0
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol: HTTP/1.1
Server: 210.59.219.175 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 29 Dec 2022 15:07:03 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: text/javascript
P3P: CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control: private
Content-Length: 0

Redirect headers

pragma: no-cache
date: Thu, 29 Dec 2022 15:07:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEMag5qN6WtVCZ_yV0wrgzhs&google_cver=1&google_ula=3918219,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 332
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame C50C
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac

281 B
554 B

112ms
32ms

Document
text/html

23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Requested by: Host: reurl.cc
URL: https://reurl.cc/qZ40Kn
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://img.scupio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 29 Dec 2022 15:07:02 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Thu, 29 Dec 2022 15:07:02 GMT
location: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
server: AkamaiGHost

GET
H3 200 /
www.facebook.com/tr/ Frame A3A7 0
15 B 33ms
32ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=588795092476391&ev=ViewContent&dl=https%3A%2F%2Fimg.scupio.com%2Fhtml%2Fad.html%3Fv%3D1.0.65&rl=https%3A%2F%2Fimg.scupio.com%2Fhtml%2Fad.html%3Fv%3D1.0.65&if=true&ts=1672326422687&cd[SBST]=17&cd[PuID]=reurl&cd[labelsource]=sp&ud[external_id]=ba5d352cfc1b2bb9012cc11428c43c0e3caa84e770570dfe748cb6629d6b2eb2

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 29 Dec 2022 15:07:02 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H/1.1 200
OK /
sync.aralego.com/idSync/ Frame A3A7 35 B
413 B 410ms
103ms Image
image/gif 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CJA20221229230702664784
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Bethesda, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 29 Dec 2022 15:07:03 GMT
Connection: close
Content-Length: 35
Content-Type: image/gif

GET
H2 200 ads.js Show response
ad.holmesmind.com/adserver/ Frame 84E3 2 KB
1 KB 283ms
282ms Script
text/html 52.196.193.254
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/ads.js?z=13857&rf=https%3A%2F%2Freurl.cc%2FqZ40Kn&n=275&o=1&d=1&b=2&ts=1&ii=2&FPCK=4330-miw3nKpsMAgVM7pzHomV2J6IiR1F9EVW&initver=210830P
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.196.193.254 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-196-193-254.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1a09169fedb1e9b2084fac12c7f3ec2dfd0d53abcf6093a63cc691500976c3b3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Thu, 29 Dec 2022 15:07:02 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 rtbhouseV2.js Show response
cdn.holmesmind.com/js/ Frame 84E3 3 KB
3 KB 34ms
32ms Script
application/javascript 2600:9000:206f:f400:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:f400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: null
date: Thu, 29 Dec 2022 15:06:38 GMT
via: 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
last-modified: Tue, 04 Aug 2020 09:25:10 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 56
etag: "6a605eea47197fa280f27aaf1fa1521d"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2773
x-amz-cf-id: Z1oZEAz4YyOEyizcvq8Zb4oaUeVGykouziBKJ-kgVxRMnwdc-hlQLQ==

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame 84E3 121 KB
40 KB 38ms
36ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

87f31cded62015a1d11cce6be7a32b77405de2fb36f4b8a7c2c5a4ccabd6a403

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:02 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
server: nginx
etag: W/"6356752f-1e444"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 30 Dec 2022 15:07:02 GMT

GET
H2 200 criteoV2.js Show response
cdn.holmesmind.com/js/ Frame 84E3 2 KB
3 KB 34ms
33ms Script
application/javascript 2600:9000:206f:f400:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/criteoV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:f400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: null
date: Thu, 29 Dec 2022 15:06:38 GMT
via: 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
last-modified: Tue, 04 Aug 2020 09:25:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 56
etag: "e8f33fcb581483ced4a09b3c8e7550e4"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2443
x-amz-cf-id: IrsMybXTSA5QbXdHVu7uSGW8oCmoedJNug15xyaSrc4jVXO9_WNBAQ==

GET
H2 200 bridgewellV3.js Show response
cdn.holmesmind.com/js/ Frame 84E3 4 KB
5 KB 35ms
34ms Script
application/javascript 2600:9000:206f:f400:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:f400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: null
date: Thu, 29 Dec 2022 15:06:41 GMT
via: 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
last-modified: Tue, 20 Apr 2021 06:25:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 40
etag: "c3b948e5a48dd0ec20c265d6d8da7add"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 4530
x-amz-cf-id: lCi06rAlUHOV875MZiHmjvI7yeb6ReHPqFnKklh0dk3QfTv9dIiyZA==

GET
H2 200 appierV2.js Show response
cdn.holmesmind.com/js/ Frame 84E3 3 KB
3 KB 35ms
34ms Script
application/javascript 2600:9000:206f:f400:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appierV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:f400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: null
date: Thu, 29 Dec 2022 15:06:38 GMT
via: 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
last-modified: Thu, 11 Mar 2021 07:54:26 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 56
etag: "548ed610a8571343fb3022f543174735"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 3177
x-amz-cf-id: nkWTz2oPOt9rPjuGw9aEKYtP-ZYh7HVvgQXXrwwkdb3nMRVNWCbBIg==

GET
H2 200 appier_mainV3.js Show response
cdn.holmesmind.com/js/ Frame 84E3 6 KB
7 KB 37ms
36ms Script
application/javascript 2600:9000:206f:f400:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:f400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7d1b32ac68941e60bacfe0ab1c5eab749868a0278495eaf50a17da2c95b8f3e1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: OsKd1EEmixEwNImqE_Ez2qHyKZ95G9Ob
date: Thu, 29 Dec 2022 15:06:41 GMT
via: 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
last-modified: Mon, 05 Dec 2022 08:02:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 54
etag: "dfd6bf39aeff48b2d3414a18a5a4d36e"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 6650
x-amz-cf-id: P2Df0scCqYU9QBaQDEdEaGrL9TuItjrbKm6RcZPPVkc1u6ZW_oXyqg==

GET
H2 200 prebid_mainV3.js Show response
cdn.holmesmind.com/js/ Frame 84E3 3 KB
4 KB 38ms
37ms Script
application/javascript 2600:9000:206f:f400:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/prebid_mainV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:f400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 389b91144853a1a80fad740f12a1404d1643762544449957f4f3f83a0dae6407

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: FYGexi3MgMd3Tp0dXQOYmVyXAUdSSAgT
date: Thu, 29 Dec 2022 15:06:41 GMT
via: 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
last-modified: Thu, 29 Dec 2022 03:00:51 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 27
etag: "7753ff9974b2c2ef1e17c8d4794535cf"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 3396
x-amz-cf-id: iwjjDKR69kq7vinEC97Z1a8fBSzQw5m1HqTnJNoSpMfnDcsMCkvg6A==

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame 84E3 0
170 B 177ms
176ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://reurl.cc
date: Thu, 29 Dec 2022 15:07:02 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 204 prebid.aspx Show response
prebid.scupio.com/recweb/ Frame 84E3 0
50 B 230ms
228ms XHR
text/html 210.59.219.181
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.scupio.com/recweb/prebid.aspx?cb=0.6495595531424583
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 210.59.219.181 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 29 Dec 2022 15:07:02 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: text/html
access-control-allow-origin: https://reurl.cc
cache-control: private
access-control-allow-credentials: true

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame 84E3
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=tuOyO1fUA1CwGkS8Fq2tYw

2 B
19 B

284ms
284ms

XHR
application/json

34.96.119.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=tuOyO1fUA1CwGkS8Fq2tYw
Requested by: Host: reurl.cc
URL: https://reurl.cc/qZ40Kn
Protocol: H3
Server: 34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:03 GMT
via: 1.1 google
server: nginx/1.19.0
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Thu, 29 Dec 2022 15:07:03 GMT
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=tuOyO1fUA1CwGkS8Fq2tYw
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame 84E3
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=tuOyO1fUA1CwGkS8Fq2tYw

2 B
19 B

285ms
285ms

XHR
application/json

34.96.119.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=tuOyO1fUA1CwGkS8Fq2tYw
Requested by: Host: reurl.cc
URL: https://reurl.cc/qZ40Kn
Protocol: H3
Server: 34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:03 GMT
via: 1.1 google
server: nginx/1.19.0
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Thu, 29 Dec 2022 15:07:03 GMT
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=tuOyO1fUA1CwGkS8Fq2tYw
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK prebid.json Show response
prebid.cht.hinet.net/api/v1/request/ Frame 84E3 2 B
294 B 252ms
252ms XHR
application/json 203.75.213.62
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://prebid.cht.hinet.net/api/v1/request/prebid.json

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/prebid_mainV3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.213.62 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

nginx/1.21.1 /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://reurl.cc/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 29 Dec 2022 15:07:02 GMT
Strict-Transport-Security: max-age=0
Server: nginx/1.21.1
vary: Origin
Content-Type: application/json
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 2

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame 84E3
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=tuOyO1fUA1CwGkS8Fq2tYw

2 B
19 B

286ms
286ms

XHR
application/json

34.96.119.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=tuOyO1fUA1CwGkS8Fq2tYw
Requested by: Host: reurl.cc
URL: https://reurl.cc/qZ40Kn
Protocol: H3
Server: 34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:03 GMT
via: 1.1 google
server: nginx/1.19.0
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Thu, 29 Dec 2022 15:07:03 GMT
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=tuOyO1fUA1CwGkS8Fq2tYw
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 84E3 177 B
426 B 47ms
47ms XHR
application/json 2a02:2638:1::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=132&profileId=184&cb=25922957712

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

59181ea73f974d3e5bb731c6b26993a3500912a3febc5131e66f6d3999bd09f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 29 Dec 2022 15:07:02 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 164

POST
H2 204 events
bidder.criteo.com/csm/ Frame 84E3 0
209 B 25ms
25ms Ping
text/plain 2a02:2638:1::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 29 Dec 2022 15:07:02 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 753A 34 KB
10 KB 32ms
32ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 7b045d3f187912048870a1bad4ee888037b00a425ec117e5ae9c1575ede2c032

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 29 Dec 2022 15:07:02 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Dec 2022 22:49:49 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=27722
Connection: keep-alive
Content-Length: 10066
Expires: Thu, 29 Dec 2022 22:49:04 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame C50C 34 KB
10 KB 32ms
32ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 7b045d3f187912048870a1bad4ee888037b00a425ec117e5ae9c1575ede2c032

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 29 Dec 2022 15:07:02 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Dec 2022 22:49:49 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=27722
Connection: keep-alive
Content-Length: 10066
Expires: Thu, 29 Dec 2022 22:49:04 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 753A 284 B
536 B 158ms
35ms Image
image/jpg 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame C50C 284 B
536 B 149ms
33ms Image
image/jpg 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 84E3 5 KB
3 KB 227ms
226ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:03 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Thu, 29 Dec 2022 15:17:03 GMT

GET
H2 200 cm Show response
t.ssp.hinet.net/ Frame 6ED4 0
194 B 234ms
234ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=cf&cid=937034-Unb0oh93L7EQLdTpPuoA9mZ0MIYHt8PO&mp=4ef255ad-cf1a-49d5-907a-ec3b6da91e67

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:03 GMT
strict-transport-security: max-age=0
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 pixel
4ef255ad-cf1a-49d5-907a-ec3b6da91e67.t.ssp.hinet.net/ Frame 6ED4 0
79 B 1039ms
226ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4ef255ad-cf1a-49d5-907a-ec3b6da91e67.t.ssp.hinet.net/pixel?bd=4ef255ad-cf1a-49d5-907a-ec3b6da91e67&t=cf&referrer=https%3A%2F%2Freurl.cc

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:03 GMT
strict-transport-security: max-age=0
server: nginx
content-length: 0
content-type: image/png

GET
H2 200 drawV2.js Show response
cdn.holmesmind.com/js/ Frame 84E3 10 KB
10 KB 33ms
33ms Script
application/javascript 2600:9000:206f:f400:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/drawV2.js
Requested by: Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13857&rf=https%3A%2F%2Freurl.cc%2FqZ40Kn&n=275&o=1&d=1&b=2&ts=1&ii=2&FPCK=4330-miw3nKpsMAgVM7pzHomV2J6IiR1F9EVW&initver=210830P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:f400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: null
date: Thu, 29 Dec 2022 15:07:01 GMT
via: 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
last-modified: Fri, 16 Oct 2020 09:58:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 12
etag: "84d8b1a745228113e60f5e62f0eff6d3"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 10359
x-amz-cf-id: 5_DDcqTS2CqW7JzByrbGiACulT39D24-vKufik5DtgNroyBQ0grnNg==

GET
H2 200 css
fonts.googleapis.com/ Frame 1D91 8 KB
1 KB 183ms
57ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F14210&adk=2180255949&adf=3653020618&pi=t.ma~as.2784%2F14210&w=300&lmt=1672326422&url=https%3A%2F%2Freurl.cc%2FqZ40Kn&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672326422221&bpp=11&bdt=272&idt=280&shv=r20221207&mjsv=m202212060101&ptt=5&saldr=sa&correlator=1326261119059&frm=23&ife=1&pv=2&ga_vid=1999424911.1672326420&ga_sid=1672326423&ga_hid=420027472&ga_fc=1&nhd=2&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=108&biw=1600&bih=1200&isw=300&ish=250&ifk=2913668735&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44773809%2C44768832%2C31071250%2C44780792&oid=2&pvsid=60883554846238&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.uqioabg75558&fsb=1&dtd=296

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 29 Dec 2022 15:07:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 29 Dec 2022 14:36:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 29 Dec 2022 15:07:03 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 1D91 2 KB
818 B 114ms
42ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 11:30:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12964
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 12 Jan 2023 11:30:59 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/13606792699975662398/ Frame 1D91 3 KB
3 KB 134ms
74ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13606792699975662398/14763004658117789537?w=100&h=100

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3d322d792b2ba71ffad3edb3d6aa45f835010de336118786f67fb96619ad227

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 15:37:24 GMT
x-content-type-options: nosniff
age: 516579
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3305
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 05:24:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 23 Dec 2023 15:37:24 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/3256940183835254774/ Frame 1D91 22 KB
22 KB 104ms
44ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3256940183835254774/14763004658117789537?w=400&h=209

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a57ac745d7579527248477c81c2fba19a61b7f6e024ac12ba5002347b41e6254

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 12:45:23 GMT
x-content-type-options: nosniff
age: 354100
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22464
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 13:25:12 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 25 Dec 2023 12:45:23 GMT

GET
DATA 200
OK truncated
/ Frame 1D91 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ff1c28a66f03badb7fe166d9663fe373a86ece548599bc9a3a4587a7a552a6b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 1D91 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 372a3186cdfa2b7a80c939a0496851ab0519c9b8cb656609fb902168ee053a8b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 1D91 23 KB
10 KB 76ms
33ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 11:30:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12964
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 12 Jan 2023 11:30:59 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 1D91 3 KB
1 KB 85ms
43ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 14:58:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 512
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 12 Jan 2023 14:58:31 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 1D91 18 KB
7 KB 79ms
38ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 11:30:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12964
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 12 Jan 2023 11:30:59 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 1D91 0
0 196ms
67ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSRIsqtCKGv1TWBSEJA1U_QjWk_n_hAOAUSMROdAGLwq_ayzkqt4kFNJqfhBo2-AAtxIxF7HZrzfEANo6SxcNXs9oAzFA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F14210&adk=2180255949&adf=3653020618&pi=t.ma~as.2784%2F14210&w=300&lmt=1672326422&url=https%3A%2F%2Freurl.cc%2FqZ40Kn&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672326422221&bpp=11&bdt=272&idt=280&shv=r20221207&mjsv=m202212060101&ptt=5&saldr=sa&correlator=1326261119059&frm=23&ife=1&pv=2&ga_vid=1999424911.1672326420&ga_sid=1672326423&ga_hid=420027472&ga_fc=1&nhd=2&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=108&biw=1600&bih=1200&isw=300&ish=250&ifk=2913668735&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44773809%2C44768832%2C31071250%2C44780792&oid=2&pvsid=60883554846238&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.uqioabg75558&fsb=1&dtd=296
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1D91 153 KB
47 KB 199ms
59ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 29 Dec 2022 15:07:03 GMT

GET
H2 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame 1D91 34 KB
14 KB 187ms
59ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 24 Dec 2022 09:05:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 453673
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 24 Mar 2023 09:05:50 GMT

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame 84E3 36 B
400 B 228ms
228ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

85d64ff83275d7e066020878cb285acda6cf7879653dc3b7cfe372eaef006078

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:03 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 25A4 1 KB
643 B 32ms
32ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 11983
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 29 Dec 2022 11:47:20 GMT
etag: 48472445140208031
expires: Fri, 30 Dec 2022 11:47:20 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 1D91 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6dd824f4abdf23816168fe820e462bce815c27350a1f33650aa1b4154edbf544

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 25A4
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEDsJT-TVWQzIXDbf0g4JRLY&google_cver=1&google_push=AavPq0MON7pKkFJ5TYWlXggyuBviFZ7vDCmjy_tE8KrtbnoDFtL8CcEPrB4QirxAFWSmuE3_3B95ISZzAt_J4W11oonTaswTNfiq
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzA5NzQzNDY5Mzg4ODE5MjU1OQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDsJT-TVWQzIXDbf0g4JRLY&google_cver=1

43 B
398 B

69ms
25ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDsJT-TVWQzIXDbf0g4JRLY&google_cver=1
Requested by: Host: reurl.cc
URL: https://reurl.cc/qZ40Kn
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 29 Dec 2022 15:07:03 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Thu, 29 Dec 2022 15:07:03 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDsJT-TVWQzIXDbf0g4JRLY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 25A4 0
173 B 116ms
30ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESENcOacYgdVrGQnWJtAPIzVg&google_cver=1&google_push=AavPq0OcNmM9aUDCqR3Z9wMXtdSiQ1RjQJQr3AJzsLiB_QctuyQ3rtUP-7FBZ4_kpsNjJxbXQUspII0hbXkKM2p9vnW1gaxmND8
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F14210&adk=2180255949&adf=3653020618&pi=t.ma~as.2784%2F14210&w=300&lmt=1672326422&url=https%3A%2F%2Freurl.cc%2FqZ40Kn&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672326422221&bpp=11&bdt=272&idt=280&shv=r20221207&mjsv=m202212060101&ptt=5&saldr=sa&correlator=1326261119059&frm=23&ife=1&pv=2&ga_vid=1999424911.1672326420&ga_sid=1672326423&ga_hid=420027472&ga_fc=1&nhd=2&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=108&biw=1600&bih=1200&isw=300&ish=250&ifk=2913668735&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44773809%2C44768832%2C31071250%2C44780792&oid=2&pvsid=60883554846238&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.uqioabg75558&fsb=1&dtd=296
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:03 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 25A4
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEEvy4VsvJM0P_JFqEZHQYz0&google_cver=1&google_push=AavPq0Nk-0RKipE6Wp369fYQQ0rxaFsNi9ZR9f2J_S0AX0eCLHgI6ph_7GNR8BYjEyllyXUk0ovexxIySD6vwFdn2mhn...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEEvy4VsvJM0P_JFqEZHQYz0&google_cver=1&google_push=AavPq0Nk-0RKipE6Wp369fYQQ0rxaFsNi9ZR9f2J_S0AX0eCLHgI6ph_7GNR8BYjEyllyXUk0ovexxIySD6vwF...
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle
https://x.bidswitch.net/sync?dsp_id=59&user_id=b4b9ebb7-c814-4572-9c05-ba902f3553d6&ssp=google
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0Nk-0RKipE6Wp369fYQQ0rxaFsNi9ZR9f2J_S0AX0eCLHgI6ph_7GNR8BYjEyllyXUk0ovexxIySD6vwFdn2mhnhlWvQHOo&google_hm=FxahWQvRSK62OXyxvqywjg==

170 B
188 B

69ms
69ms

Image
image/png

142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0Nk-0RKipE6Wp369fYQQ0rxaFsNi9ZR9f2J_S0AX0eCLHgI6ph_7GNR8BYjEyllyXUk0ovexxIySD6vwFdn2mhnhlWvQHOo&google_hm=FxahWQvRSK62OXyxvqywjg==

Requested by

Host: reurl.cc
URL: https://reurl.cc/qZ40Kn

Protocol

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Dec 2022 15:07:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0Nk-0RKipE6Wp369fYQQ0rxaFsNi9ZR9f2J_S0AX0eCLHgI6ph_7GNR8BYjEyllyXUk0ovexxIySD6vwFdn2mhnhlWvQHOo&google_hm=FxahWQvRSK62OXyxvqywjg==
date: Thu, 29 Dec 2022 15:07:03 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 25A4
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENBJPdT6nVzyN5JJeWU9Z1U&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESENBJPdT6nVzyN5JJeWU9Z1U&google_push=Aa...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENBJPdT6nVzyN5JJeWU9Z1U&google_hm=Y62tFyZWJkbbBaIwt-m3xAAABGcAAAIB&google_nid=index&google_push=AavPq0PyXNbmVncvPGV6dgtCa9uoSvTNDZZiY...

170 B
188 B

70ms
70ms

Image
image/png

142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENBJPdT6nVzyN5JJeWU9Z1U&google_hm=Y62tFyZWJkbbBaIwt-m3xAAABGcAAAIB&google_nid=index&google_push=AavPq0PyXNbmVncvPGV6dgtCa9uoSvTNDZZiYYEICwUZncKg-LoqrRnO3rEVmYN8RJthwg0_wvjxpIrRF2A4teyyM8NoTV_IcvQ

Requested by

Host: reurl.cc
URL: https://reurl.cc/qZ40Kn

Protocol

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Dec 2022 15:07:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 29 Dec 2022 15:07:03 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J9iHG%2FByh%2FUf4SjxTggEZI%2BY4pgTTBXi%2FGfe2lplBfhwFVK2nOCxJEO4azGgbWZBS6CWIoUYmtW%2FozFfNs9uNCKRc3z7qq8nKKwJTNpBYzzqnOEyYR6SGaBTr%2Fc5YSkUZMGd7DPEd7d7cQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENBJPdT6nVzyN5JJeWU9Z1U&google_hm=Y62tFyZWJkbbBaIwt-m3xAAABGcAAAIB&google_nid=index&google_push=AavPq0PyXNbmVncvPGV6dgtCa9uoSvTNDZZiYYEICwUZncKg-LoqrRnO3rEVmYN8RJthwg0_wvjxpIrRF2A4teyyM8NoTV_IcvQ
cache-control: no-cache
cf-ray: 78137172c9e3b936-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 25A4
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEKtCUB54FhlezOkuPtekXa0&google_cver=1&google_push=AavPq0PiAdNzKlW_u9cWd0rC537pAYHYorCx9UQRNEGZNSDDXUnvJ3neUQHTlWeEsKm12eqnflK0_WiSU8yGDflZS...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEKtCUB54FhlezOkuPtekXa0&google_cver=1&google_push=AavPq0PiAdNzKlW_u9cWd0rC537pAYHYorCx9UQRNEGZNSDDXUnvJ3neUQHTlWeEsKm12eqnflK0_WiSU8yGDflZS...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AavPq0PiAdNzKlW_u9cWd0rC537pAYHYorCx9UQRNEGZNSDDXUnvJ3neUQHTlWeEsKm12eqnflK0_WiSU8yGDflZSutXMFYdIgx1&google_hm=F5crqGZH9L9NMoy6SFSJKWXr

170 B
188 B

72ms
72ms

Image
image/png

142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AavPq0PiAdNzKlW_u9cWd0rC537pAYHYorCx9UQRNEGZNSDDXUnvJ3neUQHTlWeEsKm12eqnflK0_WiSU8yGDflZSutXMFYdIgx1&google_hm=F5crqGZH9L9NMoy6SFSJKWXr

Requested by

Protocol

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Dec 2022 15:07:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 29 Dec 2022 15:07:03 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AavPq0PiAdNzKlW_u9cWd0rC537pAYHYorCx9UQRNEGZNSDDXUnvJ3neUQHTlWeEsKm12eqnflK0_WiSU8yGDflZSutXMFYdIgx1&google_hm=F5crqGZH9L9NMoy6SFSJKWXr
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 25A4
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEBcR9lNFSGQK1-oZpESkq5Q&google_cver=1&google_push=AavPq0Pu1yxdnT3JlgdOwp7WWQhTkZK1x-BJX4cYQ6sD8P83kGSDk0iXual94NrV0jP465bkzV1OBvz2ZPgIeEslcwFbSO...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEBcR9lNFSGQK1-oZpESkq5Q&google_cver=1&google_push=AavPq0Pu1yxdnT3JlgdOwp7WWQhTkZK1x-BJX4cYQ6sD8P83kGSDk0iXual94NrV0jP465bkzV1OBvz2ZPgIeEsl...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TjqLR8wvRHKT8t66HwI6Kg&google_push=AavPq0Pu1yxdnT3JlgdOwp7WWQhTkZK1x-BJX4cYQ6sD8P83kGSDk0iXual94NrV0jP465bkzV1OBvz2ZPgIeEs...

170 B
188 B

74ms
74ms

Image
image/png

142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TjqLR8wvRHKT8t66HwI6Kg&google_push=AavPq0Pu1yxdnT3JlgdOwp7WWQhTkZK1x-BJX4cYQ6sD8P83kGSDk0iXual94NrV0jP465bkzV1OBvz2ZPgIeEslcwFbSOULXeA

Requested by

Protocol

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Dec 2022 15:07:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TjqLR8wvRHKT8t66HwI6Kg&google_push=AavPq0Pu1yxdnT3JlgdOwp7WWQhTkZK1x-BJX4cYQ6sD8P83kGSDk0iXual94NrV0jP465bkzV1OBvz2ZPgIeEslcwFbSOULXeA
access-control-allow-origin: *
date: Thu, 29 Dec 2022 15:07:03 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 25A4
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEMKC0cYx5zCcUrUfBsmhHfk&google_cver=1&google_push=AavPq0OZjI9qX5eiM...
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEMKC0cYx5zCcUrUfBsmhHfk%26goo...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MTkwNjQ2OTA2Njg2NzU3MjY0Ng%3D%3D&google_gid=CAESEMKC0cYx5zCcUrUfBsmhHfk&google_cver=1&google_push=AavPq0OZjI9qX5eiM3BvdwPYEXsiINYWf8...

170 B
188 B

73ms
73ms

Image
image/png

142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MTkwNjQ2OTA2Njg2NzU3MjY0Ng%3D%3D&google_gid=CAESEMKC0cYx5zCcUrUfBsmhHfk&google_cver=1&google_push=AavPq0OZjI9qX5eiM3BvdwPYEXsiINYWf83fKidiMnMmweupsoXIwsk3U-a1nOXmkyzWSoikMvIOCpfMjo0lWsT9p_fsuFxoD6jNPA

Requested by

Protocol

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Dec 2022 15:07:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 29 Dec 2022 15:07:03 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 31.204.150.114; 31.204.150.114; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 646efa88-206f-49c2-97d1-b98063fb3557
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MTkwNjQ2OTA2Njg2NzU3MjY0Ng%3D%3D&google_gid=CAESEMKC0cYx5zCcUrUfBsmhHfk&google_cver=1&google_push=AavPq0OZjI9qX5eiM3BvdwPYEXsiINYWf83fKidiMnMmweupsoXIwsk3U-a1nOXmkyzWSoikMvIOCpfMjo0lWsT9p_fsuFxoD6jNPA
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 25A4 0
12 B 68ms
67ms Image
text/html 142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kl1pjXH9TEJEJPTrIrKvwjMuB9nT_TGfXM9kQ6gSQgHGk03HPd3vDKw_zxiKlHPJGm-C6jXA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:03 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 1D91 28 KB
28 KB 183ms
57ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 17:04:17 GMT
x-content-type-options: nosniff
age: 338566
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Dec 2023 17:04:17 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame CCEB 14 KB
11 KB 199ms
82ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a8f7ca7b82b9f70e083e3bb54d99f1c6717b892e53be065dbc39dcfd5c657ad9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11051
x-xss-protection: 0

GET
H3 200 3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js Show response
pagead2.googlesyndication.com/bg/ Frame 4559 36 KB
16 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd6a4d39482b37efe9c55c363401d536da1f7abff0e9a2dbdd91d718700ce386

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 18:15:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 161500
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16071
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Dec 2023 18:15:23 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame CCEB 17 KB
6 KB 115ms
47ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 29 Dec 2022 15:07:03 GMT

GET
H2

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/ Frame AA80
Redirect Chain

https://ads.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

44 KB
45 KB

100ms
33ms

Script
application/octet-stream

2606:4700:20::681a:567
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: reurl.cc
URL: https://reurl.cc/qZ40Kn
Protocol: H2
Server: 2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8af4a7b3549631244df52a0d91b22ccfb355b2f10caab9fe9fa0b57a2beff473

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12820
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45472
last-modified: Wed, 21 Dec 2022 06:26:38 GMT
server: cloudflare
etag: "63a2a71e-b1a0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CCWysFgBqm%2FuYXwsjo0oX7%2FVmSgjK%2FWTP89FSrHoEP9TQDRMjztrZKBxPDaD4H%2BajTRY%2BnJH4Dd8B6nB4J%2BE%2FldrSagPrhZQdId6xTPk1yXpJh%2BZaikjxxBxo%2FD0ZjSIrPUDJPhuVbBWwDAFhA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 781371779a35b766-AMS

Redirect headers

location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
connection: close
content-length: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame AF50 13 KB
5 KB 33ms
31ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 2230
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 29 Dec 2022 14:29:53 GMT
expires: Fri, 29 Dec 2023 14:29:53 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 74EE 783 B
534 B 106ms
40ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a7d191bed623cc23f3f1f4eb79369273e70606529389079267923f7a85c2b7f0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XXIMOT00bHujdLa_9eZJhQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-XXIMOT00bHujdLa_9eZJhQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 29 Dec 2022 15:07:03 GMT
expires: Thu, 29 Dec 2022 15:07:03 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js Show response
pagead2.googlesyndication.com/bg/ Frame AF50 36 KB
16 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd6a4d39482b37efe9c55c363401d536da1f7abff0e9a2dbdd91d718700ce386

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 18:15:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 161500
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16071
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Dec 2023 18:15:23 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 74EE 0
0 134ms
134ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221207&jk=60883554846238&rc=
Requested by: Host: reurl.cc
URL: https://reurl.cc/qZ40Kn
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame AF50 0
10 B 31ms
31ms Image
text/plain 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?dUMoUg
Requested by: Host: reurl.cc
URL: https://reurl.cc/qZ40Kn
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:03 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 ucfad-formats.css
cdn.aralego.net/css/dev/ Frame AA80 975 B
820 B 67ms
39ms Stylesheet
text/css 2606:4700:20::681a:567
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1233
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SZ9HTHJ95svQjnU%2Fcd2PRDD8nYGLNfIWwT%2FNYfhK%2BVALoFaeNyRNEfJmDE6BP5pMIm%2FQ2Mj%2Beeh7lqeCjerLC3nw2gID4%2FIAasFjzlZx1Ya6hzru5RVqtsWB%2F7hPEnYb8hSAd072ez2ibZGQRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 78137178296d0e18-AMS

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ Frame AA80 46 B
486 B 305ms
103ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Bethesda, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: dcc1a07b4010220ed4ac6a2ee8fc69a56e3005dae98f0c26e09a8b52a2ceb1f5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 29 Dec 2022 15:07:04 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://reurl.cc
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 46

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ Frame AA80 552 B
1 KB 332ms
131ms XHR
text/html 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=reurl.cc&u=https%3A%2F%2Freurl.cc%2FqZ40Kn&adid=ad-BE7A8D43E47B3D23C77A9993A9B8A778&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.9795537083319856&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B&ao=https%3A%2F%2Freurl.cc&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22&uaMobile=%3F0
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Ft. Washington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 99ec1b27528b2883154fd166e11c3fa740d28609937a1a0287d95674ea99c2bc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:04 GMT
x-width: 300
x-height: 250
x-adstyle: banner
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://reurl.cc
access-control-expose-headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
vary: Accept-Encoding
access-control-allow-credentials: true
x-adsource: PSA
x-sspid: 901ac3e7-a71e-37aa-ada1-3ee41fe0e9d5
x-adtype: html
connection: close
content-length: 552

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 75ms
25ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://img.scupio.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://img.scupio.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Thu, 29 Dec 2022 15:07:04 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 389542
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame 3493
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1
https://mug.criteo.com/sid?cpp=-cf_dHx4R2Y0TCtJa3grV01JalFvQ0F2OCs0dDJZUFRTTlhwT1VGSnFTSnF1MXRQcTVlcm1VWi91QzltYUYvd2lTWWpQbE9wbWdrTlk5ZUhQUFplaTNHTi9HOGVoa1dObXlmRHNHcU5UQ01PS1ZreFFGb3ZOVE5vRHB1aG...

421 B
694 B

27ms
26ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=-cf_dHx4R2Y0TCtJa3grV01JalFvQ0F2OCs0dDJZUFRTTlhwT1VGSnFTSnF1MXRQcTVlcm1VWi91QzltYUYvd2lTWWpQbE9wbWdrTlk5ZUhQUFplaTNHTi9HOGVoa1dObXlmRHNHcU5UQ01PS1ZreFFGb3ZOVE5vRHB1aGpBUVcrZjNMWHNVYmRxRHFzTkNFenROSVMyOHVXZVpaSERkdnJzWXFGUHpJU08vOXpUVWUzVGRPc0V2cWF0RTZuU2NxYjMzOTVya1l6YXZyRTR5VzlPenAwR2doSlkzMzF6ODQ3MzhNNlFrTnhsTnRZNVdCZXBTaVVFTzBUSHNjc2JNckJmS0VTUWRvTm1kUVViZXV5dnZTZ1NKZkxwMGhianFpWWVvQVNYSlVyUnYxQ1ROaz18&cppv=2

Requested by

Host: reurl.cc
URL: https://reurl.cc/qZ40Kn

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

b6e0b608f4a44800d834b76aca0a943bb48d85dc8a85584f0dd5baea8a5a62dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Dec 2022 15:07:03 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1180137
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 29 Dec 2022 15:07:03 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
location: https://mug.criteo.com/sid?cpp=-cf_dHx4R2Y0TCtJa3grV01JalFvQ0F2OCs0dDJZUFRTTlhwT1VGSnFTSnF1MXRQcTVlcm1VWi91QzltYUYvd2lTWWpQbE9wbWdrTlk5ZUhQUFplaTNHTi9HOGVoa1dObXlmRHNHcU5UQ01PS1ZreFFGb3ZOVE5vRHB1aGpBUVcrZjNMWHNVYmRxRHFzTkNFenROSVMyOHVXZVpaSERkdnJzWXFGUHpJU08vOXpUVWUzVGRPc0V2cWF0RTZuU2NxYjMzOTVya1l6YXZyRTR5VzlPenAwR2doSlkzMzF6ODQ3MzhNNlFrTnhsTnRZNVdCZXBTaVVFTzBUSHNjc2JNckJmS0VTUWRvTm1kUVViZXV5dnZTZ1NKZkxwMGhianFpWWVvQVNYSlVyUnYxQ1ROaz18&cppv=2
access-control-allow-origin: https://img.scupio.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 825288
content-length: 0
expires: 0

GET
H/1.1 200
OK idSync
sync.aralego.com/ Frame 3493 35 B
266 B 305ms
103ms Image
image/gif 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idSync
Requested by: Host: reurl.cc
URL: https://reurl.cc/qZ40Kn
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Bethesda, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 29 Dec 2022 15:07:04 GMT
Connection: close
Content-Length: 35
Content-Type: image/gif

GET
H3 200 cm
c.holmesmind.com/ Frame 3493 0
13 B 127ms
127ms Image
text/html 35.201.76.93
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm
Requested by: Host: reurl.cc
URL: https://reurl.cc/qZ40Kn
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:04 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 74ms
31ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://img.scupio.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://img.scupio.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Thu, 29 Dec 2022 15:07:03 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 4594800
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame 443A
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1
https://mug.criteo.com/sid?cpp=d1GxMHxPSXE0Z05nOVlOSEd6SFZZQVFyQlh0T3liejdJWmhDUGorQTNJeTc3WUt4TWtkMkljb0Y4ekxUdXY5S2hMMXF3djJibGVrOVk3NTFuRXU1ZC9qSTIvbngzYUluOWpIV1l0TzdhK3Y3M2w1eXFraUtrYlgyL3V3Qm...

426 B
698 B

28ms
27ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=d1GxMHxPSXE0Z05nOVlOSEd6SFZZQVFyQlh0T3liejdJWmhDUGorQTNJeTc3WUt4TWtkMkljb0Y4ekxUdXY5S2hMMXF3djJibGVrOVk3NTFuRXU1ZC9qSTIvbngzYUluOWpIV1l0TzdhK3Y3M2w1eXFraUtrYlgyL3V3QmVuanE2YkNIb2ViTUJTNDFSc20ybk9ObUN1dkdxdWdrQlhvaTRLZ3hoS29USWVpemhZVlY5YXNldkJsVjdsaFFUTkYvNWR0SmY3bXRpeC9DWURXNTlkSkpNMGlhN3l1VjNmc1dSV1NXUmtPNnVNdkl2ZGJPWU40QVp5WDh1SStRVWNkSzRmT0l6SFJ0SVdHRmJ3U1ppUFBRZ2ljc0g0V3FyWlgzN3hNc1c0UGhSK2w5VWV2az18&cppv=2

Requested by

Host: reurl.cc
URL: https://reurl.cc/qZ40Kn

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

374c2c567041b925eb2af81bab7b999323a0f5ac2f005803553249df65d4cdba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Dec 2022 15:07:03 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1756510
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 29 Dec 2022 15:07:04 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
location: https://mug.criteo.com/sid?cpp=d1GxMHxPSXE0Z05nOVlOSEd6SFZZQVFyQlh0T3liejdJWmhDUGorQTNJeTc3WUt4TWtkMkljb0Y4ekxUdXY5S2hMMXF3djJibGVrOVk3NTFuRXU1ZC9qSTIvbngzYUluOWpIV1l0TzdhK3Y3M2w1eXFraUtrYlgyL3V3QmVuanE2YkNIb2ViTUJTNDFSc20ybk9ObUN1dkdxdWdrQlhvaTRLZ3hoS29USWVpemhZVlY5YXNldkJsVjdsaFFUTkYvNWR0SmY3bXRpeC9DWURXNTlkSkpNMGlhN3l1VjNmc1dSV1NXUmtPNnVNdkl2ZGJPWU40QVp5WDh1SStRVWNkSzRmT0l6SFJ0SVdHRmJ3U1ppUFBRZ2ljc0g0V3FyWlgzN3hNc1c0UGhSK2w5VWV2az18&cppv=2
access-control-allow-origin: https://img.scupio.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 686689
content-length: 0
expires: 0

GET
H3 200 cm
c.holmesmind.com/ Frame 443A 0
13 B 141ms
140ms Image
text/html 35.201.76.93
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:04 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK idSync
sync.aralego.com/ Frame 443A 35 B
266 B 306ms
104ms Image
image/gif 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idSync
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Bethesda, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 29 Dec 2022 15:07:04 GMT
Connection: close
Content-Length: 35
Content-Type: image/gif

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1D91 42 B
64 B 146ms
146ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvb3260l3_tmIi8nPV_4N8ae7R-cGokAx3dbBRCLU-aKLKc8W4EVucQpoNYTl9OGDbt9Qgdbs2mfV8JFFFNJc2435rqp0Z3He6YsS4L3-0atX9eIovzPo-IP4LPRlL5svpjgpmUlw&sai=AMfl-YQAnvLgq3hiT93Rk23QUVh5-BvfMaOTp342gVBEaxh7y74HTRJja1BnEDRmC-A48E__tymhRPRHyNfmtoPKUF4NHomEpQz-Xkd-Mg&sig=Cg0ArKJSzCY8zUfGAoSGEAE&cid=CAQSKQDq26N9Jp7cqFVVXvka2UkTFHu1snRGiu0xg5euhcpIazf-GQFgs_-xGAEgEw&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=2180255949&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1672326422518&rpt=936&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Dec 2022 15:07:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame CCEB 0
0 140ms
139ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221207&jk=60883554846238&bg=!XV6lXhrNAAYgquz3AKo7ACkAdvg8Wi4Xn1LJ6eLds1j0qyd9NAxILbEAdVYaul8DQjdzjrLhR3y-tgIAAABJUgAAAANoAQcKABSFFwiB5pskGr083of4qOrqdTkFLpkC-VySLSiFJqSvIvztyA71xJydsOvmhgA_7af4CJlkrgBCPjNQb_t-V06Vwx4HZXYZszlTArJaoLhqFMGw2mDbg8kRemwFpL8sgeN8Q5KwvUUpEn2VGVZ_K7-o1NrbydGFc686fBSNMSIPdiGfjaTysVh36j56aAzueO_9Jfx7zov5o_9hNZhkf6YPJ-1YdE0s8YKkwp0MzMjOxOlUs6n1ihUkK3KjboXY-a3J8JN-OXWYzk6PO0YEI_MDuq7XWOWhzzzXyym5pzJqmea77Rt-GHqb-ZqVU_njcTT95MWObTMn_flTSiD3Y-lKgHKn6zk3PFnKXMS0u3w0UOY643Bd9haZnPm6RuCbW3DE0FrJTcA9PkS5HooTds5iPu4GN0GQgvPzN8UCibhHVqNh4UlC8OOrV7iig4qdMQf56a02hwLXCQBLak926weHBLHiWrn62bxu_PA8-06QrRAuWHSIS89uL4PWv56FTwHJcTVDqyBM3Jxr1Nx1QuVUXV61KJxQpi73K6RUz5bXqS_y0XX_W2fshQQQy18KBuXDdhTQFqwq78N_W3c0cHTO_ete0QoTlsgIjWD41RqiedaXrOpAkpacPszTHNb_6FjLU1jktvz0wi49Dlvd2vjej7pGCQlVPX5ZsrPvIDp2karJYR__HgCicVEVI4VOBBRqFA7bxwyrT4oftPWo37QDVdaKis3N-tAK4HVPcJtORdy9x04lwEDvP6bRWRLjr3FlTxh1RYk9CMXQr2olrfjC0vG_AkCWDYT6yJeczKcO0mzNDGhSwgCIQqz6ZDwXhvsfdfqXn4lNls8gC0-sGVZxmddrA_WWK9xZQFisaatCCjKKOgYcs1SSqgFe-3dJrcpNwwKUMM9ukrrRwRUonnSKAWAdi1qaPI5kImlxx-k6o0-1CUY3xt9UGUFF6KJhiSQmUYTeaRxKCZU9E0-s8qs2dg32rvCJqlAEduISw9XR_czh8o3GcuTzf7ue8_crb18ni6mNTGMZfL1hI8XjKtzu
Requested by: Host: reurl.cc
URL: https://reurl.cc/qZ40Kn
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 83ms
33ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Thu, 29 Dec 2022 15:07:04 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 365518
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 72ms
28ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Thu, 29 Dec 2022 15:07:03 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 482371
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame 4E9B 714 B
777 B 34ms
34ms Document
text/html 2606:4700:20::681a:567
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials: true
age: 1703
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 78137179ec740e18-AMS
content-encoding: br
content-type: text/html
date: Thu, 29 Dec 2022 15:07:04 GMT
last-modified: Wed, 09 Feb 2022 05:59:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xTuzeSE0CndPKpRtoMNdDjgzU98SudonvLOHMlBQEkqNLAfsiIw0mTRmC%2BR8c9%2Bpoldu4qUvMn2ZPpy1xFzdvzxSuDHRgqGCyjgTTvi4JGJ3X2z5lCGrVnLEQenP%2F%2BSoaTB1o%2FR2sJEzURJP8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK idsync
sync.aralego.com/ Frame AA80 35 B
384 B 305ms
102ms Image
image/gif 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by: Host: reurl.cc
URL: https://reurl.cc/qZ40Kn
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Bethesda, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 29 Dec 2022 15:07:04 GMT
Connection: close
Content-Length: 35
Content-Type: image/gif

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 4E9B 81 KB
28 KB 209ms
94ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba04d9149fd9414e3530b5134190c2e8f16bca99be4ba3ffe171d2ebf0648baa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27666
x-xss-protection: 0
server: sffe
etag: "1435 / 568 of 1000 / last-modified: 1670587582"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 29 Dec 2022 15:07:04 GMT

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 7DBC 99 KB
33 KB 101ms
100ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: ads.aralego.com
URL: https://ads.aralego.com/sdk

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85af9b5533607d8501e13ab56f5e21717f9c9dcb23a954a2c0a4f4df0dbadc07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34210
x-xss-protection: 0
server: cafe
etag: 1453895729559529455
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 29 Dec 2022 15:07:04 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212080101/ Frame 7DBC 355 KB
117 KB 96ms
96ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=reurl.cc&bust=31071277

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6226ea3189eb0559a3567bdf9a4b57f4dacebeddabbcc452eb43350e70cd318a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119726
x-xss-protection: 0
server: cafe
etag: 15204428895887304476
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 29 Dec 2022 15:07:04 GMT

GET
H3 200 pubads_impl_2022120601.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 4E9B 381 KB
129 KB 141ms
47ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

949ef00ce71e069fc69a6b829771726245072e18e56b264c536837c459b3febf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 11:47:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 98373
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132161
x-xss-protection: 0
last-modified: Tue, 06 Dec 2022 09:39:55 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 28 Dec 2023 11:47:32 GMT

GET
H3 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 7DBC 12 B
53 B 195ms
71ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=reurl.cc&callback=_gfp_s_&client=ca-pub-4485239425924787&cookie=ID%3D956afb26acd50ecc-222a26cc6eda009a%3AT%3D1672326422%3ART%3D1672326422%3AS%3DALNI_MbvqunRxbTqqiSdbVeT7Yo416Mfng&gpic=UID%3D00000b99a2005972%3AT%3D1672326422%3ART%3D1672326422%3AS%3DALNI_Ma11g0YI01SIT6M2qrI_NOq6umI9A&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=reurl.cc&bust=31071277

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.nl/adsid/ Frame 7DBC 107 B
122 B 163ms
69ms Script
application/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=reurl.cc

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 7DBC 107 B
122 B 111ms
45ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=reurl.cc

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1149 71 KB
27 KB 511ms
408ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2648653007&pi=t.ma~as.2784%2F13801&w=300&lmt=1672326424&url=https%3A%2F%2Freurl.cc%2FqZ40Kn&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672326424768&bpp=12&bdt=463&idt=205&shv=r20221207&mjsv=m202212080101&ptt=5&saldr=sa&cookie=ID%3D956afb26acd50ecc-222a26cc6eda009a%3AT%3D1672326422%3ART%3D1672326422%3AS%3DALNI_MbvqunRxbTqqiSdbVeT7Yo416Mfng&gpic=UID%3D00000b99a2005972%3AT%3D1672326422%3ART%3D1672326422%3AS%3DALNI_Ma11g0YI01SIT6M2qrI_NOq6umI9A&correlator=1326261119059&frm=23&ife=1&pv=1&ga_vid=1999424911.1672326420&ga_sid=1672326425&ga_hid=561235373&ga_fc=1&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=108&biw=1600&bih=1200&isw=300&ish=250&ifk=671361513&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C31071277%2C44780792&oid=2&pvsid=3853356421769777&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.173jsu6rlxjc&fsb=1&dtd=225

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

07e5bab83f22081319638fb9244d5ec74c1eda75a6ed984e73101b0f4b37137d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 27214
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 29 Dec 2022 15:07:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.nl/adsid/ Frame 4E9B 107 B
122 B 68ms
67ms Script
application/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=cdn.aralego.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 4E9B 107 B
122 B 41ms
41ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 4E9B 492 B
263 B 117ms
116ms XHR
text/plain 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4319023506121319&correlator=4363519503829062&eid=31070872%2C31071256&output=ldjh&gdfp_req=1&vrg=2022120601&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1672326425199&lmt=1644386353&dlt=1672326424649&idt=527&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=d0zypidqc32e&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=5&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Freurl.cc%2F&top=https%3A%2F%2Freurl.cc%2F&frm=8&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=781836999.1672326425&ga_sid=1672326425&ga_hid=1272867845&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d55237f052f3a0d721d13d560fef05a73e255af6ec27b8d7a69193120de9bbb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:05 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 234
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cdn.aralego.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
a5c41a1a4d13c25ad37323867579fa52.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 998E 6 KB
3 KB 351ms
79ms Document
text/html 2a00:1450:400d:807::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://a5c41a1a4d13c25ad37323867579fa52.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 29 Dec 2022 15:07:05 GMT
expires: Fri, 29 Dec 2023 15:07:05 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 85ms
30ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-N394QBRGC0&gtm=2oebu0&_p=1369788673&cid=1999424911.1672326420&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1672326420&sct=1&seg=0&dl=https%3A%2F%2Freurl.cc%2FqZ40Kn&dt=Home&en=scroll&epn.percent_scrolled=90&_et=14
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Dec 2022 15:07:05 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 1149 6 KB
672 B 162ms
41ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2648653007&pi=t.ma~as.2784%2F13801&w=300&lmt=1672326424&url=https%3A%2F%2Freurl.cc%2FqZ40Kn&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672326424768&bpp=12&bdt=463&idt=205&shv=r20221207&mjsv=m202212080101&ptt=5&saldr=sa&cookie=ID%3D956afb26acd50ecc-222a26cc6eda009a%3AT%3D1672326422%3ART%3D1672326422%3AS%3DALNI_MbvqunRxbTqqiSdbVeT7Yo416Mfng&gpic=UID%3D00000b99a2005972%3AT%3D1672326422%3ART%3D1672326422%3AS%3DALNI_Ma11g0YI01SIT6M2qrI_NOq6umI9A&correlator=1326261119059&frm=23&ife=1&pv=1&ga_vid=1999424911.1672326420&ga_sid=1672326425&ga_hid=561235373&ga_fc=1&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=108&biw=1600&bih=1200&isw=300&ish=250&ifk=671361513&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C31071277%2C44780792&oid=2&pvsid=3853356421769777&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.173jsu6rlxjc&fsb=1&dtd=225

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 29 Dec 2022 15:07:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 29 Dec 2022 14:54:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 29 Dec 2022 15:07:05 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 1149 2 KB
765 B 33ms
31ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2648653007&pi=t.ma~as.2784%2F13801&w=300&lmt=1672326424&url=https%3A%2F%2Freurl.cc%2FqZ40Kn&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672326424768&bpp=12&bdt=463&idt=205&shv=r20221207&mjsv=m202212080101&ptt=5&saldr=sa&cookie=ID%3D956afb26acd50ecc-222a26cc6eda009a%3AT%3D1672326422%3ART%3D1672326422%3AS%3DALNI_MbvqunRxbTqqiSdbVeT7Yo416Mfng&gpic=UID%3D00000b99a2005972%3AT%3D1672326422%3ART%3D1672326422%3AS%3DALNI_Ma11g0YI01SIT6M2qrI_NOq6umI9A&correlator=1326261119059&frm=23&ife=1&pv=1&ga_vid=1999424911.1672326420&ga_sid=1672326425&ga_hid=561235373&ga_fc=1&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=108&biw=1600&bih=1200&isw=300&ish=250&ifk=671361513&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C31071277%2C44780792&oid=2&pvsid=3853356421769777&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.173jsu6rlxjc&fsb=1&dtd=225

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 11:30:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12966
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 12 Jan 2023 11:30:59 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 1149 23 KB
9 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2648653007&pi=t.ma~as.2784%2F13801&w=300&lmt=1672326424&url=https%3A%2F%2Freurl.cc%2FqZ40Kn&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672326424768&bpp=12&bdt=463&idt=205&shv=r20221207&mjsv=m202212080101&ptt=5&saldr=sa&cookie=ID%3D956afb26acd50ecc-222a26cc6eda009a%3AT%3D1672326422%3ART%3D1672326422%3AS%3DALNI_MbvqunRxbTqqiSdbVeT7Yo416Mfng&gpic=UID%3D00000b99a2005972%3AT%3D1672326422%3ART%3D1672326422%3AS%3DALNI_Ma11g0YI01SIT6M2qrI_NOq6umI9A&correlator=1326261119059&frm=23&ife=1&pv=1&ga_vid=1999424911.1672326420&ga_sid=1672326425&ga_hid=561235373&ga_fc=1&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=108&biw=1600&bih=1200&isw=300&ish=250&ifk=671361513&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C31071277%2C44780792&oid=2&pvsid=3853356421769777&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.173jsu6rlxjc&fsb=1&dtd=225

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 11:30:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12966
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 12 Jan 2023 11:30:59 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 1149 3 KB
1 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2648653007&pi=t.ma~as.2784%2F13801&w=300&lmt=1672326424&url=https%3A%2F%2Freurl.cc%2FqZ40Kn&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672326424768&bpp=12&bdt=463&idt=205&shv=r20221207&mjsv=m202212080101&ptt=5&saldr=sa&cookie=ID%3D956afb26acd50ecc-222a26cc6eda009a%3AT%3D1672326422%3ART%3D1672326422%3AS%3DALNI_MbvqunRxbTqqiSdbVeT7Yo416Mfng&gpic=UID%3D00000b99a2005972%3AT%3D1672326422%3ART%3D1672326422%3AS%3DALNI_Ma11g0YI01SIT6M2qrI_NOq6umI9A&correlator=1326261119059&frm=23&ife=1&pv=1&ga_vid=1999424911.1672326420&ga_sid=1672326425&ga_hid=561235373&ga_fc=1&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=108&biw=1600&bih=1200&isw=300&ish=250&ifk=671361513&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C31071277%2C44780792&oid=2&pvsid=3853356421769777&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.173jsu6rlxjc&fsb=1&dtd=225

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 14:58:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 514
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 12 Jan 2023 14:58:31 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 1149 18 KB
7 KB 34ms
32ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2648653007&pi=t.ma~as.2784%2F13801&w=300&lmt=1672326424&url=https%3A%2F%2Freurl.cc%2FqZ40Kn&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672326424768&bpp=12&bdt=463&idt=205&shv=r20221207&mjsv=m202212080101&ptt=5&saldr=sa&cookie=ID%3D956afb26acd50ecc-222a26cc6eda009a%3AT%3D1672326422%3ART%3D1672326422%3AS%3DALNI_MbvqunRxbTqqiSdbVeT7Yo416Mfng&gpic=UID%3D00000b99a2005972%3AT%3D1672326422%3ART%3D1672326422%3AS%3DALNI_Ma11g0YI01SIT6M2qrI_NOq6umI9A&correlator=1326261119059&frm=23&ife=1&pv=1&ga_vid=1999424911.1672326420&ga_sid=1672326425&ga_hid=561235373&ga_fc=1&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=108&biw=1600&bih=1200&isw=300&ish=250&ifk=671361513&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C31071277%2C44780792&oid=2&pvsid=3853356421769777&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.173jsu6rlxjc&fsb=1&dtd=225

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 11:30:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12966
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 12 Jan 2023 11:30:59 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 1149 0
0 41ms
39ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSGGCWNfdQkrRJf4bfAzP1Nl_xLgbXNoQ6ZQQFPWQwlKACB_6AazaRSs8jxWTZB7aC_k8FrEqvNRbitK_1ithNYChA64g
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2648653007&pi=t.ma~as.2784%2F13801&w=300&lmt=1672326424&url=https%3A%2F%2Freurl.cc%2FqZ40Kn&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672326424768&bpp=12&bdt=463&idt=205&shv=r20221207&mjsv=m202212080101&ptt=5&saldr=sa&cookie=ID%3D956afb26acd50ecc-222a26cc6eda009a%3AT%3D1672326422%3ART%3D1672326422%3AS%3DALNI_MbvqunRxbTqqiSdbVeT7Yo416Mfng&gpic=UID%3D00000b99a2005972%3AT%3D1672326422%3ART%3D1672326422%3AS%3DALNI_Ma11g0YI01SIT6M2qrI_NOq6umI9A&correlator=1326261119059&frm=23&ife=1&pv=1&ga_vid=1999424911.1672326420&ga_sid=1672326425&ga_hid=561235373&ga_fc=1&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=108&biw=1600&bih=1200&isw=300&ish=250&ifk=671361513&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C31071277%2C44780792&oid=2&pvsid=3853356421769777&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.173jsu6rlxjc&fsb=1&dtd=225
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1149 0
0

GET
H3 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame 1149 34 KB
14 KB 158ms
35ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2648653007&pi=t.ma~as.2784%2F13801&w=300&lmt=1672326424&url=https%3A%2F%2Freurl.cc%2FqZ40Kn&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672326424768&bpp=12&bdt=463&idt=205&shv=r20221207&mjsv=m202212080101&ptt=5&saldr=sa&cookie=ID%3D956afb26acd50ecc-222a26cc6eda009a%3AT%3D1672326422%3ART%3D1672326422%3AS%3DALNI_MbvqunRxbTqqiSdbVeT7Yo416Mfng&gpic=UID%3D00000b99a2005972%3AT%3D1672326422%3ART%3D1672326422%3AS%3DALNI_Ma11g0YI01SIT6M2qrI_NOq6umI9A&correlator=1326261119059&frm=23&ife=1&pv=1&ga_vid=1999424911.1672326420&ga_sid=1672326425&ga_hid=561235373&ga_fc=1&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=108&biw=1600&bih=1200&isw=300&ish=250&ifk=671361513&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C31071277%2C44780792&oid=2&pvsid=3853356421769777&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.173jsu6rlxjc&fsb=1&dtd=225

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 24 Dec 2022 09:05:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 453675
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 24 Mar 2023 09:05:50 GMT

GET
H3 200 2076313506083323656
tpc.googlesyndication.com/simgad/5386650050588434465/ Frame 1149 26 KB
26 KB 35ms
34ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5386650050588434465/2076313506083323656

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2648653007&pi=t.ma~as.2784%2F13801&w=300&lmt=1672326424&url=https%3A%2F%2Freurl.cc%2FqZ40Kn&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672326424768&bpp=12&bdt=463&idt=205&shv=r20221207&mjsv=m202212080101&ptt=5&saldr=sa&cookie=ID%3D956afb26acd50ecc-222a26cc6eda009a%3AT%3D1672326422%3ART%3D1672326422%3AS%3DALNI_MbvqunRxbTqqiSdbVeT7Yo416Mfng&gpic=UID%3D00000b99a2005972%3AT%3D1672326422%3ART%3D1672326422%3AS%3DALNI_Ma11g0YI01SIT6M2qrI_NOq6umI9A&correlator=1326261119059&frm=23&ife=1&pv=1&ga_vid=1999424911.1672326420&ga_sid=1672326425&ga_hid=561235373&ga_fc=1&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=108&biw=1600&bih=1200&isw=300&ish=250&ifk=671361513&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C31071277%2C44780792&oid=2&pvsid=3853356421769777&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.173jsu6rlxjc&fsb=1&dtd=225

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a838b263df97f506af232263564c469eb7c0bf79ace476d169e13389bfbcf7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 14:31:29 GMT
x-content-type-options: nosniff
age: 2136
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27050
x-xss-protection: 0
last-modified: Fri, 23 Dec 2022 12:07:27 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 29 Dec 2023 14:31:29 GMT

GET
DATA 200
OK truncated
/ Frame 1149 220 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 751cfc16e569a67f18a9869662a4684cb591aeb36733cd22ea161a8fe3f5c5dd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 4E9B 14 KB
11 KB 81ms
81ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ce60ae495908c64dd6e421b3df90fb00b9f721e852adf644ec512abb3475a7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11116
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3DDE 1 KB
643 B 33ms
33ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2648653007&pi=t.ma~as.2784%2F13801&w=300&lmt=1672326424&url=https%3A%2F%2Freurl.cc%2FqZ40Kn&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672326424768&bpp=12&bdt=463&idt=205&shv=r20221207&mjsv=m202212080101&ptt=5&saldr=sa&cookie=ID%3D956afb26acd50ecc-222a26cc6eda009a%3AT%3D1672326422%3ART%3D1672326422%3AS%3DALNI_MbvqunRxbTqqiSdbVeT7Yo416Mfng&gpic=UID%3D00000b99a2005972%3AT%3D1672326422%3ART%3D1672326422%3AS%3DALNI_Ma11g0YI01SIT6M2qrI_NOq6umI9A&correlator=1326261119059&frm=23&ife=1&pv=1&ga_vid=1999424911.1672326420&ga_sid=1672326425&ga_hid=561235373&ga_fc=1&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=108&biw=1600&bih=1200&isw=300&ish=250&ifk=671361513&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C31071277%2C44780792&oid=2&pvsid=3853356421769777&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.173jsu6rlxjc&fsb=1&dtd=225

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 11985
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 29 Dec 2022 11:47:20 GMT
etag: 48472445140208031
expires: Fri, 30 Dec 2022 11:47:20 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 1149 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e999f9b37bb91bcaa28726529cb8f3fa5995c80cc994ca19d7845a74e464bb75

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame 3DDE 35 B
463 B 112ms
33ms Image
image/gif 2620:116:800d:21:5ed4:8d5d:fed7:f5ef

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGzb1jx6jNOClTnFLBQBjFk&google_cver=1&google_push=AavPq0MMY-xq8bJDa8PpJ60a_6RcO9VnlwYxLc1FKVcHyFk4cFHfClN9Q0Z1hV7GKzgy_0N8HFiHNAgZaDvtHBGo8NqHnLDXb5_l

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2648653007&pi=t.ma~as.2784%2F13801&w=300&lmt=1672326424&url=https%3A%2F%2Freurl.cc%2FqZ40Kn&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672326424768&bpp=12&bdt=463&idt=205&shv=r20221207&mjsv=m202212080101&ptt=5&saldr=sa&cookie=ID%3D956afb26acd50ecc-222a26cc6eda009a%3AT%3D1672326422%3ART%3D1672326422%3AS%3DALNI_MbvqunRxbTqqiSdbVeT7Yo416Mfng&gpic=UID%3D00000b99a2005972%3AT%3D1672326422%3ART%3D1672326422%3AS%3DALNI_Ma11g0YI01SIT6M2qrI_NOq6umI9A&correlator=1326261119059&frm=23&ife=1&pv=1&ga_vid=1999424911.1672326420&ga_sid=1672326425&ga_hid=561235373&ga_fc=1&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=108&biw=1600&bih=1200&isw=300&ish=250&ifk=671361513&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C31071277%2C44780792&oid=2&pvsid=3853356421769777&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.173jsu6rlxjc&fsb=1&dtd=225

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5ed4:8d5d:fed7:f5ef -, , ASN (),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Dec 2022 15:07:05 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 3DDE 70 B
265 B 138ms
44ms Image
image/gif 52.223.40.198

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEJph-m7mx1vH6m8tW0TleTw&google_cver=1&google_push=AavPq0NF5mPgBqQWOnGi99gjMYnt77s2xW7aNm9VCtP8WWSuVAUbkS45qaJdUU5swCLVY6hKksxQGE7x73J9GUkjCDQro2Oqf0xx
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2648653007&pi=t.ma~as.2784%2F13801&w=300&lmt=1672326424&url=https%3A%2F%2Freurl.cc%2FqZ40Kn&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672326424768&bpp=12&bdt=463&idt=205&shv=r20221207&mjsv=m202212080101&ptt=5&saldr=sa&cookie=ID%3D956afb26acd50ecc-222a26cc6eda009a%3AT%3D1672326422%3ART%3D1672326422%3AS%3DALNI_MbvqunRxbTqqiSdbVeT7Yo416Mfng&gpic=UID%3D00000b99a2005972%3AT%3D1672326422%3ART%3D1672326422%3AS%3DALNI_Ma11g0YI01SIT6M2qrI_NOq6umI9A&correlator=1326261119059&frm=23&ife=1&pv=1&ga_vid=1999424911.1672326420&ga_sid=1672326425&ga_hid=561235373&ga_fc=1&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=108&biw=1600&bih=1200&isw=300&ish=250&ifk=671361513&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C31071277%2C44780792&oid=2&pvsid=3853356421769777&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.173jsu6rlxjc&fsb=1&dtd=225
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 29 Dec 2022 15:07:05 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3DDE
Redirect Chain

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESENcOacYgdVrGQnWJtAPIzVg&google_cver=1&google_push=AavPq0PrZIRhtxMcmfNasMCKqEeD6P0eF1AH_rY7cv-Rf-gYSMmXqEEiwZPEphO6104vuesInARZTwyP8Spgfg...
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AavPq0PrZIRhtxMcmfNasMCKqEeD6P0eF1AH_rY7cv-Rf-gYSMmXqEEiwZPEphO6104vuesInARZTwyP8SpgfglXUJa-8eE6dYtL&google_hm=hmOtrRcqSx8fOrzRn...

170 B
188 B

72ms
72ms

Image
image/png

142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AavPq0PrZIRhtxMcmfNasMCKqEeD6P0eF1AH_rY7cv-Rf-gYSMmXqEEiwZPEphO6104vuesInARZTwyP8SpgfglXUJa-8eE6dYtL&google_hm=hmOtrRcqSx8fOrzRnw&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D63ADAD172A4B1F1F3ABCD19FBLIS

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2648653007&pi=t.ma~as.2784%2F13801&w=300&lmt=1672326424&url=https%3A%2F%2Freurl.cc%2FqZ40Kn&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672326424768&bpp=12&bdt=463&idt=205&shv=r20221207&mjsv=m202212080101&ptt=5&saldr=sa&cookie=ID%3D956afb26acd50ecc-222a26cc6eda009a%3AT%3D1672326422%3ART%3D1672326422%3AS%3DALNI_MbvqunRxbTqqiSdbVeT7Yo416Mfng&gpic=UID%3D00000b99a2005972%3AT%3D1672326422%3ART%3D1672326422%3AS%3DALNI_Ma11g0YI01SIT6M2qrI_NOq6umI9A&correlator=1326261119059&frm=23&ife=1&pv=1&ga_vid=1999424911.1672326420&ga_sid=1672326425&ga_hid=561235373&ga_fc=1&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=108&biw=1600&bih=1200&isw=300&ish=250&ifk=671361513&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C31071277%2C44780792&oid=2&pvsid=3853356421769777&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.173jsu6rlxjc&fsb=1&dtd=225

Protocol

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Dec 2022 15:07:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AavPq0PrZIRhtxMcmfNasMCKqEeD6P0eF1AH_rY7cv-Rf-gYSMmXqEEiwZPEphO6104vuesInARZTwyP8SpgfglXUJa-8eE6dYtL&google_hm=hmOtrRcqSx8fOrzRnw&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D63ADAD172A4B1F1F3ABCD19FBLIS
date: Thu, 29 Dec 2022 15:07:05 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3DDE
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEINH13g2Fk0Wo8BW4QoLgXs&google_cver=1&google_push=AavPq0OBGMoST022brC2mbwcxTXt9PxEPKgMKDCKHkIW92ywBDTVgH3ivTPCSX6WKckOyiIWfB0BAfs6W9jYdk3-x_CLuZk...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0OBGMoST022brC2mbwcxTXt9PxEPKgMKDCKHkIW92ywBDTVgH3ivTPCSX6WKckOyiIWfB0BAfs6W9jYdk3-x_CLuZkVfVQ&google_hm=eS13UXRrU1FKRTJwSFAuSzQ...

170 B
188 B

71ms
71ms

Image
image/png

142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0OBGMoST022brC2mbwcxTXt9PxEPKgMKDCKHkIW92ywBDTVgH3ivTPCSX6WKckOyiIWfB0BAfs6W9jYdk3-x_CLuZkVfVQ&google_hm=eS13UXRrU1FKRTJwSFAuSzQ4ZGRscmQ4cEhMWnNlY0hlVH5B

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2648653007&pi=t.ma~as.2784%2F13801&w=300&lmt=1672326424&url=https%3A%2F%2Freurl.cc%2FqZ40Kn&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672326424768&bpp=12&bdt=463&idt=205&shv=r20221207&mjsv=m202212080101&ptt=5&saldr=sa&cookie=ID%3D956afb26acd50ecc-222a26cc6eda009a%3AT%3D1672326422%3ART%3D1672326422%3AS%3DALNI_MbvqunRxbTqqiSdbVeT7Yo416Mfng&gpic=UID%3D00000b99a2005972%3AT%3D1672326422%3ART%3D1672326422%3AS%3DALNI_Ma11g0YI01SIT6M2qrI_NOq6umI9A&correlator=1326261119059&frm=23&ife=1&pv=1&ga_vid=1999424911.1672326420&ga_sid=1672326425&ga_hid=561235373&ga_fc=1&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=108&biw=1600&bih=1200&isw=300&ish=250&ifk=671361513&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C31071277%2C44780792&oid=2&pvsid=3853356421769777&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.173jsu6rlxjc&fsb=1&dtd=225

Protocol

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Dec 2022 15:07:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 29 Dec 2022 15:07:05 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0OBGMoST022brC2mbwcxTXt9PxEPKgMKDCKHkIW92ywBDTVgH3ivTPCSX6WKckOyiIWfB0BAfs6W9jYdk3-x_CLuZkVfVQ&google_hm=eS13UXRrU1FKRTJwSFAuSzQ4ZGRscmQ4cEhMWnNlY0hlVH5B
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 3DDE 0
12 B 71ms
70ms Image
text/html 142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LhPRuDxpdgOSuwEPRxlo1K4BgnuWe-LZzaRqrBbT8tcvzkbJDd

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2648653007&pi=t.ma~as.2784%2F13801&w=300&lmt=1672326424&url=https%3A%2F%2Freurl.cc%2FqZ40Kn&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672326424768&bpp=12&bdt=463&idt=205&shv=r20221207&mjsv=m202212080101&ptt=5&saldr=sa&cookie=ID%3D956afb26acd50ecc-222a26cc6eda009a%3AT%3D1672326422%3ART%3D1672326422%3AS%3DALNI_MbvqunRxbTqqiSdbVeT7Yo416Mfng&gpic=UID%3D00000b99a2005972%3AT%3D1672326422%3ART%3D1672326422%3AS%3DALNI_Ma11g0YI01SIT6M2qrI_NOq6umI9A&correlator=1326261119059&frm=23&ife=1&pv=1&ga_vid=1999424911.1672326420&ga_sid=1672326425&ga_hid=561235373&ga_fc=1&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=108&biw=1600&bih=1200&isw=300&ish=250&ifk=671361513&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C31071277%2C44780792&oid=2&pvsid=3853356421769777&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.173jsu6rlxjc&fsb=1&dtd=225

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:05 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 4E9B 17 KB
6 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 29 Dec 2022 15:07:05 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C15E 13 KB
5 KB 33ms
32ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 2232
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 29 Dec 2022 14:29:53 GMT
expires: Fri, 29 Dec 2023 14:29:53 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame AA23 783 B
535 B 47ms
45ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3a88ec49a2ad935012ec9aecffe0ceb0f6a5b325de0f23d52f997231cba3e5a3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-EtDlkrOPhweZ31JBzMMT9Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-EtDlkrOPhweZ31JBzMMT9Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 29 Dec 2022 15:07:05 GMT
expires: Thu, 29 Dec 2022 15:07:05 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js Show response
pagead2.googlesyndication.com/bg/ Frame C15E 36 KB
16 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd6a4d39482b37efe9c55c363401d536da1f7abff0e9a2dbdd91d718700ce386

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 18:15:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 161502
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16071
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Dec 2023 18:15:23 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame AA23 0
0 134ms
133ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022120601&jk=4319023506121319&rc=
Requested by: Host: reurl.cc
URL: https://reurl.cc/qZ40Kn
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C15E 0
10 B 35ms
35ms Image
text/plain 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?u7GBIw
Requested by: Host: reurl.cc
URL: https://reurl.cc/qZ40Kn
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:07:05 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4E9B 0
0 142ms
141ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022120601&jk=4319023506121319&bg=!-fql-r7NAAYgquz3AKo7ACkAdvg8WlJeXjxxkQfXhmtCg2dh2XuIZ3yP8ax6IlQ_g3Pf-L_1xfppJAIAAABhUgAAAARoAQeZAzdMDkvO03FOg_kmasYiFKEBqTpT70jOGXUpiwHVTXiV6Ym3TURS-N2xTcKIuFQD-6fx2v_JtN9kgz0-LB1Lk2uW86jDpXHcmYwSeV0PiymHGR4l2qekNX6X8fkdDHpvamzq6zbJxPC3yMNHMQi6fdQlvxhDQXKlONhaDNGCS2RP5Yqtda-0OrSWxHdRBGZ1w_JCvqy49LY7C-Dunl0W5mNZj9B2D1eM_AuI1wiArFH8vn4ivIi8q7UMkijj7kJADZ2dGsKFtA5fZeun80CoDMCNCwcJnLP_f7QxYFK5cpbPPM-M1H8xbcfMQV5d65sLV4wLMuYEWPfFMXH-HFRAArKoKR1vAzCZDFVo04vEAgCtOCUh72xSv21mfOnF2BEDqTrMfBNsmZmtC3ktn9MsAiT29B8lPlai_5Hds9FVWqmP_-FGWVjSO1FUX5KtiKfjzpfmakzBTgZGM-wBRdCJOUYQoEVh7hYnBNTlMa30RcR3NDNGnHZ1hxlJDtehMiMMyEZODqAIBe6pt5_P1K1iXmI_Y7vwKfnsyNvVvnthtLa3yaeOXvfky2ZL3YZ-D1yGfftNqS4QNDQg7vEaU0e6rrra875Zd7yIUcrfVo7aT0jrOtVwIeTLlCjQQKgwoX4vabjfBScsAlB8_voeRbo6BrXon-LyPoAKn4lIi1Ayxv9ztpsc0PazH0YGO4nfcpUM6WQxMstBEHqOtPeKh4nE58ZIVuPvsS0HThaEc_zY6RgWa0iEmYbHUVIux2p9havGsTm_oaftUQj4dlSjpQsUWzIP4oD1XXLDUm_EE7JYXN9Ghe8ZjanMuP-iFkc5NFawEQl1VVkgBplW5NzP_l72TG0uQ8bTQUQuREaBP_lUit-0926DmktQVhL0LC8gxZbRpVLM_vK5QVNGxasf8Uer3x7H5BO4o87BxJQCNF7MIQIljI_9F8KwBBltLrnlMetStGyL76kDOoENQDxVn1f9MWB64STqyh6gzR-gltXc1F71_EdCl70DpyjVYr3IPSJLPqCnpBVed0ROzeuUBfqm0FZfBSqsvMPe6Aaf2An3SdaGnGpeWtJRF6ez1yIZadkQkeF8R5aa5Uwp
Requested by: Host: reurl.cc
URL: https://reurl.cc/qZ40Kn
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.facebook.com
URL: https://www.facebook.com/platform/plugin/tab/renderer/?key=timeline&config_json=%7B%22app_id%22%3A%22776730922422337%22%2C%22href%22%3A%22https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F%22%2C%22width%22%3A340%2C%22height%22%3A500%2C%22has_cta%22%3Atrue%2C%22has_small_header%22%3Afalse%2C%22has_adapt_container_width%22%3Atrue%2C%22has_cover%22%3Atrue%2C%22has_posts%22%3Afalse%2C%22tabs%22%3A%22timeline%22%2C%22can_personalize%22%3Afalse%2C%22is_xfbml%22%3Afalse%2C%22referer_uri%22%3A%22https%3A%2F%2Freurl.cc%2F%22%7D&fb_dtsg_ag&__user=0&__a=1&__dyn=7xeUmxa13xu1syUbAihwRwqo98nwgU5Gex-ewSwMwNw8OdwJwvE3vx61cw9y0Ko2_CwjE3awbG782Cwooa85ufw5ZKdwnU14E9kbxS0oG3S0H8-0KU3mwkE5G0zE5W0HUvw4Jwp8Gdw46wbS1bwzwqo2Yw&__csr=&__req=2&__hs=19355.BP%3Aplugin_default_pkg.2.0.0.0.0&dpr=1&__ccg=EXCELLENT&__rev=1006773139&__s=%3A%3A1v4il9&__hsi=7182587282311382324&__comet_req=0&__sp=1

Domain: www.facebook.com
URL: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FCreditCards.com.tw%252F%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId

Domain: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

46 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ya.mba/	1969-12-31 23:59:59	Name: _csrf Value: ET9jVbfcrNtaPZeDljWQivHI
.reurl.cc/	1970-01-20 10:41:42	Name: _fbp Value: fb.1.1672326420217.1473722305
.reurl.cc/	1970-01-20 18:08:06	Name: _ga_N394QBRGC0 Value: GS1.1.1672326420.1.0.1672326420.0.0.0
.reurl.cc/	1970-01-20 18:08:06	Name: _ga Value: GA1.1.1999424911.1672326420
reurl.cc/	1970-01-20 09:15:18	Name: CFFPCKUUID Value: 4330-miw3nKpsMAgVM7pzHomV2J6IiR1F9EVW
.reurl.cc/	1970-01-20 09:15:18	Name: CFFPCKUUIDMAIN Value: 5540-abc9mAzY8Rbgg4LCSMfJE95SGYtUcRr1
.holmesmind.com/	1970-01-20 18:08:06	Name: P Value: 937034-Unb0oh93L7EQLdTpPuoA9mZ0MIYHt8PO
.holmesmind.com/	1970-01-20 08:53:13	Name: Vision Value: 20221229-23:59,20221230-02,20221230-02,20221229-23:59
.holmesmind.com/	1970-01-20 08:53:13	Name: C Value: null
.holmesmind.com/	1970-01-20 10:57:04	Name: RK Value: null
.prnasia.com/	1970-01-20 08:32:08	Name: __cf_bm Value: wc0XZl..SZAnXg0oG_V9tK9qrONZY3gGSQL.jf_uT6Y-1672326420-0-Af3/TCFiiyTrzut1H7aKsoLNKkgIB2CUaLaC0N6ryr6xiAXLKU2GqkqWr8y72vzb0IpVpgSga9/hEQXtNMGLVNg=
.reurl.cc/	1970-01-20 08:32:10	Name: _ht_em Value: 1
.hinet.net/	1970-01-20 18:08:06	Name: uuid Value: 4ef255ad-cf1a-49d5-907a-ec3b6da91e67
.reurl.cc/	1970-01-20 08:33:32	Name: _ht_a546ca Value: 1
.reurl.cc/	1970-01-20 08:33:32	Name: _ht_50ef57 Value: 1
.c.appier.net/	1970-01-20 17:17:42	Name: _auid Value: tuOyO1fUA1CwGkS8Fq2tYw
.criteo.com/	1970-01-20 17:53:42	Name: uid Value: b69eb876-3703-4cb3-8b4d-809dd9abca17
.scupio.com/	1970-01-20 08:42:11	Name: fxc Value: 1
.reurl.cc/	1970-01-20 17:53:42	Name: __gads Value: ID=956afb26acd50ecc-222a26cc6eda009a:T=1672326422:RT=1672326422:S=ALNI_MbvqunRxbTqqiSdbVeT7Yo416Mfng
.reurl.cc/	1970-01-20 17:53:42	Name: __gpi Value: UID=00000b99a2005972:T=1672326422:RT=1672326422:S=ALNI_Ma11g0YI01SIT6M2qrI_NOq6umI9A
.scupio.com/	1970-01-20 17:17:42	Name: OrgKeyValue Value: CJA20221229230702664784
.scupio.com/	1970-01-20 17:17:42	Name: gx Value: H4sIAJYdrmMA%2fxNmYGDg4uY48u7rz%2b53W6wFWIVYOOwFmABE8xTAFwAAAA%3d%3d
.holmesmind.com/	1970-01-20 08:53:13	Name: R Value: null
.holmesmind.com/	1970-01-20 10:57:04	Name: G Value: we3u7ZGJymKY5J47cKd8kQ==
.holmesmind.com/	1970-01-20 18:08:06	Name: d Value: /jHzqDFxfoBZ4WTyQK3MPaD5j7NQOgUkv1Txfycvr2ReudB2dm6t0KDrpHJuqax6WjAFQ16PJy71RxDiXPBzgA==
.aralego.com/	1970-01-20 17:17:42	Name: gdpr Value: 1
.aralego.com/	1970-01-20 17:17:42	Name: sspid Value: 901ac3e7-a71e-37aa-ada1-3ee41fe0e9d5
.doubleclick.net/	1970-01-20 17:53:42	Name: IDE Value: AHWqTUkly-XBA03xN5JiJ7mSQEzKU8txCK-5v0HllJqehM3LOMe7U15KAyoAP9IY5Q4
.reurl.cc/	1970-01-20 08:33:32	Name: _ht_hi Value: 1
.adnxs.com/	1970-01-20 10:41:42	Name: uuid2 Value: 1906469066867572646
.turn.com/	1970-01-20 12:51:18	Name: uid Value: 7097434693888192559
.lijit.com/	1970-01-20 17:17:42	Name: ljt_reader Value: F5crqGZH9L9NMoy6SFSJKWXr
.360yield.com/	1970-01-20 10:41:42	Name: tuuid Value: 4e3a8b47-cc2f-4472-93f2-deba1f023a2a
.360yield.com/	1970-01-20 10:41:42	Name: tuuid_lu Value: 1672326423
.blismedia.com/	1970-01-20 17:17:46	Name: b Value: 63ADAD172A4B1F1F3ABCD19FBLIS
.bidswitch.net/	1970-01-20 17:17:42	Name: tuuid Value: 1716a159-0bd1-48ae-b639-7cb1beacb08e
.bidswitch.net/	1970-01-20 17:17:42	Name: c Value: 1672326423
.bidswitch.net/	1970-01-20 17:17:42	Name: tuuid_lu Value: 1672326423
.casalemedia.com/	1970-01-20 17:17:42	Name: CMID Value: Y62tFyZWJkbbBaIwt.m3xAAA
.casalemedia.com/	1970-01-20 10:41:42	Name: CMPS Value: 1127
.casalemedia.com/	1970-01-20 10:41:42	Name: CMPRO Value: 1127
.reurl.cc/	1970-01-20 17:17:42	Name: __htid Value: 4ef255ad-cf1a-49d5-907a-ec3b6da91e67
.casalemedia.com/	1970-01-20 10:41:42	Name: CMTS Value: 3372
ads.avct.cloud/	1970-01-20 17:17:42	Name: uuid Value: b4b9ebb7-c814-4572-9c05-ba902f3553d6
.scupio.com/	1970-01-20 08:42:11	Name: gxc Value: 1
.aralego.com/	1970-01-20 17:17:42	Name: euconsent-v2 Value:

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4ef255ad-cf1a-49d5-907a-ec3b6da91e67.t.ssp.hinet.net
77782381-65c7-46c9-99c3-0831e89b8f3b.t.ssp.hinet.net
a5c41a1a4d13c25ad37323867579fa52.safeframe.googlesyndication.com
ad.holmesmind.com
ad.sitemaji.com
ad.turn.com
ad2.apx.appier.net
adcdn.holmesmind.com
ads.aralego.com
ads.avct.cloud
adservice.google.com
adservice.google.nl
ajax.googleapis.com
ap.lijit.com
bidder.criteo.com
blog.alphaloan.co
bw.scupio.com
c.holmesmind.com
cdn.aralego.net
cdn.holmesmind.com
cdn.jsdelivr.net
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
creditcards.com.tw
eus.rubiconproject.com
fcm.holmesmind.com
fonts.googleapis.com
fonts.gstatic.com
gocm.c.appier.net
googleads.g.doubleclick.net
gum.criteo.com
hb.aralego.com
i0.wp.com
img.gbyhn.com.tw
img.racingcharger.tw
img.scupio.com
m.holmesmind.com
match.360yield.com
match.adsrvr.org
mma.prnasia.com
mug.criteo.com
pagead2.googlesyndication.com
partner.googleadservices.com
pr-bh.ybp.yahoo.com
prebid-asia.creativecdn.com
prebid.cht.hinet.net
prebid.scupio.com
r.turn.com
rec.scupio.com
region1.google-analytics.com
reurl.cc
scontent.xx.fbcdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static.criteo.net
static.wixstatic.com
static.xx.fbcdn.net
storage.re-news.tw
sync.aralego.com
t.ssp.hinet.net
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
www.facebook.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.rayskyinvest.com
x.bidswitch.net
ya.mba
www.facebook.com
www.googletagservices.com
103.132.192.30
104.18.33.19
13.32.110.109
142.250.201.194
162.210.196.208
172.105.203.31
178.250.2.146
185.89.210.141
188.114.97.12
192.0.77.2
192.0.78.236
192.0.78.244
192.96.203.13
2.19.35.65
2001:4860:4802:32::36
2001:678:cb4:bbbb::11
203.75.213.62
203.75.214.136
210.59.219.175
210.59.219.180
210.59.219.181
23.37.42.132
2600:9000:2057:8c00:3:1794:2540:93a1
2600:9000:206f:f400:0:e06c:e940:93a1
2606:4700:20::681a:567
2606:4700::6810:5514
2606:4700::6810:fc04
2620:116:800d:21:5ed4:8d5d:fed7:f5ef
2a00:1450:4001:801::200a
2a00:1450:4001:802::2001
2a00:1450:4001:809::2003
2a00:1450:4001:810::200a
2a00:1450:4001:813::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2003
2a00:1450:400d:802::2002
2a00:1450:400d:802::2008
2a00:1450:400d:807::2001
2a00:1450:400d:80d::2002
2a02:2638:1::13
2a02:2638:1::1a
2a02:2638:1::3
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a05:d018:d29:3601:4379:fd12:b154:f230
2a06:98c1:3120::c
2a06:98c1:3121::9
3.76.140.5
34.102.176.152
34.95.67.231
34.96.105.8
34.96.119.68
35.158.31.44
35.185.130.121
35.186.215.140
35.197.227.153
35.201.76.93
35.227.249.156
35.244.196.223
52.196.193.254
52.223.40.198
54.229.65.185
69.173.144.138
72.251.249.13
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
06b4fcf0c85b5bdedb3840a5697e089f15dfaf17a6b9b366ba8331f9ea54e4d4
07e5bab83f22081319638fb9244d5ec74c1eda75a6ed984e73101b0f4b37137d
08bd4dabba430e39f74aa9770bfafa097db6326d0d5593e841d7f2d4a801dad2
0b7c985fafda17e8085fb6ba1cc58444ae9aad39a3f721a627db9e64d4491cea
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0dbdba4e3ae519ca99e112e64fc41409518bc3356804b0a52116c4d88def2774
0ff1c28a66f03badb7fe166d9663fe373a86ece548599bc9a3a4587a7a552a6b
1021a963cfc952ef8008a6fe86bd144cb8386a5c96e20002cf9539fa51ced0bb
18bde83594a1ac0625022ccd5b99af4d2b17f989aef1ede4016a1349af84b992
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
1a09169fedb1e9b2084fac12c7f3ec2dfd0d53abcf6093a63cc691500976c3b3
1b5b366aef37ff6657c0221ad14c1be77ec87c03fe1a1afa541c2093e05ccfbf
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1d33e7a8a23c1fc4d5387ac8f94f3d23f32150ea835e6b782d5c49c504e9d2be
204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce
22d4fe7a41e1b5ac442faeccace387a6e59c4f056bc35b71f1b65cf42e7a6721
26bebb3041ca9f054a20a3622385eaf9f8aa7a61b2fac7026111c9ebced41848
275a99b4824087581bc2e38dde8d940b6617b0cde76ac6b304999602fceb810b
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c
2cd3dd86a10bed2c8cbfd3ddf70c234670f352fb4490599b152385509a1da420
3050a5556edc5876cd83e63f15e56fe19cb428129345a58d1f57687414504698
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31f2f76d99d19fe98a0917f2b785a37c683b85fae29d66dd476ffa84c9a999fb
341a2ff921508a96f44c4dd3b43440a85959be50a757c6863408ef81c18e65b9
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6
372a3186cdfa2b7a80c939a0496851ab0519c9b8cb656609fb902168ee053a8b
374c2c567041b925eb2af81bab7b999323a0f5ac2f005803553249df65d4cdba
389b91144853a1a80fad740f12a1404d1643762544449957f4f3f83a0dae6407
3a88ec49a2ad935012ec9aecffe0ceb0f6a5b325de0f23d52f997231cba3e5a3
3b4403121cd7f1e22c72999fb10c655254a89ca81febd0ced8a9c42b054bd8e8
3e50f293387564c263be501922cbc3241720dd251b9dd876bcbd10f9c27b6189
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
404e4f726776c8a46185207c115a86efe16f2d5ca85804f785e1d50c64db932a
42319f941cd9da4e2937e856dbb573f3fa9fb05e6784a5fb3761f7b8c91ac724
45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb
4636fb9df5ae103fbad3764c9f98400be1c9384cbe77fdb6951b96adcac788b1
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4a838b263df97f506af232263564c469eb7c0bf79ace476d169e13389bfbcf7e
4b06980648ee7011ca5d3988309804aa1eb731109fd36596e8496409168a3022
4c3f492cf836384f71365a96245f91f1f759eccc55459fd0cd27e553610f9ff4
4ce81ecccefb27ce0f347ef564114da2ba450a9e1d9a7260b4597e62b1f71a72
4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
516f98bd391d1736604bafabfc9b690637ad69aedeb6a9ce62f2138d40c43b68
52bb2d07b65ec544edeb2a33f4103397a28f036f0d100090f3e17e4364aea1fb
5394648ec6d57a0077c7c0b8fa3bb894a86d224088c201c433a21bc58fd079f9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9
571da35bdddda7ec4fccd594181c04e2c5db4285be67907abea45daad789ebf7
59181ea73f974d3e5bb731c6b26993a3500912a3febc5131e66f6d3999bd09f6
5c4e555f2cdb1d2c4bc4bd48cf25afb9944c1faed58be0725a8222e9fe2dd67e
5e6b64548a659799b21cada8e58a9fd1f53faf3208219c395c147194f7acbfe0
5f901005b7498892afa018a6777f8df63bb4bb67a7658abc3f78bb8f6941841d
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
60b60e33276403903eb7698874db345fd8b8cc458137803ea5a992ee1b76e47a
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6226ea3189eb0559a3567bdf9a4b57f4dacebeddabbcc452eb43350e70cd318a
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6adeab38deea553cfa8b1475105f346f34f7377789ebf2735c19702689f19d97
6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037
6dd824f4abdf23816168fe820e462bce815c27350a1f33650aa1b4154edbf544
7083ce4852a7799cf8b96dbb510285ae1648f7e18eef47437035924a16a13f49
70b009957abf3e7b797880a0a62477205041b07ccbf05cf69f2ecb049234a030
71c7f4b1cffa2a198205040fe1a997c5a89aea0a9be0cb2bf247c4a0759b9b58
749079c4e18ad34ac381e98d3fa23e070937ae17b73e27bb066eae5350ed667d
751cfc16e569a67f18a9869662a4684cb591aeb36733cd22ea161a8fe3f5c5dd
767ef04ea9ffdd0bc81756d2738945cf14dca7fdf7164879731b2e925159ffe0
7684143ee568b9ce13d69133030aa4077efd37eb289bac09d70ba9364f2ae93e
7a2db02963f2f12d0dd92de006ce4f55c77ab91d0d1296edf60beb58e56747d8
7b045d3f187912048870a1bad4ee888037b00a425ec117e5ae9c1575ede2c032
7bfaad9ea52eb81c6c2d16774a2800c33a170e8790f449f04e14630bf5796960
7ce60ae495908c64dd6e421b3df90fb00b9f721e852adf644ec512abb3475a7a
7d1b32ac68941e60bacfe0ab1c5eab749868a0278495eaf50a17da2c95b8f3e1
7e0085a77923b9e5a13ae8105a8e54337d44464f114e6d9c58a3c06a9cbcbc61
8290d97b04510b940ddca9f2aea802eaafb36fc7a8f52e4466ed2b77db35c632
85af9b5533607d8501e13ab56f5e21717f9c9dcb23a954a2c0a4f4df0dbadc07
85d64ff83275d7e066020878cb285acda6cf7879653dc3b7cfe372eaef006078
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
86f50126ec8550b0e0fee6731eee0dac01dcf47ee6fb41f15fbe50a73481e6a7
872fbc4a5df7cc6d142c84b3a5d728119b40b7b35806388adc51c0c565dfc682
87f31cded62015a1d11cce6be7a32b77405de2fb36f4b8a7c2c5a4ccabd6a403
8af4a7b3549631244df52a0d91b22ccfb355b2f10caab9fe9fa0b57a2beff473
8b95825e949e0d6c15b2cea8657756404426fe621d9c187dafb1c7b5133fad87
8ba002cdd5d6c9f704cfa76d774e7d2d50c4e7b9ec1d7247ad11268e91025e85
8c072638766e19e619b658fbbe0ff10a96fa3ad2a26994a318d16f67a2b8a5a2
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f6a6fda1fdc0a8a8ba1494660498fd978611bf1046409dd648cb7829716f5b5
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
945d55b8a31854bc8a79f65f29ed73240196ee90a5ef309d4768be02d885bcd0
949ef00ce71e069fc69a6b829771726245072e18e56b264c536837c459b3febf
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
97a8ac3778e546a6f181085011be6050889e44dd212ac3e9782389f0b853c23d
97e2c43cec6a899062fa577fa6ea91618ffdcd2d3d335ad82568fc5357ecee31
99ec1b27528b2883154fd166e11c3fa740d28609937a1a0287d95674ea99c2bc
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
9e0a8cc50507728bb58d0e6646b1562cb5e90647ccb172b28802c656c4af1d13
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a57ac745d7579527248477c81c2fba19a61b7f6e024ac12ba5002347b41e6254
a59554af95924e6774c0cfdccece993bbb0c88ef337d4d035ea4b5f6ff40af75
a7d191bed623cc23f3f1f4eb79369273e70606529389079267923f7a85c2b7f0
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a8f7ca7b82b9f70e083e3bb54d99f1c6717b892e53be065dbc39dcfd5c657ad9
a905fe71579087be2b4d01b456e84d2a73ed93828fa61fad27988e735c5d9f15
b6e0b608f4a44800d834b76aca0a943bb48d85dc8a85584f0dd5baea8a5a62dd
b73e6cb22f3ae22bcbe36217e226c082f813a2a8a7961644093d849bcbd30294
b855519c41df12dd59dbb1cdcc7fc09a2cc55a4e4737ca510cd38fb8dffc43ca
ba04d9149fd9414e3530b5134190c2e8f16bca99be4ba3ffe171d2ebf0648baa
bb7f6e1486453d58409d542e4822f5d950eea4a9465ba9fead09fcb2c8ebdae3
c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b
c14bf9e053b0b1a11a226f181bd3e533edf602b1a07199a51d6bd19bfdc6326a
c35a02e424f2c1e7cee1c4613c9926402cf204cb139bb68313306892639857fd
c50e8fc3906bba3c7568133086418064afc8886326bb130e25ba286d767458e9
c67c92403e57e7d689d10f3e6ede0781b6a106aa3e698470bf591d71da9aec75
cb26bd481d3c0d4dbef7d8cd161bee006cb383e246a544266830d21656288658
cb5c67ccd076f55e9436fb016a51b3c33f646751187a7e0053908ca5e265108b
cc37fba2e98f49c4d9551f72176d3aff72eacd798e5e85436837847e6b967c36
ceb3e134330633f08e1a0cf4219b6dbc47e4acf59e0a49d0e47ff96182e89d3e
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
d124f734f123591aefec637e2daa17db932469ab3009469109b15c35a9415dfb
d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795
d55237f052f3a0d721d13d560fef05a73e255af6ec27b8d7a69193120de9bbb6
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc
d604a45ee42c0e5018298e6c8ef96bbaa5cfab2781f4ff324eb088c45ab02526
d7fc505653c3573f9bccca93a33e2ed14bd8b4586bdeca9180225dab01f1bbbe
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
dc07d382f00a25c7cab4993b3675027b7ba9fdf978474e9611aadde6383d9a57
dca08fdaefe17d482d397a2c05ed26612b4b4092411100248ec61f5b32623bac
dcc1a07b4010220ed4ac6a2ee8fc69a56e3005dae98f0c26e09a8b52a2ceb1f5
dd0711a88a80fb18fd41a44c0ab57612e2e5291b9785fd487535fc179150e2c3
dd6a4d39482b37efe9c55c363401d536da1f7abff0e9a2dbdd91d718700ce386
ddd9d29beabaeecc9c76408242dfc2b76305ec52511992d3cfbc81a500ee0670
de22251de744ea11cc272908446d053d0a9012b7356ee1ba8b7561337d0f71fb
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e0e1c20c2b43f156e52a318090077f333099dfa88bcab94d37f9aea7a4f99728
e13547eec8879c9b576c2e06837303ad06ea15905d4eb075291ff21686a5b3da
e1a83eea95ed624c95feaeed2c32ed29a586b47db333ee6d7f92cc2342a68dd3
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d322d792b2ba71ffad3edb3d6aa45f835010de336118786f67fb96619ad227
e7ade59c5479aef85eb7908a254a6ce8a0554962f240e83d4e92ea07733f177a
e999f9b37bb91bcaa28726529cb8f3fa5995c80cc994ca19d7845a74e464bb75
ecfb75e22f818b951efebc894f3071187a0982c2921f7f5f894b9b5e8ca4351d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f13d5cccdee5742a69ce1d727428ae1e3064434cde08d1f18e03ba2c80621e85
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5efe2c9976adff2b5ac0fd36185e5fd53b03f2662bd7c8f8592bbb49ea78dac
f670c1ad9fafff4387b4474fda0e68b090c975ddc416cf9f2aa64f50e1a4077c
f6d5fa3bc05476a7bb9894788535fae58701600e82c3b7ec846943daeca25530
f89613498a52b70a80f9a6f876ad9d0d71fe5b1ede83ca52c2f0c08fa71a75da
f93df2735d94cf2ebfc2f07b0f8038e4c9e177d89e3e8b7cd1604e23c556f63b
fa3468ea422c09f79d2e84cea9903ca17acb7f9bb27fda0de35129893e55f6c7
fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818
fe1f19d5e575f15242f91fff59b0b3be586a586e2ac8ea192bafce4e4850eaa1

reurl.cc Open in urlscan Pro 35.185.130.121 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

305 Requests

90 %HTTPS

45 %IPv6

47 Domains

74 Subdomains

58 IPs

10 Countries

5104 kBTransfer

9484 kBSize

46 Cookies

20 Outgoing links

Page URL History

Redirected requests

305 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

reurl.cc Open in urlscan Pro
35.185.130.121 Public Scan

Screenshot
Live screenshot

Full Image

305
Requests

90 %
HTTPS

45 %
IPv6

47
Domains

74
Subdomains

58
IPs

10
Countries

5104 kB
Transfer

9484 kB
Size

46
Cookies

305 HTTP transactions
7 data transactions