urlscan.io logo urlscan.io
SecurityTrails logo

reurl.cc Open in urlscan Pro
35.185.130.121  Public Scan

Go To Rescan Add Verdict Report
URL: https://reurl.cc/KMYo2q
Submission: On April 27 via automatic, source phishtank — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 77 IPs in 11 countries across 59 domains to perform 404 HTTP transactions. The main IP is 35.185.130.121, located in Taipei, Taiwan and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is reurl.cc. The Cisco Umbrella rank of the primary domain is 273936.
TLS certificate: Issued by R3 on March 23rd 2023. Valid for: 3 months.
This is the only time reurl.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 35.185.130.121 396982 (GOOGLE-CL...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 151.101.129.55 54113 (FASTLY)
22 203.75.214.136 3462 (HINET Dat...)
1 2a00:1450:400... 15169 (GOOGLE)
1 35.186.215.140 15169 (GOOGLE)
28 65.9.95.63 16509 (AMAZON-02)
38 2600:9000:223... 16509 (AMAZON-02)
20 2a00:1450:400... 15169 (GOOGLE)
39 2a03:2880:f08... 32934 (FACEBOOK)
8 2a03:2880:f11... 32934 (FACEBOOK)
1 35.244.196.223 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 52.194.27.77 16509 (AMAZON-02)
4 54.92.30.56 16509 (AMAZON-02)
2 34.95.67.231 396982 (GOOGLE-CL...)
1 5 35.201.76.93 396982 (GOOGLE-CL...)
2 2001:4860:480... 15169 (GOOGLE)
4 203.69.60.97 3462 (HINET Dat...)
1 2a00:1450:400... 15169 (GOOGLE)
5 2600:9000:212... 16509 (AMAZON-02)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 192.0.78.187 2635 (AUTOMATTIC)
1 192.0.78.244 2635 (AUTOMATTIC)
1 35.185.136.122 396982 (GOOGLE-CL...)
1 35.227.194.51 15169 (GOOGLE)
1 34.102.176.152 396982 (GOOGLE-CL...)
1 192.0.77.2 2635 (AUTOMATTIC)
4 2a00:1450:400... 15169 (GOOGLE)
1 7 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
10 52.197.12.20 16509 (AMAZON-02)
9 2a02:2638:d::2 44788 (ASN-CRITE...)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
6 103.132.192.30 138552 (RTBHOUSE-...)
10 20 35.190.36.98 15169 (GOOGLE)
10 10 139.162.23.100 63949 (AKAMAI-LI...)
10 2a02:2638:d::a 44788 (ASN-CRITE...)
6 162.210.196.208 30633 (LEASEWEB-...)
6 210.59.219.181 3462 (HINET Dat...)
1 108.138.199.93 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 18.66.218.111 16509 (AMAZON-02)
2 6 203.69.60.96 3462 (HINET Dat...)
1 65.9.95.28 16509 (AMAZON-02)
24 2a00:1450:400... 15169 (GOOGLE)
7 20 172.217.23.98 15169 (GOOGLE)
1 35.227.249.156 15169 (GOOGLE)
1 22 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 13.32.99.40 16509 (AMAZON-02)
2 8 2a02:2638:3::c 44788 (ASN-CRITE...)
1 35.208.216.174 19527 (GOOGLE-2)
2 178.250.1.11 44788 (ASN-CRITE...)
5 2a00:1450:400... 15169 (GOOGLE)
2 142.250.184.226 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2 104.80.242.37 16625 (AKAMAI-AS)
4 23.37.42.132 16625 (AKAMAI-AS)
3 5 185.80.39.216 27381 (CASALE-MEDIA)
3 4 185.89.210.90 29990 (ASN-APPNEX)
1 2620:116:800d... 16509 (AMAZON-02)
2 2 18.156.42.225 16509 (AMAZON-02)
2 2 37.157.2.234 198622 (ADFORM)
1 1 2600:9000:226... 16509 (AMAZON-02)
3 3 63.35.200.177 16509 (AMAZON-02)
2 2 13.248.245.213 16509 (AMAZON-02)
2 2 3.75.62.37 16509 (AMAZON-02)
1 3 69.173.144.165 26667 (RUBICONPR...)
1 69.173.158.64 26667 (RUBICONPR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 15.197.193.217 16509 (AMAZON-02)
2 3 52.95.126.160 16509 (AMAZON-02)
1 3 69.173.144.139 26667 (RUBICONPR...)
1 1 3.120.143.228 16509 (AMAZON-02)
1 1 3.120.80.42 16509 (AMAZON-02)
1 184.73.158.115 14618 (AMAZON-AES)
1 192.132.33.46 18568 (BIDTELLECT)
3 2a00:1450:400... 15169 (GOOGLE)
1 2 2001:678:cb4:... 56396 (AMOBEE)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 35.190.0.66 15169 (GOOGLE)
2 2 198.47.127.19 62713 (AS-PUBMATIC)
1 185.86.138.150 201081 (SMARTADSE...)
404 77
6    35.185.130.121 (Taipei, Taiwan)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 121.130.185.35.bc.googleusercontent.com
reurl.cc
2    2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    151.101.129.55 (United States)

ASN54113 (FASTLY, US)
anymind360.com
22    203.75.214.136 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-75-214-136.hinet-ip.hinet.net
t.ssp.hinet.net
d6ae0804-609b-4b14-a7b6-2e4b7c3f7f2b.t.ssp.hinet.net
a86f2cc3-9398-4dd6-a403-606448c34b0d.t.ssp.hinet.net
1    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    35.186.215.140 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 140.215.186.35.bc.googleusercontent.com
ad.sitemaji.com
28    65.9.95.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-63.prg50.r.cloudfront.net
img.scupio.com
38    2600:9000:223c:4400:0:e06c:e940:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.holmesmind.com
20    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
39    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
static.xx.fbcdn.net
scontent.xx.fbcdn.net
8    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    35.244.196.223 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 223.196.244.35.bc.googleusercontent.com
storage.re-news.tw
3    2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    52.194.27.77 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-194-27-77.ap-northeast-1.compute.amazonaws.com
referer-log.holmesmind.com
4    54.92.30.56 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-92-30-56.ap-northeast-1.compute.amazonaws.com
cm-dev-poc.holmesmind.com
2    34.95.67.231 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 231.67.95.34.bc.googleusercontent.com
fcm.holmesmind.com
5    35.201.76.93 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 93.76.201.35.bc.googleusercontent.com
c.holmesmind.com
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
4    203.69.60.97 (New Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-69-60-97.hinet-ip.hinet.net
bw.scupio.com
1    2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
5    2600:9000:2127:ec00:3:1794:2540:93a1 (United States)

ASN16509 (AMAZON-02, US)
adcdn.holmesmind.com
1    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
img.gbyhn.com.tw
1    2606:4700::6810:fc04 (United States)

ASN13335 (CLOUDFLARENET, US)
mma.prnasia.com
1    192.0.78.187 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
blog.alphaloan.co
1    192.0.78.244 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
creditcards.com.tw
1    35.185.136.122 (Taipei, Taiwan)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 122.136.185.35.bc.googleusercontent.com
re-news.tw
1    35.227.194.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.194.227.35.bc.googleusercontent.com
www.rayskyinvest.com
1    34.102.176.152 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 152.176.102.34.bc.googleusercontent.com
static.wixstatic.com
1    192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i1.wp.com
i0.wp.com
4    2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
7    2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
10    52.197.12.20 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-197-12-20.ap-northeast-1.compute.amazonaws.com
ad.holmesmind.com
9    2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
4    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
6    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ac16f60e9de577bcec5657a5f1dd0157.safeframe.googlesyndication.com
f318be8a124f0324b795a16ac8d60d3c.safeframe.googlesyndication.com
7d00d2c38336bf5afab542272be5bb69.safeframe.googlesyndication.com
8f6bedd2e91f5340d99aed0251de98c7.safeframe.googlesyndication.com
6    103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net
prebid-asia.creativecdn.com
20    35.190.36.98 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 98.36.190.35.bc.googleusercontent.com
ad2.apx.appier.net
10    139.162.23.100 (Singapore)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li865-100.members.linode.com
gocm.c.appier.net
10    2a02:2638:d::a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
6    162.210.196.208 (Wilmington, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
hb.aralego.com
sync.aralego.com
6    210.59.219.181 (Taichung, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 210-59-219-181.hinet-ip.hinet.net
prebid.scupio.com
1    108.138.199.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-199-93.mxp64.r.cloudfront.net
cnt.trvdp.com
3    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    18.66.218.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-218-111.mxp63.r.cloudfront.net
go.trvdp.com
6    203.69.60.96 (New Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-69-60-96.hinet-ip.hinet.net
rec.scupio.com
1    65.9.95.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-28.prg50.r.cloudfront.net
stg.truvidplayer.com
24    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
20    172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net
cm.g.doubleclick.net
1    35.227.249.156 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 156.249.227.35.bc.googleusercontent.com
m.holmesmind.com
22    2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
4    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
googleads.g.doubleclick.net
1    13.32.99.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-40.fra60.r.cloudfront.net
s.trvdp.com
8    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    35.208.216.174 (Council Bluffs, United States)

ASN19527 (GOOGLE-2, US)
PTR: 174.216.208.35.bc.googleusercontent.com
rt.ad-score.com
2    178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
5    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
2    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
googleads4.g.doubleclick.net
1    2a00:1450:4001:808::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    104.80.242.37 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-80-242-37.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
4    23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
5    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
4    185.89.210.90 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
1    2620:116:800d:21:5ed4:8d5d:fed7:f5ef (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
2    18.156.42.225 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-42-225.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    37.157.2.234 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    2600:9000:2261:7e00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
3    63.35.200.177 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-200-177.eu-west-1.compute.amazonaws.com
match.360yield.com
2    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
2    3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
3    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    69.173.158.64 (Singapore)

ASN26667 (RUBICONPROJECT, US)
pixel-apac.rubiconproject.com
3    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
3    52.95.126.160 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
3    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    3.120.143.228 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-143-228.eu-central-1.compute.amazonaws.com
i.w55c.net
1    3.120.80.42 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-80-42.eu-central-1.compute.amazonaws.com
pm.w55c.net
1    184.73.158.115 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-184-73-158-115.compute-1.amazonaws.com
rtb.adentifi.com
1    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com
bttrack.com
3    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
www.gstatic.com
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
1    2a02:fa8:8806:12::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
2    2606:4700::6812:19ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
2    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    185.86.138.150 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
Apex Domain
Subdomains		 Transfer
67 holmesmind.com
cdn.holmesmind.com — Cisco Umbrella Rank: 135391
referer-log.holmesmind.com — Cisco Umbrella Rank: 136056
cm-dev-poc.holmesmind.com — Cisco Umbrella Rank: 128432
fcm.holmesmind.com — Cisco Umbrella Rank: 146640
c.holmesmind.com — Cisco Umbrella Rank: 113652
adcdn.holmesmind.com — Cisco Umbrella Rank: 132413
ad.holmesmind.com — Cisco Umbrella Rank: 100868
m.holmesmind.com — Cisco Umbrella Rank: 277004
372 KB
52 googlesyndication.com
ac16f60e9de577bcec5657a5f1dd0157.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 129
f318be8a124f0324b795a16ac8d60d3c.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 177
7d00d2c38336bf5afab542272be5bb69.safeframe.googlesyndication.com
8f6bedd2e91f5340d99aed0251de98c7.safeframe.googlesyndication.com
238 KB
45 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269
stats.g.doubleclick.net — Cisco Umbrella Rank: 166
cm.g.doubleclick.net — Cisco Umbrella Rank: 313
googleads.g.doubleclick.net — Cisco Umbrella Rank: 67
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 394
688 KB
44 scupio.com
img.scupio.com — Cisco Umbrella Rank: 69557
bw.scupio.com — Cisco Umbrella Rank: 152871
prebid.scupio.com — Cisco Umbrella Rank: 78504
rec.scupio.com — Cisco Umbrella Rank: 110323
495 KB
36 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 680
scontent.xx.fbcdn.net — Cisco Umbrella Rank: 266
596 KB
30 appier.net
ad2.apx.appier.net — Cisco Umbrella Rank: 43316
gocm.c.appier.net — Cisco Umbrella Rank: 3678
6 KB
22 hinet.net
t.ssp.hinet.net — Cisco Umbrella Rank: 73778
d6ae0804-609b-4b14-a7b6-2e4b7c3f7f2b.t.ssp.hinet.net
a86f2cc3-9398-4dd6-a403-606448c34b0d.t.ssp.hinet.net
25 KB
20 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 803
gum.criteo.com — Cisco Umbrella Rank: 442
mug.criteo.com — Cisco Umbrella Rank: 1686
18 KB
13 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1452
eus.rubiconproject.com — Cisco Umbrella Rank: 798
token.rubiconproject.com — Cisco Umbrella Rank: 795
pixel-apac.rubiconproject.com — Cisco Umbrella Rank: 39252
pixel.rubiconproject.com — Cisco Umbrella Rank: 447
24 KB
11 google.com
www.google.com — Cisco Umbrella Rank: 16
adservice.google.com — Cisco Umbrella Rank: 130
3 KB
9 criteo.net
static.criteo.net — Cisco Umbrella Rank: 763
231 KB
8 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
52 KB
7 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 607
fonts.googleapis.com — Cisco Umbrella Rank: 119
137 KB
6 aralego.com
hb.aralego.com — Cisco Umbrella Rank: 38357
sync.aralego.com — Cisco Umbrella Rank: 4618
2 KB
6 creativecdn.com
prebid-asia.creativecdn.com — Cisco Umbrella Rank: 17264
1 KB
6 reurl.cc
reurl.cc — Cisco Umbrella Rank: 273936
6 KB
5 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 876
4 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 322
110 KB
5 google.de
www.google.de — Cisco Umbrella Rank: 3425
adservice.google.de — Cisco Umbrella Rank: 5261
1 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 91
region1.google-analytics.com — Cisco Umbrella Rank: 1718
21 KB
4 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 319
4 KB
3 gstatic.com
fonts.gstatic.com
www.gstatic.com
45 KB
3 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 994
2 KB
3 360yield.com
match.360yield.com — Cisco Umbrella Rank: 3225
1 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 238
146 KB
3 trvdp.com
cnt.trvdp.com — Cisco Umbrella Rank: 51236
go.trvdp.com — Cisco Umbrella Rank: 36487
s.trvdp.com — Cisco Umbrella Rank: 36475
146 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 189
91 KB
2 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 1037
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 1248
s.tribalfusion.com — Cisco Umbrella Rank: 2774
1 KB
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 1341
r.turn.com — Cisco Umbrella Rank: 4617
869 B
2 w55c.net
i.w55c.net — Cisco Umbrella Rank: 3045
pm.w55c.net — Cisco Umbrella Rank: 1332
1 KB
2 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 402
799 B
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 535
950 B
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 908
1 KB
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 427
1 KB
2 re-news.tw
storage.re-news.tw
re-news.tw
32 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 474
57 KB
1 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1052
75 B
1 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 7904
556 B
1 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 4805
104 B
1 bttrack.com
bttrack.com — Cisco Umbrella Rank: 1329
163 B
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1948
35 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 451
265 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 1005
441 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1063
463 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 373
15 KB
1 ad-score.com
rt.ad-score.com — Cisco Umbrella Rank: 17718
717 B
1 truvidplayer.com
stg.truvidplayer.com — Cisco Umbrella Rank: 33113
2 KB
1 wp.com
i0.wp.com — Cisco Umbrella Rank: 4167
488 KB
1 wixstatic.com
static.wixstatic.com — Cisco Umbrella Rank: 6267
331 KB
1 rayskyinvest.com
www.rayskyinvest.com
31 KB
1 creditcards.com.tw
creditcards.com.tw
29 KB
1 alphaloan.co
blog.alphaloan.co
181 KB
1 prnasia.com
mma.prnasia.com — Cisco Umbrella Rank: 728512
12 KB
1 gbyhn.com.tw
img.gbyhn.com.tw
124 KB
1 sitemaji.com
ad.sitemaji.com — Cisco Umbrella Rank: 109579
6 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
81 KB
1 anymind360.com
anymind360.com — Cisco Umbrella Rank: 19093
31 KB
0 adotmob.com Failed
sync.adotmob.com Failed
404 59
Domain Requested by
38 cdn.holmesmind.com reurl.cc
cdn.holmesmind.com
ad.holmesmind.com
34 static.xx.fbcdn.net www.facebook.com
static.xx.fbcdn.net
28 img.scupio.com reurl.cc
img.scupio.com
rec.scupio.com
ajax.googleapis.com
24 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
reurl.cc
www.googletagservices.com
7d00d2c38336bf5afab542272be5bb69.safeframe.googlesyndication.com
8f6bedd2e91f5340d99aed0251de98c7.safeframe.googlesyndication.com
22 tpc.googlesyndication.com 1 redirects securepubads.g.doubleclick.net
tpc.googlesyndication.com
reurl.cc
7d00d2c38336bf5afab542272be5bb69.safeframe.googlesyndication.com
8f6bedd2e91f5340d99aed0251de98c7.safeframe.googlesyndication.com
20 cm.g.doubleclick.net 7 redirects googleads.g.doubleclick.net
reurl.cc
7d00d2c38336bf5afab542272be5bb69.safeframe.googlesyndication.com
eus.rubiconproject.com
8f6bedd2e91f5340d99aed0251de98c7.safeframe.googlesyndication.com
20 ad2.apx.appier.net 10 redirects reurl.cc
20 securepubads.g.doubleclick.net anymind360.com
securepubads.g.doubleclick.net
reurl.cc
www.googletagservices.com
20 t.ssp.hinet.net reurl.cc
cdn.holmesmind.com
t.ssp.hinet.net
10 bidder.criteo.com img.scupio.com
static.criteo.net
10 gocm.c.appier.net 10 redirects
10 ad.holmesmind.com cdn.holmesmind.com
img.scupio.com
reurl.cc
9 static.criteo.net cdn.holmesmind.com
reurl.cc
img.scupio.com
static.criteo.net
8 gum.criteo.com 2 redirects static.criteo.net
img.scupio.com
8 www.facebook.com reurl.cc
static.xx.fbcdn.net
img.scupio.com
7 www.google.com 1 redirects reurl.cc
tpc.googlesyndication.com
7d00d2c38336bf5afab542272be5bb69.safeframe.googlesyndication.com
6 rec.scupio.com 2 redirects img.scupio.com
ajax.googleapis.com
6 prebid.scupio.com img.scupio.com
cdn.holmesmind.com
6 prebid-asia.creativecdn.com cdn.holmesmind.com
img.scupio.com
6 reurl.cc reurl.cc
5 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 adcdn.holmesmind.com cdn.holmesmind.com
5 c.holmesmind.com 1 redirects cdn.holmesmind.com
reurl.cc
4 ib.adnxs.com 3 redirects googleads.g.doubleclick.net
4 sync.aralego.com img.scupio.com
reurl.cc
4 eus.rubiconproject.com reurl.cc
eus.rubiconproject.com
4 adservice.google.com securepubads.g.doubleclick.net
4 adservice.google.de securepubads.g.doubleclick.net
4 ajax.googleapis.com img.scupio.com
rec.scupio.com
4 bw.scupio.com img.scupio.com
ajax.googleapis.com
4 cm-dev-poc.holmesmind.com cdn.holmesmind.com
3 pixel.rubiconproject.com 1 redirects eus.rubiconproject.com
3 aax-eu.amazon-adsystem.com 2 redirects eus.rubiconproject.com
3 fonts.googleapis.com reurl.cc
8f6bedd2e91f5340d99aed0251de98c7.safeframe.googlesyndication.com
3 token.rubiconproject.com 1 redirects eus.rubiconproject.com
3 match.360yield.com 3 redirects
3 www.googletagservices.com securepubads.g.doubleclick.net
7d00d2c38336bf5afab542272be5bb69.safeframe.googlesyndication.com
8f6bedd2e91f5340d99aed0251de98c7.safeframe.googlesyndication.com
3 www.google-analytics.com reurl.cc
www.google-analytics.com
3 connect.facebook.net reurl.cc
connect.facebook.net
2 image6.pubmatic.com 2 redirects
2 8f6bedd2e91f5340d99aed0251de98c7.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 fonts.gstatic.com fonts.googleapis.com
2 ups.analytics.yahoo.com 2 redirects
2 eb2.3lift.com 2 redirects
2 c1.adform.net 2 redirects
2 x.bidswitch.net 2 redirects
2 secure-assets.rubiconproject.com 2 redirects
2 googleads4.g.doubleclick.net reurl.cc
2 googleads.g.doubleclick.net 7d00d2c38336bf5afab542272be5bb69.safeframe.googlesyndication.com
reurl.cc
2 mug.criteo.com reurl.cc
2 7d00d2c38336bf5afab542272be5bb69.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 hb.aralego.com img.scupio.com
2 scontent.xx.fbcdn.net www.facebook.com
2 region1.google-analytics.com www.googletagmanager.com
2 fcm.holmesmind.com cdn.holmesmind.com
2 referer-log.holmesmind.com cdn.holmesmind.com
2 cdn.jsdelivr.net reurl.cc
1 ssbsync.smartadserver.com 8f6bedd2e91f5340d99aed0251de98c7.safeframe.googlesyndication.com
1 ads.travelaudience.com 1 redirects
1 s.tribalfusion.com reurl.cc
1 a.tribalfusion.com 1 redirects
1 dclk-match.dotomi.com 8f6bedd2e91f5340d99aed0251de98c7.safeframe.googlesyndication.com
1 r.turn.com reurl.cc
1 ad.turn.com 1 redirects
1 www.gstatic.com 8f6bedd2e91f5340d99aed0251de98c7.safeframe.googlesyndication.com
1 bttrack.com eus.rubiconproject.com
1 rtb.adentifi.com eus.rubiconproject.com
1 pm.w55c.net 1 redirects
1 i.w55c.net 1 redirects
1 match.adsrvr.org eus.rubiconproject.com
1 pixel-apac.rubiconproject.com eus.rubiconproject.com
1 s.ad.smaato.net 1 redirects
1 cms.quantserve.com 7d00d2c38336bf5afab542272be5bb69.safeframe.googlesyndication.com
1 a86f2cc3-9398-4dd6-a403-606448c34b0d.t.ssp.hinet.net cdn.holmesmind.com
1 s0.2mdn.net 7d00d2c38336bf5afab542272be5bb69.safeframe.googlesyndication.com
1 rt.ad-score.com s.trvdp.com
1 s.trvdp.com go.trvdp.com
1 m.holmesmind.com cdn.holmesmind.com
1 f318be8a124f0324b795a16ac8d60d3c.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 stg.truvidplayer.com go.trvdp.com
1 d6ae0804-609b-4b14-a7b6-2e4b7c3f7f2b.t.ssp.hinet.net reurl.cc
1 go.trvdp.com cnt.trvdp.com
1 cnt.trvdp.com securepubads.g.doubleclick.net
1 ac16f60e9de577bcec5657a5f1dd0157.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 www.google.de reurl.cc
1 i0.wp.com reurl.cc
1 static.wixstatic.com reurl.cc
1 www.rayskyinvest.com reurl.cc
1 re-news.tw reurl.cc
1 creditcards.com.tw reurl.cc
1 blog.alphaloan.co reurl.cc
1 mma.prnasia.com reurl.cc
1 img.gbyhn.com.tw reurl.cc
1 stats.g.doubleclick.net www.google-analytics.com
1 storage.re-news.tw reurl.cc
1 ad.sitemaji.com reurl.cc
1 www.googletagmanager.com reurl.cc
1 anymind360.com reurl.cc
0 sync.adotmob.com Failed eus.rubiconproject.com
404 100

This site contains links to these domains. Also see Links.

Domain
re-news.tw
youtils.cc
stockinfo.tw
Subject Issuer Validity Valid
reurl.cc
R3		 2023-03-23 -
2023-06-21		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-02 -
2023-06-01		 a year crt.sh
anymind360.com
R3		 2023-02-27 -
2023-05-28		 3 months crt.sh
*.t.ssp.hinet.net
 2023-04-06 -
2024-04-06		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
feebee.com.tw
R3		 2023-02-28 -
2023-05-29		 3 months crt.sh
*.scupio.com
Sectigo RSA Organization Validation Secure Server CA		 2022-09-26 -
2023-10-27		 a year crt.sh
*.holmesmind.com
Go Daddy Secure Certificate Authority - G2		 2022-05-19 -
2023-06-20		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-02-04 -
2023-05-05		 3 months crt.sh
storage.re-news.tw
GTS CA 1D4		 2023-04-13 -
2023-07-12		 3 months crt.sh
*.gbyhn.com.tw
GTS CA 1P5		 2023-03-29 -
2023-06-27		 3 months crt.sh
*.prnasia.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-08 -
2023-12-08		 a year crt.sh
tls.automattic.com
R3		 2023-03-16 -
2023-06-14		 3 months crt.sh
re-news.tw
R3		 2023-03-01 -
2023-05-30		 3 months crt.sh
*.rayskyinvest.com
R3		 2023-03-09 -
2023-06-07		 3 months crt.sh
*.wixstatic.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-05 -
2023-09-01		 6 months crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA		 2022-11-14 -
2023-12-15		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-24 -
2023-06-18		 3 months crt.sh
*.google.de
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.creativecdn.com
RapidSSL TLS RSA CA G1		 2023-03-29 -
2024-04-28		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-09 -
2023-06-03		 3 months crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-19 -
2023-11-19		 a year crt.sh
*.trvdp.com
Amazon RSA 2048 M01		 2023-02-22 -
2023-09-23		 7 months crt.sh
*.truvidplayer.com
Amazon RSA 2048 M02		 2023-01-22 -
2024-02-20		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.ad-score.com
Go Daddy Secure Certificate Authority - G2		 2022-09-02 -
2023-10-04		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
adentifi.com
Amazon RSA 2048 M02		 2023-02-22 -
2023-09-03		 6 months crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2023-04-04 -
2024-04-21		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh

This page contains 49 frames:

Primary Page: https://reurl.cc/KMYo2q
Frame ID: CE8CF678A81AB30C5807EDF01688F51A
Requests: 56 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FCreditCards.com.tw%252F%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId
Frame ID: B36893B40C452A00AED09074F49E4B14
Requests: 45 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 74FAE92E30BDA41C654D080530AC782C
Requests: 6 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 0AF15C1E9AD84E832773E3DF50C49F2A
Requests: 9 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 27FAC045E558F4AECE0C5E7638195AC8
Requests: 27 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 9C2EF5D60DF1FA6AF2FCA77BF143076F
Requests: 8 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 69E9FB484BB11CE1936A2E054FD4522F
Requests: 23 HTTP requests in this frame

Frame: https://cm-dev-poc.holmesmind.com/fp
Frame ID: 78C4E3D6896BD77911B9F59CC91096F0
Requests: 1 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: 7110F58D492466622F1920151FA4E2C9
Requests: 1 HTTP requests in this frame

Frame: https://img.scupio.com/html/ad.html?v=1.0.67
Frame ID: 5EF62CA886CDD8524C292D2FE8706C0B
Requests: 16 HTTP requests in this frame

Frame: https://img.scupio.com/html/ad.html?v=1.0.67
Frame ID: CD850B5F24D4A448AD32224A23B82191
Requests: 16 HTTP requests in this frame

Frame: https://ac16f60e9de577bcec5657a5f1dd0157.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 34015521625E70CB9C0AFEDE7FBD9548
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvtOD2viitQzcY3wwW4HPgnuEQFFoVgkrRJIaL3bPsOAW7AAk-TPAPvcq5lehVKcL5Pe8AtXV55XcOfSqcUdMMRbn-OCdjqDF5R0l_ch7JR817QNmhVl2_6uXMAkFrtBZwOIT9GO1s4-1yyP3OhbFAKsEckBkoA6T1h4blgmrePrglSSdms4fPHk99x5Iu1hbokOw5K1eq-DSUSq3gN_tGv4uJtDao-DG4K1u8-169A6PUvgr58g8UOGgzg8ixteZNAVxDZTdIkuwWRuj9mcohw0OWKGOuRroPDha763oMQz23X5Z47xw6MaTahm_0ZURxlMfF8aV5tnTfLYZmH81vOXU4&sai=AMfl-YROvKk1E3BLtspQNC8aFH6kHtX3TL5xP7yZj6uiPvE75UT-uJG9wbtp75oIPBP8N3r6dulIDd5kExhDfAuEWlIUMnDfsczsXlCPXbJlMWaPmUCaIHF4Qx92Xk2MrRaqbjc6Qq6Y6xmUfAVW3wpP&sig=Cg0ArKJSzGyKjYsR5qQ5EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: A0416574D081C3FCFF52B6122DE44D3C
Requests: 6 HTTP requests in this frame

Frame: https://img.scupio.com/js/rec.js
Frame ID: 6DDAFB64AF78C4C684FCDEAC7B910CF4
Requests: 14 HTTP requests in this frame

Frame: https://img.scupio.com/js/rec.js
Frame ID: 4788BF74A1D86E286C24E4CF1627FEB8
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: F3603A9E15A0939199F25224AC601D17
Requests: 9 HTTP requests in this frame

Frame: https://f318be8a124f0324b795a16ac8d60d3c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Frame ID: 2A69E2944EC97C8946571328AB644A92
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 3EC0C81BB138877C701BFDC5905CC414
Requests: 9 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/init.js
Frame ID: C21E534B2E7F8D818802C7A8C8E4EF96
Requests: 3 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=7027-22066db3d61dfc0a43ce6367ef61134df557759b5b8912a8242ff7b92822e8d7
Frame ID: F5A38FF8270468D7106BAEA5FE0442C7
Requests: 8 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 3AAE4974DBE666CEE76F2B3AFF381B80
Requests: 18 HTTP requests in this frame

Frame: https://cm-dev-poc.holmesmind.com/fp?fp_uuid=null
Frame ID: 62908375681EC20EEB2D6335900BDA2E
Requests: 1 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: C6DDB703C4577FDE37C42559E950950B
Requests: 1 HTTP requests in this frame

Frame: https://7d00d2c38336bf5afab542272be5bb69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Frame ID: 1C64FF374985A6D06A2F3EC71B827C18
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6AB4FC32F15DC8328DE9B7C495425135
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 07185DF3C522BDB95293DDE8D39F925C
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: C4B10CA43A7A830091807586BBB070F5
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: D8D09AE9E2005EADECB295D41C539F67
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9BF37F41BC08019922960998F8845FBC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 398FCDE1673E50A2A018FB2D926284C3
Requests: 2 HTTP requests in this frame

Frame: https://7d00d2c38336bf5afab542272be5bb69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Frame ID: BE89259BCF82368FEA432618DEEB7C2F
Requests: 14 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012304132133000/amp4ads-v0.mjs
Frame ID: BC71511DC9206A16B81843D1F6D0B8DE
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGMqVxd0BMAE&v=APEucNXAOT449mXRlbMmYRAvIalc-BlAj9hWXEB2Es7XAk1-a_iEP-_-raVCGF3B9Pbe0uexqEfiiheRmEphQaPwbn1p9Qyr2lNnIAW0mEjK4G7yV14MkQZi824BuPUBDuzhOgPZVNhH7nP4BBX93e2NFzmWIcltuHEQ_LUJiqvtUcWpe8cxwr0
Frame ID: 282CDD19DE17EEDDC9EB979DBFB36645
Requests: 5 HTTP requests in this frame

Frame: https://img.scupio.com/html/ls.html
Frame ID: CA41527DA58096A06EF53583C5167A2C
Requests: 1 HTTP requests in this frame

Frame: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEJk92U4ilOdftlyJS53Hn18&google_cver=1&google_ula=3918219,0
Frame ID: 3630AD191999BD5B874A6F28CE2198C6
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Frame ID: CE0409957E37922AC2B04C490DE9FBAF
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: DE206EE4DB944E05A91CAA29B5B2280A
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0937F9B529AE4B4577F24036148F08CB
Requests: 3 HTTP requests in this frame

Frame: https://img.scupio.com/html/ls.html
Frame ID: C2E9E5A03B5D478E84EE3A661F43EA4A
Requests: 1 HTTP requests in this frame

Frame: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEJk92U4ilOdftlyJS53Hn18&google_cver=1&google_ula=3918219,0
Frame ID: 1D63D8E0FBFB41F5F8F3C03FB241EE98
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Frame ID: 10610D262CCFDE7B3F6F9DAE980F887F
Requests: 3 HTTP requests in this frame

Frame: https://img.scupio.com/html/ls.html?mid=52
Frame ID: 3922944E3EEF3F24A181CD41C4EBF49E
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 4EFC9B48DB5B6220D4A3CDAE2A9A4AA2
Requests: 9 HTTP requests in this frame

Frame: https://8f6bedd2e91f5340d99aed0251de98c7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=4
Frame ID: 541DF8AB610F3CA823A5391077FE4E54
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A3E65E3D788895CA9AAE9CB4CD1F570C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 60CE7048E739F2E9C970ACD574377DD4
Requests: 2 HTTP requests in this frame

Frame: https://8f6bedd2e91f5340d99aed0251de98c7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=4
Frame ID: 97EADA8301446ACA040435B9AFCD68E6
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: AA55BD3D6E48030EAF1EC9ADAB8D5A94
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js
Frame ID: 49B432AA734046838BB4D992BCA75990
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

BCN

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/vue(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /prebid\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • tracker\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

404
Requests

90 %
HTTPS

39 %
IPv6

59
Domains

100
Subdomains

77
IPs

11
Countries

4870 kB
Transfer

11357 kB
Size

62
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31
  • https://c.holmesmind.com/cm HTTP 302
  • https://c.holmesmind.com/cm?tc=getIn&
Request Chain 111
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=J7Zm3UDsAIqY08ZZltVKZA
Request Chain 112
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=f6tYcnlwAqCc97xJltVKZA
Request Chain 141
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=o2hmtOKsDri1faOVltVKZA
Request Chain 142
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=ek_mMZNtAsGm-IrYltVKZA
Request Chain 143
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=j5auO3l-Bq2sGAG1ltVKZA
Request Chain 148
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=v90sZwiOCECq-fYTltVKZA
Request Chain 149
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=cOI5rGroDVeVUi_hltVKZA
Request Chain 150
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=xBbtMsVkCe6ifkiOltVKZA
Request Chain 182
  • https://rec.scupio.com/recweb/js/rec.js HTTP 301
  • https://img.scupio.com/js/rec.js
Request Chain 194
  • https://rec.scupio.com/recweb/js/rec.js HTTP 301
  • https://img.scupio.com/js/rec.js
Request Chain 220
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=897456-mxkQcoQ0rlAljemzeJml6LhTETpuZvsL&uu_m=undefined HTTP 302
  • https://m.holmesmind.com/ml/google?cf_uid=897456-mxkQcoQ0rlAljemzeJml6LhTETpuZvsL&uu_m=undefined&google_gid=CAESEPM9G3KeO3QPVFHdQlLgZHQ&google_cver=1
Request Chain 239
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=j5auO3l-Bq2sGAG1ltVKZA
Request Chain 241
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=j5auO3l-Bq2sGAG1ltVKZA
Request Chain 268
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=54wN9nxsZWN0L2VxZmRFd0M1UDhVUWp3blVlV0M5N2lqN1hKeEFGbUFBNUZOSnRTRUUzMW0rSEVCUWdiUXhmc0loWFc3cEg3TnFjb3VIdmEwOEZmSWRpRUZkaUc5eXRhU2l2NkxXVldOY1k5dWY1dGEwRXhpOE5MZXVBN2pIYXZaN2FsRGE3VUpQcVRjbTB3bUtpdS8vRkt4QWtMb0dDVklDblFsZ3JyUkdPcTdoaWhEVE52NmF0djJPKzIreVhiaFM2aFhBb1hMNDlleUw3SE9oeGtaOVVEcEM2c1FBSGtZKzMrcGo3L01FT3pwZGJVMVdQemZ4NVZRWWZBRS84elhSWmFQRjNPbWhwVFlEeFlKVEdBdzJkMFM2bVVRUE9sdElsQ0piWmJKZGd3c2VxVT18&cppv=2
Request Chain 269
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=Oi_qM3xBdzdqYThhOGh2MHBzMmE1WW9yc3l5ZFdwS1NBTmdFVno0Zlgrd2ZHNy9uSllwcWF0M1VlVzVRK2ZPa0dFaWNmTmdjaklHcUhER2c2aWxwT1Q2cXdWWGw4Y0pOdnlnNENRZzdFVmhyVXB3ZitrSFd0cVArT0dEcS9RRm9KWXkrNU1kME9Pd0ptUUd0TE5Nd2tpVFFyamdweDc3MHQrVkFkZC83ZHhCK1p4L1BkUi95emVGUFo5ejV6ZDUvR1k5a1lOdU5iL1VtVkxvaUZFQlJvL2dFcUFWTnFPKzBVMkxOeWp6cFVKdnZqZERFdlcwWUZFTE4wNXhDT1VTSi9LNGRrV3huMFVLTTVvRzMyV00zUXI0ektyc3pUcm1hR1czWGNvajE2cXBEUFJjdz18&cppv=2
Request Chain 293
  • https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q1hBMjAyMzA0MjgwNDA1NDMxNzk3NTQ%3d&layout=js HTTP 302
  • https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEJk92U4ilOdftlyJS53Hn18&google_cver=1&google_ula=3918219,0
Request Chain 294
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Request Chain 303
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAeVKxLis4ztRuRGasJf1u8&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAeVKxLis4ztRuRGasJf1u8&google_cver=1&C=1
Request Chain 304
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZErVl7fw2PGaVbErJnemewAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAeVKxLis4ztRuRGasJf1u8&google_cver=1
Request Chain 305
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJSVCSLNY-usLFqf5JUqc3s&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEJSVCSLNY-usLFqf5JUqc3s%26google_cver%3D1
Request Chain 306
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODkyNjI1MDUzMzc1Nzk3MDQ2OA%3D%3D
Request Chain 308
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEPgZT_xSWKiU783YyeT8vW4&google_cver=1&google_push=ATf1kGOI5NtINBD8DJLh2H7sh2emy8cKerGrLkpRunfT6Fxu2jws7Fqlmx1q-oVY2heNHQQ6cAvpKdCzy6aNe2LEwpp4BnphQzmX HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEPgZT_xSWKiU783YyeT8vW4&google_cver=1&google_push=ATf1kGOI5NtINBD8DJLh2H7sh2emy8cKerGrLkpRunfT6Fxu2jws7Fqlmx1q-oVY2heNHQQ6cAvpKdCzy6aNe2LEwpp4BnphQzmX HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGOI5NtINBD8DJLh2H7sh2emy8cKerGrLkpRunfT6Fxu2jws7Fqlmx1q-oVY2heNHQQ6cAvpKdCzy6aNe2LEwpp4BnphQzmX&google_hm=1HpmcksIS62Ft4yCVa4duQ==
Request Chain 309
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESENO15XtSJaRNdSfvLnJNr5w&google_cver=1&google_push=ATf1kGN1R0Vt48HSjfD61wgD8-J9pZQrJKucPCx0LLXkqXFcb12fsZdj6xH5-jV9d2pZx0mPierw08QyV3e7I6y5EV4s_9GOb5Tl HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESENO15XtSJaRNdSfvLnJNr5w&google_cver=1&google_push=ATf1kGN1R0Vt48HSjfD61wgD8-J9pZQrJKucPCx0LLXkqXFcb12fsZdj6xH5-jV9d2pZx0mPierw08QyV3e7I6y5EV4s_9GOb5Tl HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzY4OTUxMjU1Nzg2MDI3NjQxMw&google_push=ATf1kGN1R0Vt48HSjfD61wgD8-J9pZQrJKucPCx0LLXkqXFcb12fsZdj6xH5-jV9d2pZx0mPierw08QyV3e7I6y5EV4s_9GOb5Tl
Request Chain 310
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEH0vyzKQFSffsCfQKC6xfRQ&google_cver=1&google_push=ATf1kGOWZwZ2BRmGv47JOURAqgbiCAJwJAeppA2jErfoiDKW-HsqZwMNKOEymtbhi3CZAsoi3UDmlI7MWXFsg8FNLrdMC6toX7H6 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGOWZwZ2BRmGv47JOURAqgbiCAJwJAeppA2jErfoiDKW-HsqZwMNKOEymtbhi3CZAsoi3UDmlI7MWXFsg8FNLrdMC6toX7H6
Request Chain 311
  • https://match.360yield.com/match/ebda?google_gid=CAESEGbWNVUXR5P4f7TfEqG9eiQ&google_cver=1&google_push=ATf1kGPEYYb52xHDDbPu_xpSW53NpYM7BW3I4ebZHw6X2ltnVD1aeLSG5pUcEHso-JHJhrYVzA_WNniV1G31mQX9AONNAuLt6TbV HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEGbWNVUXR5P4f7TfEqG9eiQ&google_cver=1&google_push=ATf1kGPEYYb52xHDDbPu_xpSW53NpYM7BW3I4ebZHw6X2ltnVD1aeLSG5pUcEHso-JHJhrYVzA_WNniV1G31mQX9AONNAuLt6TbV HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=VvqRmK0xTp6g04KNrsNQPA&google_push=ATf1kGPEYYb52xHDDbPu_xpSW53NpYM7BW3I4ebZHw6X2ltnVD1aeLSG5pUcEHso-JHJhrYVzA_WNniV1G31mQX9AONNAuLt6TbV
Request Chain 312
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEJrgCgVmjkt_Xm5LqGxt9AU&google_cver=1&google_push=ATf1kGOSTQUGSulip9VGftoM91Ew1q-8C_Nnnhp2FG34nO4Tx5utvUmMreBpvesUsqhb4hYWQkHeuMLdw7Vn-Xsjos1ryoeaR0gi HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=ATf1kGOSTQUGSulip9VGftoM91Ew1q-8C_Nnnhp2FG34nO4Tx5utvUmMreBpvesUsqhb4hYWQkHeuMLdw7Vn-Xsjos1ryoeaR0gi&google_gid=CAESEJrgCgVmjkt_Xm5LqGxt9AU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTA2MTQwMDc0ODgwMzczMDA0NDI2MQ%3D%3D&google_push=ATf1kGOSTQUGSulip9VGftoM91Ew1q-8C_Nnnhp2FG34nO4Tx5utvUmMreBpvesUsqhb4hYWQkHeuMLdw7Vn-Xsjos1ryoeaR0gi
Request Chain 313
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESENi55w4xs4Dkytd1jpDF_vA&google_cver=1&google_push=ATf1kGOKDZGrz8HCOMREKMMpgvaf8SCAMoXfd2tYFYlhdTpNXTlvSI6Qqq1ebVQAyJSAEWD8Q-HJW4fdxPVeHF_fR18ROdJERhk1DA HTTP 302
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESENi55w4xs4Dkytd1jpDF_vA&google_cver=1&google_push=ATf1kGOKDZGrz8HCOMREKMMpgvaf8SCAMoXfd2tYFYlhdTpNXTlvSI6Qqq1ebVQAyJSAEWD8Q-HJW4fdxPVeHF_fR18ROdJERhk1DA&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1peUswMGloRTJ1RVpSamtJZTF2bUtuNWhHV0ZWeFBPaH5B&google_push=ATf1kGOKDZGrz8HCOMREKMMpgvaf8SCAMoXfd2tYFYlhdTpNXTlvSI6Qqq1ebVQAyJSAEWD8Q-HJW4fdxPVeHF_fR18ROdJERhk1DA
Request Chain 318
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 320
  • https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q1ZBMjAyMzA0MjgwNDA1NDM4MTY2MTM%3d&layout=js HTTP 302
  • https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEJk92U4ilOdftlyJS53Hn18&google_cver=1&google_ula=3918219,0
Request Chain 321
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Request Chain 339
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=
Request Chain 341
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=vjGt5BJ9QlOBL192alwgVA&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=vjGt5BJ9QlOBL192alwgVA
Request Chain 344
  • https://i.w55c.net/ping_match.gif?ei=RUBICON&rurl=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4210%26nid%3D1523%26put%3D_wfivefivec_%26expires%3D30 HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=RUBICON&rurl=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4210%26nid%3D1523%26put%3D_wfivefivec_%26expires%3D30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4210&nid=1523&put=JOZ3f5MD1PS7S85&expires=30
Request Chain 387
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr3ZqF_gEQgAgYgAgyCFFyRh2Ouq9r HTTP 301
  • https://tpc.googlesyndication.com/simgad/624907996767536446
Request Chain 390
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEOYY_N1Mo9LANb2okL2m0xQ&google_cver=1&google_push=ATf1kGOVn-UCG5YHa4nRYoIhD9xhP3YfqbrD39XmuTyT1i9CPFhp4voYS-CVLIGKLY476S-aETCZBjUuX2cS_P6ijmoJnmFXUCqe9Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjM5NTA5ODI3ODc4ODcxNDAwNw==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOYY_N1Mo9LANb2okL2m0xQ&google_cver=1
Request Chain 392
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEJEHQKc-36XFq6fxAbmPcbQ&google_cver=1&google_push=ATf1kGMKrzcGXWyyBHCvzGaqUnaxk98rfku3UHUnXtas7bHA_AKfu6foxpwGRJQ8PsoTQfI26hhMG5G205doqQdCaLCZtjqV3trY3Q&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGMKrzcGXWyyBHCvzGaqUnaxk98rfku3UHUnXtas7bHA_AKfu6foxpwGRJQ8PsoTQfI26hhMG5G205doqQdCaLCZtjqV3trY3Q%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJEHQKc-36XFq6fxAbmPcbQ&google_cver=1&google_push=ATf1kGMKrzcGXWyyBHCvzGaqUnaxk98rfku3UHUnXtas7bHA_AKfu6foxpwGRJQ8PsoTQfI26hhMG5G205doqQdCaLCZtjqV3trY3Q&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGMKrzcGXWyyBHCvzGaqUnaxk98rfku3UHUnXtas7bHA_AKfu6foxpwGRJQ8PsoTQfI26hhMG5G205doqQdCaLCZtjqV3trY3Q%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 393
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEMVDNqXnzE8vxs-ubv3hO_E&google_cver=1&google_push=ATf1kGPxNPbbKFBDRLfSyf9HpLL28LEChZZiVBr0BR2a0tQMlE1w8N8VszuQe9UZur3tVSgZP3ah1FlW7aH7xdl3BGQL3SzPCqdVIw HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=lACR04XtR3mebTVoHunA3Q2&google_push=ATf1kGPxNPbbKFBDRLfSyf9HpLL28LEChZZiVBr0BR2a0tQMlE1w8N8VszuQe9UZur3tVSgZP3ah1FlW7aH7xdl3BGQL3SzPCqdVIw
Request Chain 394
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDGkEPPBgiWcswY4wbY19wA&google_cver=1&google_push=ATf1kGO7L4BG_9QQh2f74u8drB93Kv7Fb6PS_iLRvVnRU2F7DXk5T_Cqy8Movf-fXDjmOlV5U8C3ZGUSHAhVACJYKc1bOPEyvaMyQA HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDGkEPPBgiWcswY4wbY19wA&google_cver=1&google_push=ATf1kGO7L4BG_9QQh2f74u8drB93Kv7Fb6PS_iLRvVnRU2F7DXk5T_Cqy8Movf-fXDjmOlV5U8C3ZGUSHAhVACJYKc1bOPEyvaMyQA&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=72CHBDAzTTu3JxsabgDZ_w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGO7L4BG_9QQh2f74u8drB93Kv7Fb6PS_iLRvVnRU2F7DXk5T_Cqy8Movf-fXDjmOlV5U8C3ZGUSHAhVACJYKc1bOPEyvaMyQA
Request Chain 395
  • https://match.360yield.com/match/ebda?google_gid=CAESEGbWNVUXR5P4f7TfEqG9eiQ&google_cver=1&google_push=ATf1kGPRMR_ux2CqVaw2IXSPCiDZPItLiZN45sIvyw7t3LsAMB07Fd7SrjD-L8DsFvb2rf2RFp4gtVPLOEr_rJqi3qFiGpv0SqIrDQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=VvqRmK0xTp6g04KNrsNQPA&google_push=ATf1kGPRMR_ux2CqVaw2IXSPCiDZPItLiZN45sIvyw7t3LsAMB07Fd7SrjD-L8DsFvb2rf2RFp4gtVPLOEr_rJqi3qFiGpv0SqIrDQ

404 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request KMYo2q
reurl.cc/ 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/KMYo2q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
33179e1395b37a37fa60835c8a66765a9983934812d222f809bb525f2bf196e4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 27 Apr 2023 20:05:40 GMT
server
nginx/1.18.0 (Ubuntu)
target
https://pofneb.patiakvaryum.com/
vary
Accept-Encoding
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/ 		152 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/bootstrap.min.css
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
5571082
x-jsd-version
4.3.1
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230028-FRA, cache-yyz4557-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"2606e-bhA1SChFSJj9qA9V897LNH/Z7SE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gjUsMSDNPPJE6OlHyu15AMIt%2BbHDoYjVbMyehot%2FPzzJcuTtL93XhuyqGZCqJ4CWV5pzuQc3MYl0vx5FcbnOnYSuc27NAGX%2BHwU03CbYmcjEMETzc8mMndwEhJj%2BKwc1BJojW%2FKnM6O0cf52xZ0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
7be9ae7edb729bc5-FRA
style.css
reurl.cc/stylesheets/rwd/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/stylesheets/rwd/style.css?v=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
749079c4e18ad34ac381e98d3fa23e070937ae17b73e27bb066eae5350ed667d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/KMYo2q
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:40 GMT
content-encoding
gzip
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"63356adf-9f6"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
expires
Fri, 26 Apr 2024 20:05:40 GMT
ats.js
anymind360.com/js/9479/ 		124 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://anymind360.com/js/9479/ats.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.55 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
3d9a612f852ba9f3564e53516bcd21b0283341c3b3655c3f439f2e84bdc4faa2
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

expires
Thu, 27 Apr 2023 06:31:43 GMT
date
Thu, 27 Apr 2023 20:05:40 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=31557600
age
48836
x-guploader-uploadid
ADPycdulXtcXHk-kkJxPxf0Hpn5-KoBJmNuvpqHyeTWzA8zraDoCvKIr1O0wm8l6D7GqYWxz6jOucT6Tc4AUyDME2kW0tw
x-cache
HIT, HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
31540
x-served-by
cache-tyo11964-TYO, cache-fra-eddf8230093-FRA
last-modified
Thu, 20 Apr 2023 06:30:15 GMT
server
UploadServer
x-timer
S1682625940.339128,VS0,VE8
etag
"952e4c8d56156d3e3cc5e40a9b199ed2"
vary
Accept-Encoding
x-goog-generation
1681972215759031
x-goog-hash
crc32c=h0V3+Q==, md5=lS5MjVYVbT48xeQKmxme0g==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
max-age=1200
x-goog-stored-content-length
31540
content-type
application/javascript; charset=UTF-8
accept-ranges
bytes
x-cache-hits
177, 1
pixel.js
reurl.cc/javascripts/ 		429 B
524 B 		Script
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/javascripts/pixel.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3050a5556edc5876cd83e63f15e56fe19cb428129345a58d1f57687414504698

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/KMYo2q
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:40 GMT
content-encoding
gzip
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"63356adf-1ad"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
expires
Fri, 26 Apr 2024 20:05:40 GMT
utag.js
t.ssp.hinet.net/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:41 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 03:58:03 GMT
server
nginx
etag
W/"63745fcb-142e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Thu, 27 Apr 2023 20:15:41 GMT
js
www.googletagmanager.com/gtag/ 		237 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7e38a36fa1ddb68d789c195554f0b0bfaa013ae69846b894d0cab2c745dad5d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
82727
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 27 Apr 2023 20:05:40 GMT
ysm_reurl.js
ad.sitemaji.com/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.sitemaji.com/ysm_reurl.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.215.186.35.bc.googleusercontent.com
Software
nginx/1.12.1 (Ubuntu) /
Resource Hash
8290d97b04510b940ddca9f2aea802eaafb36fc7a8f52e4466ed2b77db35c632

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 16:00:50 GMT
content-encoding
br
via
1.1 google
last-modified
Thu, 20 Jun 2019 08:55:05 GMT
server
nginx/1.12.1 (Ubuntu)
age
14690
etag
W/"5d0b49e9-4488"
vary
Accept-Encoding,Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5880
expires
Fri, 28 Apr 2023 16:00:50 GMT
ad.js
img.scupio.com/js/ 		76 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/ad.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-63.prg50.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
cfb9efc885f20a99b4de4a37da33b3d25262b880f14df6b13aadd0c3e3754944

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:40 GMT
content-encoding
gzip
via
1.1 e14614617e85116e937d5168b35a94de.cloudfront.net (CloudFront)
last-modified
Wed, 22 Mar 2023 01:19:47 GMT
server
nginx/1.12.1
x-amz-cf-pop
PRG50-C1
age
116
etag
W/"641a57b3-12f95"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=900
x-amz-cf-id
E7ldknTo0Wx3CyKwIB8mjLPLXK4BVfJpo97rfhP6LFdTTj8vFhn6HQ==
expires
Thu, 27 Apr 2023 20:18:44 GMT
init.js
cdn.holmesmind.com/js/ 		17 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:4400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6b554798adaf5cb8c2c6f2607f28041ccb952a5727fac5ef07aa1024cab81a74

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
7G6oOBMjdeWk3fCC2bapuP6Qk7hbJS6v
date
Thu, 27 Apr 2023 20:05:21 GMT
via
1.1 44b457512f742b4e48fc7f0c87d8ed92.cloudfront.net (CloudFront)
last-modified
Thu, 27 Apr 2023 07:45:48 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
20
x-amz-server-side-encryption
AES256
etag
"6c37b2eb5706a6225b62a75a80493f4a"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
17750
x-amz-cf-id
bhyHNrk4sBYCsfBO6xUjuCC4oP42Y4b1y2KYVXkAAxBYM78QqkMCrQ==
vue.min.js
cdn.jsdelivr.net/npm/vue@2.5.16/dist/ 		84 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/vue@2.5.16/dist/vue.min.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
5571022
x-jsd-version
2.5.16
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230020-FRA, cache-jnb7022-JNB
x-jsd-version-type
version
server
cloudflare
etag
W/"151b4-KLsckeN7U/TrtIzkgtzLJAAD4Hg"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=88ETUTLg9m%2BjDGPA4UuoxN8ZjjyRNFrLYnaVdTPpBacpTSNjnVns%2BS3ICDjNoWEwLqe3EPcaQmsIIlOxBHYAANja92m8rG6iEKxs7EH5uX5oWYeEhmMvvCdQv16PdRtiFn6khTBx5Zko5rl8QOA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
7be9ae7edb749bc5-FRA
renews.js
reurl.cc/javascripts/ 		412 B
493 B 		Script
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/javascripts/renews.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
52bb2d07b65ec544edeb2a33f4103397a28f036f0d100090f3e17e4364aea1fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/KMYo2q
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:40 GMT
content-encoding
gzip
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"63356adf-19c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
expires
Fri, 26 Apr 2024 20:05:40 GMT
loading.js
reurl.cc/javascripts/ 		134 B
339 B 		Script
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/javascripts/loading.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
ddd9d29beabaeecc9c76408242dfc2b76305ec52511992d3cfbc81a500ee0670

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/KMYo2q
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:40 GMT
content-encoding
gzip
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"63356adf-86"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
expires
Fri, 26 Apr 2024 20:05:40 GMT
ga2.js
reurl.cc/javascripts/ 		536 B
550 B 		Script
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/javascripts/ga2.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
16cf673198b29bb08e83f5d8f74182d97d9c6dfa729c60f90f6195e739de9d20

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/KMYo2q
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:40 GMT
content-encoding
gzip
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"63356adf-218"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
expires
Fri, 26 Apr 2024 20:05:40 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		74 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/9479/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
107c89290c73e58eb01ef67e23270a260b1e513d646b4ff076a54b20f8d93dc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:40 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24737
x-xss-protection
0
server
cafe
etag
267 / 19474 / m202304240101 / config-hash: 18361539349155083424
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 27 Apr 2023 20:05:40 GMT
fbevents.js
connect.facebook.net/en_US/ 		107 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/javascripts/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
091ba5711e7f397eca67fb1da60968a88be608d2f4fb80955ef74f645b6e898b
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 27 Apr 2023 20:05:40 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27967
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
L012UbJEpBsHjj2b15P1kWW43Q9QuzVlDUZqqT74qWltlDZhlCvxNKUKc03sE9JB/Jr/M6hD2wyarpeAPqTiig==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
page.php
www.facebook.com/plugins/ Frame B368 		96 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6de5be46a81e20d4a819c54794885c99a49e7e34f9c677e1f252b6d655da75df
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Thu, 27 Apr 2023 20:05:40 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
D3+5vVg+pR/yrudvNhzav2IwvWgUTkGFprOk5fu/+Dn3oMppx8BKFeSx5/Ad953ZTRK/G8UkKejSwF0FM5tQ2g==
x-fb-rlafr
0
x-xss-protection
0
feeds
storage.re-news.tw/ 		8 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://storage.re-news.tw/feeds
Requested by
Host: reurl.cc
URL: https://reurl.cc/javascripts/renews.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.196.223 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
223.196.244.35.bc.googleusercontent.com
Software
/ Express
Resource Hash
dc64eea41008e0953eb597d829826c65cb9f5a7529a056ae979ef79a6ab13ffe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:40 GMT
via
1.1 google
x-powered-by
Express
etag
W/"1e77-e4ydLalxNwoYD29O7kIqWJyYfxM"
vary
Origin
content-type
text/html; charset=utf-8
access-control-allow-origin
https://reurl.cc
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7799
analytics.js
www.google-analytics.com/ 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/javascripts/ga2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 27 Apr 2023 19:05:04 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
3636
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Thu, 27 Apr 2023 21:05:04 GMT
1675200226052423
connect.facebook.net/signals/config/ 		150 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1675200226052423?v=2.9.102&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9c9f87285251bbcc9a701bc74e755b0c48e1321efdccafd33c28896b40aa3ff3
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 27 Apr 2023 20:05:40 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
42315
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
dLsXsma6Lt3PBSR80sVaxOnNM88NbyhYNgogDlUWUKLO1bTVAc6nLTczQDjksC1EfVI2pkAWmIl+B09Y02SFcQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
create
referer-log.holmesmind.com/api/v1/kinesis/ 		51 B
261 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://referer-log.holmesmind.com/api/v1/kinesis/create?zone_id=13856&domain=reurl.cc
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.194.27.77 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-194-27-77.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1bfc2e2068ee2ce434a9273fee1accffeeacdad69ce3c220d9daa5fbed639a62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:41 GMT
x-content-type-options
nosniff
server
nginx/1.18.0 (Ubuntu)
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
capmapping.htm
cdn.holmesmind.com/js/ Frame 74FA 		7 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:4400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8804179d4455fb6e29325fe79d0f98396fd305e1de6067621c6f42e7054a7671

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
58
content-length
7381
content-type
text/html
date
Thu, 27 Apr 2023 20:04:43 GMT
etag
"7043648f76be8783efb738bc06c56fa0"
last-modified
Thu, 27 Apr 2023 07:45:59 GMT
server
AmazonS3
via
1.1 44b457512f742b4e48fc7f0c87d8ed92.cloudfront.net (CloudFront)
x-amz-cf-id
1IDFwohPQFAv8yjmK1s6sFYHpwGBylL5sK-bmmFWS-cvJ-wNpxfuRw==
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
x-amz-version-id
UUwcIfIJRUq9jl_3zZZ_gKIBA76frGur
x-cache
Hit from cloudfront
edmp_init.js
cdn.holmesmind.com/js/ 		662 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/edmp_init.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:4400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
ofQLmtuFKXc4_qJ8vWwFRRweUsHZhpa4
date
Thu, 27 Apr 2023 20:04:54 GMT
via
1.1 44b457512f742b4e48fc7f0c87d8ed92.cloudfront.net (CloudFront)
last-modified
Thu, 27 Apr 2023 07:45:37 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
54
x-amz-server-side-encryption
AES256
etag
"f58f8a90686f8ffb3325107e8a788b71"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
662
x-amz-cf-id
pjdQPxKeZuEneucrOJ8L1PHAJk0aE5_bQN8wy3ZQbvSpIyw-wvcqxQ==
presetfn.js
cdn.holmesmind.com/js/ Frame 0AF1 		15 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:4400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9f2aa6af4c0a4d80f08fb43a67de08fa12534cae17a1a1b5aa3a6b903638cea6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
b6NLfBNbZuuhe0mNP1aWahjxel9mXWRo
date
Thu, 27 Apr 2023 20:05:06 GMT
via
1.1 44b457512f742b4e48fc7f0c87d8ed92.cloudfront.net (CloudFront)
last-modified
Thu, 27 Apr 2023 07:45:47 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
35
x-amz-server-side-encryption
AES256
etag
"fda6a78844e1e6ff9ca3f87a43daaa6d"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
15489
x-amz-cf-id
CdgkaOUdS39dsv1vqssls9U2L29FCmbWlzUYQgSPtdWXZqRlVOuthw==
presetfn.js
cdn.holmesmind.com/js/ Frame 27FA 		15 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:4400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9f2aa6af4c0a4d80f08fb43a67de08fa12534cae17a1a1b5aa3a6b903638cea6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
b6NLfBNbZuuhe0mNP1aWahjxel9mXWRo
date
Thu, 27 Apr 2023 20:05:06 GMT
via
1.1 44b457512f742b4e48fc7f0c87d8ed92.cloudfront.net (CloudFront)
last-modified
Thu, 27 Apr 2023 07:45:47 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
35
x-amz-server-side-encryption
AES256
etag
"fda6a78844e1e6ff9ca3f87a43daaa6d"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
15489
x-amz-cf-id
pafXt-9j_BXhQbrPk-3CP6YQZKpxCVOPcsSKz9Et0dkJFaYkiMdeYw==
presetfn.js
cdn.holmesmind.com/js/ Frame 9C2E 		15 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:4400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9f2aa6af4c0a4d80f08fb43a67de08fa12534cae17a1a1b5aa3a6b903638cea6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
b6NLfBNbZuuhe0mNP1aWahjxel9mXWRo
date
Thu, 27 Apr 2023 20:05:06 GMT
via
1.1 44b457512f742b4e48fc7f0c87d8ed92.cloudfront.net (CloudFront)
last-modified
Thu, 27 Apr 2023 07:45:47 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
35
x-amz-server-side-encryption
AES256
etag
"fda6a78844e1e6ff9ca3f87a43daaa6d"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
15489
x-amz-cf-id
vLcbD_Uui1su68Ww0mcLbAhUYenJ8Nm3a-9y7p97y8FS_gSGEV_mYw==
presetfn.js
cdn.holmesmind.com/js/ Frame 69E9 		15 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:4400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9f2aa6af4c0a4d80f08fb43a67de08fa12534cae17a1a1b5aa3a6b903638cea6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
b6NLfBNbZuuhe0mNP1aWahjxel9mXWRo
date
Thu, 27 Apr 2023 20:05:06 GMT
via
1.1 44b457512f742b4e48fc7f0c87d8ed92.cloudfront.net (CloudFront)
last-modified
Thu, 27 Apr 2023 07:45:47 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
35
x-amz-server-side-encryption
AES256
etag
"fda6a78844e1e6ff9ca3f87a43daaa6d"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
15489
x-amz-cf-id
fR52c6zpi7QIVvW9jExudTJgZaRaxI22QiUG8TpniYRGPcK4v7cwPA==
collect
www.google-analytics.com/j/ 		4 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=311818070&t=pageview&_s=1&dl=https%3A%2F%2Freurl.cc%2FKMYo2q&ul=en-us&de=UTF-8&dt=BCN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1655549631&gjid=426538962&cid=382969064.1682625941&tid=UA-102456694-1&_gid=796129039.1682625941&_r=1&_slc=1&z=115249539
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 20:05:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=311818070&t=event&_s=2&dl=https%3A%2F%2Freurl.cc%2FKMYo2q&ul=en-us&de=UTF-8&dt=BCN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=pause&ea=3&el=MjE3LjExNC4yMTguMjU&ev=1&_u=IEBAAEABAAAAACAAI~&jid=&gjid=&cid=382969064.1682625941&tid=UA-102456694-1&_gid=796129039.1682625941&z=2136150921
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 06:05:50 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
50390
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
fp
cm-dev-poc.holmesmind.com/ Frame 78C4 		0
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm-dev-poc.holmesmind.com/fp
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.92.30.56 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-92-30-56.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 27 Apr 2023 20:05:41 GMT
server
nginx/1.18.0 (Ubuntu)
cm.php
fcm.holmesmind.com/ Frame 7110 		39 B
191 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fcm.holmesmind.com/cm.php
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.67.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
231.67.95.34.bc.googleusercontent.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795

Request headers

Referer
https://cdn.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39
content-type
text/html; charset=UTF-8
date
Thu, 27 Apr 2023 20:05:40 GMT
server
Apache/2.4.29 (Ubuntu)
via
1.1 google
utag.js
t.ssp.hinet.net/ Frame 74FA 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:41 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 03:58:03 GMT
server
nginx
etag
W/"63745fcb-142e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Thu, 27 Apr 2023 20:15:41 GMT
cm
c.holmesmind.com/ Frame 74FA
Redirect Chain
  • https://c.holmesmind.com/cm
  • https://c.holmesmind.com/cm?tc=getIn&
0
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm?tc=getIn&
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Server
35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:41 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8

Redirect headers

location
https://c.holmesmind.com/cm?tc=getIn&
date
Thu, 27 Apr 2023 20:05:41 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
fp
cm-dev-poc.holmesmind.com/ Frame 74FA 		0
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm-dev-poc.holmesmind.com/fp
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.92.30.56 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-92-30-56.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:41 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
content-type
text/html; charset=UTF-8
collect
region1.google-analytics.com/g/ 		0
249 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-N394QBRGC0&gtm=45je34q0&_p=311818070&cid=382969064.1682625941&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1682625940&sct=1&seg=0&dl=https%3A%2F%2Freurl.cc%2FKMYo2q&dt=BCN&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 20:05:40 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
17229.json
img.scupio.com/js/config/ 		461 B
902 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/config/17229.json?v=1.0.3839
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-63.prg50.r.cloudfront.net
Software
nginx/1.15.2 /
Resource Hash
2f40eec74eadfe630474d2e05285e9c8a8aa47eb1ebef18c176422f11709f3ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
application/json, text/javascript, */*
Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

strict-transport-security
max-age=31536000
date
Thu, 27 Apr 2023 20:04:07 GMT
via
1.1 b5f551be30f63eca57ca04273cb75994.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
92
x-cache
Hit from cloudfront
content-length
461
last-modified
Thu, 27 Apr 2023 02:20:37 GMT
server
nginx/1.15.2
etag
"6449dbf5-1cd"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=10800
accept-ranges
bytes
x-amz-cf-id
WRo4yO9N-qHD_cO-gduUgipw8qD1-hxfgoZ14CV4VPXfXx6vRQMu8Q==
expires
Thu, 27 Apr 2023 23:04:07 GMT
adreqlog.aspx
bw.scupio.com/adpinline/ 		0
711 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bw.scupio.com/adpinline/adreqlog.aspx?cid=17229&cb=0.4166385296700976
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
203.69.60.97 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-69-60-97.hinet-ip.hinet.net
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*
Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Thu, 27 Apr 2023 20:05:41 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
application/json
Access-Control-Allow-Origin
https://reurl.cc
P3P
CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control
private
Access-Control-Allow-Credentials
true
Content-Length
0
ad.html
img.scupio.com/html/ Frame 5EF6 		83 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/html/ad.html?v=1.0.67
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-63.prg50.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
56baa57e0239dcc012df1180ca809db66046e9688510327b63c61a3dfc2aabf1

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1409
cache-control
max-age=2592000
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 27 Apr 2023 19:58:24 GMT
etag
W/"641a5637-14dfe"
expires
Sat, 27 May 2023 19:42:11 GMT
last-modified
Wed, 22 Mar 2023 01:13:27 GMT
server
nginx/1.12.1
vary
Origin
via
1.1 e14614617e85116e937d5168b35a94de.cloudfront.net (CloudFront)
x-amz-cf-id
tLbcIM336quOBFh-RaCArOLTJBGlWcctc-We5CsZqhtsCUzX61p1fw==
x-amz-cf-pop
PRG50-C1
x-cache
Hit from cloudfront
17253.json
img.scupio.com/js/config/ 		461 B
903 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/config/17253.json?v=1.0.3839
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-63.prg50.r.cloudfront.net
Software
nginx/1.15.2 /
Resource Hash
4598aacc92f06a61ae939c7190912dc237228d726c0651932b3f2a06ed4faf00
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
application/json, text/javascript, */*
Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

strict-transport-security
max-age=31536000
date
Thu, 27 Apr 2023 20:04:07 GMT
via
1.1 b5f551be30f63eca57ca04273cb75994.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
92
x-cache
Hit from cloudfront
content-length
461
last-modified
Thu, 27 Apr 2023 02:20:38 GMT
server
nginx/1.15.2
etag
"6449dbf6-1cd"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=10800
accept-ranges
bytes
x-amz-cf-id
wlrp7lXOJSaCsAo2nQUvZIypzvLpwMntOew-H-jVMenj3uxHKsIldw==
expires
Thu, 27 Apr 2023 23:04:07 GMT
adreqlog.aspx
bw.scupio.com/adpinline/ 		0
710 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bw.scupio.com/adpinline/adreqlog.aspx?cid=17253&cb=0.8610500406669845
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
203.69.60.97 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-69-60-97.hinet-ip.hinet.net
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*
Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Thu, 27 Apr 2023 20:05:41 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
application/json
Access-Control-Allow-Origin
https://reurl.cc
P3P
CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control
private
Access-Control-Allow-Credentials
true
Content-Length
0
ad.html
img.scupio.com/html/ Frame CD85 		83 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/html/ad.html?v=1.0.67
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-63.prg50.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
56baa57e0239dcc012df1180ca809db66046e9688510327b63c61a3dfc2aabf1

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1409
cache-control
max-age=2592000
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 27 Apr 2023 19:58:24 GMT
etag
W/"641a5637-14dfe"
expires
Sat, 27 May 2023 19:42:11 GMT
last-modified
Wed, 22 Mar 2023 01:13:27 GMT
server
nginx/1.12.1
vary
Origin
via
1.1 e14614617e85116e937d5168b35a94de.cloudfront.net (CloudFront)
x-amz-cf-id
ova0TRpW6NWEB8-wPkBExEZRHv1BP372yc_VB0zNFkAfl3xlByzVrg==
x-amz-cf-pop
PRG50-C1
x-cache
Hit from cloudfront
inferredevents.js
connect.facebook.net/signals/plugins/ 		72 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/inferredevents.js?v=2.9.102
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5849e07d0d6cbb144829b98da75fda4a8eb3fc2b5749d48cc94bb170db54859a
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 27 Apr 2023 20:05:40 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
21972
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
g09i5tE+1YwAq6rgvWOzEQY4nHenDjSdvWLGl5T5XuWd2vAhmE4kf7NqU+ZzoyJuCn2j8vq2R9bH4ocvcTCsGw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-102456694-1&cid=382969064.1682625941&jid=1655549631&gjid=426538962&_gid=796129039.1682625941&_u=IEBAAEAAAAAAACAAI~&z=1139064432
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 27 Apr 2023 20:05:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
K_oXAr0AjlB.css
static.xx.fbcdn.net/rsrc.php/v3/yZ/l/0,cross/ Frame B368 		21 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yZ/l/0,cross/K_oXAr0AjlB.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
cc3c2425bac1acfe581d8ce40f1c3bd7650670fee4e6445afe7d4f808898fe02
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:40 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
0285gTcRjwq1st/erAgKmw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5307
x-fb-rlafr
0
x-fb-debug
y1O2KwrMHoc4uo1cgkhHp3GlNNRTPvn5o0F+OBD5JDkClDxT09UDAfEgyXjTMEqRrzzYRD0/f4dntY2uRArvqA==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Fri, 26 Apr 2024 17:42:09 GMT
k9frVvgZWTr.css
static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/ Frame B368 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/k9frVvgZWTr.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
cb5c67ccd076f55e9436fb016a51b3c33f646751187a7e0053908ca5e265108b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:40 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
q6bCky1+00PrRbx3auADnQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
833
x-fb-rlafr
0
x-fb-debug
POoYy8etSn0kOF8BkM5+7jd0Jz0QvV3YAaibuWxTVdc7uVN9dapTPKtxAp5ytQ8x1yjSovHI+2r/2udNfeg3XQ==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 25 Apr 2024 17:52:07 GMT
5Efu-Dd9ERG.css
static.xx.fbcdn.net/rsrc.php/v3/yZ/l/0,cross/ Frame B368 		33 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yZ/l/0,cross/5Efu-Dd9ERG.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0dbdba4e3ae519ca99e112e64fc41409518bc3356804b0a52116c4d88def2774
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:40 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
fl5R7gBdn+7q3joF/eO71w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6398
x-fb-rlafr
0
x-fb-debug
TtEu9RNgUSzhQKtOQzxA+NAsB3VZNMfQWawmdEQmdAvK1LUDG90Fxd6S1T5LoMAD3/r41nNuiK61vB0D5r+6mw==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Wed, 24 Apr 2024 07:51:43 GMT
MSx3GqsU_hV.css
static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/ Frame B368 		19 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/MSx3GqsU_hV.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f15d2e8981f25820d430babc74133465517d65836e9375d4d93168e04356a11d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:40 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
I0cFTBflTdKEMyNACqaZgA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4840
x-fb-rlafr
0
x-fb-debug
T9x65MCVIBbmcxom3+hexcqEzQRALlOVqpr8W2Ax/qEHuJ3Frpbq6OkjXdJKg+oaZG7Rn1aCRnuz/e7lQ7iZPQ==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 25 Apr 2024 17:09:11 GMT
BWAw9Os-g2M.js
static.xx.fbcdn.net/rsrc.php/v3/y3/r/ Frame B368 		305 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y3/r/BWAw9Os-g2M.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
992c5e398f3092e2be5c546c589c4c5d91c20490e78d2f215f76fe2fc48ef592
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:40 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
qLXsFV/3MWcOco6vl8TBow==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
81761
x-fb-rlafr
0
x-fb-debug
1NmoUHFWomki9foz5Xnf6m0Vy2V5xwT5opPmTFrHDTJdyfiXX3SXpGisFIjUUE0VCrzcsSA1oI71fu0cLHidJA==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Tue, 23 Apr 2024 19:16:03 GMT
TXms_HrZwKP.js
static.xx.fbcdn.net/rsrc.php/v3/y9/r/ Frame B368 		57 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y9/r/TXms_HrZwKP.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
30a288f4b8350f8121ceab4313aa78320d3a313c7425136323191ced5b6a0b65
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:40 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
5xeNXxWs1OEER8b29ktDpw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
17978
x-fb-rlafr
0
x-fb-debug
/iM1n73TUqzLPMKwcZV0jL7UAIP4hBbJ1UVPqWBQmZ4k9GQGxJJuhs5X5ACykAgbalyXU9kRCkiZIr7uOKPpTw==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 25 Apr 2024 19:36:54 GMT
q55PMpzZgkW.js
static.xx.fbcdn.net/rsrc.php/v3/yY/r/ Frame B368 		55 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yY/r/q55PMpzZgkW.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f7cf499374cfb2383a6986a2195b4167801dc98421d3fecfb4a86fdd08734a2e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:40 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
4bPG9qP7lYdgXiSXb3qODg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
17489
x-fb-rlafr
0
x-fb-debug
RgW7+sVPgYjwoqbmYa7nPh+xQAaLnq1/bPIfzlIVlvgoMmLlBNBfPmMTOnHW1hSFb2b9piRsv2noaKQPREbzjA==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 18 Apr 2024 00:30:38 GMT
W6KJdIJLkRh.js
static.xx.fbcdn.net/rsrc.php/v3iAxA4/yC/l/de_DE/ Frame B368 		76 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iAxA4/yC/l/de_DE/W6KJdIJLkRh.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
75297c795593ca3ce17644e50df05b460379d57389a9974aaba810729b399dd1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:40 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
zI9CSm/o5TqjcBqIhWombw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
22542
x-fb-rlafr
0
x-fb-debug
Em7Dpk/a2YdusCpUxbNcm+DMB+dSmWv3qRdoGJv+XyAOegIyAmMCdj25+VhUxjWqFWQf9KplEC04WSijTnBI4g==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Wed, 24 Apr 2024 19:55:48 GMT
JQAN4ZyfLoh.js
static.xx.fbcdn.net/rsrc.php/v3/yA/r/ Frame B368 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yA/r/JQAN4ZyfLoh.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e29bdb0686b391e46551abc9587a2880ba03a656ca91c55d33027cec614fadfe
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:40 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
5I6IdhzbD3ZvBrMRbC/pSA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4986
x-fb-rlafr
0
x-fb-debug
JKCRxyjWyZ1/eFhaHKxUGb6b6zSFvzC6Qb4aKFGMGwuRYrHK61TXXsFun6xkt5zxS0rG+lNmdWZb8s9UHSt3zg==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Fri, 19 Apr 2024 20:05:19 GMT
p55HfXW__mM.js
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame B368 		507 B
486 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:40 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
L5E9gSgR735vyjAzTFly4g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
293
x-fb-rlafr
0
x-fb-debug
3756pJREhNqJR3vSlxCjRxSl1EiDdHYUUq8ZcBFxy8I1HrztqFJ5hppYQM44k+aZgiCeewmPUPOVUfaHu4f0NQ==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Wed, 24 Apr 2024 05:47:15 GMT
POvYszFhNFc.js
static.xx.fbcdn.net/rsrc.php/v3iLNf4/y3/l/de_DE/ Frame B368 		206 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iLNf4/y3/l/de_DE/POvYszFhNFc.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c09351d1c18c6164a7f46358a8566ccdd73c2b5f3cc78d05a5c2622f092dd309
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:40 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
0z8CmRRrBNNwyOW6wUsy6w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
60270
x-fb-rlafr
0
x-fb-debug
9WeY9/0+emsos1Gm1UhHt31LTbEfXkQjZ8Q5ogVF/foRfi3j8f/gjFXXOnRcGXP+Fe+M8zK8itHXneXF+YzRIw==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Wed, 24 Apr 2024 19:55:48 GMT
r4a3QRhOoun.js
static.xx.fbcdn.net/rsrc.php/v3/yM/r/ Frame B368 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yM/r/r4a3QRhOoun.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e9e69e15d6ef8ea1c7a0590b19efa29323f4ba40f3af0bcfc665f1c35ca50c8d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:40 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
7Z5vEhjBpZ5QNJQY63PI5A==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1755
x-fb-rlafr
0
x-fb-debug
be50biop++6hGonfyOfdyssiLvAKd35uJpSTcHrA540MJTJ3I5csrC9/ZqOUrCtgyZvXUCWAKeR+I8bL/YpaeQ==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Tue, 16 Apr 2024 17:05:22 GMT
Nx1FAsJNBJM.js
static.xx.fbcdn.net/rsrc.php/v3/yd/r/ Frame B368 		34 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yd/r/Nx1FAsJNBJM.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3b2127035d2f4e955c8bb19372f4be0aad2a9fb006a4e3724180d18e93fc8d99
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:40 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
htSkoIVgf+B7cn1FY6Cubw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
11301
x-fb-rlafr
0
x-fb-debug
aMkBgprpSv0B1x81Ng8yb6iACqA0Rb45l7rsGtq+icinS9M6UWHNLyJNi++sbTV37V/Gy+whG+/x44Z49hhDXg==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Tue, 23 Apr 2024 20:36:12 GMT
3XQaPtEXJDR.js
static.xx.fbcdn.net/rsrc.php/v3/yP/r/ Frame B368 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yP/r/3XQaPtEXJDR.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ff102d71034914f374671e6a221823b3930a72b45a5d9a202d05fceba2e9770c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:40 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
GO/Es7KP2uN/eyXnmJRFpA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2753
x-fb-rlafr
0
x-fb-debug
cfDGKt14QMxRBJd3xoaOvMNMF5GF4t4ekNMQasE3E7cXJomPDDCT13/Y1dkJj4Z5BE0T//u5i4Nd8oTHkdbpVg==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Fri, 19 Apr 2024 20:05:19 GMT
dWJDEofg2O-.js
static.xx.fbcdn.net/rsrc.php/v3i2dl4/y1/l/de_DE/ Frame B368 		329 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3i2dl4/y1/l/de_DE/dWJDEofg2O-.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0c478da78aa856283ebb811de7803f1ab170ac0c5963e8577902aca8e7ab5f85
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:40 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
C3Pz0Usz58KyCOYGyQOAJw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
79246
x-fb-rlafr
0
x-fb-debug
N6hftKWrPy8Rb3LiIDbNlYnS6RZZHJ19KDPtogw6DFhu+/Hqy8VLsS9YhrpgOtrE6i4VEzhkcGK1EBkDMqs1JQ==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 18 Apr 2024 22:14:44 GMT
sWZG_XqJLzd.js
static.xx.fbcdn.net/rsrc.php/v3i6WS4/yM/l/de_DE/ Frame B368 		411 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3i6WS4/yM/l/de_DE/sWZG_XqJLzd.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ad41fd3b223238a8c460a8ecf0265a9ab67521cc855247196200a367940b2094
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:40 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
/1jaAtDDwAebspX3wSLDcw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
98702
x-fb-rlafr
0
x-fb-debug
KSFTFe3GIEbSP/3zF7cEFTf6KSC4tLqPcmteusXHRLylZWVKPebBFBhanh9veyNqfoIhf/rEW6MqgLW5XITO2Q==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Fri, 26 Apr 2024 17:24:45 GMT
lYejkzyV906.js
static.xx.fbcdn.net/rsrc.php/v3/yz/r/ Frame B368 		723 B
579 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/lYejkzyV906.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ff7752702f4c4c362f1eaec396e6aac8a0aadf3def7dc0817e558c60ce20f0c5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:40 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
naOE1m8tmTZ0fVAYNsTRiA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
387
x-fb-rlafr
0
x-fb-debug
wwLB3s/+o2dktYayzhnect76rO1EC1NYHNHKgSrKP/EEcvRPIpoRN7uMOS7Fd3qkWwYE5GJ8nGYRLOADLnlevQ==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Wed, 24 Apr 2024 05:47:12 GMT
czxodnpB65Q.js
static.xx.fbcdn.net/rsrc.php/v3/yK/r/ Frame B368 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yK/r/czxodnpB65Q.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
66af17387128992af4402effee7421b5c6393e3c4b21d398deca36f05c0aae68
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:40 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
NclpikSG+Uh5Xmo92LTGVQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5110
x-fb-rlafr
0
x-fb-debug
cwiZJFoM4pHDHviVsBFYEhf/hwrYwE5tInIeI5+BMvtU6NcIwE19cS5yS9ECvOZn6cVYJrZaoggdpvxolyYTQg==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 25 Apr 2024 17:04:11 GMT
5h6u_2d41rS.js
static.xx.fbcdn.net/rsrc.php/v3/yp/r/ Frame B368 		28 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/5h6u_2d41rS.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
75147bcc1a5f043c2772e31ec9fb7eba8afad57d32e69e5d95f6a97a6901c2aa
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:40 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
AjZWGfWYa9NcTQ40sFsFUA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
7339
x-fb-rlafr
0
x-fb-debug
5G1Wp0/2+rksCs3NuG9J1TZnUjkKh+tStNJJUW21wZ8fqwz86VUVrBnyLjh9uiCLybTtX4+J/ZFkJDrDHgqH6g==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Wed, 24 Apr 2024 17:32:04 GMT
vY-feP3DlKL.js
static.xx.fbcdn.net/rsrc.php/v3iUY_4/yW/l/de_DE/ Frame B368 		45 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iUY_4/yW/l/de_DE/vY-feP3DlKL.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0fc913e461fbd33f43de9417be3481130ab5d496390a2ae7ac0861c100e2a623
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:40 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
61nArJOZC4rkI9bmFZvp5g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
14105
x-fb-rlafr
0
x-fb-debug
o385pUemEXJqY8WRA8k8OiwlLTmkjWQ6NeHatOuJz/wG+0MRLbgnFZpJqwiNbpyegt7inGpsIqqL4QPycPtBaA==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Fri, 26 Apr 2024 17:24:45 GMT
7TQpq0fzfu4.js
static.xx.fbcdn.net/rsrc.php/v3/yl/r/ Frame B368 		2 KB
976 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yl/r/7TQpq0fzfu4.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8dc1f8352569662cbb0e100fe0f7459cfcb0682a67bd50e5246059ba2e97a42a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:40 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
TLChQoDhUYzpJFadDZTs1A==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
782
x-fb-rlafr
0
x-fb-debug
F8yT7rfFjje/giTfgl8/nNNMjOwjJP31AaCXGpxFs5GZqDXn5nxeNr4v3vAnLFY3JHGBK2sFumpTKNYqXyNeEA==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Wed, 24 Apr 2024 05:47:09 GMT
h8ulkmpky8f.js
static.xx.fbcdn.net/rsrc.php/v3/yG/r/ Frame B368 		55 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yG/r/h8ulkmpky8f.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
de22251de744ea11cc272908446d053d0a9012b7356ee1ba8b7561337d0f71fb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:40 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
lbhbphR1BNPxW6RqDJiiow==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
15174
x-fb-rlafr
0
x-fb-debug
+ihH/Dv69p1rjl7vS8Rm3gmojQfupdosM9ypdgd6te3z/TQqNQ6edfljhZhsLDLPTY0TGgnUZBoEluGa9exLSw==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Wed, 24 Apr 2024 05:47:06 GMT
325141786_6140032619364934_7377705774471631398_n.jpg
scontent.xx.fbcdn.net/v/t39.30808-6/ Frame B368 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent.xx.fbcdn.net/v/t39.30808-6/325141786_6140032619364934_7377705774471631398_n.jpg?stp=dst-jpg_s350x350&_nc_cat=104&ccb=1-7&_nc_sid=dd9801&_nc_ohc=MBjBCcFfMPIAX90YN92&_nc_ht=scontent.xx&edm=ADwHzz8EAAAA&oh=00_AfBNlX4KQda42rOO_3hTE0WtSBLn2BS2opdM7NsoIkX5qA&oe=644EE9C5
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0912eb76845cca43ec976e9bc886ca3f240697afb98c9ec95ec6c34fa32a8a71

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-haystack-needlechecksum
1290236993
date
Thu, 27 Apr 2023 20:05:41 GMT
x-fb-trip-id
1679558926
x-storage-error-category
dfs:none;hs_p:200:HS_ESUCCESS
last-modified
Fri, 13 Jan 2023 04:15:10 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=1433450679
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
2910780274
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
16853
305964663_450890893727816_1742559653774706626_n.jpg
scontent.xx.fbcdn.net/v/t39.30808-1/ Frame B368 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent.xx.fbcdn.net/v/t39.30808-1/305964663_450890893727816_1742559653774706626_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=110&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=ZuCl7pQwijMAX90pmzK&_nc_ht=scontent.xx&edm=ADwHzz8EAAAA&oh=00_AfCdMssxDJfhZfzbzcum-tIOqNsspe_0bx37Qlra1D8qMw&oe=644FA395
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4636fb9df5ae103fbad3764c9f98400be1c9384cbe77fdb6951b96adcac788b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-haystack-needlechecksum
760809244
date
Thu, 27 Apr 2023 20:05:41 GMT
x-fb-trip-id
1679558926
x-storage-error-category
dfs:none;hs_p:200:HS_ESUCCESS
last-modified
Thu, 08 Sep 2022 19:16:03 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=2540016234
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
88386505
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
1345
Preset.js
adcdn.holmesmind.com/adserver/ Frame 9C2E 		7 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adcdn.holmesmind.com/adserver/Preset.js?z=14209
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:ec00:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
67988687e1abdb7513a40ec60f8ed45c834949e86c1c9fa76983d00590ce0da4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:02:32 GMT
content-encoding
gzip
via
1.1 db66f1cc00a415c34c42ad011b26850c.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
PRG50-C1
age
188
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
access-control-allow-credentials
true
x-amz-cf-id
CjGcQMy1uHakdcAyiAnYCWGL88PIWJidbbIyb0N1-N9rn31mssIuuA==
Preset.js
adcdn.holmesmind.com/adserver/ Frame 27FA 		1 KB
755 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adcdn.holmesmind.com/adserver/Preset.js?z=14210
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:ec00:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
8d2fcc495189430b96578537046dc018a8f35ce50167af818560d1b032c4b201

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:02:26 GMT
content-encoding
gzip
via
1.1 db66f1cc00a415c34c42ad011b26850c.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
PRG50-C1
age
194
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
access-control-allow-credentials
true
x-amz-cf-id
0URqTgx01MqGxmlEj_Xd53m4LLqQo6pdWrt5FFD5hYcFKhCM5TenXQ==
Preset.js
adcdn.holmesmind.com/adserver/ Frame 69E9 		756 B
680 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adcdn.holmesmind.com/adserver/Preset.js?z=13847
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:ec00:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ede20041bf104095302e63753987b35d2b4bd8c1761ca246df8d7350385de315

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:02:27 GMT
content-encoding
gzip
via
1.1 db66f1cc00a415c34c42ad011b26850c.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
PRG50-C1
age
193
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
access-control-allow-credentials
true
x-amz-cf-id
3K9LpPVHK_3lAMRd5b2pQGHuxKywPLb4ztF8rT8V35lh67g-h4-5_w==
Preset.js
adcdn.holmesmind.com/adserver/ Frame 0AF1 		738 B
668 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adcdn.holmesmind.com/adserver/Preset.js?z=13856
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:ec00:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
4f1e7c977a8db7d830d597dd66834f6bf605e75cc6360a3687c3279251f812ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:02:26 GMT
content-encoding
gzip
via
1.1 db66f1cc00a415c34c42ad011b26850c.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
PRG50-C1
age
194
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
access-control-allow-credentials
true
x-amz-cf-id
Rn7SszT-AWdvTFZRu0tJiCICyHdZi9bsLcfOFEOzzq_VcKonFiwllg==
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304240101/ 		399 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304240101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c3a23a02036d60ca831a506443e35d740f91a81f83063c0bc077c1be6e641d70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:39:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
33971
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
126426
x-xss-protection
0
server
cafe
etag
12107163058553792566
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 26 Apr 2024 10:39:29 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		544 B
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=reurl.cc
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e527755186d1e662236338e946e9729165c70d428e433b0af4264aec7a2f0230
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:41 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
271
x-xss-protection
0
expires
Thu, 27 Apr 2023 20:05:41 GMT
1682599586-97acf0f11c7f11f8ad0dc0a46bcc66c3-840x525.jpg
img.gbyhn.com.tw/2023/04/ 		124 KB
124 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.gbyhn.com.tw/2023/04/1682599586-97acf0f11c7f11f8ad0dc0a46bcc66c3-840x525.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e985d166bc9935d2b845294e5d1a4581fbc959f905534259d37c497ca543d7e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:41 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
25341
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
126634
last-modified
Thu, 27 Apr 2023 12:46:26 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PQy%2FE8l2IgqcqriL4bo00hxNGV2NeKwowrO%2BcxDYU1lsBiHAzEMQVNPHP9WRCiD4Mo%2FWgjhP%2FJT40lQkgLDOCIURD5eSU32IOEYZtRhxJhpXvRqJZ6bA33TpwS4cH%2BGgCvxUApmq3t7qLUpQqA61"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7be9ae85faea3684-FRA
expires
Thu, 04 May 2023 12:46:42 GMT
Azentio_Logo.jpg
mma.prnasia.com/media2/1978771/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mma.prnasia.com/media2/1978771/Azentio_Logo.jpg?p=medium600
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:fc04 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
4ec7e2cdfaf63939b2388677506d602546be7d1a21a55e8ab672d34cbe6ea80f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:41 GMT
cf-cache-status
HIT
age
40512
x-powered-by
ASP.NET
server-timing
intid;desc=3595525c9f7ff3e2
content-length
11597
cf-bgj
h2pri
last-modified
Thu, 27 Apr 2023 08:49:25 GMT
server
cloudflare
vary
*, Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
cf-ray
7be9ae83689d2c3e-FRA
access-control-allow-headers
Content-Type
expires
Thu, 27 Apr 2023 08:49:26 GMT
%E6%A8%82%E5%A4%A9%E8%B2%B8-%E4%BF%A1%E7%94%A8%E7%AE%A1%E7%90%86%E6%8C%87%E5%8D%97-1.jpg
blog.alphaloan.co/wp-content/uploads/2021/04/ 		180 KB
181 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.alphaloan.co/wp-content/uploads/2021/04/%E6%A8%82%E5%A4%A9%E8%B2%B8-%E4%BF%A1%E7%94%A8%E7%AE%A1%E7%90%86%E6%8C%87%E5%8D%97-1.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.187 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
90102b36c17b8182fcb580b55b917d4807fb037df4dd104a6815ad305e2bea20
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:41 GMT
strict-transport-security
max-age=31536000
x-ac
2.hhn _atomic_ams BYPASS
last-modified
Thu, 27 Apr 2023 05:06:22 GMT
server
nginx
etag
"644a02ce-2d1f7"
access-control-allow-methods
GET, HEAD
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
184823
expires
Thu, 04 May 2023 20:05:41 GMT
%E7%AC%AC%E4%B8%80%E9%8A%80%E8%A1%8C%E4%BF%A1%E7%94%A8%E5%8D%A1%E6%8E%A8%E8%96%A6-1080x630.jpg
creditcards.com.tw/wp-content/uploads/2020/10/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creditcards.com.tw/wp-content/uploads/2020/10/%E7%AC%AC%E4%B8%80%E9%8A%80%E8%A1%8C%E4%BF%A1%E7%94%A8%E5%8D%A1%E6%8E%A8%E8%96%A6-1080x630.jpg?crop=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.244 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
eeb3eb1e187914e1b1c8ab2caa84833623a729d5637ba825cd6843c18d6379d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:41 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-ac
2.hhn _atomic_ams BYPASS
content-length
29780
x-nc
HIT bur 8
last-modified
Fri, 04 Feb 2022 08:01:13 GMT
server
nginx
etag
"3ef873d7de319323"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
expires
Sun, 04 Feb 2024 20:01:13 GMT
renews-title1.png
re-news.tw/images/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://re-news.tw/images/renews-title1.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.136.122 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
122.136.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e9b96bc538ceb220fc5caff0d0a67916b74cf07b2bada0b3296a17b1b99c9990

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:41 GMT
last-modified
Sun, 28 Nov 2021 04:19:19 GMT
server
nginx/1.18.0 (Ubuntu)
accept-ranges
bytes
etag
"61a30347-5fad"
content-length
24493
content-type
image/png
ContiBit-%E4%BA%A4%E6%98%93%E6%89%80%E8%A8%BB%E5%86%8A%E6%95%99%E5%AD%B8%EF%BC%8C%E6%95%99%E4%BD%A0%E7%94%B3%E8%B3%BC-Richwell-DeFITs-%E5%9B%BA%E5%AE%9A%E6%94%B6%E7%9B%8A-8-%E7%90%86%E8%B2%A1%E7%94...
www.rayskyinvest.com/wp-content/uploads/2023/03/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rayskyinvest.com/wp-content/uploads/2023/03/ContiBit-%E4%BA%A4%E6%98%93%E6%89%80%E8%A8%BB%E5%86%8A%E6%95%99%E5%AD%B8%EF%BC%8C%E6%95%99%E4%BD%A0%E7%94%B3%E8%B3%BC-Richwell-DeFITs-%E5%9B%BA%E5%AE%9A%E6%94%B6%E7%9B%8A-8-%E7%90%86%E8%B2%A1%E7%94%A2%E5%93%81-750x375.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.227.194.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.194.227.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
4952d97c9013418be3e4b014391c113cfe60624487dcbd14e13c1d8fa10fb66b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-proxy-cache
HIT
date
Thu, 27 Apr 2023 20:05:41 GMT
expires
Fri, 26 Apr 2024 14:41:59 GMT
last-modified
Thu, 30 Mar 2023 16:44:53 GMT
server
nginx
etag
"6425bc85-7a08"
content-type
image/webp
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
31240
x-cdn-c
all
x-sg-cdn
1
file.png
static.wixstatic.com/media/08c74d_ba3a5eb8e092499c974acd5b3e418350~mv2.png/v1/fit/w_1000,h_1000,al_c,q_80/ 		331 KB
331 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.wixstatic.com/media/08c74d_ba3a5eb8e092499c974acd5b3e418350~mv2.png/v1/fit/w_1000,h_1000,al_c,q_80/file.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.176.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
152.176.102.34.bc.googleusercontent.com
Software
openresty/1.21.4.1 /
Resource Hash
fe3c06eeffb10add536e52ac60fb6cccc3ea545d6fa16231830de8c4630d4851

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 00:52:36 GMT
via
1.1 google
server
openresty/1.21.4.1
age
673985
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=15552000, immutable
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
338711
wix-tracer
2OfW8QkBMnUPk3IAs0V2krc3XQG
x-seen-by
image-manipulator-54fd5c7947-mnr6n
1672766450-7-scaled.jpg
i0.wp.com/golike.tw/wp-content/uploads/2023/01/ 		487 KB
488 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/golike.tw/wp-content/uploads/2023/01/1672766450-7-scaled.jpg?fit=2560%2C1920&ssl=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
81a83ad8c65b893ec909609444e653b7e0be9395ccf59016e03284e0d1a13844
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Thu, 27 Apr 2023 20:05:41 GMT
x-content-type-options
nosniff
last-modified
Mon, 09 Jan 2023 09:08:26 GMT
server
nginx
etag
"42053212710e4c28"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://golike.tw/wp-content/uploads/2023/01/1672766450-7-scaled.jpg>; rel="canonical"
content-length
498450
expires
Wed, 08 Jan 2025 21:08:26 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame 5EF6 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.67
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 12:09:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
374177
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33951
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 22 Apr 2024 12:09:24 GMT
prebid.js
img.scupio.com/js/ Frame 5EF6 		236 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/prebid.js?v=5.20.0
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.67
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-63.prg50.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
97a8ac3778e546a6f181085011be6050889e44dd212ac3e9782389f0b853c23d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/html/ad.html?v=1.0.67
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:40 GMT
content-encoding
gzip
via
1.1 e14614617e85116e937d5168b35a94de.cloudfront.net (CloudFront)
last-modified
Tue, 28 Jun 2022 05:54:43 GMT
server
nginx/1.12.1
x-amz-cf-pop
PRG50-C1
age
4
etag
W/"62ba97a3-3b047"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
x-amz-cf-id
rJjIOm-VXAFkkqRfi5yaEk4XCPiOPZa47zyRSpYJ9iN6u95WIzFSXA==
expires
Sat, 27 May 2023 20:05:36 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame CD85 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.67
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 12:09:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
374177
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33951
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 22 Apr 2024 12:09:24 GMT
prebid.js
img.scupio.com/js/ Frame CD85 		236 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/prebid.js?v=5.20.0
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.67
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-63.prg50.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
97a8ac3778e546a6f181085011be6050889e44dd212ac3e9782389f0b853c23d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/html/ad.html?v=1.0.67
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:40 GMT
content-encoding
gzip
via
1.1 e14614617e85116e937d5168b35a94de.cloudfront.net (CloudFront)
last-modified
Tue, 28 Jun 2022 05:54:43 GMT
server
nginx/1.12.1
x-amz-cf-pop
PRG50-C1
age
4
etag
W/"62ba97a3-3b047"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
x-amz-cf-id
FGmnVdtzgfSNnEP31Vwk0Hz7vDr08AHU_Q4usv3xq60KELB_t1p9_Q==
expires
Sat, 27 May 2023 20:05:36 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-102456694-1&cid=382969064.1682625941&jid=1655549631&_u=IEBAAEAAAAAAACAAI~&z=1770553957
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 20:05:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-102456694-1&cid=382969064.1682625941&jid=1655549631&_u=IEBAAEAAAAAAACAAI~&z=1770553957
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 20:05:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1675200226052423&ev=PageView&dl=https%3A%2F%2Freurl.cc%2FKMYo2q&rl=&if=false&ts=1682625940978&sw=1600&sh=1200&v=2.9.102&r=stable&ec=0&o=28&cs_est=true&fbp=fb.1.1682625940974.924513054&it=1682625940615&coo=false&rqm=GET
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 27 Apr 2023 20:05:40 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
ads.js
ad.holmesmind.com/adserver/ Frame 27FA 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=14210&rf=https%3A%2F%2Freurl.cc%2FKMYo2q&n=20&o=1&fc=undefined&d=1&b=2&ts=1&ii=3&FPCK=7027-2stb9yxes7KIXabW0CrrR7NDxEWB9nT3&fp_uuid=7027-22066db3d61dfc0a43ce6367ef61134df557759b5b8912a8242ff7b92822e8d7&initver=230331P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.197.12.20 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-197-12-20.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
75f5e7fd34dae79b735a4434f09f26dbbc0dd194f9876d2fec88c614a7774453

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Thu, 27 Apr 2023 20:05:41 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame 27FA 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:4400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
nBWwdHcz25sluEl1QUCXz6TiME332iNl
date
Thu, 27 Apr 2023 20:05:07 GMT
via
1.1 44b457512f742b4e48fc7f0c87d8ed92.cloudfront.net (CloudFront)
last-modified
Thu, 27 Apr 2023 07:46:00 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
35
x-amz-server-side-encryption
AES256
etag
"6a605eea47197fa280f27aaf1fa1521d"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2773
x-amz-cf-id
W6gvqUAIra_Ka_eVAKqGXugL0w6fmKHnX9J2JmhB1C_6EctbZBYPiw==
publishertag.js
static.criteo.net/js/ld/ Frame 27FA 		121 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ee5dd0a4359b47cc49bbeaa01ee01d9ab77226267bc4999dce2331f35dd4b930
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:41 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-1e357"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 28 Apr 2023 20:05:41 GMT
criteoV2.js
cdn.holmesmind.com/js/ Frame 27FA 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:4400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
U1v8K6hSA4AKRsMTWm.5Bb28WJ6oCi4G
date
Thu, 27 Apr 2023 20:04:56 GMT
via
1.1 44b457512f742b4e48fc7f0c87d8ed92.cloudfront.net (CloudFront)
last-modified
Thu, 27 Apr 2023 07:45:10 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
59
x-amz-server-side-encryption
AES256
etag
"e8f33fcb581483ced4a09b3c8e7550e4"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2443
x-amz-cf-id
TdaQIHC7X-C6F1tLqPbTSuPAfSZXpcQH6lqHr4p-dOQI-9t3mYdWKQ==
bridgewellV3.js
cdn.holmesmind.com/js/ Frame 27FA 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:4400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
5mkNLru4kDHGgulI4S7tLQMEBRAn7gcJ
date
Thu, 27 Apr 2023 20:05:42 GMT
via
1.1 44b457512f742b4e48fc7f0c87d8ed92.cloudfront.net (CloudFront)
last-modified
Thu, 27 Apr 2023 07:45:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
etag
"c3b948e5a48dd0ec20c265d6d8da7add"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
4530
x-amz-cf-id
iIpQhwW-hiz0CByaqLIcnTlYIgVxWOXbfn9HQPm4FA_HNpPtmp9vUw==
appierV2.js
cdn.holmesmind.com/js/ Frame 27FA 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:4400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
PwsUi2RF84KIa5D8Jtw7UEGdNHZLdyUg
date
Thu, 27 Apr 2023 20:05:22 GMT
via
1.1 44b457512f742b4e48fc7f0c87d8ed92.cloudfront.net (CloudFront)
last-modified
Thu, 27 Apr 2023 07:45:54 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
19
x-amz-server-side-encryption
AES256
etag
"548ed610a8571343fb3022f543174735"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3177
x-amz-cf-id
MViugS2dHsscqsSiJv9Oyp5EslERba2WfgV96msoUwj7mIPsGexpFw==
appier_mainV3.js
cdn.holmesmind.com/js/ Frame 27FA 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:4400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
17b74954021249d3b59e7ab8c8248edc265666ee65127c8f01825f0ada0adcc2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
nxoHD1ZwbJbYkPDTFzjaXDlZQ1wm4L2y
date
Thu, 27 Apr 2023 20:05:42 GMT
via
1.1 44b457512f742b4e48fc7f0c87d8ed92.cloudfront.net (CloudFront)
last-modified
Thu, 27 Apr 2023 07:45:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
etag
"d653bf20e2f03cb602105cbd317c55ed"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
6650
x-amz-cf-id
_FbKLRz7JioAh50WZO-0pto4wZX39JHNjbXtRt0ONMQsWGXM_v31nw==
ads.js
ad.holmesmind.com/adserver/ Frame 9C2E 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=14209&rf=https%3A%2F%2Freurl.cc%2FKMYo2q&n=720&o=1&fc=undefined&d=1&b=2&ts=1&ii=3&FPCK=7027-2stb9yxes7KIXabW0CrrR7NDxEWB9nT3&fp_uuid=7027-22066db3d61dfc0a43ce6367ef61134df557759b5b8912a8242ff7b92822e8d7&initver=230331P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.197.12.20 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-197-12-20.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
8b70d44dc11ccbbd54f07f0a68caee621c5c590ec42a1181953437cac69725a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Thu, 27 Apr 2023 20:05:41 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
appier_mainV3.js
cdn.holmesmind.com/js/ Frame 9C2E 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:4400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
17b74954021249d3b59e7ab8c8248edc265666ee65127c8f01825f0ada0adcc2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
nxoHD1ZwbJbYkPDTFzjaXDlZQ1wm4L2y
date
Thu, 27 Apr 2023 20:05:42 GMT
via
1.1 44b457512f742b4e48fc7f0c87d8ed92.cloudfront.net (CloudFront)
last-modified
Thu, 27 Apr 2023 07:45:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
etag
"d653bf20e2f03cb602105cbd317c55ed"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
6650
x-amz-cf-id
-LN-eJ1RiZ5MYsMkGGeKDsuo4FFUzdLAI_bE_RyZ-MvT8q3oE2mhhA==
ads.js
ad.holmesmind.com/adserver/ Frame 69E9 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=13847&rf=https%3A%2F%2Freurl.cc%2FKMYo2q&n=962&o=1&fc=undefined&d=1&b=2&ts=1&ii=3&FPCK=7027-2stb9yxes7KIXabW0CrrR7NDxEWB9nT3&fp_uuid=7027-22066db3d61dfc0a43ce6367ef61134df557759b5b8912a8242ff7b92822e8d7&initver=230331P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.197.12.20 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-197-12-20.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
6a62c9045ea2f270b225f212f1efd01ac8ca8da43891658c29afebd901b4fd8c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Thu, 27 Apr 2023 20:05:41 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame 69E9 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:4400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
nBWwdHcz25sluEl1QUCXz6TiME332iNl
date
Thu, 27 Apr 2023 20:05:07 GMT
via
1.1 44b457512f742b4e48fc7f0c87d8ed92.cloudfront.net (CloudFront)
last-modified
Thu, 27 Apr 2023 07:46:00 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
35
x-amz-server-side-encryption
AES256
etag
"6a605eea47197fa280f27aaf1fa1521d"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2773
x-amz-cf-id
TqJeOPOUqe2H6tv8TspDjo5PHUlf41zzxTnWS_2QOiHeMyU8sgN-DQ==
publishertag.js
static.criteo.net/js/ld/ Frame 69E9 		121 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ee5dd0a4359b47cc49bbeaa01ee01d9ab77226267bc4999dce2331f35dd4b930
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:41 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-1e357"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 28 Apr 2023 20:05:41 GMT
criteoV2.js
cdn.holmesmind.com/js/ Frame 69E9 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:4400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
U1v8K6hSA4AKRsMTWm.5Bb28WJ6oCi4G
date
Thu, 27 Apr 2023 20:04:56 GMT
via
1.1 44b457512f742b4e48fc7f0c87d8ed92.cloudfront.net (CloudFront)
last-modified
Thu, 27 Apr 2023 07:45:10 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
59
x-amz-server-side-encryption
AES256
etag
"e8f33fcb581483ced4a09b3c8e7550e4"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2443
x-amz-cf-id
JTvcDQ540urLLssmR7CCSBRc2CAaSbXcdUhm12bqYdhTZMTfCrVHEg==
bridgewellV3.js
cdn.holmesmind.com/js/ Frame 69E9 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:4400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
5mkNLru4kDHGgulI4S7tLQMEBRAn7gcJ
date
Thu, 27 Apr 2023 20:05:42 GMT
via
1.1 44b457512f742b4e48fc7f0c87d8ed92.cloudfront.net (CloudFront)
last-modified
Thu, 27 Apr 2023 07:45:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
etag
"c3b948e5a48dd0ec20c265d6d8da7add"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
4530
x-amz-cf-id
T0sIAC7E_wJWlBBOGRFTJTpC-jYENGMJpXbeGUP_CtWogVNzPyaoxQ==
appierV2.js
cdn.holmesmind.com/js/ Frame 69E9 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:4400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
PwsUi2RF84KIa5D8Jtw7UEGdNHZLdyUg
date
Thu, 27 Apr 2023 20:05:22 GMT
via
1.1 44b457512f742b4e48fc7f0c87d8ed92.cloudfront.net (CloudFront)
last-modified
Thu, 27 Apr 2023 07:45:54 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
19
x-amz-server-side-encryption
AES256
etag
"548ed610a8571343fb3022f543174735"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3177
x-amz-cf-id
uoF_M2Di_YrtTL1212Cix6NET2sf6gOtCl9CQMpzZ5BHwi4R425p_Q==
appier_mainV3.js
cdn.holmesmind.com/js/ Frame 69E9 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:4400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
17b74954021249d3b59e7ab8c8248edc265666ee65127c8f01825f0ada0adcc2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
nxoHD1ZwbJbYkPDTFzjaXDlZQ1wm4L2y
date
Thu, 27 Apr 2023 20:05:42 GMT
via
1.1 44b457512f742b4e48fc7f0c87d8ed92.cloudfront.net (CloudFront)
last-modified
Thu, 27 Apr 2023 07:45:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
etag
"d653bf20e2f03cb602105cbd317c55ed"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
6650
x-amz-cf-id
BIwnObC65RfkUwm0L_F_E0y9Ep5fpaKarMY562PyVrfM0e_9vrDjgA==
ads.js
ad.holmesmind.com/adserver/ Frame 0AF1 		2 KB
1000 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=13856&rf=https%3A%2F%2Freurl.cc%2FKMYo2q&n=600&o=1&fc=undefined&d=1&b=2&ts=1&ii=3&FPCK=7027-2stb9yxes7KIXabW0CrrR7NDxEWB9nT3&fp_uuid=7027-22066db3d61dfc0a43ce6367ef61134df557759b5b8912a8242ff7b92822e8d7&initver=230331P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.197.12.20 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-197-12-20.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
c29d5e8e8d0ade78a86cd7350fc5de93d8d3908f9aa2c7e56f8b92ac47e6b715

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Thu, 27 Apr 2023 20:05:41 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame 0AF1 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:4400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
nBWwdHcz25sluEl1QUCXz6TiME332iNl
date
Thu, 27 Apr 2023 20:05:07 GMT
via
1.1 44b457512f742b4e48fc7f0c87d8ed92.cloudfront.net (CloudFront)
last-modified
Thu, 27 Apr 2023 07:46:00 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
35
x-amz-server-side-encryption
AES256
etag
"6a605eea47197fa280f27aaf1fa1521d"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2773
x-amz-cf-id
6Ye9yEgcU2F12Sa6lGy88V_azh2irBpnpc4J8AaTHSUdYzxeIJ9f4Q==
appierV2.js
cdn.holmesmind.com/js/ Frame 0AF1 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:4400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
PwsUi2RF84KIa5D8Jtw7UEGdNHZLdyUg
date
Thu, 27 Apr 2023 20:05:22 GMT
via
1.1 44b457512f742b4e48fc7f0c87d8ed92.cloudfront.net (CloudFront)
last-modified
Thu, 27 Apr 2023 07:45:54 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
19
x-amz-server-side-encryption
AES256
etag
"548ed610a8571343fb3022f543174735"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3177
x-amz-cf-id
keOy4MZIrdCUfyrvTwDVI423_f8qytKX63eX37MBZK858hQpQ-QEKw==
integrator.js
adservice.google.de/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=reurl.cc
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304240101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=reurl.cc
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304240101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		20 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=749865984698175&correlator=323185502615703&eid=44790325&output=ldjh&gdfp_req=1&vrg=202304240101&ptt=17&impl=fifs&iu_parts=21787810958%2CTW_reurl.cc_res_all_truvid_1x1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280%7C1x1&ifi=1&adks=3261691140&sfv=1-0-40&cust_params=url%3D%252FKMYo2q%26ref%3Dnull&sc=1&cookie_enabled=1&abxe=1&dt=1682625941130&lmt=1682625941&dlt=1682625940225&idt=852&adxs=1353&adys=1197&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Freurl.cc%2FKMYo2q&frm=20&vis=1&psz=195x-1&msz=195x-1&fws=512&ohw=0&ga_vid=382969064.1682625941&ga_sid=1682625941&ga_hid=311818070&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304240101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cb42e80acfb08ce46a73c5398c4da4215e3bc2f2aeb1f4e0f6547ee8860f37c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:41 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9909
x-xss-protection
0
google-lineitem-id
6263003938
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138428653768
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
ac16f60e9de577bcec5657a5f1dd0157.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3401 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ac16f60e9de577bcec5657a5f1dd0157.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304240101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 27 Apr 2023 20:05:41 GMT
expires
Fri, 26 Apr 2024 20:05:41 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame 27FA 		0
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Thu, 27 Apr 2023 20:05:41 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
bid
ad2.apx.appier.net/v1/prebid/ Frame 27FA
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=J7Zm3UDsAIqY08ZZltVKZA
2 B
169 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=J7Zm3UDsAIqY08ZZltVKZA
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H2
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:42 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Thu, 27 Apr 2023 20:05:42 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=J7Zm3UDsAIqY08ZZltVKZA
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame 27FA
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=f6tYcnlwAqCc97xJltVKZA
2 B
139 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=f6tYcnlwAqCc97xJltVKZA
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H2
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:42 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Thu, 27 Apr 2023 20:05:42 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=f6tYcnlwAqCc97xJltVKZA
cache-control
no-store
access-control-allow-credentials
true
content-length
0
utag.js
t.ssp.hinet.net/ Frame 27FA 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:41 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 03:58:03 GMT
server
nginx
etag
W/"63745fcb-142e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Thu, 27 Apr 2023 20:15:41 GMT
currency.json
img.scupio.com/js/config/ Frame 5EF6 		108 B
537 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/config/currency.json
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-63.prg50.r.cloudfront.net
Software
nginx/1.15.2 /
Resource Hash
372be0f9a447232d8a9afb84ae5f1550bd4cd94a7ef8eaf5f7335db89050002d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://img.scupio.com/html/ad.html?v=1.0.67
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=31536000
date
Thu, 27 Apr 2023 20:05:41 GMT
via
1.1 e14614617e85116e937d5168b35a94de.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
141
x-cache
Hit from cloudfront
content-length
108
last-modified
Thu, 27 Apr 2023 19:15:04 GMT
server
nginx/1.15.2
etag
"644ac9b8-6c"
vary
Accept-Encoding, Origin
content-type
application/json
cache-control
max-age=10800
accept-ranges
bytes
x-amz-cf-id
_txOccKwsevKTkuOjMrMb7diWdb0a0HPkZM1BkDDvbrfV3YvT1mgdg==
expires
Thu, 27 Apr 2023 23:03:20 GMT
UXtr_j2Fwe-.png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame B368 		573 B
626 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yZ/l/0,cross/K_oXAr0AjlB.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yZ/l/0,cross/K_oXAr0AjlB.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:41 GMT
x-content-type-options
nosniff
content-md5
07aG/2AEtDHVAZ5LUajMDQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
573
x-fb-rlafr
0
x-fb-debug
z7FFvpzA3R0xw6lMUXfDU9wQd1cm7Kvqk3Ne8gBNSK9iyBzR1GnlsKIf4OAkGJuxYfF9mE9v5rcET2hUG7LX1A==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 26 Apr 2024 03:00:04 GMT
/
www.facebook.com/platform/plugin/tab/renderer/ Frame B368 		94 KB
23 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/platform/plugin/tab/renderer/?key=timeline&config_json=%7B%22app_id%22%3A%22776730922422337%22%2C%22href%22%3A%22https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F%22%2C%22width%22%3A340%2C%22height%22%3A500%2C%22has_cta%22%3Atrue%2C%22has_small_header%22%3Afalse%2C%22has_adapt_container_width%22%3Atrue%2C%22has_cover%22%3Atrue%2C%22has_posts%22%3Afalse%2C%22tabs%22%3A%22timeline%22%2C%22can_personalize%22%3Afalse%2C%22is_xfbml%22%3Afalse%2C%22referer_uri%22%3A%22https%3A%2F%2Freurl.cc%2F%22%7D&fb_dtsg_ag&__user=0&__a=1&__req=1&__hs=19474.BP%3Aplugin_default_pkg.2.0..0.0&dpr=1&__ccg=EXCELLENT&__rev=1007390460&__s=%3A%3Atqo6f3&__hsi=7226823385762599161&__dyn=7xeUmxa13xu1syUbAihwRwqo98nwgU5Gex-ewSwMwNw8OdwJwvE3vx61cw9y0Ko2_CwjE3awbG782Cwooa85ufw5Zx61vw4iwBgK7o1yEfo2IzU2Xwdq1iwmE2ewnE2Lx-0iS1Axy0gq0Lo4K2e1FwbO0NE&__csr=&__sp=1
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iAxA4/yC/l/de_DE/W6KJdIJLkRh.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
897e9eed81dde63c95ab6318d779c45e19bd9069b0eb6fbf8b29b8d23867e94b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

X-FB-LSD
mHGOnxg6PmWl7QF_3CvHmt
Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
X-ASBD-ID
198387
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
date
Thu, 27 Apr 2023 20:05:41 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
43jLVX6GEeEcQ4fMEgJwj5+SpACalDTc+hEwRwBMrM5rBb1hMG3OeS88U84HbCDij3+3qJdknxjotM2UlI8VRQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-cache, no-store, must-revalidate
priority
u=1,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/platform/plugin/page/logging/ Frame B368 		907 B
564 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/platform/plugin/page/logging/
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iAxA4/yC/l/de_DE/W6KJdIJLkRh.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ee6def896dc828978474aab389e600ab34a18cac6c83e6f71429217f9390884a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

X-FB-LSD
mHGOnxg6PmWl7QF_3CvHmt
Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
X-ASBD-ID
198387
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
date
Thu, 27 Apr 2023 20:05:41 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
HswgGnSYE+2lXnA0hzxmiTsd3tNtkVjnSONs5AhOJFuDSgGjp0Bt4l2HeFLFVQri6IyVTfnhoZ62t52bUmXnug==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-methods
OPTIONS
access-control-allow-credentials
true
vary
Origin, Accept-Encoding
priority
u=1,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/pages/call_to_action/fetch_dialog_data/ Frame B368 		907 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/pages/call_to_action/fetch_dialog_data/?id=136500184423162&surface=pagePlugin&unit_type=VIEWER
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iAxA4/yC/l/de_DE/W6KJdIJLkRh.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4badeb12c7400ff525054ea31808928ed9dec45b47489ca6a107e5e8a969da64
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

X-FB-LSD
mHGOnxg6PmWl7QF_3CvHmt
Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
X-ASBD-ID
198387
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
date
Thu, 27 Apr 2023 20:05:41 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
oN5maNR2eWZFxw1/Gw5O3gtHjlVa4jA4ykuVFCYBAK0ZmRP3KDldw8ULgicyX8QBfVjSOk+7EsvoC2PfDahUEg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-methods
OPTIONS
access-control-allow-credentials
true
vary
Origin, Accept-Encoding
priority
u=1,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
utag.js
t.ssp.hinet.net/ Frame 9C2E 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:41 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 03:58:03 GMT
server
nginx
etag
W/"63745fcb-142e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Thu, 27 Apr 2023 20:15:41 GMT
utag.js
t.ssp.hinet.net/ Frame 69E9 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:41 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 03:58:03 GMT
server
nginx
etag
W/"63745fcb-142e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Thu, 27 Apr 2023 20:15:41 GMT
currency.json
img.scupio.com/js/config/ Frame CD85 		108 B
529 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/config/currency.json
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-63.prg50.r.cloudfront.net
Software
nginx/1.15.2 /
Resource Hash
372be0f9a447232d8a9afb84ae5f1550bd4cd94a7ef8eaf5f7335db89050002d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://img.scupio.com/html/ad.html?v=1.0.67
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=31536000
date
Thu, 27 Apr 2023 20:05:41 GMT
via
1.1 e14614617e85116e937d5168b35a94de.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
141
x-cache
Hit from cloudfront
content-length
108
last-modified
Thu, 27 Apr 2023 19:15:04 GMT
server
nginx/1.15.2
etag
"644ac9b8-6c"
vary
Accept-Encoding, Origin
content-type
application/json
cache-control
max-age=10800
accept-ranges
bytes
x-amz-cf-id
DftVL6o8H-KLzUL0ZEXnGNHRzxdMGO4_hm1pRlXMbS9muVBg4Qnqjg==
expires
Thu, 27 Apr 2023 23:03:20 GMT
cdb
bidder.criteo.com/ Frame 5EF6 		0
216 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.21.0-pre&cb=24745916454
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 27 Apr 2023 20:05:41 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://img.scupio.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
prebid.json
ad.holmesmind.com/adserver/ Frame 5EF6 		0
218 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/prebid.json?cb=1682625941252&hb=1&ver=1.21
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.197.12.20 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-197-12-20.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://img.scupio.com
date
Thu, 27 Apr 2023 20:05:41 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame 5EF6 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://img.scupio.com
date
Thu, 27 Apr 2023 20:05:41 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
header
hb.aralego.com/ Frame 5EF6 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-6272B749823AD3B6FE98336EBDD2A34A&tdid=&schain=1.0%2C1!scupio.com%2C4808%2C1%2C%2C%2C&eids=&pubcid=8fa72209-5bba-4d57-9fbb-63cec2f9b9b1&u=https%3A%2F%2Freurl.cc%2FKMYo2q&host=reurl.cc&xr=0&ao=https%3A%2F%2Freurl.cc&ucfUid=6bd05cd7-b99c-47ed-9121-0ad1f64646c4&w=300&h=250
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Wilmington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://img.scupio.com
date
Thu, 27 Apr 2023 20:05:41 GMT
access-control-allow-credentials
true
connection
close
prebid.aspx
prebid.scupio.com/recweb/ Frame 5EF6 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.04485472907754362
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.59.219.181 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
210-59-219-181.hinet-ip.hinet.net
Software
Kestrel /
Resource Hash
70768ff6639a0398a635a401ab0fe34dd76dff4f39c6311acb3a28bc44632768

Request headers

Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://img.scupio.com
date
Thu, 27 Apr 2023 20:05:41 GMT
access-control-allow-credentials
true
server
Kestrel
utag.js
t.ssp.hinet.net/ Frame 0AF1 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:41 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 03:58:03 GMT
server
nginx
etag
W/"63745fcb-142e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Thu, 27 Apr 2023 20:15:41 GMT
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame CD85 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://img.scupio.com
date
Thu, 27 Apr 2023 20:05:41 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
cdb
bidder.criteo.com/ Frame CD85 		0
184 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.21.0-pre&cb=29731210201
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://img.scupio.com
date
Thu, 27 Apr 2023 20:05:40 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
prebid.json
ad.holmesmind.com/adserver/ Frame CD85 		0
218 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/prebid.json?cb=1682625941299&hb=1&ver=1.21
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.197.12.20 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-197-12-20.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://img.scupio.com
date
Thu, 27 Apr 2023 20:05:41 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
header
hb.aralego.com/ Frame CD85 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-9A2A7263E9EB6DA9F4EB86E487B8648A&tdid=&schain=1.0%2C1!scupio.com%2C4808%2C1%2C%2C%2C&eids=&pubcid=8fa72209-5bba-4d57-9fbb-63cec2f9b9b1&u=https%3A%2F%2Freurl.cc%2FKMYo2q&host=reurl.cc&xr=0&ao=https%3A%2F%2Freurl.cc&ucfUid=eb3ce89a-bdbf-4a68-8cbc-087a8a51091a&w=970&h=250
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Wilmington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://img.scupio.com
date
Thu, 27 Apr 2023 20:05:40 GMT
access-control-allow-credentials
true
connection
close
prebid.aspx
prebid.scupio.com/recweb/ Frame CD85 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.9832373548771494
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.59.219.181 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
210-59-219-181.hinet-ip.hinet.net
Software
Kestrel /
Resource Hash
b1fe95090695af280903624fede6db1a0cbd02614b51a6ca4111318559626d86

Request headers

Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://img.scupio.com
date
Thu, 27 Apr 2023 20:05:41 GMT
access-control-allow-credentials
true
server
Kestrel
Zj4GuFghQl4.js
static.xx.fbcdn.net/rsrc.php/v3/yS/r/ Frame B368 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yS/r/Zj4GuFghQl4.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y3/r/BWAw9Os-g2M.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d8c52fe5bb662564ab7edf0abe01a2202dcc36eaa71ce6a465cd64210c4eb2c0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:41 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
dBSAisRg2e2k/EbKxbTt7g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3450
x-fb-rlafr
0
x-fb-debug
/k4Qey863Q3zuIEo+X0K2/jKq4uSKAMC8QmRESrYGIVIDXSNn9I69uddqFMRJ/eQGrq/eDElDu2SmY+Pz3NCAA==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 25 Apr 2024 17:47:32 GMT
_MYDVJNGY2q.js
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ Frame B368 		335 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/_MYDVJNGY2q.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y3/r/BWAw9Os-g2M.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0d9eedc0f28647bf10e3ad3836102a262527b28dbd9be6cd01f783d7c56733ac
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:41 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
/cHwJhTtsAIX/6YLWLRLMg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
74078
x-fb-rlafr
0
x-fb-debug
ocm/q/5DLSYwAh2xGBUZAZqgiJwyJzyAFStCRsEfTWSxvqaOS/4prRDPsrnLwSjKaTQvBTM90gIVtqPGgBUfqQ==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Wed, 24 Apr 2024 17:32:04 GMT
BqEjD1dj1pL.js
static.xx.fbcdn.net/rsrc.php/v3/yY/r/ Frame B368 		840 B
550 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yY/r/BqEjD1dj1pL.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y3/r/BWAw9Os-g2M.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5e6b64548a659799b21cada8e58a9fd1f53faf3208219c395c147194f7acbfe0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:41 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
uknKQ5sJ+8vBWLiIBWWBIg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
356
x-fb-rlafr
0
x-fb-debug
0lxE7xQoj5XRUUYeGj+rAjvOvPfbY6DHKnkl3EoMlcDsc7/KtEZ88iLMrsDjsnE+N1gZ+LFt82Xh4Cg7gEAllA==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Wed, 24 Apr 2024 05:47:04 GMT
1igfs7II_g6.png
static.xx.fbcdn.net/rsrc.php/v3/yd/r/ Frame B368 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yd/r/1igfs7II_g6.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yZ/l/0,cross/5Efu-Dd9ERG.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e13547eec8879c9b576c2e06837303ad06ea15905d4eb075291ff21686a5b3da
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yZ/l/0,cross/5Efu-Dd9ERG.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:41 GMT
x-content-type-options
nosniff
content-md5
Bsv/k/2TeJemYEeLUt4www==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
12027
x-fb-rlafr
0
x-fb-debug
O51AkFC4gDBVAKMPkWosjX3ZYuMk87BusVTPc14kWTOHK7NSPfx5TtYdpzHCfiYdVTSW1sIdBk5qWCkfINm0lw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Tue, 23 Apr 2024 18:49:29 GMT
xgVgalBG80z.png
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ Frame B368 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/xgVgalBG80z.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yZ/l/0,cross/K_oXAr0AjlB.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yZ/l/0,cross/K_oXAr0AjlB.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:41 GMT
x-content-type-options
nosniff
content-md5
rB4cTW8WNZcBsFntToJGtA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1315
x-fb-rlafr
0
x-fb-debug
3ZczOXxnQt7cveg3ecgqAucHwALkOkDdIvAc+DUxIZcIvNBAbdG9L1QTLZXkM4LBdKg7HJ/r2DGQhyTkOAeffA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 26 Apr 2024 03:02:07 GMT
prebid.aspx
prebid.scupio.com/recweb/ Frame 27FA 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.9826232812689009
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.59.219.181 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
210-59-219-181.hinet-ip.hinet.net
Software
Kestrel /
Resource Hash
865bf5abe9e525943e525628d3b140bddb896d832d9a799d6a9226b35cf2a15e

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Thu, 27 Apr 2023 20:05:41 GMT
access-control-allow-credentials
true
server
Kestrel
prebid.aspx
prebid.scupio.com/recweb/ Frame 69E9 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.647152245737999
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.59.219.181 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
210-59-219-181.hinet-ip.hinet.net
Software
Kestrel /
Resource Hash
6b9d1a803c05b8f9f3275c432ce4b1bc7fdb33c75c2e4ae9f7296210fbfbf89b

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Thu, 27 Apr 2023 20:05:41 GMT
access-control-allow-credentials
true
server
Kestrel
prebid.aspx
prebid.scupio.com/recweb/ Frame 69E9 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.46942498912298114
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.59.219.181 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
210-59-219-181.hinet-ip.hinet.net
Software
Kestrel /
Resource Hash
9fdb2240fd383c751150db0f6a75fdbb3fdb00a0fc6e7dd4b101be7d7e930a00

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Thu, 27 Apr 2023 20:05:41 GMT
access-control-allow-credentials
true
server
Kestrel
bid
ad2.apx.appier.net/v1/prebid/ Frame 27FA
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=o2hmtOKsDri1faOVltVKZA
2 B
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=o2hmtOKsDri1faOVltVKZA
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H2
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:42 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Thu, 27 Apr 2023 20:05:42 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=o2hmtOKsDri1faOVltVKZA
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame 9C2E
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=ek_mMZNtAsGm-IrYltVKZA
2 B
139 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=ek_mMZNtAsGm-IrYltVKZA
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H2
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:42 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Thu, 27 Apr 2023 20:05:42 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=ek_mMZNtAsGm-IrYltVKZA
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame 69E9
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=j5auO3l-Bq2sGAG1ltVKZA
2 B
139 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=j5auO3l-Bq2sGAG1ltVKZA
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H2
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:42 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Thu, 27 Apr 2023 20:05:42 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=j5auO3l-Bq2sGAG1ltVKZA
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame 69E9 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Thu, 27 Apr 2023 20:05:41 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
cdb
bidder.criteo.com/ Frame 27FA 		0
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=135&profileId=184&cb=43755026859
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://reurl.cc
date
Thu, 27 Apr 2023 20:05:41 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
cdb
bidder.criteo.com/ Frame 69E9 		2 B
289 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=135&profileId=184&cb=78912212237
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 27 Apr 2023 20:05:40 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
28
cdb
bidder.criteo.com/ Frame 69E9 		2 B
289 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=135&profileId=184&cb=66322775048
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 27 Apr 2023 20:05:41 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
28
bid
ad2.apx.appier.net/v1/prebid/ Frame 69E9
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=v90sZwiOCECq-fYTltVKZA
2 B
139 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=v90sZwiOCECq-fYTltVKZA
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H2
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:42 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Thu, 27 Apr 2023 20:05:42 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=v90sZwiOCECq-fYTltVKZA
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame 69E9
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=cOI5rGroDVeVUi_hltVKZA
2 B
139 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=cOI5rGroDVeVUi_hltVKZA
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H2
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:42 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Thu, 27 Apr 2023 20:05:42 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=cOI5rGroDVeVUi_hltVKZA
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame 69E9
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=xBbtMsVkCe6ifkiOltVKZA
2 B
139 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=xBbtMsVkCe6ifkiOltVKZA
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H2
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:42 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Thu, 27 Apr 2023 20:05:42 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=xBbtMsVkCe6ifkiOltVKZA
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame 0AF1 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Thu, 27 Apr 2023 20:05:41 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
view
securepubads.g.doubleclick.net/pcs/ Frame A041 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvtOD2viitQzcY3wwW4HPgnuEQFFoVgkrRJIaL3bPsOAW7AAk-TPAPvcq5lehVKcL5Pe8AtXV55XcOfSqcUdMMRbn-OCdjqDF5R0l_ch7JR817QNmhVl2_6uXMAkFrtBZwOIT9GO1s4-1yyP3OhbFAKsEckBkoA6T1h4blgmrePrglSSdms4fPHk99x5Iu1hbokOw5K1eq-DSUSq3gN_tGv4uJtDao-DG4K1u8-169A6PUvgr58g8UOGgzg8ixteZNAVxDZTdIkuwWRuj9mcohw0OWKGOuRroPDha763oMQz23X5Z47xw6MaTahm_0ZURxlMfF8aV5tnTfLYZmH81vOXU4&sai=AMfl-YROvKk1E3BLtspQNC8aFH6kHtX3TL5xP7yZj6uiPvE75UT-uJG9wbtp75oIPBP8N3r6dulIDd5kExhDfAuEWlIUMnDfsczsXlCPXbJlMWaPmUCaIHF4Qx92Xk2MrRaqbjc6Qq6Y6xmUfAVW3wpP&sig=Cg0ArKJSzGyKjYsR5qQ5EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:41 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 27 Apr 2023 20:05:41 GMT
7942.js
cnt.trvdp.com/js/1250/ Frame A041 		535 B
899 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cnt.trvdp.com/js/1250/7942.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304240101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.199.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-199-93.mxp64.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7170dfc1482453f027cd78abc4d1a6f05f2dd7cfcb897b770aea8e1362a63507

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 06:34:50 GMT
via
1.1 85b5bfb24f4c72592f8afc86bd85bd86.cloudfront.net (CloudFront)
last-modified
Tue, 18 Apr 2023 15:54:16 GMT
server
AmazonS3
x-amz-cf-pop
MXP64-P2
age
653453
etag
"f229c3a6991d60be41be6d40e220701e"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
535
x-amz-cf-id
0tkRsCCeb3K3ijv-f2I8ynAQloRREhgSoVoeeR1ZW-MPfmseYJWbhA==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A041 		158 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304240101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49538
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1682508732222081"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Apr 2023 20:05:41 GMT
OZcLupMIkEN.js
static.xx.fbcdn.net/rsrc.php/v3/ya/r/ Frame B368 		198 B
255 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/OZcLupMIkEN.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y3/r/BWAw9Os-g2M.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
31f2f76d99d19fe98a0917f2b785a37c683b85fae29d66dd476ffa84c9a999fb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:41 GMT
x-content-type-options
nosniff
content-md5
gixzAcHA/hBBjzjO9Ez8tQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
198
x-fb-rlafr
0
x-fb-debug
Q1kwFzj2mPqbQbVB298p1Lvz408ALJsiFqiwI7BbJyqpP+toqf0pagbxvHGlZhCmEfJ76ifmLX07jdydKVX+DA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Thu, 25 Apr 2024 05:10:28 GMT
/
www.facebook.com/login/ Frame B368 		0
0
/
www.facebook.com/login/ Frame B368 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FCreditCards.com.tw%252F%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y3/r/BWAw9Os-g2M.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 27 Apr 2023 20:05:41 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
pragma
no-cache
priority
u=0,i
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
rzh8Fe7w1F2Y6U94O0ywW9tMcrthTMaXviCThmiL+mAPJ7J8Tfv04LnWEsfEH0+3BOQ/sP13erLnXHWX+/TX8g==
x-frame-options
DENY
x-xss-protection
0
events
bidder.criteo.com/csm/ Frame 27FA 		0
209 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 27 Apr 2023 20:05:41 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
pixel.gif
static.criteo.net/images/ Frame 27FA 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:41 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sun, 21 Apr 2024 20:05:41 GMT
pixel.gif
static.criteo.net/images/ Frame 27FA 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:41 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sun, 21 Apr 2024 20:05:41 GMT
events
bidder.criteo.com/csm/ Frame 69E9 		0
209 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 27 Apr 2023 20:05:41 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
events
bidder.criteo.com/csm/ Frame 69E9 		0
209 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 27 Apr 2023 20:05:41 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
truncated
/ Frame B368 		2 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fb4a1ce6dfcba35211052403191f739a43aafef3ebab7af5e3866d02da0e60fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
text/css;charset=utf-8
WjYd8lGD6w4.css
static.xx.fbcdn.net/rsrc.php/v3/yq/l/0,cross/ Frame B368 		16 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yq/l/0,cross/WjYd8lGD6w4.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y3/r/BWAw9Os-g2M.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
37fac3fc1a24f4cf2d427f077d4886dae933b2edb961638b4fbae103acbd8bbf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:41 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
L6uYVp6IW3TroeHqsKGg7Q==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3788
x-fb-rlafr
0
x-fb-debug
RvLRNLyw7UC0bNv2ohs7p9DIWp6VVi5YmYcceo0eXR0roDYrbKbYn+5B7i0ZvuK2dwBpenRH9qEY52mUXWDjwQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=0
expires
Thu, 25 Apr 2024 17:10:46 GMT
TX1Q2Opl48R.js
static.xx.fbcdn.net/rsrc.php/v3/yn/r/ Frame B368 		61 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/TX1Q2Opl48R.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y3/r/BWAw9Os-g2M.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1ca0ffc56dc082d236e39b5210863e88d7d22cdeaf8284a766a55b6d4a3f0edf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:41 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
6UtnYvA7mAA75Uijg4VVsQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
16135
x-fb-rlafr
0
x-fb-debug
lIoGtXvmFWUQ7ZOkECf4mBXr+x9P2yK8YCT3dXZG1+2FvpsjDRs8xX62BgFOIJWFGQL3qU/i1+JyVjIz+nBKOg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Sat, 13 Apr 2024 22:15:59 GMT
4Mu2lW6i1B1.js
static.xx.fbcdn.net/rsrc.php/v3/ym/r/ Frame B368 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/ym/r/4Mu2lW6i1B1.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y3/r/BWAw9Os-g2M.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e64da46ace72a8f3464880f0ee884675137c404432ee3685a467d675b3cf18bd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:41 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
0PeKM3DhxvGziuqrCXLZUw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2736
x-fb-rlafr
0
x-fb-debug
D/qZn0f5YAMIDUuvoPP0ezIyJvO8UBPWH8qXIuQvbCCCebamLnSbd2oUks2CcWylSiMd785OkYUnLRKz5w/hvw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Fri, 26 Apr 2024 17:18:40 GMT
V8jK12UmQ6C.js
static.xx.fbcdn.net/rsrc.php/v3/yY/r/ Frame B368 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yY/r/V8jK12UmQ6C.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y3/r/BWAw9Os-g2M.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b2030569339b862f00a936d97af228b1bc2500d7f7162abc23be7d8acc710482
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:41 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
G94KxmId/Gs6bmpfm04/RQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1248
x-fb-rlafr
0
x-fb-debug
ndphaVabu/2VcEubkDLbR5WLBeG2sxZNEACUqAVpHLUTsBOcWKXR3U0O/0gXCu6TV4FSio7OZe7+58f6g/BTOg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Thu, 25 Apr 2024 20:15:35 GMT
ie38mp0O07P.js
static.xx.fbcdn.net/rsrc.php/v3/y9/r/ Frame B368 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y9/r/ie38mp0O07P.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y3/r/BWAw9Os-g2M.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a87feaf65170ded496c597c1f1011a79c39a309e415802b49a3fea32f32dfdb8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:41 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
CEYVgZg04j7erS0ub7sNsg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
10390
x-fb-rlafr
0
x-fb-debug
eTWjNB51DkFTaOS9cCUCPNFK+pK8/2PFCbpOKc6U8W7kN4DyJcoE9KG5n9mlCNe9d/qw2tLffkrpMgjeuLucgw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Sat, 20 Apr 2024 01:41:30 GMT
bz
www.facebook.com/ajax/ Frame B368 		0
0
bz
www.facebook.com/ajax/ Frame B368 		0
0
drawV2.js
cdn.holmesmind.com/js/ Frame 27FA 		10 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=14210&rf=https%3A%2F%2Freurl.cc%2FKMYo2q&n=20&o=1&fc=undefined&d=1&b=2&ts=1&ii=3&FPCK=7027-2stb9yxes7KIXabW0CrrR7NDxEWB9nT3&fp_uuid=7027-22066db3d61dfc0a43ce6367ef61134df557759b5b8912a8242ff7b92822e8d7&initver=230331P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:4400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
BB34JyGYCOIl08R8YEm4EJ7J3nvh3gcN
date
Thu, 27 Apr 2023 20:05:41 GMT
via
1.1 44b457512f742b4e48fc7f0c87d8ed92.cloudfront.net (CloudFront)
last-modified
Thu, 27 Apr 2023 07:45:22 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
2
x-amz-server-side-encryption
AES256
etag
"84d8b1a745228113e60f5e62f0eff6d3"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
10359
x-amz-cf-id
OVFzDzvV6EGMWzfu9DTzF4zH6VyUl0ZNpeS5Jhfo3XmdXTdKczXskA==
drawV2.js
cdn.holmesmind.com/js/ Frame 69E9 		10 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13847&rf=https%3A%2F%2Freurl.cc%2FKMYo2q&n=962&o=1&fc=undefined&d=1&b=2&ts=1&ii=3&FPCK=7027-2stb9yxes7KIXabW0CrrR7NDxEWB9nT3&fp_uuid=7027-22066db3d61dfc0a43ce6367ef61134df557759b5b8912a8242ff7b92822e8d7&initver=230331P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:4400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
BB34JyGYCOIl08R8YEm4EJ7J3nvh3gcN
date
Thu, 27 Apr 2023 20:05:41 GMT
via
1.1 44b457512f742b4e48fc7f0c87d8ed92.cloudfront.net (CloudFront)
last-modified
Thu, 27 Apr 2023 07:45:22 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
2
x-amz-server-side-encryption
AES256
etag
"84d8b1a745228113e60f5e62f0eff6d3"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
10359
x-amz-cf-id
Apc6hyxX9OEoHv5_2MfYkfKUgsChiyBiRGiLeeumrVU7ZIgeaX2G-A==
7942.js
go.trvdp.com/init/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.trvdp.com/init/7942.js
Requested by
Host: cnt.trvdp.com
URL: https://cnt.trvdp.com/js/1250/7942.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.218.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-218-111.mxp63.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
12eb9631172126e161c7840bcabe4b1cce3126f2d5f1ac3b164981eaf25dc8b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 06:34:50 GMT
via
1.1 af09e2fad70f0089517e8c3ed33c1334.cloudfront.net (CloudFront)
last-modified
Sat, 25 Mar 2023 08:02:02 GMT
server
AmazonS3
x-amz-cf-pop
MXP63-P2
age
653453
etag
"cec9f63f120ca9bc6868582a79e6b514"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
binary/octet-stream
accept-ranges
bytes
content-length
5845
x-amz-cf-id
e9cfcm8d7jLMhDzDWhx-60Vh36_t-uwVQTCjvuBinxTrkrzSwWEyWA==
truncated
/ Frame A041 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
16287ad0c36897757c5f02f60fa996492fe1f416df0feea3a5ce9a6acc102b6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame A041 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst5ig4bNCEYDdtxEFp_H5q5xN1Ersj_ETch2m4d3INpsQlqVZWkPe540w8oT1MlHCdSPUmFeFt_zz6E-Drfc6g9wVgQ7lhrv03toTX4OOWLOKKCgaLkpkiHcwHQ_UrZvCNI3nE_NrIEOS4lPZ2nzA1OzPGO-BdttdGOuGM5nm0eWreOHwEA3f23DZKN10KpIFC3KmKP43G5pUt81O-dC4fbac3AdpdN3v0k4O20faVpnNF7uO2D5yR15CGjO4Z1868k7Q00wLoZIOV7XiN1RourRb67_juOqsjfr8WQBUXWpxUlOLjLgu4jT2Z8zzH_1lvKD3CK7dYgvfg31jIFIm-UdF-mqw&sai=AMfl-YS2jWJQBsf3OPrysfsGjbSTWedOy3roQCHlmcp9bos-U1LHnpUXnnhN9nORhySR6k01CJio5Kb9qFElabC1fyAxgzxVjaL24uFMIKdYF2aP2HeXqeyTA8cuhNXFzMnXznJANtctOBUTvLR2tUi3&sig=Cg0ArKJSzEp5YwdzKSmYEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:42 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 27 Apr 2023 20:05:42 GMT
/
t.ssp.hinet.net/ 		37 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
c8c6ed661cacbea403ead527bc49607dae2686036f13d443802422183c674675
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:42 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
/
t.ssp.hinet.net/ Frame 69E9 		37 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
a299de5ae63f860f950ba44ab55437413a7f84ab2ba0bc2e87d294ed5fb641e9
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:42 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
/
t.ssp.hinet.net/ Frame 74FA 		37 B
408 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
5492874e3c4e10a7641831b82f14982d639815b4f2d7cd55c7e641e63b10269f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:42 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
/
t.ssp.hinet.net/ Frame 9C2E 		37 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
504d9582b3198c76614ed775fbab6b93d90c07b2b5b7318a4d62e05e967bfb7e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:42 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
drawV2.js
cdn.holmesmind.com/js/ Frame 9C2E 		10 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=14209&rf=https%3A%2F%2Freurl.cc%2FKMYo2q&n=720&o=1&fc=undefined&d=1&b=2&ts=1&ii=3&FPCK=7027-2stb9yxes7KIXabW0CrrR7NDxEWB9nT3&fp_uuid=7027-22066db3d61dfc0a43ce6367ef61134df557759b5b8912a8242ff7b92822e8d7&initver=230331P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:4400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
BB34JyGYCOIl08R8YEm4EJ7J3nvh3gcN
date
Thu, 27 Apr 2023 20:05:41 GMT
via
1.1 44b457512f742b4e48fc7f0c87d8ed92.cloudfront.net (CloudFront)
last-modified
Thu, 27 Apr 2023 07:45:22 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
3
x-amz-server-side-encryption
AES256
etag
"84d8b1a745228113e60f5e62f0eff6d3"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
10359
x-amz-cf-id
XlUYonWyvAFFY8O7HwZFXXSAhMdSfmhTahU3aziIVcYaB35YwnVB-g==
drawV2.js
cdn.holmesmind.com/js/ Frame 0AF1 		10 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13856&rf=https%3A%2F%2Freurl.cc%2FKMYo2q&n=600&o=1&fc=undefined&d=1&b=2&ts=1&ii=3&FPCK=7027-2stb9yxes7KIXabW0CrrR7NDxEWB9nT3&fp_uuid=7027-22066db3d61dfc0a43ce6367ef61134df557759b5b8912a8242ff7b92822e8d7&initver=230331P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:4400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
BB34JyGYCOIl08R8YEm4EJ7J3nvh3gcN
date
Thu, 27 Apr 2023 20:05:41 GMT
via
1.1 44b457512f742b4e48fc7f0c87d8ed92.cloudfront.net (CloudFront)
last-modified
Thu, 27 Apr 2023 07:45:22 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
3
x-amz-server-side-encryption
AES256
etag
"84d8b1a745228113e60f5e62f0eff6d3"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
10359
x-amz-cf-id
iX_tjJAq7nbeEUf7zIlKdMgBDYsCDxWAJETuFgjIsU1Kr2hKLmO9ew==
rec.js
img.scupio.com/js/ Frame 6DDA
Redirect Chain
  • https://rec.scupio.com/recweb/js/rec.js
  • https://img.scupio.com/js/rec.js
21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/rec.js
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.67
Protocol
H2
Server
65.9.95.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-63.prg50.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
0e7ae7978e9374bdfa25d15aa5622977abdd1a1844f24d5e4b98da369f03a2cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:43 GMT
content-encoding
gzip
via
1.1 e14614617e85116e937d5168b35a94de.cloudfront.net (CloudFront)
last-modified
Tue, 27 Dec 2022 03:54:11 GMT
server
nginx/1.12.1
x-amz-cf-pop
PRG50-C1
age
184
etag
W/"63aa6c63-54dc"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=10800
x-amz-cf-id
bmzDzfDSP7T6nZFTbA2_I-5WCSTJpyFaPD7re65kKPIuoHRA_4IB4g==
expires
Thu, 27 Apr 2023 23:02:39 GMT

Redirect headers

Location
https://img.scupio.com/js/rec.js
Date
Thu, 27 Apr 2023 20:05:43 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Content-Length
155
Content-Type
text/html; charset=UTF-8
bidinfo.aspx
bw.scupio.com/adpinline/ Frame CD85 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bw.scupio.com/adpinline/bidinfo.aspx?cb=0.5052074423940642
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
203.69.60.97 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-69-60-97.hinet-ip.hinet.net
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
136194f977cdbf1f48f401ba2ab337033300228a63cb83525be53561a54a5be7

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Thu, 27 Apr 2023 20:05:43 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
P3P
CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin
https://img.scupio.com
Content-Type
application/javascript; charset=utf-8
Cache-Control
private
Access-Control-Allow-Credentials
true
Content-Length
1625
truncated
/ Frame CD85 		762 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4ce81ecccefb27ce0f347ef564114da2ba450a9e1d9a7260b4597e62b1f71a72

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
1.js
cdn.holmesmind.com/js/tmp2/ Frame 27FA 		17 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/tmp2/1.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:4400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
16be4732369bed69d2ddb41d61adf1936cf47cd5f24b986b9769af99ad5bbe83

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
v1r26REzkAWfBIPNaKa7Q0lBgjih2lUh
date
Thu, 27 Apr 2023 20:04:56 GMT
via
1.1 44b457512f742b4e48fc7f0c87d8ed92.cloudfront.net (CloudFront)
last-modified
Thu, 27 Apr 2023 07:46:33 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
48
x-amz-server-side-encryption
AES256
etag
"6a678a06d6d5e5cce801fa3da3d54280"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
17516
x-amz-cf-id
YVuKk0xi581Us-h0qijhzIWVWs7M3cGPgpM62gx1DJnG_500fQyDKw==
cf.png
cdn.holmesmind.com/ Frame 27FA 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.holmesmind.com/cf.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:4400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
812fee8364370eb24b5e585558d3b0df4785cd95a76105c9e0ab987ff8d5cd84

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 07:47:55 GMT
x-amz-version-id
null
via
1.1 44b457512f742b4e48fc7f0c87d8ed92.cloudfront.net (CloudFront)
last-modified
Mon, 11 Jul 2016 08:32:53 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
44268
etag
"a77740eea95ba2ef6436403310c6f59a"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
1512
x-amz-cf-id
Y1O_FpujAzqFT5Bp_R1Pjm-2rLl25_guooxW4DAiTsgoN1BOlo-q3w==
ade-tracker.js
cdn.holmesmind.com/js/modle/ade/ Frame 27FA 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/modle/ade/ade-tracker.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/tmp2/1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:4400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
72e9ecb7db91e5a334caa4e36a70071de2851fe7c5a6e4b1028cc80c5be0fa84

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
UIJCqhGHq5YhV3Yn1CvQgErZbjClSAqQ
date
Thu, 27 Apr 2023 20:05:24 GMT
via
1.1 44b457512f742b4e48fc7f0c87d8ed92.cloudfront.net (CloudFront)
last-modified
Thu, 27 Apr 2023 07:47:04 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
19
x-amz-server-side-encryption
AES256
etag
"cc88de770769cdecaa524a5801120c78"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
1646
x-amz-cf-id
1GFtdh0MKS1RHdOGE-uvZw_ria-RS4G9sz65qJuU1i0CZ_eEzU9hIg==
9206fa9ddfb840c7eaa6790f2f0c02d0.jpg
cdn.holmesmind.com/image/16902/ Frame 27FA 		76 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.holmesmind.com/image/16902/9206fa9ddfb840c7eaa6790f2f0c02d0.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:4400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3693924581f2f8a26851580d27591a29aed6cfdca893c60eb9ae26680c90527

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 08:00:39 GMT
x-amz-version-id
c_Zi4t3qJgm8e161yWlIh9UNEHRRMXUv
via
1.1 44b457512f742b4e48fc7f0c87d8ed92.cloudfront.net (CloudFront)
last-modified
Fri, 14 Apr 2023 06:38:56 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
43504
etag
"d52a2113221591670d2a77fae72ca609"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
78246
x-amz-cf-id
HErbksWl3uNW7yW33SNtcNuU462Y446W6OhcBSqLDqWYJ-2gtUamaQ==
i
ad.holmesmind.com/adserver/ Frame 27FA 		0
77 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.holmesmind.com/adserver/i?ut=1682625941&p=14210:74691:155392:94adf72e27533325f7022e42e2c35cd5:16902
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.197.12.20 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-197-12-20.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/png
date
Thu, 27 Apr 2023 20:05:42 GMT
server
nginx/1.14.0 (Ubuntu)
/
t.ssp.hinet.net/ Frame 27FA 		37 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
5c70e89e45d0bde12767049cd6220de98e3d908aea7d2c0d9d218ea9e9cd566e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:42 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
/
t.ssp.hinet.net/ Frame 0AF1 		37 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
bff1d1b76f5ae485f0a28df155f55673f424e09164b12084a6747f23d7f82c5b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:42 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
emome2
t.ssp.hinet.net/ 		30 B
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=d6ae0804-609b-4b14-a7b6-2e4b7c3f7f2b
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:42 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
emome2
t.ssp.hinet.net/ Frame 74FA 		30 B
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=99a22270-4f22-402f-98a5-65817b51deb2
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:42 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
rec.js
img.scupio.com/js/ Frame 4788
Redirect Chain
  • https://rec.scupio.com/recweb/js/rec.js
  • https://img.scupio.com/js/rec.js
21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/rec.js
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.67
Protocol
H2
Server
65.9.95.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-63.prg50.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
0e7ae7978e9374bdfa25d15aa5622977abdd1a1844f24d5e4b98da369f03a2cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:43 GMT
content-encoding
gzip
via
1.1 e14614617e85116e937d5168b35a94de.cloudfront.net (CloudFront)
last-modified
Tue, 27 Dec 2022 03:54:11 GMT
server
nginx/1.12.1
x-amz-cf-pop
PRG50-C1
age
184
etag
W/"63aa6c63-54dc"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=10800
x-amz-cf-id
u-bOjmKrMxIMZTjfCmlj5xVDiXz3eKcfuLswKCG5IaXzrTXmzBhD7g==
expires
Thu, 27 Apr 2023 23:02:39 GMT

Redirect headers

Location
https://img.scupio.com/js/rec.js
Date
Thu, 27 Apr 2023 20:05:43 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Content-Length
155
Content-Type
text/html; charset=UTF-8
bidinfo.aspx
bw.scupio.com/adpinline/ Frame 5EF6 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bw.scupio.com/adpinline/bidinfo.aspx?cb=0.7450606163503639
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
203.69.60.97 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-69-60-97.hinet-ip.hinet.net
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
101d9e810c6ee53fddfdeb25b6d9b240adfea4dbc367b116e72b29246b2b007b

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Thu, 27 Apr 2023 20:05:42 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
P3P
CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin
https://img.scupio.com
Content-Type
application/javascript; charset=utf-8
Cache-Control
private
Access-Control-Allow-Credentials
true
Content-Length
1480
truncated
/ Frame 5EF6 		762 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4ce81ecccefb27ce0f347ef564114da2ba450a9e1d9a7260b4597e62b1f71a72

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame F360 		74 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
056b1f67d7d178e1695f0aa37d1958e76d5bee7883512141deae9172cc355677
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:42 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24694
x-xss-protection
0
server
cafe
etag
535 / 19474 / 31074189 / config-hash: 18361539349155083424
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 27 Apr 2023 20:05:42 GMT
cm
t.ssp.hinet.net/ 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=a546ca&cid=%%%20Partner%20Cookie%20Here%20%%&mp=d6ae0804-609b-4b14-a7b6-2e4b7c3f7f2b
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:42 GMT
strict-transport-security
max-age=0
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
pixel
d6ae0804-609b-4b14-a7b6-2e4b7c3f7f2b.t.ssp.hinet.net/ 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d6ae0804-609b-4b14-a7b6-2e4b7c3f7f2b.t.ssp.hinet.net/pixel?bd=d6ae0804-609b-4b14-a7b6-2e4b7c3f7f2b&t=a546ca&referrer=%25%25%20referrer%20%25%25
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:43 GMT
strict-transport-security
max-age=0
server
nginx
content-length
0
content-type
image/png
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304260101/ Frame F360 		398 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304260101/pubads_impl.js?cb=31074189
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6570b1c2cbf3c298c9196fe9dfb39125e29e70ef7ab53d23d8d156ff8c2b8e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 19:36:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
1752
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
126189
x-xss-protection
0
server
cafe
etag
14317580509974688450
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 26 Apr 2024 19:36:30 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ Frame F360 		544 B
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=reurl.cc
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e527755186d1e662236338e946e9729165c70d428e433b0af4264aec7a2f0230
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
271
x-xss-protection
0
expires
Thu, 27 Apr 2023 20:05:42 GMT
t
ad.holmesmind.com/adserver/ 		0
152 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/t?p=14210:74691:155392:94adf72e27533325f7022e42e2c35cd5:16902&type=2
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.197.12.20 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-197-12-20.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:42 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p.php
stg.truvidplayer.com/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stg.truvidplayer.com/p.php?sid=1250&wid=7942&cb=4672.8287011361&pid=5434&url=https%3A%2F%2Freurl.cc%2FKMYo2q
Requested by
Host: go.trvdp.com
URL: https://go.trvdp.com/init/7942.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-28.prg50.r.cloudfront.net
Software
nginx /
Resource Hash
553ddbc91e8979f8819f421934cdc265d3fe15c6537d0960e0654dfd5966543e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:42 GMT
content-encoding
gzip
via
1.1 7cfba11baf6016eafce83142b99c8ff8.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
PRG50-C1
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
x-amz-cf-id
G0UxQ4IDY9JR-tzQOkfUnMTYDrjuuIXK4Pfjz2jphxU7ygNeZ8lgbA==
integrator.js
adservice.google.de/adsid/ Frame F360 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=reurl.cc
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304260101/pubads_impl.js?cb=31074189
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame F360 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=reurl.cc
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304260101/pubads_impl.js?cb=31074189
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame F360 		43 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4093042164543076&correlator=2244509574053526&eid=31074172%2C31074189%2C44790325&output=ldjh&gdfp_req=1&vrg=202304260101&ptt=17&impl=fif&iu_parts=128002626%2CGPT_%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8reurl%2C13847&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90&ifi=1&adks=129673690&sfv=1-0-40&sc=1&cookie=ID%3Dbedb220d1cf5cf93%3AT%3D1682625941%3AS%3DALNI_MZ-1icnlyyuPA4CMVYWHtQSxOrboA&gpic=UID%3D00000bf18def0a53%3AT%3D1682625941%3ART%3D1682625941%3AS%3DALNI_Mb7kxwalxp8NzmZstrLINa5tgaoRg&abxe=1&dt=1682625942762&lmt=1682625942&dlt=1682625942549&idt=189&adxs=315&adys=461&biw=1600&bih=1200&isw=970&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=as3wh7y18rle&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=2&url=https%3A%2F%2Freurl.cc%2FKMYo2q&ref=https%3A%2F%2Freurl.cc%2FKMYo2q&top=https%3A%2F%2Freurl.cc%2FKMYo2q&frm=23&vis=1&psz=970x90&msz=970x0&fws=256&ohw=0&ea=0&ga_vid=382969064.1682625941&ga_sid=1682625943&ga_hid=1531815673&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304260101/pubads_impl.js?cb=31074189
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d9a459d4bc882affa0c304c48f3c5f7f40ef14ec9e1807ccf986bf15721347a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:43 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10570
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://reurl.cc
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame F360 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202304260101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304260101/pubads_impl.js?cb=31074189
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
112f082e83a90134679472ed38d8f181ae0de5e06a9546667a5789e658dcdfa2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11269
x-xss-protection
0
container.html
f318be8a124f0324b795a16ac8d60d3c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2A69 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f318be8a124f0324b795a16ac8d60d3c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304260101/pubads_impl.js?cb=31074189
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 27 Apr 2023 20:05:42 GMT
expires
Fri, 26 Apr 2024 20:05:42 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 3EC0 		74 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0ff89ff2af84556f833f14d3c4e4cf26fbb4d9959a37b13e3c15d2c2959ccf4e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:42 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24751
x-xss-protection
0
server
cafe
etag
420 / 19474 / 31074156 / config-hash: 18361539349155083424
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 27 Apr 2023 20:05:42 GMT
init.js
cdn.holmesmind.com/js/ Frame C21E 		17 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:4400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6b554798adaf5cb8c2c6f2607f28041ccb952a5727fac5ef07aa1024cab81a74

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
7G6oOBMjdeWk3fCC2bapuP6Qk7hbJS6v
date
Thu, 27 Apr 2023 20:05:21 GMT
via
1.1 44b457512f742b4e48fc7f0c87d8ed92.cloudfront.net (CloudFront)
last-modified
Thu, 27 Apr 2023 07:45:48 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
22
x-amz-server-side-encryption
AES256
etag
"6c37b2eb5706a6225b62a75a80493f4a"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
17750
x-amz-cf-id
mxBDh1fGJBed6GC8wOGrqAQUwjun2AbA81tIBTo2sydLVhNbd-O8yg==
create
referer-log.holmesmind.com/api/v1/kinesis/ Frame C21E 		51 B
260 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://referer-log.holmesmind.com/api/v1/kinesis/create?zone_id=13857&domain=reurl.cc
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.194.27.77 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-194-27-77.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
aee80027210ae75f2e8fb3327baa7cb67340c226af488b7aeba254096073e4e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:42 GMT
x-content-type-options
nosniff
server
nginx/1.18.0 (Ubuntu)
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
capmapping.htm
cdn.holmesmind.com/js/ Frame F5A3 		7 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=7027-22066db3d61dfc0a43ce6367ef61134df557759b5b8912a8242ff7b92822e8d7
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:4400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8804179d4455fb6e29325fe79d0f98396fd305e1de6067621c6f42e7054a7671

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
43
content-length
7381
content-type
text/html
date
Thu, 27 Apr 2023 20:05:42 GMT
etag
"7043648f76be8783efb738bc06c56fa0"
last-modified
Thu, 27 Apr 2023 07:45:59 GMT
server
AmazonS3
via
1.1 44b457512f742b4e48fc7f0c87d8ed92.cloudfront.net (CloudFront)
x-amz-cf-id
W2904d3kULhhI4YA4jbul6VZJUSbl_BqwHuOddWgzLji5ceTUvKoCg==
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
x-amz-version-id
UUwcIfIJRUq9jl_3zZZ_gKIBA76frGur
x-cache
Hit from cloudfront
edmp_init.js
cdn.holmesmind.com/js/ Frame C21E 		662 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/edmp_init.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:4400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
ofQLmtuFKXc4_qJ8vWwFRRweUsHZhpa4
date
Thu, 27 Apr 2023 20:04:54 GMT
via
1.1 44b457512f742b4e48fc7f0c87d8ed92.cloudfront.net (CloudFront)
last-modified
Thu, 27 Apr 2023 07:45:37 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
56
x-amz-server-side-encryption
AES256
etag
"f58f8a90686f8ffb3325107e8a788b71"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
662
x-amz-cf-id
XbueYf47709lhJ83DfIAgnAwvvIGHuC4TMjiBFbbrMgbicquM1YJwg==
presetfn.js
cdn.holmesmind.com/js/ Frame 3AAE 		15 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:4400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9f2aa6af4c0a4d80f08fb43a67de08fa12534cae17a1a1b5aa3a6b903638cea6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
b6NLfBNbZuuhe0mNP1aWahjxel9mXWRo
date
Thu, 27 Apr 2023 20:05:06 GMT
via
1.1 44b457512f742b4e48fc7f0c87d8ed92.cloudfront.net (CloudFront)
last-modified
Thu, 27 Apr 2023 07:45:47 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
37
x-amz-server-side-encryption
AES256
etag
"fda6a78844e1e6ff9ca3f87a43daaa6d"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
15489
x-amz-cf-id
c9ZYquMmv4uhrkYCf3rrNZPOpasyMGPKLzqzeMOV8W81PQTCX8GAcw==
fp
cm-dev-poc.holmesmind.com/ Frame 6290 		0
217 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm-dev-poc.holmesmind.com/fp?fp_uuid=null
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=7027-22066db3d61dfc0a43ce6367ef61134df557759b5b8912a8242ff7b92822e8d7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.92.30.56 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-92-30-56.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 27 Apr 2023 20:05:42 GMT
server
nginx/1.18.0 (Ubuntu)
cm.php
fcm.holmesmind.com/ Frame C6DD 		95 B
241 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fcm.holmesmind.com/cm.php
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=7027-22066db3d61dfc0a43ce6367ef61134df557759b5b8912a8242ff7b92822e8d7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.67.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
231.67.95.34.bc.googleusercontent.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
b73e6cb22f3ae22bcbe36217e226c082f813a2a8a7961644093d849bcbd30294

Request headers

Referer
https://cdn.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
86
content-type
text/html; charset=UTF-8
date
Thu, 27 Apr 2023 20:05:45 GMT
server
Apache/2.4.29 (Ubuntu)
vary
Accept-Encoding
via
1.1 google
utag.js
t.ssp.hinet.net/ Frame F5A3 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=7027-22066db3d61dfc0a43ce6367ef61134df557759b5b8912a8242ff7b92822e8d7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:42 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 03:58:03 GMT
server
nginx
etag
W/"63745fcb-142e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Thu, 27 Apr 2023 20:15:42 GMT
fp
cm-dev-poc.holmesmind.com/ Frame F5A3 		0
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm-dev-poc.holmesmind.com/fp?fp_uuid=7027-22066db3d61dfc0a43ce6367ef61134df557759b5b8912a8242ff7b92822e8d7
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=7027-22066db3d61dfc0a43ce6367ef61134df557759b5b8912a8242ff7b92822e8d7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.92.30.56 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-92-30-56.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:42 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
content-type
text/html; charset=UTF-8
cm
c.holmesmind.com/ Frame F5A3 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=7027-22066db3d61dfc0a43ce6367ef61134df557759b5b8912a8242ff7b92822e8d7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:43 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
google
m.holmesmind.com/ml/ Frame F5A3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=897456-mxkQcoQ0rlAljemzeJml6LhTETpuZvsL&uu_m=undefined
  • https://m.holmesmind.com/ml/google?cf_uid=897456-mxkQcoQ0rlAljemzeJml6LhTETpuZvsL&uu_m=undefined&google_gid=CAESEPM9G3KeO3QPVFHdQlLgZHQ&google_cver=1
0
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.holmesmind.com/ml/google?cf_uid=897456-mxkQcoQ0rlAljemzeJml6LhTETpuZvsL&uu_m=undefined&google_gid=CAESEPM9G3KeO3QPVFHdQlLgZHQ&google_cver=1
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=7027-22066db3d61dfc0a43ce6367ef61134df557759b5b8912a8242ff7b92822e8d7
Protocol
H2
Server
35.227.249.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
156.249.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:43 GMT
x-guploader-uploadid
ADPycdvbu3bTqAY0gfxukN1nmZjMEi0bppiTiigHUcTW-T9mnQW_a6Wmf13PQ29dKteiy4oISElBsT6QrDNkiN5OLZhMqw
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
last-modified
Wed, 21 Feb 2018 07:36:41 GMT
server
UploadServer
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-goog-generation
1519198601160228
content-type
image/png
x-goog-hash
crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
cache-control
public, max-age=3600
x-goog-stored-content-length
0
accept-ranges
bytes
expires
Thu, 27 Apr 2023 21:05:43 GMT

Redirect headers

pragma
no-cache
date
Thu, 27 Apr 2023 20:05:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://m.holmesmind.com/ml/google?cf_uid=897456-mxkQcoQ0rlAljemzeJml6LhTETpuZvsL&uu_m=undefined&google_gid=CAESEPM9G3KeO3QPVFHdQlLgZHQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
358
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Preset.js
adcdn.holmesmind.com/adserver/ Frame 3AAE 		1 KB
786 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adcdn.holmesmind.com/adserver/Preset.js?z=13857
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:ec00:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
8aa2fd2ba5f420936e45859aa1a7bdd856759604a02f91e1cc67ece7faa7de26

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 19:58:16 GMT
content-encoding
gzip
via
1.1 db66f1cc00a415c34c42ad011b26850c.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
PRG50-C1
age
446
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
x-amz-cf-id
x6cAGfz9llAeZir9tgCeXtXxAyakkca9vX_0gKGJFCUWek1A1G-aBw==
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/ Frame 3EC0 		398 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js?cb=31074156
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
37e314bfd8e8cb9262b5ea01059377cea510e23b2215fc93de8b34a5726284a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 14:37:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
19717
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
126109
x-xss-protection
0
server
cafe
etag
6695821980177688499
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 26 Apr 2024 14:37:05 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ Frame 3EC0 		544 B
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=reurl.cc
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e527755186d1e662236338e946e9729165c70d428e433b0af4264aec7a2f0230
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
271
x-xss-protection
0
expires
Thu, 27 Apr 2023 20:05:42 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame F360 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304260101/pubads_impl.js?cb=31074189
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 27 Apr 2023 20:05:42 GMT
ads.js
ad.holmesmind.com/adserver/ Frame 3AAE 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=13857&rf=https%3A%2F%2Freurl.cc%2FKMYo2q&n=624&o=1&fc=7027-2stb9yxes7KIXabW0CrrR7NDxEWB9nT3&d=1&b=2&ts=1&ii=2&FPCK=7027-2stb9yxes7KIXabW0CrrR7NDxEWB9nT3&fp_uuid=7027-22066db3d61dfc0a43ce6367ef61134df557759b5b8912a8242ff7b92822e8d7&initver=230331P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.197.12.20 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-197-12-20.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
b0286b0878fde57754caf5c939a752cbaf44f4286f6e3a39b0019a6e3f8b2c08

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Thu, 27 Apr 2023 20:05:43 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame 3AAE 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:4400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
nBWwdHcz25sluEl1QUCXz6TiME332iNl
date
Thu, 27 Apr 2023 20:05:07 GMT
via
1.1 44b457512f742b4e48fc7f0c87d8ed92.cloudfront.net (CloudFront)
last-modified
Thu, 27 Apr 2023 07:46:00 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
36
x-amz-server-side-encryption
AES256
etag
"6a605eea47197fa280f27aaf1fa1521d"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2773
x-amz-cf-id
5cNFkuUNHidaE5GaOSpxmjloN7XAT_NbsTBl1mVcPm-XnNwJB7aA8Q==
publishertag.js
static.criteo.net/js/ld/ Frame 3AAE 		121 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ee5dd0a4359b47cc49bbeaa01ee01d9ab77226267bc4999dce2331f35dd4b930
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:42 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-1e357"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 28 Apr 2023 20:05:42 GMT
criteoV2.js
cdn.holmesmind.com/js/ Frame 3AAE 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:4400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
U1v8K6hSA4AKRsMTWm.5Bb28WJ6oCi4G
date
Thu, 27 Apr 2023 20:05:42 GMT
via
1.1 44b457512f742b4e48fc7f0c87d8ed92.cloudfront.net (CloudFront)
last-modified
Thu, 27 Apr 2023 07:45:10 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
60
x-amz-server-side-encryption
AES256
etag
"e8f33fcb581483ced4a09b3c8e7550e4"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2443
x-amz-cf-id
IGm5H7yN6c2Dq9ZdvqRyJFdddat-96CTfAwjRoh0_APfQ13VkBJDmg==
bridgewellV3.js
cdn.holmesmind.com/js/ Frame 3AAE 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:4400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
5mkNLru4kDHGgulI4S7tLQMEBRAn7gcJ
date
Thu, 27 Apr 2023 20:05:42 GMT
via
1.1 44b457512f742b4e48fc7f0c87d8ed92.cloudfront.net (CloudFront)
last-modified
Thu, 27 Apr 2023 07:45:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
1
x-amz-server-side-encryption
AES256
etag
"c3b948e5a48dd0ec20c265d6d8da7add"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
4530
x-amz-cf-id
AKLR_lPBKnxBGNVmpAxy4OLlM_RCAj3mhS2Xc2nGc0ankZ1qalzkKg==
appierV2.js
cdn.holmesmind.com/js/ Frame 3AAE 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:4400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
PwsUi2RF84KIa5D8Jtw7UEGdNHZLdyUg
date
Thu, 27 Apr 2023 20:05:22 GMT
via
1.1 44b457512f742b4e48fc7f0c87d8ed92.cloudfront.net (CloudFront)
last-modified
Thu, 27 Apr 2023 07:45:54 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
20
x-amz-server-side-encryption
AES256
etag
"548ed610a8571343fb3022f543174735"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3177
x-amz-cf-id
plc7SZEL5WI8EmBd_8pd2706CwsbPzfORFYimtH9JsWN61GQD8XurA==
appier_mainV3.js
cdn.holmesmind.com/js/ Frame 3AAE 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:4400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
17b74954021249d3b59e7ab8c8248edc265666ee65127c8f01825f0ada0adcc2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
nxoHD1ZwbJbYkPDTFzjaXDlZQ1wm4L2y
date
Thu, 27 Apr 2023 20:05:42 GMT
via
1.1 44b457512f742b4e48fc7f0c87d8ed92.cloudfront.net (CloudFront)
last-modified
Thu, 27 Apr 2023 07:45:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
1
x-amz-server-side-encryption
AES256
etag
"d653bf20e2f03cb602105cbd317c55ed"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
6650
x-amz-cf-id
q4lB86Qpxi4ueQPmdkC5HvrJMKnfLw89EzJF1tr_sIKftg2MTce5Eg==
integrator.js
adservice.google.de/adsid/ Frame 3EC0 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=reurl.cc
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js?cb=31074156
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 3EC0 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=reurl.cc
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js?cb=31074156
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 3EC0 		77 KB
37 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3515331543519058&correlator=1785922888303625&eid=31074156%2C44790325%2C21065725&output=ldjh&gdfp_req=1&vrg=202304250101&ptt=17&impl=fif&iu_parts=128002626%2CGPT_%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8reurl%2C14209&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x100%7C320x100%7C320x50&ifi=1&adks=2995874615&sfv=1-0-40&sc=1&cookie=ID%3Dbedb220d1cf5cf93%3AT%3D1682625941%3AS%3DALNI_MZ-1icnlyyuPA4CMVYWHtQSxOrboA&gpic=UID%3D00000bf18def0a53%3AT%3D1682625941%3ART%3D1682625941%3AS%3DALNI_Mb7kxwalxp8NzmZstrLINa5tgaoRg&abxe=1&dt=1682625942986&lmt=1682625942&dlt=1682625942776&idt=159&adxs=640&adys=364&biw=1600&bih=1200&isw=320&ish=100&scr_x=0&scr_y=0&btvi=0&ucis=fwvtusizkaz6&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=2&url=https%3A%2F%2Freurl.cc%2FKMYo2q&ref=https%3A%2F%2Freurl.cc%2FKMYo2q&top=https%3A%2F%2Freurl.cc%2FKMYo2q&frm=23&vis=1&psz=320x100&msz=320x0&fws=256&ohw=0&ea=0&ga_vid=382969064.1682625941&ga_sid=1682625943&ga_hid=1671861901&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js?cb=31074156
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6bc473f82b442063229910d27a7c5a9fc996cfd87326d0481fb88f3b3f366e65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:43 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37607
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 3EC0 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202304250101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js?cb=31074156
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7d54de0485d977787a80cb49dbeb78edfb7a50ee95b322bb4afa91e5a34ec5d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:43 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11152
x-xss-protection
0
container.html
7d00d2c38336bf5afab542272be5bb69.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1C64 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://7d00d2c38336bf5afab542272be5bb69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js?cb=31074156
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 27 Apr 2023 20:05:43 GMT
expires
Fri, 26 Apr 2024 20:05:43 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
float.js
s.trvdp.com/scripts/v5.802/ 		466 KB
139 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.trvdp.com/scripts/v5.802/float.js
Requested by
Host: go.trvdp.com
URL: https://go.trvdp.com/init/7942.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-40.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
86df418d759487f91b379ac929723336e45cf28b31395bb383bc4439b2150125

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 01:17:13 GMT
content-encoding
gzip
via
1.1 6fc439c8bc0a64a7ab978ce699795274.cloudfront.net (CloudFront)
last-modified
Mon, 13 Feb 2023 13:09:34 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
4646911
etag
W/"bc1129a1d65d16ce761ff5637cdc8f53"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
D-8MT7wW5vBdmKKx6-CrXgHo8BiwdRjvY00BjMcguOISsvQP_MBbPQ==
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame 3AAE 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Thu, 27 Apr 2023 20:05:43 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
bid
ad2.apx.appier.net/v1/prebid/ Frame 3AAE
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=j5auO3l-Bq2sGAG1ltVKZA
2 B
20 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=j5auO3l-Bq2sGAG1ltVKZA
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H3
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:43 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Thu, 27 Apr 2023 20:05:43 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=j5auO3l-Bq2sGAG1ltVKZA
cache-control
no-store
access-control-allow-credentials
true
content-length
0
prebid.aspx
prebid.scupio.com/recweb/ Frame 3AAE 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.8502251803914636
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.59.219.181 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
210-59-219-181.hinet-ip.hinet.net
Software
Kestrel /
Resource Hash
d162b29583fee6b44f056b7d9bace4355606fd406549f5a23079432cd21974ee

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Thu, 27 Apr 2023 20:05:42 GMT
access-control-allow-credentials
true
server
Kestrel
bid
ad2.apx.appier.net/v1/prebid/ Frame 3AAE
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=j5auO3l-Bq2sGAG1ltVKZA
2 B
20 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=j5auO3l-Bq2sGAG1ltVKZA
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H3
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:43 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Thu, 27 Apr 2023 20:05:43 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=j5auO3l-Bq2sGAG1ltVKZA
cache-control
no-store
access-control-allow-credentials
true
content-length
0
publishertag.prebid.117.js
static.criteo.net/js/ld/ Frame 5EF6 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:43 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:13:32 GMT
server
nginx
etag
W/"642e8d3c-15c1d"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 28 Apr 2023 20:05:43 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6AB4 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
7029
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 27 Apr 2023 18:08:34 GMT
expires
Fri, 26 Apr 2024 18:08:34 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 0718 		783 B
969 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
9adcc0f056b77e11c767128ee8203df876a2ae0fd42ecbb73ce5fdcb84dc6231
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-0yApSoMXs2kAbpX6gWi2LQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-0yApSoMXs2kAbpX6gWi2LQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 27 Apr 2023 20:05:43 GMT
expires
Thu, 27 Apr 2023 20:05:43 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cdb
bidder.criteo.com/ Frame 3AAE 		2 B
289 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=135&profileId=184&cb=13018563657
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 27 Apr 2023 20:05:42 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
28
publishertag.prebid.117.js
static.criteo.net/js/ld/ Frame CD85 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:43 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:13:32 GMT
server
nginx
etag
W/"642e8d3c-15c1d"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 28 Apr 2023 20:05:43 GMT
FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js
pagead2.googlesyndication.com/bg/ Frame 6AB4 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
15e6712bec4c5346c30a338c6e89046998e0eaf53cc5a4b6e1bc922c3779b5e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 13:55:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
22201
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14264
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 14:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 26 Apr 2024 13:55:42 GMT
syncframe
gum.criteo.com/ Frame C4B1 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
3014acc16bf3744b41bb869785bf686290d9834a5e6f69d4583c4e39fca26bff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://img.scupio.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 27 Apr 2023 20:05:43 GMT
server
Kestrel
server-processing-duration-in-ticks
358647
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.117.js
static.criteo.net/js/ld/ Frame 5EF6 		87 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:43 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:13:32 GMT
server
nginx
etag
W/"642e8d3c-15c1d"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 28 Apr 2023 20:05:43 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 3EC0 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js?cb=31074156
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 27 Apr 2023 20:05:43 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 0718 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202304260101&jk=4093042164543076&rc=
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
events
bidder.criteo.com/csm/ Frame 3AAE 		0
209 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 27 Apr 2023 20:05:42 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
syncframe
gum.criteo.com/ Frame D8D0 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
3014acc16bf3744b41bb869785bf686290d9834a5e6f69d4583c4e39fca26bff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://img.scupio.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 27 Apr 2023 20:05:42 GMT
server
Kestrel
server-processing-duration-in-ticks
466009
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.117.js
static.criteo.net/js/ld/ Frame CD85 		87 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:43 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:13:32 GMT
server
nginx
etag
W/"642e8d3c-15c1d"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 28 Apr 2023 20:05:43 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame A041 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssNgVIbfAK8pQVmcPpZ2uxM0GqcxtK-E9VJol2kbC-SuVKu9PoHKbYeizPFi48LCccZdvYr-a4k8sYVqqP9FaRg0Za6eoFuhVuApWZ6yBUSABKCQW4z&sig=Cg0ArKJSzLJsOczdbl85EAE&id=lidar2&mcvt=1001&p=1181,1599,1182,1600&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230426&bin=7&avms=nio&bs=1600,1200&mc=1.06&vu=1&app=0&itpl=19&adk=3261691140&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1682625941510&rpt=593&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 20:05:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
t.ssp.hinet.net/ Frame F5A3 		36 B
408 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
47250dcf408154fbceeb1718ad679d42ee01e345734af8637d028f5f867bf997
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:43 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9BF3 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
7029
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 27 Apr 2023 18:08:34 GMT
expires
Fri, 26 Apr 2024 18:08:34 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 398F 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ca5be5c023fe19e9901cfbca6c0e6822541486cc8d8ebdb045a3cb6335431bb8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-hDOkRAmerF_UsCou3mXMvg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-hDOkRAmerF_UsCou3mXMvg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 27 Apr 2023 20:05:43 GMT
expires
Thu, 27 Apr 2023 20:05:43 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
utag.js
t.ssp.hinet.net/ Frame 3AAE 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:43 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 03:58:03 GMT
server
nginx
etag
W/"63745fcb-142e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Thu, 27 Apr 2023 20:15:43 GMT
cors
rt.ad-score.com/score/ 		52 B
717 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rt.ad-score.com/score/cors?s=1&pid=1000032&tid=truvidTraffic&pub_domain=reurl.cc&l1=7942&l2=reurl.cc&l3=DE&l4=desktop&l5=5.802&cb=0.3062769884178409
Requested by
Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.802/float.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
35.208.216.174 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
174.216.208.35.bc.googleusercontent.com
Software
/
Resource Hash
a3fb12e0586cb7710bc4ff3f906aa390cd18576b4d2a086389454e72c7f0b8df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Apr 2023 20:05:43 GMT
Age
0
Access-Control-Allow-Methods
GET,POST
P3p
CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin
https://reurl.cc
Content-Type
text/plain; charset=utf-8
Cache-Control
post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
52
sodar
pagead2.googlesyndication.com/pagead/ Frame 398F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202304250101&jk=3515331543519058&rc=
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js
pagead2.googlesyndication.com/bg/ Frame 9BF3 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
15e6712bec4c5346c30a338c6e89046998e0eaf53cc5a4b6e1bc922c3779b5e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 13:55:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
22201
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14264
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 14:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 26 Apr 2024 13:55:42 GMT
generate_204
tpc.googlesyndication.com/ Frame 6AB4 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?AdGHuw
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:43 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
drawV2.js
cdn.holmesmind.com/js/ Frame 3AAE 		10 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13857&rf=https%3A%2F%2Freurl.cc%2FKMYo2q&n=624&o=1&fc=7027-2stb9yxes7KIXabW0CrrR7NDxEWB9nT3&d=1&b=2&ts=1&ii=2&FPCK=7027-2stb9yxes7KIXabW0CrrR7NDxEWB9nT3&fp_uuid=7027-22066db3d61dfc0a43ce6367ef61134df557759b5b8912a8242ff7b92822e8d7&initver=230331P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:4400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
BB34JyGYCOIl08R8YEm4EJ7J3nvh3gcN
date
Thu, 27 Apr 2023 20:05:41 GMT
via
1.1 44b457512f742b4e48fc7f0c87d8ed92.cloudfront.net (CloudFront)
last-modified
Thu, 27 Apr 2023 07:45:22 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
4
x-amz-server-side-encryption
AES256
etag
"84d8b1a745228113e60f5e62f0eff6d3"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
10359
x-amz-cf-id
LfZLC98toabg1kLm0EChKgF8bpaXsInk3h_silj86iuVN_DJa16N2w==
container.html
7d00d2c38336bf5afab542272be5bb69.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BE89 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://7d00d2c38336bf5afab542272be5bb69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js?cb=31074156
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 27 Apr 2023 20:05:43 GMT
expires
Fri, 26 Apr 2024 20:05:43 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
av
ad.holmesmind.com/adserver/ Frame 27FA 		0
152 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/av?p=14210:74691:155392:94adf72e27533325f7022e42e2c35cd5:16902&type=1
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/drawV2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.197.12.20 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-197-12-20.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:43 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
/
t.ssp.hinet.net/ Frame 3AAE 		36 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
47250dcf408154fbceeb1718ad679d42ee01e345734af8637d028f5f867bf997
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:43 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
sid
mug.criteo.com/ Frame C4B1
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=54wN9nxsZWN0L2VxZmRFd0M1UDhVUWp3blVlV0M5N2lqN1hKeEFGbUFBNUZOSnRTRUUzMW0rSEVCUWdiUXhmc0loWFc3cEg3TnFjb3VIdmEwOEZmSWRpRUZkaUc5eXRhU2l2NkxXVldOY1k5dWY1dGEwRXhpOE5MZXVBN2...
423 B
647 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=54wN9nxsZWN0L2VxZmRFd0M1UDhVUWp3blVlV0M5N2lqN1hKeEFGbUFBNUZOSnRTRUUzMW0rSEVCUWdiUXhmc0loWFc3cEg3TnFjb3VIdmEwOEZmSWRpRUZkaUc5eXRhU2l2NkxXVldOY1k5dWY1dGEwRXhpOE5MZXVBN2pIYXZaN2FsRGE3VUpQcVRjbTB3bUtpdS8vRkt4QWtMb0dDVklDblFsZ3JyUkdPcTdoaWhEVE52NmF0djJPKzIreVhiaFM2aFhBb1hMNDlleUw3SE9oeGtaOVVEcEM2c1FBSGtZKzMrcGo3L01FT3pwZGJVMVdQemZ4NVZRWWZBRS84elhSWmFQRjNPbWhwVFlEeFlKVEdBdzJkMFM2bVVRUE9sdElsQ0piWmJKZGd3c2VxVT18&cppv=2
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H2
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
3e09a60a81032d9e86aaff6ea702515fdad0fac4f6783f0d7952eb08f48ac827
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 20:05:43 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1412999
expires
0

Redirect headers

pragma
no-cache
date
Thu, 27 Apr 2023 20:05:43 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=54wN9nxsZWN0L2VxZmRFd0M1UDhVUWp3blVlV0M5N2lqN1hKeEFGbUFBNUZOSnRTRUUzMW0rSEVCUWdiUXhmc0loWFc3cEg3TnFjb3VIdmEwOEZmSWRpRUZkaUc5eXRhU2l2NkxXVldOY1k5dWY1dGEwRXhpOE5MZXVBN2pIYXZaN2FsRGE3VUpQcVRjbTB3bUtpdS8vRkt4QWtMb0dDVklDblFsZ3JyUkdPcTdoaWhEVE52NmF0djJPKzIreVhiaFM2aFhBb1hMNDlleUw3SE9oeGtaOVVEcEM2c1FBSGtZKzMrcGo3L01FT3pwZGJVMVdQemZ4NVZRWWZBRS84elhSWmFQRjNPbWhwVFlEeFlKVEdBdzJkMFM2bVVRUE9sdElsQ0piWmJKZGd3c2VxVT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
358955
content-length
0
expires
0
sid
mug.criteo.com/ Frame D8D0
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=Oi_qM3xBdzdqYThhOGh2MHBzMmE1WW9yc3l5ZFdwS1NBTmdFVno0Zlgrd2ZHNy9uSllwcWF0M1VlVzVRK2ZPa0dFaWNmTmdjaklHcUhER2c2aWxwT1Q2cXdWWGw4Y0pOdnlnNENRZzdFVmhyVXB3ZitrSFd0cVArT0dEcS...
439 B
653 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=Oi_qM3xBdzdqYThhOGh2MHBzMmE1WW9yc3l5ZFdwS1NBTmdFVno0Zlgrd2ZHNy9uSllwcWF0M1VlVzVRK2ZPa0dFaWNmTmdjaklHcUhER2c2aWxwT1Q2cXdWWGw4Y0pOdnlnNENRZzdFVmhyVXB3ZitrSFd0cVArT0dEcS9RRm9KWXkrNU1kME9Pd0ptUUd0TE5Nd2tpVFFyamdweDc3MHQrVkFkZC83ZHhCK1p4L1BkUi95emVGUFo5ejV6ZDUvR1k5a1lOdU5iL1VtVkxvaUZFQlJvL2dFcUFWTnFPKzBVMkxOeWp6cFVKdnZqZERFdlcwWUZFTE4wNXhDT1VTSi9LNGRrV3huMFVLTTVvRzMyV00zUXI0ektyc3pUcm1hR1czWGNvajE2cXBEUFJjdz18&cppv=2
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H2
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
730e74a4858af4d7e640c546da3c0a3e667ba4678bad42fc7b46b2b5bc41a767
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 20:05:43 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1856250
expires
0

Redirect headers

pragma
no-cache
date
Thu, 27 Apr 2023 20:05:43 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=Oi_qM3xBdzdqYThhOGh2MHBzMmE1WW9yc3l5ZFdwS1NBTmdFVno0Zlgrd2ZHNy9uSllwcWF0M1VlVzVRK2ZPa0dFaWNmTmdjaklHcUhER2c2aWxwT1Q2cXdWWGw4Y0pOdnlnNENRZzdFVmhyVXB3ZitrSFd0cVArT0dEcS9RRm9KWXkrNU1kME9Pd0ptUUd0TE5Nd2tpVFFyamdweDc3MHQrVkFkZC83ZHhCK1p4L1BkUi95emVGUFo5ejV6ZDUvR1k5a1lOdU5iL1VtVkxvaUZFQlJvL2dFcUFWTnFPKzBVMkxOeWp6cFVKdnZqZERFdlcwWUZFTE4wNXhDT1VTSi9LNGRrV3huMFVLTTVvRzMyV00zUXI0ektyc3pUcm1hR1czWGNvajE2cXBEUFJjdz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
307697
content-length
0
expires
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012304132133000/ Frame BC71 		222 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304132133000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304260101/pubads_impl.js?cb=31074189
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f5a74ea4fa94eaadca122239fe4031ac54bc6ccd5dc4324c2751ea86a943124
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 24 Apr 2023 17:12:21 GMT
age
269602
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61827
x-xss-protection
0
server
sffe
etag
"1754d270d28e2ea6"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 23 Apr 2024 17:12:21 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012304132133000/v0/ Frame BC71 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304132133000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304260101/pubads_impl.js?cb=31074189
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85afe5d6b60132a4c60a797263462587cbedf641bf528a053b9a63753b7a53b8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 24 Apr 2023 17:12:21 GMT
age
269602
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5222
x-xss-protection
0
server
sffe
etag
"8e65ad5048245435"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 23 Apr 2024 17:12:21 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012304132133000/v0/ Frame BC71 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304132133000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304260101/pubads_impl.js?cb=31074189
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87164df907b04e7cc17ecf6cc67fc70758df16f4abe9ae99fdbb24ff5d2ff3ca
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 24 Apr 2023 17:12:21 GMT
age
269602
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28942
x-xss-protection
0
server
sffe
etag
"73bf4bf39cc8fedd"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 23 Apr 2024 17:12:21 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012304132133000/v0/ Frame BC71 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304132133000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304260101/pubads_impl.js?cb=31074189
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f68c8c5b10569e4cfa7a8eb1f137a96a5a6b6623e02e24170d837afe8fe0842e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 24 Apr 2023 17:12:21 GMT
age
269602
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1921
x-xss-protection
0
server
sffe
etag
"f061d9295cdc41bd"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 23 Apr 2024 17:12:21 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012304132133000/v0/ Frame BC71 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304132133000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304260101/pubads_impl.js?cb=31074189
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3532a807c3416a321a14d2e03f65872f747837a3eb23aa8571304ca6ddc1bec4
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 24 Apr 2023 17:12:21 GMT
age
269602
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12962
x-xss-protection
0
server
sffe
etag
"8013fcb40cf8ec28"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 23 Apr 2024 17:12:21 GMT
truncated
/ Frame BC71 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
80afe9a864ccd78c996f929bda76c6c749c0f2b461051176875a40743a88ed00

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
10310511586144348027
tpc.googlesyndication.com/simgad/ Frame BC71 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/10310511586144348027?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qkR50IE5n5AMb-jgLKObOF0JSxe2w
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94e925bd92ade69939599fc8c57746eb8426f22692b10a3c1c955d5f14b483ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 04:57:05 GMT
x-content-type-options
nosniff
age
486518
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9084
x-xss-protection
0
last-modified
Thu, 15 Sep 2022 03:42:58 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 21 Apr 2024 04:57:05 GMT
zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame BC71 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 19:12:10 GMT
x-content-type-options
nosniff
server
cafe
age
3213
etag
7688947696963022458
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3430
x-xss-protection
0
expires
Fri, 28 Apr 2023 19:12:10 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame BC71 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 22:24:04 GMT
x-content-type-options
nosniff
server
cafe
age
78099
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Thu, 27 Apr 2023 22:24:04 GMT
l
www.google.com/ads/measurement/ Frame BC71 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTLPy_vvU4MzL-KuRMF0Au-qE6DTjU3EdQr9rKp1J7FVZb6TiFGVmP-iE-F-zqqdxjs6li4bEr3YEqX7sr461EHjs5hKA
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame BC71 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C_b9QltVKZO3PMcGIgAeX8IGoB5PAmc1vs6zIw50RrK6IpP44EAEg0syBGmCV6o6CnAegAaTdmosDyAEC4AIAqAMByAMIqgTpAU_QzGMGNBkDI7JC-tIuUHp6NXW6gd0AoavZb1YpE6jVvYBfxq-dspHVroJ9ELP1Ff-gnqA2rBawhVCBuKpsQLR8MDOSXlV6j_E9M3TZubkebJLtaFDpXPq22cHiCz2k0-gf8XS6IGMSC2tHv7qhuO7ecF7-8Z9lnj1h9JBRBgf-L1Ytf9HPDJ8Pqmqkle6Bjqg3x4yS8coAYUFAYg8KSdzsTwsT5WRKx03AHYCG-sxd6BF3vcAxTqkBWR2wUicZjnRAef3OdsO7LwVXJVPHQXV9Q74hykEoDgTNhjS15pwdy-9SF9vFsfg8wAT3t9zlmwTgBAGSBQQIBBgBkgUECAUYBKAGAoAHxKLldKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEELOkHdIIEQiA4YAQEAEYHTICqgI6AoBAgAoDyAsB2BMM0BUBgBcBshceChwIABIUcHViLTQxMjY1NTQ3NzkzOTM5ODYY4swZ&sigh=-ngpqbiTWVY&uach_m=[UACH]&cid=CAQSPABygQiDDAYMxlQwjfWbRorAyhTQppyBMGc97sF8rX2QryhIpm-RAomke0X2oU7YhNWvg8BHP4uufvgb8RgB
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame 282C 		624 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGMqVxd0BMAE&v=APEucNXAOT449mXRlbMmYRAvIalc-BlAj9hWXEB2Es7XAk1-a_iEP-_-raVCGF3B9Pbe0uexqEfiiheRmEphQaPwbn1p9Qyr2lNnIAW0mEjK4G7yV14MkQZi824BuPUBDuzhOgPZVNhH7nP4BBX93e2NFzmWIcltuHEQ_LUJiqvtUcWpe8cxwr0
Requested by
Host: 7d00d2c38336bf5afab542272be5bb69.safeframe.googlesyndication.com
URL: https://7d00d2c38336bf5afab542272be5bb69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7d00d2c38336bf5afab542272be5bb69.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 27 Apr 2023 20:05:43 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20230424/r20110914/ Frame BE89 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230424/r20110914/abg_lite_fy2021.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
06f3ddbbd0c90766d744b824d27c491995029162c303fb9b9263915d1130b5b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7d00d2c38336bf5afab542272be5bb69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 01:17:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
67709
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8790
x-xss-protection
0
server
cafe
etag
1446065643150489480
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 11 May 2023 01:17:14 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20230424/r20110914/elements/html/ Frame BE89 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230424/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
49b6c56eb31409bd9d3761794191cce2ecb0de4de4b475ab71810de512cb926e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7d00d2c38336bf5afab542272be5bb69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 01:17:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
67709
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3047
x-xss-protection
0
server
cafe
etag
5552017188384030315
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 11 May 2023 01:17:14 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame BE89 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstmz2_MOcLnFitTLD92V5FPR9GTMVl7rgxmCfQxvg-mojIuAp3f2CWxiw4t803HEAnx4T39wKqXu-aIfB-iCaHJySZktokhPc8h_vZRSaS0BpQzReNafKyavn5Jq0RZbVp1MiQSwxWgKTGUci5jD0PcZFHJ8uP_cOhtB2Uz75I7lcPOdB_KAkZJDzw5pqOOMlIVinxS-OqL8JnOKA504YEcMgZmdJuL8J4WJbMI1aiLC_NFh6tbsiGzHT92IDJBPQutgXw8oI8yx3a3la9NTiOHUeKn0KjYdRJGldDpgz3NmBX4XBXTnKrvNkt6GR7B5mm4ML0UZATavH5MHV1CZDKNMM8E1PoSBdN7cnl00cG-lkAkSb6_khYcqttzvLL9GCL3n0fyfveDA5kl3j_pTALl9RVZFP6rmxkYDRoYWwSeavl5tvBYfpfEaoFHnErxxIzbgqlNZK-YU8B3QBQEJiRuw6_qng7rtRNdJp0xH6MzyACehK5vWR0myeAMHTkfQlPQJnIRDNfeBRxxPVDtAjvvKezvQ-OuMmMAN8nn6dYsOk4gZB5MfpkUEtBsOU7ff2WW2oEeViLL71AbaGi8dMfLtoXpQX7L4Z_0I389dR36Kx3Rid0d0whOYKQVkfDToK_UmUzr8t2O1TRNUw_xfDJrmSokBCCnBQgJhYP63Tl4Jf1c42UfEESp89EY_ZZlm4SrTq7R38OzOXlY3EVP0VW57y9qX1ubWhzBnbQXGknKSX02ZOgqD188EIB2Hyny_nk6UkItB0jimLhlG2_1NV6IIHa3Ym-fA4oCR3LMDdaSMfqPrh0kr6tzndYFy0VLSj3GxrESbmELE7zlpOKUZ2XaSKoI9AqYwm-CR1AA2hUHf3U_gy7CeuGs4RvPgHTzKGTxEy9ZyEsWHVfVwYOTxSowopd9MnDfM_p0ll91axiHX3DEN5IP9_ZkeEJGjif5eXszEkAfBkHyQQZlQxfYFLsKfPDxG47jcdeIhoUVOLjT_gpfyHUrfVygWreXVMiYJxtzJ3z1j3ce8TyyUeLoqhOVhQqOJn89lZtLJCHTBbpaWRd53_VTriic7EMNkKNo5suvGVuNMRSLe_MMdq6T9VtDdfhzlCjZsinGjr9A_CrzlcPuo4RPuERb3hRhU41MxcHpYwjuotb5rxIiAhXBIPAhFGXrNVWhjdcYY_2b_vwu2BFCvu27&sai=AMfl-YRbcpVquIqGyXMy41X7VtBJqsEsen49lIPPjtIr3UWFlQaKJ-2vhH2MaNNpRtxUtTBsNrmcWjgMCojbWsTmtNLPDOeCfoZXNSIwoKB4UGdeNXx-lIljlczZtrwjZVkp_TQDJse1mMwilXkKadm5RRk0pXVPv3ZLWlbzyi4km39soRfvGyQgbDzp4s744Pg9f2ZomF5mkkfzaGkCDWzTCw3UkVol3YLqVDjMcnxrwY7Hoi-U_2h6RaIfOO7ts2JFaHklbRJxpyk9f9SP7D6VXGG7KsVjSaPZaLK5EDksL2dXRjwnwgTg5VDeETHthjYbq7yBlkKlul27UtRRdoqnVA5vGYoPPtGGHiuctBNbcatUlhxWPmjWPTBPDskssW9kMZ1J9UwuuxD2Xos&sig=Cg0ArKJSzJ8__aM5ua9eEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20230424.49653&arae=0&ftch=1&adurl=
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7d00d2c38336bf5afab542272be5bb69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 27 Apr 2023 20:05:43 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Thu, 27 Apr 2023 20:05:43 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame BE89 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7d00d2c38336bf5afab542272be5bb69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 14:54:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
105060
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 Apr 2024 14:54:43 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BE89 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A2Vf5xrypz1O5DU1EBei1ZkAZ6lpZjAcB2kl0a6uekV8DwevJOyeMCppyTAIZvMSEACgAkdA3qhFEswzWxMm5a-1gGUIRa0Eounm5YTmaBOJZHdBk
Requested by
Host: 7d00d2c38336bf5afab542272be5bb69.safeframe.googlesyndication.com
URL: https://7d00d2c38336bf5afab542272be5bb69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7d00d2c38336bf5afab542272be5bb69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 20:05:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/ Frame BE89 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/window_focus_fy2021.js
Requested by
Host: 7d00d2c38336bf5afab542272be5bb69.safeframe.googlesyndication.com
URL: https://7d00d2c38336bf5afab542272be5bb69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7d00d2c38336bf5afab542272be5bb69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 18:07:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
7082
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 11 May 2023 18:07:41 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/ Frame BE89 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 7d00d2c38336bf5afab542272be5bb69.safeframe.googlesyndication.com
URL: https://7d00d2c38336bf5afab542272be5bb69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1703a72fa6f4e4c3e4226e77f416e403c9350226515a4addb2dba832adddec33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7d00d2c38336bf5afab542272be5bb69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 02:00:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
65091
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7958
x-xss-protection
0
server
cafe
etag
6327879953816217519
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 11 May 2023 02:00:52 GMT
l
www.google.com/ads/measurement/ Frame BE89 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTu1q6Z_xEzL_XrCjI3lDe9jCUTmwsBhv0o0x2_9kqhwBO_1kZfv30mEsloleJql-vHaimZdJJtbXqNJu0cFM_Mf5O70w
Requested by
Host: 7d00d2c38336bf5afab542272be5bb69.safeframe.googlesyndication.com
URL: https://7d00d2c38336bf5afab542272be5bb69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7d00d2c38336bf5afab542272be5bb69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BE89 		158 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 7d00d2c38336bf5afab542272be5bb69.safeframe.googlesyndication.com
URL: https://7d00d2c38336bf5afab542272be5bb69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7d00d2c38336bf5afab542272be5bb69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49538
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1682508732222081"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Apr 2023 20:05:43 GMT
7102141292423558684
s0.2mdn.net/simgad/ Frame BE89 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/7102141292423558684?sqp=uqWu0g0HCGQQwAJAZA&rs=AOga4qltVyEdFxRSXpgrA2EVnkee9Dpcgw
Requested by
Host: 7d00d2c38336bf5afab542272be5bb69.safeframe.googlesyndication.com
URL: https://7d00d2c38336bf5afab542272be5bb69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c1af8482107a39b623534fdda8cf6cf5f68987d4276a4798e5eb1af94a11d5c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7d00d2c38336bf5afab542272be5bb69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 18:33:57 GMT
x-content-type-options
nosniff
age
437506
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14959
x-xss-protection
0
last-modified
Fri, 30 Dec 2022 14:15:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 21 Apr 2024 18:33:57 GMT
ls.html
img.scupio.com/html/ Frame CA41 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/html/ls.html
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-63.prg50.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce

Request headers

Referer
https://img.scupio.com/html/ad.html?v=1.0.67
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1825
cache-control
max-age=604800
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 27 Apr 2023 19:35:18 GMT
etag
W/"583295c9-4dc"
expires
Thu, 04 May 2023 19:35:18 GMT
last-modified
Mon, 21 Nov 2016 06:35:53 GMT
server
nginx/1.12.1
vary
Origin
via
1.1 e14614617e85116e937d5168b35a94de.cloudfront.net (CloudFront)
x-amz-cf-id
MKo_smKw4aKGY7MZ-LxxA8xHBQjT6lMjBR-CuKAz69ePD2TbLGu1mA==
x-amz-cf-pop
PRG50-C1
x-cache
Hit from cloudfront
ggid.aspx
rec.scupio.com/recweb/ Frame 3630
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q1hBMjAyMzA0MjgwNDA1NDMxNzk3NTQ%3d&layout=js
  • https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEJk92U4ilOdftlyJS53Hn18&google_cver=1&google_ula=3918219,0
0
551 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEJk92U4ilOdftlyJS53Hn18&google_cver=1&google_ula=3918219,0
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.67
Protocol
HTTP/1.1
Server
203.69.60.96 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-69-60-96.hinet-ip.hinet.net
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Thu, 27 Apr 2023 20:05:43 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
text/javascript
P3P
CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control
private
Content-Length
0

Redirect headers

pragma
no-cache
date
Thu, 27 Apr 2023 20:05:43 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEJk92U4ilOdftlyJS53Hn18&google_cver=1&google_ula=3918219,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame CE04
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac
  • https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://img.scupio.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 27 Apr 2023 20:05:43 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 27 Apr 2023 20:05:43 GMT
location
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
server
AkamaiGHost
/
www.facebook.com/tr/ Frame 3630 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=588795092476391&ev=ViewContent&dl=https%3A%2F%2Fimg.scupio.com%2Fhtml%2Fad.html%3Fv%3D1.0.67&rl=https%3A%2F%2Fimg.scupio.com%2Fhtml%2Fad.html%3Fv%3D1.0.67&if=true&ts=1682625943568&cd[SBST]=17&cd[PuID]=reurl&cd[labelsource]=sp&ud[external_id]=9927df5b6b4ce1eb50d5203e59186af3ba3398a62ca21aa390df5f9966e86c21
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.67
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 27 Apr 2023 20:05:43 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
/
sync.aralego.com/idSync/ Frame 3630 		35 B
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CXA20230428040543179754
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.67
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Wilmington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:43 GMT
connection
close
content-length
35
content-type
image/gif
generate_204
tpc.googlesyndication.com/ Frame 9BF3 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?k20zNA
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:43 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame DE20 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 7d00d2c38336bf5afab542272be5bb69.safeframe.googlesyndication.com
URL: https://7d00d2c38336bf5afab542272be5bb69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7d00d2c38336bf5afab542272be5bb69.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
28431
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 27 Apr 2023 12:11:52 GMT
etag
48472445140208031
expires
Fri, 28 Apr 2023 12:11:52 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame BE89 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6daa21548874dcf34e92f0cde004b016e9ee997735b101667434ebd9882eeee9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 0937 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7d00d2c38336bf5afab542272be5bb69.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
422672
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 22 Apr 2023 22:41:11 GMT
expires
Sun, 21 Apr 2024 22:41:11 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cm
t.ssp.hinet.net/ Frame F5A3 		0
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=cf&cid=897456-mxkQcoQ0rlAljemzeJml6LhTETpuZvsL&mp=a86f2cc3-9398-4dd6-a403-606448c34b0d
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:43 GMT
strict-transport-security
max-age=0
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
pixel
a86f2cc3-9398-4dd6-a403-606448c34b0d.t.ssp.hinet.net/ Frame F5A3 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a86f2cc3-9398-4dd6-a403-606448c34b0d.t.ssp.hinet.net/pixel?bd=a86f2cc3-9398-4dd6-a403-606448c34b0d&t=cf&referrer=https%3A%2F%2Freurl.cc
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=7027-22066db3d61dfc0a43ce6367ef61134df557759b5b8912a8242ff7b92822e8d7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:44 GMT
strict-transport-security
max-age=0
server
nginx
content-length
0
content-type
image/png
rum
dsum-sec.casalemedia.com/ Frame 282C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAeVKxLis4ztRuRGasJf1u8&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAeVKxLis4ztRuRGasJf1u8&google_cver=1&C=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAeVKxLis4ztRuRGasJf1u8&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGMqVxd0BMAE&v=APEucNXAOT449mXRlbMmYRAvIalc-BlAj9hWXEB2Es7XAk1-a_iEP-_-raVCGF3B9Pbe0uexqEfiiheRmEphQaPwbn1p9Qyr2lNnIAW0mEjK4G7yV14MkQZi824BuPUBDuzhOgPZVNhH7nP4BBX93e2NFzmWIcltuHEQ_LUJiqvtUcWpe8cxwr0
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Apr 2023 20:05:43 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 27 Apr 2023 20:05:43 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=45&external_user_id=CAESEAeVKxLis4ztRuRGasJf1u8&google_cver=1&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
rum
dsum-sec.casalemedia.com/ Frame 282C
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZErVl7fw2PGaVbErJnemewAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAeVKxLis4ztRuRGasJf1u8&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAeVKxLis4ztRuRGasJf1u8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGMqVxd0BMAE&v=APEucNXAOT449mXRlbMmYRAvIalc-BlAj9hWXEB2Es7XAk1-a_iEP-_-raVCGF3B9Pbe0uexqEfiiheRmEphQaPwbn1p9Qyr2lNnIAW0mEjK4G7yV14MkQZi824BuPUBDuzhOgPZVNhH7nP4BBX93e2NFzmWIcltuHEQ_LUJiqvtUcWpe8cxwr0
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Apr 2023 20:05:43 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 27 Apr 2023 20:05:43 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAeVKxLis4ztRuRGasJf1u8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame 282C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJSVCSLNY-usLFqf5JUqc3s&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEJSVCSLNY-usLFqf5JUqc3s%26google_cver%3D1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEJSVCSLNY-usLFqf5JUqc3s%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGMqVxd0BMAE&v=APEucNXAOT449mXRlbMmYRAvIalc-BlAj9hWXEB2Es7XAk1-a_iEP-_-raVCGF3B9Pbe0uexqEfiiheRmEphQaPwbn1p9Qyr2lNnIAW0mEjK4G7yV14MkQZi824BuPUBDuzhOgPZVNhH7nP4BBX93e2NFzmWIcltuHEQ_LUJiqvtUcWpe8cxwr0
Protocol
HTTP/1.1
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Apr 2023 20:05:43 GMT
AN-X-Request-Uuid
27de93b9-09b1-4e38-8728-bb466e7f2e59
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.114.218.25; 217.114.218.25; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 27 Apr 2023 20:05:43 GMT
AN-X-Request-Uuid
d2681b66-3341-452c-b413-e6e68028d8b7
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEJSVCSLNY-usLFqf5JUqc3s%26google_cver%3D1
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.114.218.25; 217.114.218.25; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 282C
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODkyNjI1MDUzMzc1Nzk3MDQ2OA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODkyNjI1MDUzMzc1Nzk3MDQ2OA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGMqVxd0BMAE&v=APEucNXAOT449mXRlbMmYRAvIalc-BlAj9hWXEB2Es7XAk1-a_iEP-_-raVCGF3B9Pbe0uexqEfiiheRmEphQaPwbn1p9Qyr2lNnIAW0mEjK4G7yV14MkQZi824BuPUBDuzhOgPZVNhH7nP4BBX93e2NFzmWIcltuHEQ_LUJiqvtUcWpe8cxwr0
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 20:05:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 27 Apr 2023 20:05:43 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.114.218.25; 217.114.218.25; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
a8dbc644-15e9-417d-9cae-10f8ec246794
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODkyNjI1MDUzMzc1Nzk3MDQ2OA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dpixel
cms.quantserve.com/ Frame DE20 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELzMwZHCu8fPpZfiniPbTzo&google_cver=1&google_push=ATf1kGOAXhQjgleIDedmAUywLxX1OQYh2LiK2oU8qpOMKzITMnTxDGfFdVqZl8BUkK1bBWaI_wFYkPGpTnbJxQpEVbcwGVeXWgXO
Requested by
Host: 7d00d2c38336bf5afab542272be5bb69.safeframe.googlesyndication.com
URL: https://7d00d2c38336bf5afab542272be5bb69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 20:05:43 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DE20
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEPgZT_xSWKiU783YyeT8vW4&google_cver=1&google_push=ATf1kGOI5NtINBD8DJLh2H7sh2emy8cKerGrLkpRunfT6Fxu2jws7Fqlmx1q-oVY2heNHQQ6cAvpKdCzy6aNe2LEwpp4...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEPgZT_xSWKiU783YyeT8vW4&google_cver=1&google_push=ATf1kGOI5NtINBD8DJLh2H7sh2emy8cKerGrLkpRunfT6Fxu2jws7Fqlmx1q-oVY2heNHQQ6cAvpKdCzy6aNe2...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGOI5NtINBD8DJLh2H7sh2emy8cKerGrLkpRunfT6Fxu2jws7Fqlmx1q-oVY2heNHQQ6cAvpKdCzy6aNe2LEwpp4BnphQzmX&google_hm=1HpmcksIS62Ft4yCVa4duQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGOI5NtINBD8DJLh2H7sh2emy8cKerGrLkpRunfT6Fxu2jws7Fqlmx1q-oVY2heNHQQ6cAvpKdCzy6aNe2LEwpp4BnphQzmX&google_hm=1HpmcksIS62Ft4yCVa4duQ==
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 20:05:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGOI5NtINBD8DJLh2H7sh2emy8cKerGrLkpRunfT6Fxu2jws7Fqlmx1q-oVY2heNHQQ6cAvpKdCzy6aNe2LEwpp4BnphQzmX&google_hm=1HpmcksIS62Ft4yCVa4duQ==
date
Thu, 27 Apr 2023 20:05:43 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixel
cm.g.doubleclick.net/ Frame DE20
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESENO15XtSJaRNdSfvLnJNr5w&google_cver=1&google_push=ATf1kGN1R0Vt48HSjfD61wgD8-J9pZQrJKucPCx0LLXkqXFcb12fsZdj6xH5-jV9d2pZx0mPierw08Qy...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESENO15XtSJaRNdSfvLnJNr5w&google_cver=1&google_push=ATf1kGN1R0Vt48HSjfD61wgD8-J9pZQrJKucPCx0LLXkqXFcb12fsZdj6xH5-jV9d2pZx0mPier...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzY4OTUxMjU1Nzg2MDI3NjQxMw&google_push=ATf1kGN1R0Vt48HSjfD61wgD8-J9pZQrJKucPCx0LLXkqXFcb12fsZdj6xH5-jV9d2pZx0mPierw08...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzY4OTUxMjU1Nzg2MDI3NjQxMw&google_push=ATf1kGN1R0Vt48HSjfD61wgD8-J9pZQrJKucPCx0LLXkqXFcb12fsZdj6xH5-jV9d2pZx0mPierw08QyV3e7I6y5EV4s_9GOb5Tl
Requested by
Host: 7d00d2c38336bf5afab542272be5bb69.safeframe.googlesyndication.com
URL: https://7d00d2c38336bf5afab542272be5bb69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 20:05:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 27 Apr 2023 20:05:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzY4OTUxMjU1Nzg2MDI3NjQxMw&google_push=ATf1kGN1R0Vt48HSjfD61wgD8-J9pZQrJKucPCx0LLXkqXFcb12fsZdj6xH5-jV9d2pZx0mPierw08QyV3e7I6y5EV4s_9GOb5Tl
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame DE20
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEH0vyzKQFSffsCfQKC6xfRQ&google_cver=1&google_push=ATf1kGOWZwZ2BRmGv47JOURAqgbiCAJwJAeppA2jErfoiDKW-HsqZwMNKOEymtbhi3CZAsoi3UDmlI7MWXFsg8FN...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGOWZwZ2BRmGv47JOURAqgbiCAJwJAeppA2jErfoiDKW-HsqZwMNKOEymtbhi3CZAsoi3UDmlI7MWXFsg8FNLrdMC6toX7H6
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGOWZwZ2BRmGv47JOURAqgbiCAJwJAeppA2jErfoiDKW-HsqZwMNKOEymtbhi3CZAsoi3UDmlI7MWXFsg8FNLrdMC6toX7H6
Requested by
Host: 7d00d2c38336bf5afab542272be5bb69.safeframe.googlesyndication.com
URL: https://7d00d2c38336bf5afab542272be5bb69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 20:05:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 27 Apr 2023 20:05:43 GMT
via
1.1 b4415e223ef4b4a1db5d4b79b555fe2e.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
TXL50-P4
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGOWZwZ2BRmGv47JOURAqgbiCAJwJAeppA2jErfoiDKW-HsqZwMNKOEymtbhi3CZAsoi3UDmlI7MWXFsg8FNLrdMC6toX7H6
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
NgnGPikIi4ma19kNyDv2l3gG1m2oy9cZGdavAJJkke4-o6HNBQVHZg==
pixel
cm.g.doubleclick.net/ Frame DE20
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEGbWNVUXR5P4f7TfEqG9eiQ&google_cver=1&google_push=ATf1kGPEYYb52xHDDbPu_xpSW53NpYM7BW3I4ebZHw6X2ltnVD1aeLSG5pUcEHso-JHJhrYVzA_WNniV1G31mQX9AONNAu...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEGbWNVUXR5P4f7TfEqG9eiQ&google_cver=1&google_push=ATf1kGPEYYb52xHDDbPu_xpSW53NpYM7BW3I4ebZHw6X2ltnVD1aeLSG5pUcEHso-JHJhrYVzA_WNniV1G31mQX9...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=VvqRmK0xTp6g04KNrsNQPA&google_push=ATf1kGPEYYb52xHDDbPu_xpSW53NpYM7BW3I4ebZHw6X2ltnVD1aeLSG5pUcEHso-JHJhrYVzA_WNniV1G31mQX...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=VvqRmK0xTp6g04KNrsNQPA&google_push=ATf1kGPEYYb52xHDDbPu_xpSW53NpYM7BW3I4ebZHw6X2ltnVD1aeLSG5pUcEHso-JHJhrYVzA_WNniV1G31mQX9AONNAuLt6TbV
Requested by
Host: 7d00d2c38336bf5afab542272be5bb69.safeframe.googlesyndication.com
URL: https://7d00d2c38336bf5afab542272be5bb69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 20:05:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=VvqRmK0xTp6g04KNrsNQPA&google_push=ATf1kGPEYYb52xHDDbPu_xpSW53NpYM7BW3I4ebZHw6X2ltnVD1aeLSG5pUcEHso-JHJhrYVzA_WNniV1G31mQX9AONNAuLt6TbV
access-control-allow-origin
*
date
Thu, 27 Apr 2023 20:05:43 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame DE20
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEJrgCgVmjkt_Xm5LqGxt9AU&google_cver=1&google_push=ATf1kGOSTQUGSulip9VGftoM91Ew1q-8C_Nnnhp2FG34nO4Tx5utvUmMreBpvesUsqhb4hYWQkHeuMLdw7Vn-Xsjos1ryoeaR0gi
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=ATf1kGOSTQUGSulip9VGftoM91Ew1q-8C_Nnnhp2FG34nO4Tx5utvUmMreBpvesUsqhb4hYWQkHeuMLdw7Vn-Xsjos1ryoeaR0g...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTA2MTQwMDc0ODgwMzczMDA0NDI2MQ%3D%3D&google_push=ATf1kGOSTQUGSulip9VGftoM91Ew1q-8C_Nnnhp2FG34nO4Tx5utvUmM...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTA2MTQwMDc0ODgwMzczMDA0NDI2MQ%3D%3D&google_push=ATf1kGOSTQUGSulip9VGftoM91Ew1q-8C_Nnnhp2FG34nO4Tx5utvUmMreBpvesUsqhb4hYWQkHeuMLdw7Vn-Xsjos1ryoeaR0gi
Requested by
Host: 7d00d2c38336bf5afab542272be5bb69.safeframe.googlesyndication.com
URL: https://7d00d2c38336bf5afab542272be5bb69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 20:05:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTA2MTQwMDc0ODgwMzczMDA0NDI2MQ%3D%3D&google_push=ATf1kGOSTQUGSulip9VGftoM91Ew1q-8C_Nnnhp2FG34nO4Tx5utvUmMreBpvesUsqhb4hYWQkHeuMLdw7Vn-Xsjos1ryoeaR0gi
date
Thu, 27 Apr 2023 20:05:43 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame DE20
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESENi55w4xs4Dkytd1jpDF_vA&google_cver=1&google_push=ATf1kGOKDZGrz8HCOMREKMMpgvaf8SCAMoXfd2tYFYlhdTpNXTlvSI6Qqq1ebVQAyJSAEWD8Q-...
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESENi55w4xs4Dkytd1jpDF_vA&google_cver=1&google_push=ATf1kGOKDZGrz8HCOMREKMMpgvaf8SCAMoXfd2tYFYlhdTpNXTlvSI6Qqq1ebVQAyJSAEWD8Q-...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1peUswMGloRTJ1RVpSamtJZTF2bUtuNWhHV0ZWeFBPaH5B&google_push=ATf1kGOKDZGrz8HCOMREKMMpgvaf8SCAMoXfd2tYFYlhdTpNXTlvSI6Qq...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1peUswMGloRTJ1RVpSamtJZTF2bUtuNWhHV0ZWeFBPaH5B&google_push=ATf1kGOKDZGrz8HCOMREKMMpgvaf8SCAMoXfd2tYFYlhdTpNXTlvSI6Qqq1ebVQAyJSAEWD8Q-HJW4fdxPVeHF_fR18ROdJERhk1DA
Requested by
Host: 7d00d2c38336bf5afab542272be5bb69.safeframe.googlesyndication.com
URL: https://7d00d2c38336bf5afab542272be5bb69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 20:05:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1peUswMGloRTJ1RVpSamtJZTF2bUtuNWhHV0ZWeFBPaH5B&google_push=ATf1kGOKDZGrz8HCOMREKMMpgvaf8SCAMoXfd2tYFYlhdTpNXTlvSI6Qqq1ebVQAyJSAEWD8Q-HJW4fdxPVeHF_fR18ROdJERhk1DA
date
Thu, 27 Apr 2023 20:05:43 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame DE20 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LDYKMr96ZQcQsefXX5_PDS0wr-G2eTvC_Ktf3woDyOQ-y7AEUgtBwqzq9rMz7h9YHQvUZP9w
Requested by
Host: 7d00d2c38336bf5afab542272be5bb69.safeframe.googlesyndication.com
URL: https://7d00d2c38336bf5afab542272be5bb69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:43 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
view
googleads4.g.doubleclick.net/pcs/ Frame BE89 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstmz2_MOcLnFitTLD92V5FPR9GTMVl7rgxmCfQxvg-mojIuAp3f2CWxiw4t803HEAnx4T39wKqXu-aIfB-iCaHJySZktokhPc8h_vZRSaS0BpQzReNafKyavn5Jq0RZbVp1MiQSwxWgKTGUci5jD0PcZFHJ8uP_cOhtB2Uz75I7lcPOdB_KAkZJDzw5pqOOMlIVinxS-OqL8JnOKA504YEcMgZmdJuL8J4WJbMI1aiLC_NFh6tbsiGzHT92IDJBPQutgXw8oI8yx3a3la9NTiOHUeKn0KjYdRJGldDpgz3NmBX4XBXTnKrvNkt6GR7B5mm4ML0UZATavH5MHV1CZDKNMM8E1PoSBdN7cnl00cG-lkAkSb6_khYcqttzvLL9GCL3n0fyfveDA5kl3j_pTALl9RVZFP6rmxkYDRoYWwSeavl5tvBYfpfEaoFHnErxxIzbgqlNZK-YU8B3QBQEJiRuw6_qng7rtRNdJp0xH6MzyACehK5vWR0myeAMHTkfQlPQJnIRDNfeBRxxPVDtAjvvKezvQ-OuMmMAN8nn6dYsOk4gZB5MfpkUEtBsOU7ff2WW2oEeViLL71AbaGi8dMfLtoXpQX7L4Z_0I389dR36Kx3Rid0d0whOYKQVkfDToK_UmUzr8t2O1TRNUw_xfDJrmSokBCCnBQgJhYP63Tl4Jf1c42UfEESp89EY_ZZlm4SrTq7R38OzOXlY3EVP0VW57y9qX1ubWhzBnbQXGknKSX02ZOgqD188EIB2Hyny_nk6UkItB0jimLhlG2_1NV6IIHa3Ym-fA4oCR3LMDdaSMfqPrh0kr6tzndYFy0VLSj3GxrESbmELE7zlpOKUZ2XaSKoI9AqYwm-CR1AA2hUHf3U_gy7CeuGs4RvPgHTzKGTxEy9ZyEsWHVfVwYOTxSowopd9MnDfM_p0ll91axiHX3DEN5IP9_ZkeEJGjif5eXszEkAfBkHyQQZlQxfYFLsKfPDxG47jcdeIhoUVOLjT_gpfyHUrfVygWreXVMiYJxtzJ3z1j3ce8TyyUeLoqhOVhQqOJn89lZtLJCHTBbpaWRd53_VTriic7EMNkKNo5suvGVuNMRSLe_MMdq6T9VtDdfhzlCjZsinGjr9A_CrzlcPuo4RPuERb3hRhU41MxcHpYwjuotb5rxIiAhXBIPAhFGXrNVWhjdcYY_2b_vwu2BFCvu27&sai=AMfl-YRbcpVquIqGyXMy41X7VtBJqsEsen49lIPPjtIr3UWFlQaKJ-2vhH2MaNNpRtxUtTBsNrmcWjgMCojbWsTmtNLPDOeCfoZXNSIwoKB4UGdeNXx-lIljlczZtrwjZVkp_TQDJse1mMwilXkKadm5RRk0pXVPv3ZLWlbzyi4km39soRfvGyQgbDzp4s744Pg9f2ZomF5mkkfzaGkCDWzTCw3UkVol3YLqVDjMcnxrwY7Hoi-U_2h6RaIfOO7ts2JFaHklbRJxpyk9f9SP7D6VXGG7KsVjSaPZaLK5EDksL2dXRjwnwgTg5VDeETHthjYbq7yBlkKlul27UtRRdoqnVA5vGYoPPtGGHiuctBNbcatUlhxWPmjWPTBPDskssW9kMZ1J9UwuuxD2Xos&sig=Cg0ArKJSzJ8__aM5ua9eEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=141&vt=11&dtpt=139&dett=2&cstd=0&cisv=r20230424.49653&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7d00d2c38336bf5afab542272be5bb69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:43 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 27 Apr 2023 20:05:43 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.7.2/ Frame 6DDA 		93 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
Requested by
Host: rec.scupio.com
URL: https://rec.scupio.com/recweb/js/rec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 07:48:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
303448
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33845
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 23 Apr 2024 07:48:15 GMT
FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js
pagead2.googlesyndication.com/bg/ Frame 0937 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
15e6712bec4c5346c30a338c6e89046998e0eaf53cc5a4b6e1bc922c3779b5e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 13:55:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
22201
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14264
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 14:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 26 Apr 2024 13:55:42 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame BC71
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H2
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Redirect headers

date
Thu, 27 Apr 2023 20:05:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
ls.html
img.scupio.com/html/ Frame C2E9 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/html/ls.html
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-63.prg50.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce

Request headers

Referer
https://img.scupio.com/html/ad.html?v=1.0.67
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1825
cache-control
max-age=604800
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 27 Apr 2023 19:35:18 GMT
etag
W/"583295c9-4dc"
expires
Thu, 04 May 2023 19:35:18 GMT
last-modified
Mon, 21 Nov 2016 06:35:53 GMT
server
nginx/1.12.1
vary
Origin
via
1.1 e14614617e85116e937d5168b35a94de.cloudfront.net (CloudFront)
x-amz-cf-id
9N5U-NRzR3WHib3QLnHiUcyq9hvjWdWwYyFlW4e1BCPaUw70AzkxoA==
x-amz-cf-pop
PRG50-C1
x-cache
Hit from cloudfront
ggid.aspx
rec.scupio.com/recweb/ Frame 1D63
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q1ZBMjAyMzA0MjgwNDA1NDM4MTY2MTM%3d&layout=js
  • https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEJk92U4ilOdftlyJS53Hn18&google_cver=1&google_ula=3918219,0
0
551 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEJk92U4ilOdftlyJS53Hn18&google_cver=1&google_ula=3918219,0
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.67
Protocol
HTTP/1.1
Server
203.69.60.96 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-69-60-96.hinet-ip.hinet.net
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Thu, 27 Apr 2023 20:05:43 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
text/javascript
P3P
CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control
private
Content-Length
0

Redirect headers

pragma
no-cache
date
Thu, 27 Apr 2023 20:05:43 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEJk92U4ilOdftlyJS53Hn18&google_cver=1&google_ula=3918219,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 1061
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac
  • https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://img.scupio.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 27 Apr 2023 20:05:43 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 27 Apr 2023 20:05:43 GMT
location
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
server
AkamaiGHost
/
www.facebook.com/tr/ Frame 1D63 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1588263144793165&ev=ViewContent&dl=https%3A%2F%2Fimg.scupio.com%2Fhtml%2Fad.html%3Fv%3D1.0.67&rl=https%3A%2F%2Fimg.scupio.com%2Fhtml%2Fad.html%3Fv%3D1.0.67&if=true&ts=1682625943772&cd[SBST]=17&cd[PuID]=reurl
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.67
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 27 Apr 2023 20:05:43 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
/
sync.aralego.com/idSync/ Frame 1D63 		35 B
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CVA20230428040543816613
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.67
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Wilmington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:44 GMT
connection
close
content-length
35
content-type
image/gif
ls.html
img.scupio.com/html/ Frame 3922 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/html/ls.html?mid=52
Requested by
Host: rec.scupio.com
URL: https://rec.scupio.com/recweb/js/rec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-63.prg50.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce

Request headers

Referer
https://img.scupio.com/html/ad.html?v=1.0.67
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2086
cache-control
max-age=604800
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 27 Apr 2023 19:36:50 GMT
etag
W/"583295c9-4dc"
expires
Thu, 04 May 2023 19:30:57 GMT
last-modified
Mon, 21 Nov 2016 06:35:53 GMT
server
nginx/1.12.1
vary
Origin
via
1.1 e14614617e85116e937d5168b35a94de.cloudfront.net (CloudFront)
x-amz-cf-id
ACXsOhhrZMSBhjvBsFNu-uuaZ_sHvJqNba357KXsAF4uyxZPPgq4uw==
x-amz-cf-pop
PRG50-C1
x-cache
Hit from cloudfront
rec.aspx
rec.scupio.com/recweb/ Frame 6DDA 		11 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rec.scupio.com/recweb/rec.aspx?cb=0.24494997886749692
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
203.69.60.96 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-69-60-96.hinet-ip.hinet.net
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
a513eb4b4ea38bf1ed73d218d787d42293c92c108fd205eac2c41978a33157b6

Request headers

Accept
*/*
Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Thu, 27 Apr 2023 20:05:43 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
P3P
CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin
https://img.scupio.com
Content-Type
text/javascript; charset=utf-8
Cache-Control
private
Access-Control-Allow-Credentials
true
Content-Length
3069
usync.js
eus.rubiconproject.com/ Frame CE04 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
3951f3697f916eed6db93946c2f199c70e3b000f6cd9735f4e3d6912374db0c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Thu, 27 Apr 2023 20:05:43 GMT
Content-Encoding
gzip
Last-Modified
Thu, 27 Apr 2023 04:49:53 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=31450
Connection
keep-alive
Content-Length
10020
Expires
Fri, 28 Apr 2023 04:49:53 GMT
usync.js
eus.rubiconproject.com/ Frame 1061 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
3951f3697f916eed6db93946c2f199c70e3b000f6cd9735f4e3d6912374db0c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Thu, 27 Apr 2023 20:05:43 GMT
Content-Encoding
gzip
Last-Modified
Thu, 27 Apr 2023 04:49:53 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=31450
Connection
keep-alive
Content-Length
10020
Expires
Fri, 28 Apr 2023 04:49:53 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.7.2/ Frame 4788 		93 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
Requested by
Host: rec.scupio.com
URL: https://rec.scupio.com/recweb/js/rec.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 07:48:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
303448
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33845
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 23 Apr 2024 07:48:15 GMT
khaos.jpg
token.rubiconproject.com/ Frame CE04 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rec.aspx
rec.scupio.com/recweb/ Frame 4788 		8 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rec.scupio.com/recweb/rec.aspx?cb=0.8706901360766564
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
203.69.60.96 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-69-60-96.hinet-ip.hinet.net
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e6127aad40d107c803e95201461953aa11e62b7f1fcca45ad5eebe7457c9c39e

Request headers

Accept
*/*
Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Thu, 27 Apr 2023 20:05:43 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
P3P
CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin
https://img.scupio.com
Content-Type
text/javascript; charset=utf-8
Cache-Control
private
Access-Control-Allow-Credentials
true
Content-Length
2939
khaos.jpg
token.rubiconproject.com/ Frame 1061 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0937 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B60VLl9VKZLT3AY_pgAfYibnYAQAAAAA4AeAEAg&bg=!paalpvLNAAYfNdXmPzU7ADkAdvg8Wk_d9w0s8a0ni3ttQLUTqwqQgR2eR270iqduY2neHb7KOgnUklD2nJf--RKkLAVrF3V5oVMCAAAAnlIAAAADaAEHCgAWQvQWspil10SurfzJX0lD4lyq5UhAd5kDVGC0DWcIWinlXekSxJJ-KmYI-G6_yIJJHoLTdhmxqkALKTuR0ounqUXiin5M8V6S6Ui_KuRtU7hhJtCAwXuJkApS9h7v8lZrRzKqhXaAHQsLzgrCMhmDkg5dG-Pa8poyBTZqF10LUVnIS_XO2t7oH9BJBt9ODcE4xB5tm7zML8jtlFTBKVywrIeY0exkhFOMNRD2AqSuZjLBo6ieDl9HKqgK_CDUY91JMI3u0ZJ3ENHNv-l0uKfs1Cn6-ceSEi1G_duXhn4rFOXkrbn-4ch5CpS5tHqwbVjhapzJHDyBsOkqX3hq2sArtExITug-FEzmjhO1DcggEw4V8Kykh7Y_DCSnRZkucA7-jBGvcLKtjVaJka4wqxURQP-SdmLb9vt5uLhBXtbk63ZIPgaVxVqZo36WcmMGtUnuqm4JuXj3YdYN8c_VoMhKyyhZRAKpbUvurHd4beX7ju9o06mQpJQPFkP2JDHcuje-l5KfdhszDoL1ZbSbGzS4njkgppLz7TrYKL28LmWV2Me3zOTt41dOQ8HuRmaKpwLWDmo-Lwr1Lyp2PIdLDK0jVZB7J8a1l4eS5uOH0V9cnEIK1Xu2xFhZcA5oCmrqO9QpGLrcTO8e6J2kGs_0kEot5D5ZFRHaR6WLcuGc5oJT4uIbK6d8ENfm7u2EKQMGjqRrIS76HMFXbKGG2Ic7kg_8TSq8cydWpCz2XNL8gPdmkVSFAvv9Pg8Zy08vUWkxXm1zN3UlosoAJ3sT-JIlRVY0Nbi7HJOoqTEToEkE_I8p9CCSOUfSQrqqDSsRk802_ffcT5MfUb6Cf9sgTnHexqW1B-hGdUZfMFWR1TWcyRpX0L8KWe8k4LQcsxLdYaC7C9LU9yvrPUQxSQqJ73fZLtNQbinDPBBUr-sAoNgfkyyq0URRkQjOIIMZPVbBgYqyZQTM3nWj5GzA35clqyeUsfsm4cRNMIUv8W_STUxkrjs7AeJpmAlKwkkROKttIoC5fQmiblTUR13oZYiHq_2ptJMb6ryLoxLzkb1kvcbznQ2RGM_5HVf3jK3N-CG9Q_wdPpwXZjSVbkEpNdXOqrZHR8KSCkA44DbqMw-xMFLczpglZPbkRoZnDQIPt4w3A6eSrGGrwgyG3iGz2nXecnOalQ
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 20:05:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame F360 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202304260101&jk=4093042164543076&bg=!TU6lThrNAAYfNdXmPzU7ADkAdvg8WqBhBcSmruq4s3Wcj4acgxi0LQaCXCJjrsqZ2wj4a2xLrpcynqyRCFTv3mUAoDi2iC749UsCAAABPlIAAAAEaAEHmQLxL-PaPvUIKVhxMJD1Y0PhkvTuAhn4RCHa0IGvjjePFWM5SDomUYyaR1zMCEhXyDlF23cA9RlEVOoWcc-2xKnwVlgEPKT4PYMEv3magnH9xQD_Z7ZgiRguThfJWN2z4eSfAlrxg8KeDavwnHZLAjT9ac1tx06giyT0wKqqnVYtq7jNGaHob4MstSKmkXaiPzCsrHyhP-4w8e7RzLAla97R-Kfhkhywt_rCmps4rtOtJfEMaY32eX-Rh6hl_2JMMH4_l0yKDNSrbAu2-9ZRwkt1byr0CVuuZFi02r7UfAgeIiZlqKYChPUtMF-u5pyET092Y7tp4FZ75FfGSSQ3hg09cuHSojv0qHHvyhy4_EB1_cFSew5yPtafQoXUIe_FH0viO1-ioV1w02yg9ZoR-z1XmX1-d4AwlFooUj9oH6ylo0Cvff1axEvFWnaM3eK-ULvZqtYdwjZjjvTzPxpVO23KwfcL-8_GYJ1_SLJRZ4czaBisYqZz-3w9_9lOD-AjWgKkkmAIrgz0JvbLsPEfQYJQxkr7ds0y8rAr0j1Eh3S0EoX1GXY5fiw_dthrR6ZdkLWNgPToFGvZqwkdOxIylClud6Op8ZIoV1s1oEEw-kLOswNYsaRIJw3mTK1R8Ep91odcst7IlAOT2HBO3vabptsRiMBaf3C86IyGTebGLVNy6nK_hQpFNONeICyY6FDNU5gqe21goLI1huw_On7QOVLPaUc268fQUTQOIiiy_9dAWuOu20GNKT8mWyJ32yviFvzsA-awmp-7pCaJRGJnXNwmsvS5YaAFFt_ofNFUUzF-9tS-7KxYBZYzszCCNxp9uaOQZ4ItfwPzRCueuLxzFdJuhfD6VP3X_pR2dMURBC3HuOq2NhSxxgVsYHJjLrZRQQ49FGpFGlqNmcqmwMD98foEQUffi_F-FOnYIrwG9Jtbr8PuDjHDjOVQnN7SfqtZHnh4uzkt5ulVKZ5RArmRyeqBClhcZmeOs6oImEi3pGnjsujM
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
sync.php
pixel-apac.rubiconproject.com/exchange/ Frame CE04 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-apac.rubiconproject.com/exchange/sync.php?p=xapi-bridgewell
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
4b9b5fe4fdc8ed94e0f7cdc225df187a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ad469.js
img.scupio.com/staticfiles/285f65df57e3167b1a38a0ee73a200fd93898a09/scripts/adbanner/build/ Frame 6DDA 		26 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/staticfiles/285f65df57e3167b1a38a0ee73a200fd93898a09/scripts/adbanner/build/ad469.js
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-63.prg50.r.cloudfront.net
Software
nginx/1.15.2 /
Resource Hash
abec0a7ba958d701c63d785d845ef3b3b9aeb8d71d878e99b5177ade20ed9e9e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://img.scupio.com/html/ad.html?v=1.0.67
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 10:03:47 GMT
content-encoding
gzip
via
1.1 e14614617e85116e937d5168b35a94de.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
last-modified
Wed, 29 Mar 2023 09:05:32 GMT
server
nginx/1.15.2
x-amz-cf-pop
PRG50-C1
age
122517
etag
W/"6423ff5c-6646"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
Yib4MjqHEf_cepiGoNGxDANqnPsWB-XAcTNqlqOldNKlShcQ7-Bllw==
expires
Thu, 25 Apr 2024 10:03:47 GMT
CoverImage.js
img.scupio.com/staticfiles/285f65df57e3167b1a38a0ee73a200fd93898a09/scripts/adbanner/build/ Frame 6DDA 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/staticfiles/285f65df57e3167b1a38a0ee73a200fd93898a09/scripts/adbanner/build/CoverImage.js
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-63.prg50.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
9ee1b5f0991caed05a8149e2e2d86f43a8a0d8600d5c83d2799601714a8af3c6

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://img.scupio.com/html/ad.html?v=1.0.67
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 00:56:19 GMT
content-encoding
gzip
via
1.1 e14614617e85116e937d5168b35a94de.cloudfront.net (CloudFront)
last-modified
Wed, 29 Mar 2023 09:05:32 GMT
server
nginx/1.12.1
x-amz-cf-pop
PRG50-C1
age
932965
etag
W/"6423ff5c-54d"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
wkTvHVWq5tH3rKqMCoW2ztZEzIb-dt6R9y08eae3H3eSlVPWYHXk-w==
expires
Tue, 16 Apr 2024 00:56:19 GMT
css2
fonts.googleapis.com/ Frame 6DDA 		2 KB
612 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@900
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7a52a2d6ab809e391e3a1e5eef2dd5a7ac8ae0e01ab0a33faa91bab58354d32c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 27 Apr 2023 20:05:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 27 Apr 2023 20:05:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 27 Apr 2023 20:05:44 GMT
css2
fonts.googleapis.com/ Frame 6DDA 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@900
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 27 Apr 2023 20:05:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 27 Apr 2023 20:05:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 27 Apr 2023 20:05:44 GMT
pixel
cm.g.doubleclick.net/ Frame CE04
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 20:05:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame CE04 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 27 Apr 2023 20:05:44 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame CE04
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=vjGt5BJ9QlOBL192alwgVA&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=vjGt5BJ9QlOBL192alwgVA
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=vjGt5BJ9QlOBL192alwgVA
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
HTTP/1.1
Server
52.95.126.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Apr 2023 20:05:44 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
G0XJM7Z7VV8VVWYAX1SZ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=vjGt5BJ9QlOBL192alwgVA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync.php
pixel.rubiconproject.com/exchange/ Frame CE04 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
sync.adotmob.com/cookie/ Frame CE04 		0
0
tap.php
pixel.rubiconproject.com/ Frame CE04
Redirect Chain
  • https://i.w55c.net/ping_match.gif?ei=RUBICON&rurl=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4210%26nid%3D1523%26put%3D_wfivefivec_%26expires%3D30
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=RUBICON&rurl=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4210%26nid%3D1523%26put%3D_wfivefivec_%26expires%3D30
  • https://pixel.rubiconproject.com/tap.php?v=4210&nid=1523&put=JOZ3f5MD1PS7S85&expires=30
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4210&nid=1523&put=JOZ3f5MD1PS7S85&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Pragma
no-cache
Date
Thu, 27 Apr 2023 20:05:44 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-775-g5f74e41#rel-ec2-master i-05e7e34dc077f730b@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://pixel.rubiconproject.com/tap.php?v=4210&nid=1523&put=JOZ3f5MD1PS7S85&expires=30
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
CookieSyncRubicon
rtb.adentifi.com/ Frame CE04 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncRubicon
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.158.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-158-115.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:44 GMT
cookiesync
bttrack.com/pixel/ Frame CE04 		35 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=c91bfcce-bb43-46f7-b14e-567c0a4332b3
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-servername
Track003-iad
pragma
no-cache
date
Thu, 27 Apr 2023 20:04:53 GMT
strict-transport-security
max-age=31536000;
content-type
image/gif
cache-control
private,no-cache
content-length
35
expires
-1
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 4EFC 		74 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
51648fc02147316364663396489b25f808aeab817dd77b927b99d916f19fab13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:44 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24737
x-xss-protection
0
server
cafe
etag
755 / 19474 / m202304240101 / config-hash: 18361539349155083424
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 27 Apr 2023 20:05:44 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 3EC0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202304250101&jk=3515331543519058&bg=!mZqlms7NAAYfNdXmPzU7ADkAdvg8WnZVCJceQUq1OHpXJax43MdvrUKvDAJYh-9Xb_ZG0EUVrEFTuQXqFSzUPdPPtrt3wsYjVKYCAAABhVIAAAADaAEHCgBkzwm5JywOi4IfaendT2b3kM-6hOECwz3hZHPK22owapNXINrgGOOVlXUZoBywHyVt7iUoRMWZQAJQiyq7xwgC8MG75vnv1ZUr2qvCWUEUIeIDJEfTdxu7013kFEQZlqipb6AerpkC7XSgJ4942yMr_c6pEl5RcrNXojqItdGpXkI5VX4FHWdO228imgxFm8N-kLfpSPdxBuefiAuArSa1xV0UP9zYnAEzHjg8hlb3kgxQHWCYxhsFTWXm0AoQ-svBHV85d6nuSvjAuYEVUnjBmug9ktUTnnDvv9GjdVYvUYKmAvcMY1TXq9YLBf8IP9noJSH8Z_ITYihnucS1PB1xtNFDUd9qBFpQu4fx_swT1SkDO8ZGwGg4-3OFUZ6kjrdej0akbaZU8PMFcAT7K_VvC0m88mTlTpL8VSv3SazS0h0PswzIi8r8ciFtchOywRL447wTa-WwBAEF-9f_v2YRWpHMy1kjZjcyTLY4J8ewvsmRT4yzKxqW6EhMR_jI2idDffCnl-22tDziMsc7WXx4W6GzVVG0K4A5GjY_R3wnOV-AZKukG_wxYOAJ0x6ckdOqWl4Gvyyoi-0hvRajBczIHG7mg6MQES7w1Ao1ZDk6qH-ub3iaPs05qJzAC386OpcFPxZfmQA4bZGA93Ryjfq4ODXsFfJ6DV2-FqnqPLKCrDBtd0x4cr0N6HIxGLZdXw7MhV-gDbRPsdQOQwIfUOzOJixwOVpgFMuOMK2QIs3Tge4PhQMMSixoFRQoH2nFeNz03or2PL6OrGaIYK7ywJIwriUVHA2rNj8wq0s_wFC2CoEBl21ByYnhlyEO08DJLM2pdhvEEHcOH0mDnvuk3tjzfmDg14-XU_jX85F-k34nwhwPvDYhFK4RV2jyoa0m-BJeJPa_WEO4mr_taQT7PLhNtK70_rbeD3_mHcx0G0hHD3P4pLJ_b0cO4k91p3e0jQorZr9ESi2EywJtIzFww5fXNphVnplaN1r85NlGPUenUPAA1gbPQ9rcWy-Cntdo8s4LcevLGxpbJPaVZ4IhTibLIjFtzOP4xb3Af1C8xmm5fX06LwklF6-LL6eM8zBR0yW-RKq7RM6_pfVHO9rJ3dJdXb0-AZrtzQJHf_xPGQKQmqIyn1mp
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
ad223.js
img.scupio.com/staticfiles/285f65df57e3167b1a38a0ee73a200fd93898a09/scripts/adbanner/build/ Frame 4788 		17 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/staticfiles/285f65df57e3167b1a38a0ee73a200fd93898a09/scripts/adbanner/build/ad223.js
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-63.prg50.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
12c0a1bb080bd6b09d782c6bd5be0f89b2ee6d64eedc0059acca4741432e3112

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://img.scupio.com/html/ad.html?v=1.0.67
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 29 Mar 2023 09:11:32 GMT
content-encoding
gzip
via
1.1 e14614617e85116e937d5168b35a94de.cloudfront.net (CloudFront)
last-modified
Wed, 29 Mar 2023 09:05:32 GMT
server
nginx/1.12.1
x-amz-cf-pop
PRG50-C1
age
2544852
etag
W/"6423ff5c-45a6"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
N9GO0lGpBY3mKA91-EthYs8SGZhvQta59illOpHjsjfEKNm9ypdqcA==
expires
Thu, 28 Mar 2024 09:11:32 GMT
CoverImage.js
img.scupio.com/staticfiles/285f65df57e3167b1a38a0ee73a200fd93898a09/scripts/adbanner/build/ Frame 4788 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/staticfiles/285f65df57e3167b1a38a0ee73a200fd93898a09/scripts/adbanner/build/CoverImage.js
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-63.prg50.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
9ee1b5f0991caed05a8149e2e2d86f43a8a0d8600d5c83d2799601714a8af3c6

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://img.scupio.com/html/ad.html?v=1.0.67
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 00:56:19 GMT
content-encoding
gzip
via
1.1 e14614617e85116e937d5168b35a94de.cloudfront.net (CloudFront)
last-modified
Wed, 29 Mar 2023 09:05:32 GMT
server
nginx/1.12.1
x-amz-cf-pop
PRG50-C1
age
932965
etag
W/"6423ff5c-54d"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
Y70oVY1nhnKrxn8OxQYHo7UBa9VHjkuNhQQObr65KMgc8r3VxtfuaQ==
expires
Tue, 16 Apr 2024 00:56:19 GMT
2c95a299-75ee-4a5c-b41e-f38d367afaba.jpg
img.scupio.com/dsp/ad-image/1125/2/ Frame 4788 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.scupio.com/dsp/ad-image/1125/2/2c95a299-75ee-4a5c-b41e-f38d367afaba.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-63.prg50.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
5556169d3f68e64d261b1b13799a57f87d5551dd34700c9f5ab1ff4e402f96de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/html/ad.html?v=1.0.67
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:01:35 GMT
via
1.1 e14614617e85116e937d5168b35a94de.cloudfront.net (CloudFront)
last-modified
Fri, 02 Sep 2022 07:27:06 GMT
server
nginx/1.12.1
x-amz-cf-pop
PRG50-C1
age
249
etag
"6311b04a-4c26"
vary
Origin
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=21600
accept-ranges
bytes
content-length
19494
x-amz-cf-id
JdeaMzFmosTObElPEW5_ZUZz2uc1g7M9pQBS4lpmNAm2ud_ATZZEhw==
expires
Fri, 28 Apr 2023 02:01:35 GMT
HM2648.jpg
img.scupio.com/ec/x/1125/250/648/ Frame 4788 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.scupio.com/ec/x/1125/250/648/HM2648.jpg?h=07d546d043bf4da8aa093e3653305cfd&v=0
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-63.prg50.r.cloudfront.net
Software
nginx/1.15.2 /
Resource Hash
4de20123af1cec055f3f555ca8f632c5f9b4ec425b29506eaa6d229e25eed691
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/html/ad.html?v=1.0.67
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 16:01:29 GMT
strict-transport-security
max-age=31536000
via
1.1 e14614617e85116e937d5168b35a94de.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
14654
x-cache
Hit from cloudfront
content-length
9282
last-modified
Thu, 27 Apr 2023 13:12:12 GMT
server
nginx/1.15.2
etag
"644a74ac-2442"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=21600
accept-ranges
bytes
x-amz-cf-id
1X1MS7TftdYkQsR9OSsUPZnR6EKXBgGBtUA7LjNybG2VU6Go4vyPAg==
expires
Thu, 27 Apr 2023 22:01:29 GMT
HN8194.jpg
img.scupio.com/ec/x/1125/250/194/ Frame 4788 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.scupio.com/ec/x/1125/250/194/HN8194.jpg?h=531cb5a80f675a707b0affff39a29988&v=0
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-63.prg50.r.cloudfront.net
Software
nginx/1.15.2 /
Resource Hash
307fa8a217b5fc574066fdaa24d8496aa73180f3e541c9decb66199f422408fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/html/ad.html?v=1.0.67
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 17:12:54 GMT
strict-transport-security
max-age=31536000
via
1.1 e14614617e85116e937d5168b35a94de.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
10370
x-cache
Hit from cloudfront
content-length
6735
last-modified
Thu, 27 Apr 2023 16:27:08 GMT
server
nginx/1.15.2
etag
"644aa25c-1a4f"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=21600
accept-ranges
bytes
x-amz-cf-id
ioI9D0qr-HsmnAtjs5IQRBHIw4p8iJlsKFlvjd9v5EtO98zu8Pdtfw==
expires
Thu, 27 Apr 2023 23:12:54 GMT
ATSqwoYbibbe.jpg
img.scupio.com/ec/mallimg/AdvertiserMaterial/1125/ Frame 4788 		82 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.scupio.com/ec/mallimg/AdvertiserMaterial/1125/ATSqwoYbibbe.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-63.prg50.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
f7076a83be6fdb42a2c0e323f691e453c625c595d0fb1cc0965c140c717547b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/html/ad.html?v=1.0.67
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:03:09 GMT
via
1.1 e14614617e85116e937d5168b35a94de.cloudfront.net (CloudFront)
last-modified
Thu, 20 Apr 2023 07:08:26 GMT
server
nginx/1.12.1
x-amz-cf-pop
PRG50-C1
age
155
etag
"6440e4ea-147fd"
vary
Origin
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=21600
accept-ranges
bytes
content-length
83965
x-amz-cf-id
-Iy2X4eMAknx5B4oNPvl4yDEgaF_iDZTOn_7Y3TpHxyKziKEUAp25w==
expires
Fri, 28 Apr 2023 02:03:09 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304240101/ Frame 4EFC 		399 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304240101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c3a23a02036d60ca831a506443e35d740f91a81f83063c0bc077c1be6e641d70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:39:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
33975
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
126426
x-xss-protection
0
server
cafe
etag
12107163058553792566
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 26 Apr 2024 10:39:29 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ Frame 4EFC 		544 B
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=reurl.cc
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e527755186d1e662236338e946e9729165c70d428e433b0af4264aec7a2f0230
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:44 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
271
x-xss-protection
0
expires
Thu, 27 Apr 2023 20:05:44 GMT
ddca71f2-8ccd-41ea-ba09-ca891c903419.jpg
img.scupio.com/dsp/ad-image/1125/d/ Frame 6DDA 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.scupio.com/dsp/ad-image/1125/d/ddca71f2-8ccd-41ea-ba09-ca891c903419.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-63.prg50.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
9dcb97a68a752b64c7962e23147454a8269d1ff3434d635371f673b26ffbe494

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/html/ad.html?v=1.0.67
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 19:40:19 GMT
via
1.1 e14614617e85116e937d5168b35a94de.cloudfront.net (CloudFront)
last-modified
Fri, 02 Sep 2022 07:25:47 GMT
server
nginx/1.12.1
x-amz-cf-pop
PRG50-C1
age
1524
etag
"6311affb-7f9c"
vary
Origin
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=21600
accept-ranges
bytes
content-length
32668
x-amz-cf-id
eUmhPq94ysbgbFFNx7zOE7bu3TZwizvfTP8bHXjTKzB_x8vcn3S5vA==
expires
Fri, 28 Apr 2023 01:40:19 GMT
HL8759.jpg
img.scupio.com/ec/x/1125/250/759/ Frame 6DDA 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.scupio.com/ec/x/1125/250/759/HL8759.jpg?h=05f4c834e66c67b12ed441bb6b03fa2a&v=0
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-63.prg50.r.cloudfront.net
Software
nginx/1.15.2 /
Resource Hash
1eff472adf4fd9b969027ff83fa4ce90b4c5e1af000b3417a82c1e35e9c64378
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/html/ad.html?v=1.0.67
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 19:36:41 GMT
strict-transport-security
max-age=31536000
via
1.1 e14614617e85116e937d5168b35a94de.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
1743
x-cache
Hit from cloudfront
content-length
8227
last-modified
Thu, 27 Apr 2023 18:38:38 GMT
server
nginx/1.15.2
etag
"644ac12e-2023"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=21600
accept-ranges
bytes
x-amz-cf-id
eLLtLZTEi6cYSfS-9xyWN3C4eTQYvMvupzWhzglGTYQSCuuMA1-hAw==
expires
Fri, 28 Apr 2023 01:36:41 GMT
GY2907.jpg
img.scupio.com/ec/x/1125/250/907/ Frame 6DDA 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.scupio.com/ec/x/1125/250/907/GY2907.jpg?h=a3a676964998d823a86ceddd65e733a5&v=0
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-63.prg50.r.cloudfront.net
Software
nginx/1.15.2 /
Resource Hash
01346ec6df4731fe9e4747999766f32ede3ea4145e04e3b53313e101f8971fc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/html/ad.html?v=1.0.67
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 16:21:34 GMT
strict-transport-security
max-age=31536000
via
1.1 e14614617e85116e937d5168b35a94de.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
13450
x-cache
Hit from cloudfront
content-length
7004
last-modified
Thu, 27 Apr 2023 11:41:57 GMT
server
nginx/1.15.2
etag
"644a5f85-1b5c"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=21600
accept-ranges
bytes
x-amz-cf-id
3Ob_E_xQDNSw2uzpolnGjCGXM5BEAo0zNFLQRF66IQxyxqckydR4CQ==
expires
Thu, 27 Apr 2023 22:21:34 GMT
HM2648.jpg
img.scupio.com/ec/x/1125/250/648/ Frame 6DDA 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.scupio.com/ec/x/1125/250/648/HM2648.jpg?h=07d546d043bf4da8aa093e3653305cfd&v=0
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-63.prg50.r.cloudfront.net
Software
nginx/1.15.2 /
Resource Hash
4de20123af1cec055f3f555ca8f632c5f9b4ec425b29506eaa6d229e25eed691
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/html/ad.html?v=1.0.67
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 16:01:29 GMT
strict-transport-security
max-age=31536000
via
1.1 e14614617e85116e937d5168b35a94de.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
14654
x-cache
Hit from cloudfront
content-length
9282
last-modified
Thu, 27 Apr 2023 13:12:12 GMT
server
nginx/1.15.2
etag
"644a74ac-2442"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=21600
accept-ranges
bytes
x-amz-cf-id
Z2tLeUPc9zUimSvhNJoiPEC0DdVZQN0U34MIlwRu4kcGyzS7WWbMcw==
expires
Thu, 27 Apr 2023 22:01:29 GMT
HL8794.jpg
img.scupio.com/ec/x/1125/250/794/ Frame 6DDA 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.scupio.com/ec/x/1125/250/794/HL8794.jpg?h=312f48cadfe29d11b956b00d13b5db23&v=0
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-63.prg50.r.cloudfront.net
Software
nginx/1.15.2 /
Resource Hash
de32b29663bad37d050a2d26d7ca668cf08cd7c80aac07f73504fcebb951d6f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/html/ad.html?v=1.0.67
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 19:39:58 GMT
strict-transport-security
max-age=31536000
via
1.1 e14614617e85116e937d5168b35a94de.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
1546
x-cache
Hit from cloudfront
content-length
9374
last-modified
Thu, 27 Apr 2023 17:47:50 GMT
server
nginx/1.15.2
etag
"644ab546-249e"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=21600
accept-ranges
bytes
x-amz-cf-id
Q53yQdQVZydhVI7Wa9G0fQOKfUvq7oXjiYAGXA3KMkRo5zut9YKL0w==
expires
Fri, 28 Apr 2023 01:39:58 GMT
H03424.jpg
img.scupio.com/ec/x/1125/250/424/ Frame 6DDA 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.scupio.com/ec/x/1125/250/424/H03424.jpg?h=004e56838afecbd75bd95624cc2e074a&v=0
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-63.prg50.r.cloudfront.net
Software
nginx/1.15.2 /
Resource Hash
af49b777cedc8c9c382ce04dadca77091f58d8155d6241ec444c581849cd8852
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/html/ad.html?v=1.0.67
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 17:17:46 GMT
strict-transport-security
max-age=31536000
via
1.1 e14614617e85116e937d5168b35a94de.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
10077
x-cache
Hit from cloudfront
content-length
6769
last-modified
Thu, 27 Apr 2023 11:54:25 GMT
server
nginx/1.15.2
etag
"644a6271-1a71"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=21600
accept-ranges
bytes
x-amz-cf-id
3wscJ1LCGuTmF74R_G4BY_AZ7W0Gsqu2KrIR2HjpjgMfhV3f8Pd7DA==
expires
Thu, 27 Apr 2023 23:17:46 GMT
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6DDA 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://img.scupio.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 15:11:34 GMT
x-content-type-options
nosniff
age
449650
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15752
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Apr 2024 15:11:34 GMT
integrator.js
adservice.google.de/adsid/ Frame 4EFC 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=reurl.cc
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304240101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 4EFC 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=reurl.cc
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304240101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 4EFC 		107 KB
35 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3021180139845752&correlator=1322057504545580&eid=44790325&output=ldjh&gdfp_req=1&vrg=202304240101&ptt=17&impl=fif&iu_parts=128002626%2CGPT_%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8reurl%2C13857&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=1&adks=2474970467&sfv=1-0-40&sc=1&cookie=ID%3Dbedb220d1cf5cf93%3AT%3D1682625941%3AS%3DALNI_MZ-1icnlyyuPA4CMVYWHtQSxOrboA&gpic=UID%3D00000bf18def0a53%3AT%3D1682625941%3ART%3D1682625941%3AS%3DALNI_Mb7kxwalxp8NzmZstrLINa5tgaoRg&abxe=1&dt=1682625944360&lmt=1682625944&dlt=1682625944130&idt=214&adxs=270&adys=108&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=uci45lts5l0k&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=4&url=https%3A%2F%2Freurl.cc%2FKMYo2q&ref=https%3A%2F%2Freurl.cc%2FKMYo2q&top=https%3A%2F%2Freurl.cc%2FKMYo2q&frm=23&vis=1&psz=300x250&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=382969064.1682625941&ga_sid=1682625944&ga_hid=23403979&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304240101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a30fcb91150961c350207b03b274c067c897b0926f9dc924d3ea493c8253f915
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:44 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35932
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 4EFC 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202304240101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304240101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
67313eca24f0ead69eb27eafccbc0d1c2b264545d2c1f51b527dcbdbbe598a33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:44 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11236
x-xss-protection
0
container.html
8f6bedd2e91f5340d99aed0251de98c7.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 541D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8f6bedd2e91f5340d99aed0251de98c7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=4
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304240101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 27 Apr 2023 20:05:44 GMT
expires
Fri, 26 Apr 2024 20:05:44 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 4EFC 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304240101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 27 Apr 2023 20:05:44 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A3E6 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
7030
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 27 Apr 2023 18:08:34 GMT
expires
Fri, 26 Apr 2024 18:08:34 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 60CE 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
50a0943559c14be29f498e1ac8370feec7474a3ec37420298246ae4de3f24b01
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-hSpWx2L6iKXr39h_o3FKCQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-hSpWx2L6iKXr39h_o3FKCQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 27 Apr 2023 20:05:44 GMT
expires
Thu, 27 Apr 2023 20:05:44 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js
pagead2.googlesyndication.com/bg/ Frame A3E6 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
15e6712bec4c5346c30a338c6e89046998e0eaf53cc5a4b6e1bc922c3779b5e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 13:55:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
22202
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14264
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 14:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 26 Apr 2024 13:55:42 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 60CE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202304240101&jk=3021180139845752&rc=
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame A3E6 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?X3tRew
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:44 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame BE89 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstzadCJxamIZfvkYJkDscrmRzTVaAiGvWZ0N_NgFGTorApCc2WusXQXApxt5zM8tOqReXcX8Wr7IJgbmNCvUrv7hq219ACiUDGepQmjv_ZUwGMPFgnfeA8BXZbLfywykM2WOEO7cQ&sai=AMfl-YRl7y02uN_JnqE7kxH-e5QGcgem6_klfuX8SZpVnrPMhOT7mL9PzRhjfZn9n_uM35r3NKjUQfH3BsI31kivPCsr9g-L10VEKtI00jKDcbABRGwxIA7MABjB-FQw&sig=Cg0ArKJSzA1EitBKtdt6EAE&cid=CAQSPABygQiDb9QwkkHO6qBJJ4qk_PWHlzHf7GuBYIjtOvg8hV9jh7kTiLYIDZo00CvWJLhDXHatLA5IXRwyaBgB&id=lidar2&mcvt=1000&p=0,0,100,320&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230426&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2995874615&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1682625943452&rpt=234&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7d00d2c38336bf5afab542272be5bb69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 20:05:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame BC71 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvS-L4GOHRAWh3gQmkByWy3EpQNRRAc08pgLvCo11s4BH-tA0GzT_DO4U0aqQcemsrzUa8oh77cE6cinoZ2nKi2-PR2uKEtiKWA2J-cBLE_YUMGt-IwM9CMb-N0c_l-v17MZUm1sg&sai=AMfl-YSJKe3H5YB3z3JTZllmQjWUKv-wP3_r417LzCxz-Eotn6N4IzYPq-8piH3RfqlBjeJTJ51VJWrR-WpkinZhc8TfHKhU7MxFnGqvzi4NZZ2Oq3_6e3qK5lO3Duis&sig=Cg0ArKJSzOQvAwmfBAMvEAE&cid=CAQSPABygQiDDAYMxlQwjfWbRorAyhTQppyBMGc97sF8rX2QryhIpm-RAomke0X2oU7YhNWvg8BHP4uufvgb8RgB&id=ampim&o=315,567&d=970,90&ss=1600,1200&bs=1600,1200&mcvt=1003&mtos=0,0,1003,1003,1003&tos=0,0,1003,0,0&tfs=300&tls=1303&g=100&h=100&tt=1303&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 20:05:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
8f6bedd2e91f5340d99aed0251de98c7.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 97EA 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8f6bedd2e91f5340d99aed0251de98c7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=4
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304240101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 27 Apr 2023 20:05:44 GMT
expires
Fri, 26 Apr 2024 20:05:44 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame 97EA 		4 KB
718 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: 8f6bedd2e91f5340d99aed0251de98c7.safeframe.googlesyndication.com
URL: https://8f6bedd2e91f5340d99aed0251de98c7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3018c5284222e82380ec1570f914f544c35e062c4ff9c64e46fdc01695b2b274
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8f6bedd2e91f5340d99aed0251de98c7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 27 Apr 2023 20:05:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 27 Apr 2023 19:33:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 27 Apr 2023 20:05:44 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/ Frame 97EA 		2 KB
767 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: 8f6bedd2e91f5340d99aed0251de98c7.safeframe.googlesyndication.com
URL: https://8f6bedd2e91f5340d99aed0251de98c7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8f6bedd2e91f5340d99aed0251de98c7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 01:02:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
68604
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 11 May 2023 01:02:20 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 97EA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CNRMvmNVKZJDzGNDh-gazrLSwC72Npq9vn8yvrL8O6p_coNQBEAEg0syBGmCV6o6CnAegAbC6odcDyAEJqQLndBTV9nuyPuACAKgDAcgDywSqBOUBT9CTXL1XzxCCybDO8452PRHGhofDKLbDiqi3SrP9DQiBcvzSGMAh7Yq-dBzJTCnQQibRwK9D2T_234gOqTA2j_QbkhNRzHQv1qK-2iXG7s5VLPt8Y2FlygHs1GNH7e8UbREz5-k_5NEfgewCCklrvv1-O8Ww5gtax7RS2ije6OUP8GkVWoEoILrVzz_CN_61KtcU2vXkxcul9fbxFHIBwjkzq7DlOHZwiX91RjG7SnGUiN0bc3V8QgJDcGkVpkR-E_zWXduawYJJiD6HH2wzADPS5L4YGeMvYA8qurmt_g7OAlhV8sAEqZypquAD4AQBkgUECAQYAZIFBAgFGASgBi6AB8X3rT6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQmKIS0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwHYEwyIFALQFQGAFwGyFx4KHAgAEhRwdWItNDEyNjU1NDc3OTM5Mzk4NhjizBk&sigh=58hQRy0JyvM&uach_m=[UACH]&cid=CAQSPABygQiDn4sXrbs_RbMIn45vhfi-mY52djOKGiLa8ztRAIU_8m3GLN1lJEA8axTKivH5wTVSuRQ8CvFcBRgB&template_id=494
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8f6bedd2e91f5340d99aed0251de98c7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230424/r20110914/ Frame 97EA 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230424/r20110914/abg_lite_fy2021.js
Requested by
Host: 8f6bedd2e91f5340d99aed0251de98c7.safeframe.googlesyndication.com
URL: https://8f6bedd2e91f5340d99aed0251de98c7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
06f3ddbbd0c90766d744b824d27c491995029162c303fb9b9263915d1130b5b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8f6bedd2e91f5340d99aed0251de98c7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 15:25:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
16786
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8790
x-xss-protection
0
server
cafe
etag
1446065643150489480
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 11 May 2023 15:25:58 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/ Frame 97EA 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/window_focus_fy2021.js
Requested by
Host: 8f6bedd2e91f5340d99aed0251de98c7.safeframe.googlesyndication.com
URL: https://8f6bedd2e91f5340d99aed0251de98c7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8f6bedd2e91f5340d99aed0251de98c7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 18:07:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
7083
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 11 May 2023 18:07:41 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/ Frame 97EA 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 8f6bedd2e91f5340d99aed0251de98c7.safeframe.googlesyndication.com
URL: https://8f6bedd2e91f5340d99aed0251de98c7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1703a72fa6f4e4c3e4226e77f416e403c9350226515a4addb2dba832adddec33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8f6bedd2e91f5340d99aed0251de98c7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 02:00:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
65092
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7958
x-xss-protection
0
server
cafe
etag
6327879953816217519
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 11 May 2023 02:00:52 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 97EA 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 8f6bedd2e91f5340d99aed0251de98c7.safeframe.googlesyndication.com
URL: https://8f6bedd2e91f5340d99aed0251de98c7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8f6bedd2e91f5340d99aed0251de98c7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49538
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1682508732222081"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Apr 2023 20:05:44 GMT
f8970ecc2196f374e9d99027c476dd6b.js
www.gstatic.com/mysidia/ Frame 97EA 		32 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f8970ecc2196f374e9d99027c476dd6b.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 8f6bedd2e91f5340d99aed0251de98c7.safeframe.googlesyndication.com
URL: https://8f6bedd2e91f5340d99aed0251de98c7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
56cb66844b6e4806082b345cc9bf870b3e2493a6f4e277b865d85666f0fac439
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8f6bedd2e91f5340d99aed0251de98c7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 12:11:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
201233
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13747
x-xss-protection
0
last-modified
Mon, 24 Apr 2023 20:22:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 24 Jul 2023 12:11:51 GMT
truncated
/ Frame 97EA 		287 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce

Request headers

Referer
Origin
https://8f6bedd2e91f5340d99aed0251de98c7.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
624907996767536446
tpc.googlesyndication.com/simgad/ Frame 97EA
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr3ZqF_gEQgAgYgAgyCFFyRh2Ouq9r
  • https://tpc.googlesyndication.com/simgad/624907996767536446
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/624907996767536446
Requested by
Host: 8f6bedd2e91f5340d99aed0251de98c7.safeframe.googlesyndication.com
URL: https://8f6bedd2e91f5340d99aed0251de98c7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=4
Protocol
H3
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
484ec1c347c17d7d3b98d5058aa5d90bb5c7315f3a67f44611e902de4be50831
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8f6bedd2e91f5340d99aed0251de98c7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 20:07:58 GMT
x-content-type-options
nosniff
age
431866
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8502
x-xss-protection
0
last-modified
Tue, 09 Apr 2019 09:00:52 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 21 Apr 2024 20:07:58 GMT

Redirect headers

date
Thu, 27 Apr 2023 04:41:09 GMT
x-content-type-options
nosniff
server
cafe
age
55475
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/624907996767536446
content-type
text/html; charset=UTF-8
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 27 May 2023 04:41:09 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame AA55 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 8f6bedd2e91f5340d99aed0251de98c7.safeframe.googlesyndication.com
URL: https://8f6bedd2e91f5340d99aed0251de98c7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8f6bedd2e91f5340d99aed0251de98c7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
28432
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 27 Apr 2023 12:11:52 GMT
etag
48472445140208031
expires
Fri, 28 Apr 2023 12:11:52 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 97EA 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f96af15994eba4cd4920da0ae413fc2d1c75ffca1df1498068d1b0efff8938fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame AA55
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEOYY_N1Mo9LANb2okL2m0xQ&google_cver=1&google_push=ATf1kGOVn-UCG5YHa4nRYoIhD9xhP3YfqbrD39XmuTyT1i9CPFhp4voYS-CVLIGKLY476S-aETCZBjUuX2cS_P6ijmoJnmFXUCqe9Q
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjM5NTA5ODI3ODc4ODcxNDAwNw==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOYY_N1Mo9LANb2okL2m0xQ&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOYY_N1Mo9LANb2okL2m0xQ&google_cver=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 27 Apr 2023 20:05:44 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Thu, 27 Apr 2023 20:05:45 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOYY_N1Mo9LANb2okL2m0xQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame AA55 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEBjwzpkAOzPzDUn1WuZEKW0&google_cver=1&google_push=ATf1kGOJzMZNNjMqJQgs2ncnm-IrcQRyF_2FshIZGLCmkLaAZ8uq1yKyUen5C3mQIlPQRkSYnP3jt-fi-CnUKHZkkz1IcrxoDA1R-A
Requested by
Host: 8f6bedd2e91f5340d99aed0251de98c7.safeframe.googlesyndication.com
URL: https://8f6bedd2e91f5340d99aed0251de98c7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 20:05:45 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
i.match
s.tribalfusion.com/z/ Frame AA55
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEJEHQKc-36XFq6fxAbmPcbQ&google_cver=1&google_push=ATf1kGMKrzcGXWyyBHCvzGaqUnaxk98rfku3UHUnXtas7bHA_AKfu6foxpwGRJQ8PsoTQfI26hhMG5G205doqQdCaLCZtjqV3trY3...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJEHQKc-36XFq6fxAbmPcbQ&google_cver=1&google_push=ATf1kGMKrzcGXWyyBHCvzGaqUnaxk98rfku3UHUnXtas7bHA_AKfu6foxpwGRJQ8PsoTQfI26hhMG5G205doqQdCaLCZtjqV3tr...
43 B
412 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJEHQKc-36XFq6fxAbmPcbQ&google_cver=1&google_push=ATf1kGMKrzcGXWyyBHCvzGaqUnaxk98rfku3UHUnXtas7bHA_AKfu6foxpwGRJQ8PsoTQfI26hhMG5G205doqQdCaLCZtjqV3trY3Q&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGMKrzcGXWyyBHCvzGaqUnaxk98rfku3UHUnXtas7bHA_AKfu6foxpwGRJQ8PsoTQfI26hhMG5G205doqQdCaLCZtjqV3trY3Q%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H2
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 20:05:45 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7be9ae9e2e319b69-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 27 Apr 2023 20:05:45 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
183
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJEHQKc-36XFq6fxAbmPcbQ&google_cver=1&google_push=ATf1kGMKrzcGXWyyBHCvzGaqUnaxk98rfku3UHUnXtas7bHA_AKfu6foxpwGRJQ8PsoTQfI26hhMG5G205doqQdCaLCZtjqV3trY3Q&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGMKrzcGXWyyBHCvzGaqUnaxk98rfku3UHUnXtas7bHA_AKfu6foxpwGRJQ8PsoTQfI26hhMG5G205doqQdCaLCZtjqV3trY3Q%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7be9ae9ccc489b69-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame AA55
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEMVDNqXnzE8vxs-ubv3hO_E&google_cver=1&google_push=ATf1kGPxNPbbKFBDRLfSyf9HpLL28LEChZZiVBr0BR2a0tQMlE1w8N8VszuQe9UZur3tVSgZP3ah1FlW7aH7xdl3...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=lACR04XtR3mebTVoHunA3Q2&google_push=ATf1kGPxNPbbKFBDRLfSyf9HpLL28LEChZZiVBr0BR2a0tQMlE1w8N8VszuQe9UZur3tVSgZP3ah1FlW7aH7xdl3BGQL3SzPCqdVIw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=lACR04XtR3mebTVoHunA3Q2&google_push=ATf1kGPxNPbbKFBDRLfSyf9HpLL28LEChZZiVBr0BR2a0tQMlE1w8N8VszuQe9UZur3tVSgZP3ah1FlW7aH7xdl3BGQL3SzPCqdVIw
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 20:05:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 27 Apr 2023 20:05:45 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=lACR04XtR3mebTVoHunA3Q2&google_push=ATf1kGPxNPbbKFBDRLfSyf9HpLL28LEChZZiVBr0BR2a0tQMlE1w8N8VszuQe9UZur3tVSgZP3ah1FlW7aH7xdl3BGQL3SzPCqdVIw
x-host
tde-deliveryengine-production-69d487867f-w6bz9
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame AA55
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=72CHBDAzTTu3JxsabgDZ_w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=72CHBDAzTTu3JxsabgDZ_w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGO7L4BG_9QQh2f74u8drB93Kv7Fb6PS_iLRvVnRU2F7DXk5T_Cqy8Movf-fXDjmOlV5U8C3ZGUSHAhVACJYKc1bOPEyvaMyQA
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 20:05:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=72CHBDAzTTu3JxsabgDZ_w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGO7L4BG_9QQh2f74u8drB93Kv7Fb6PS_iLRvVnRU2F7DXk5T_Cqy8Movf-fXDjmOlV5U8C3ZGUSHAhVACJYKc1bOPEyvaMyQA
date
Thu, 27 Apr 2023 20:05:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame AA55
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEGbWNVUXR5P4f7TfEqG9eiQ&google_cver=1&google_push=ATf1kGPRMR_ux2CqVaw2IXSPCiDZPItLiZN45sIvyw7t3LsAMB07Fd7SrjD-L8DsFvb2rf2RFp4gtVPLOEr_rJqi3qFiGp...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=VvqRmK0xTp6g04KNrsNQPA&google_push=ATf1kGPRMR_ux2CqVaw2IXSPCiDZPItLiZN45sIvyw7t3LsAMB07Fd7SrjD-L8DsFvb2rf2RFp4gtVPLOEr_rJq...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=VvqRmK0xTp6g04KNrsNQPA&google_push=ATf1kGPRMR_ux2CqVaw2IXSPCiDZPItLiZN45sIvyw7t3LsAMB07Fd7SrjD-L8DsFvb2rf2RFp4gtVPLOEr_rJqi3qFiGpv0SqIrDQ
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 20:05:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=VvqRmK0xTp6g04KNrsNQPA&google_push=ATf1kGPRMR_ux2CqVaw2IXSPCiDZPItLiZN45sIvyw7t3LsAMB07Fd7SrjD-L8DsFvb2rf2RFp4gtVPLOEr_rJqi3qFiGpv0SqIrDQ
access-control-allow-origin
*
date
Thu, 27 Apr 2023 20:05:45 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sync
ssbsync.smartadserver.com/api/ Frame AA55 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEJbRJHtbLKIPJeGg7Qz9HuU&google_cver=1&google_push=ATf1kGNb6NEnbI2C4Y_BAeaAPNl4PwpTs7YcU3K3wAC0SAEVXi6GD7YWMVhqLlkRK53c3IqHTt1PxLad-nlr8TbN9LUqmrG8FP0_RA
Requested by
Host: 8f6bedd2e91f5340d99aed0251de98c7.safeframe.googlesyndication.com
URL: https://8f6bedd2e91f5340d99aed0251de98c7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.150 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:44 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame AA55 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IADBmXGXv7DppDqEKYfNLWlq-7xWMPuc9u-gXsvRuB2399jnnD89kH2wdSr09B_8wG0m_z
Requested by
Host: 8f6bedd2e91f5340d99aed0251de98c7.safeframe.googlesyndication.com
URL: https://8f6bedd2e91f5340d99aed0251de98c7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:45 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 97EA 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://8f6bedd2e91f5340d99aed0251de98c7.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 21:03:36 GMT
x-content-type-options
nosniff
age
428529
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Apr 2024 21:03:36 GMT
FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js
pagead2.googlesyndication.com/bg/ Frame 49B4 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
15e6712bec4c5346c30a338c6e89046998e0eaf53cc5a4b6e1bc922c3779b5e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8f6bedd2e91f5340d99aed0251de98c7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 13:55:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
22203
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14264
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 14:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 26 Apr 2024 13:55:42 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 4EFC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202304240101&jk=3021180139845752&bg=!wsGlwZXNAAYfNdXmPzU7ADkAdvg8WvhWA_40RDufLziMTosM7sk5EhnjBZazTfuENmZuEjbYsguLy2hpKDQen5K__T_XfvblxKgCAAAAW1IAAAADaAEHCgA84jKgyfREeMb3ipe6oYtmcLt6D7bp8W6n6vM6WgJ2sENse12N260EO_s4tHpNlTGfhTbQNn0kt3gEwEtimQMWoli3zZcs224E9dOTm_iQTSCPyIRAIZHo3vs6Rb4-f5pjUY161dX8q45s4xfa65LhHY6V0NlrfDrgCnDkygmhAOY5TvySkSs4ItSnEPGRyDdQleFQCkCu5Yb540InqvbvaZd0KErXdi4cx_cRFLcTBdOtMM9hSfUqJsJb1DddRljHJKPbxFBnTokEItS_K3nnDlpGCHtsDGSsrgRVGj2AIwcbDRImflvb4TLJpgBKgOG9KgTaw1rY430EBAJzfMr94FRrKHMJKLSAOL-uwpnXWAowH8YvTwVo35R-chXcABo8PjlU55yqXjNHq6w56DJLVgm0XXHSOOoEu6N9p68O4EoDAvwaRVreFnMW4W4HTC9QNuTIlSQwrn_pSgrJe_Iw28uwNArhe-FpOR0z9mzjuSx2V_aOuqCpi3qrH_t71Gb8Lt0Jd8D1fxC0cBj1bZkUbMegujbgUzM0LcuXtsBCnJSxp3iFPPAG-G-4AmUqVEeA0sNVlYg04f-OyS-Ifp975ttXmTdsGhou2MDO-lRcV9xwraJKBVBOFVcwk_Y0Sq0EnuAynUuCOfe_9_ybHosP85vkLakRb3Orm2iCAPFJzkgt34OA88eSa2tnVO2kHsCzIbPMGVWexRi2yOfU5PyQ17tQKozD4JvXAJtdxsyfMroIz42ek6Dk8p30lPmhbMmNaWw2I2QFlUiLicSqHUqNERiQDAtSjLnkFlWM0IBP3TcRqeQQ5BCiJxucYPRk4wu6PUP54W6sWm_XCJ1oqSF389n3GXxgOOsHF_TskxGI68UEozJZcIb45Gz8RAqJ2Ct8r1KyqeRqbnOQReD1Etr9IKdRg8k_6Q0sJG10L943aq867t4aon5P45OYBZPmmy87SnG0qckOUdsWnrk6dChdbWGvc05RWONrSxzAk_LB_lVAnl2Dk752Qs22SPB3pQGEdGEybKDCWAU_iaGm1XMriTzJP2cBifrrgCAzH1Wcaq5uaqbTX5S77802SV451WZbx8Kmthg3HGPmFKe9weopiY02Jt0Ms2jP1OcFvBrcnd0yixdQfA
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://img.scupio.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://img.scupio.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 27 Apr 2023 20:05:44 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
313188
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ Frame CD85 		2 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 20:05:45 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://img.scupio.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
296617
expires
0
cm
c.holmesmind.com/ Frame CD85 		0
13 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:45 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
idSync
sync.aralego.com/ Frame CD85 		35 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idSync
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Wilmington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:45 GMT
connection
close
content-length
35
content-type
image/gif
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://img.scupio.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://img.scupio.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 27 Apr 2023 20:05:44 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
264017
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ Frame 5EF6 		2 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 20:05:45 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://img.scupio.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
289715
expires
0
idSync
sync.aralego.com/ Frame 5EF6 		35 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idSync
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Wilmington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:45 GMT
connection
close
content-length
35
content-type
image/gif
cm
c.holmesmind.com/ Frame 5EF6 		0
13 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm
Requested by
Host: reurl.cc
URL: https://reurl.cc/KMYo2q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:05:45 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-N394QBRGC0&gtm=45je34q0&_p=311818070&cid=382969064.1682625941&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1682625940&sct=1&seg=0&dl=https%3A%2F%2Freurl.cc%2FKMYo2q&dt=BCN&en=scroll&epn.percent_scrolled=90&_et=37
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 20:05:45 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 97EA 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssVJPp1ER2YpgI_IFu48miefUmm5E_JraLvLv5tC5NLylhoU71g0evaPOvWR_bdOv-M0g9luMJnOc8-qB8eV91VvmLc4fmaa1mFlzGO2Y8YmBFqLViWTez_voiguDdUhQJsqmnO7g&sai=AMfl-YSf39ecKdwdhoMMeNY78FKV0aLpLu6Uaf7hVcju6uFdBxpKFz6pu0ZLju51R4-CnnLpnrM4tg3rfbgxznipPgi1rJIH1iuSw_JioCnbxvnKxcuYzT83BUBdJ0ky&sig=Cg0ArKJSzB0e8NswnIukEAE&cid=CAQSPABygQiDn4sXrbs_RbMIn45vhfi-mY52djOKGiLa8ztRAIU_8m3GLN1lJEA8axTKivH5wTVSuRQ8CvFcBRgB&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230426&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2474970467&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1682625944880&rpt=183&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8f6bedd2e91f5340d99aed0251de98c7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 20:05:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.facebook.com
URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FCreditCards.com.tw%252F%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId
Domain
www.facebook.com
URL
https://www.facebook.com/ajax/bz?__a=1&__ccg=EXCELLENT&__dyn=7xeUmxa13xu1syUbAihwRwqo98nwgU5Gex-ewSwMwNw8OdwJwvE3vx61cw9y0Ko2_CwjE3awbG782Cwooa85ufw5Zx61vw4iwBgK7o1yEfo2IzU2Xwdq1iwmE2ewnE2Lx-0iS1Axy0gq0Lo4K2e1FwbO0NE&__hs=19474.BP%3Aplugin_default_pkg.2.0..0.0&__hsi=7226823385762599161&__req=4&__rev=1007390460&__s=%3A%3Atqo6f3&__sp=1&__user=0&dpr=1&jazoest=21936&lsd=mHGOnxg6PmWl7QF_3CvHmt
Domain
www.facebook.com
URL
https://www.facebook.com/ajax/bz?__a=1&__ccg=EXCELLENT&__dyn=7xeUmxa13xu1syUbAihwRwqo98nwgU5Gex-ewSwMwNw8OdwJwvE3vx61cw9y0Ko2_CwjE3awbG782Cwooa85ufw5Zx61vw4iwBgK7o1yEfo2IzU2Xwdq1iwmE2ewnE2Lx-0iS1Axy0gq0Lo4K2e1FwbO0NE&__hs=19474.BP%3Aplugin_default_pkg.2.0..0.0&__hsi=7226823385762599161&__req=5&__rev=1007390460&__s=%3A%3Atqo6f3&__sp=1&__user=0&dpr=1&jazoest=21936&lsd=mHGOnxg6PmWl7QF_3CvHmt
Domain
sync.adotmob.com
URL
https://sync.adotmob.com/cookie/rubicon?r=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D123034%26nid%3D3956%26put%3D%7Buser_token%7D

Verdicts & Comments Add Verdict or Comment

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 boolean| credentialless object| sas object| googletag object| adloox_pubint object| anymindTS function| startAnymindTS function| fbq function| _fbq string| partnerId function| hiball object| __hitagCmdQueue function| gtag object| dataLayer function| Vue object| renews function| getRenewsFeeds object| app string| labelToken string| category string| GoogleAnalyticsObject function| ga object| SD object| device function| sitemajiDebugger number| edmpvct number| edmpcct function| postZoneIdAndDomain function| c_tag_mk number| cftkn function| chktkn function| getCookie function| getVideoCardInfo function| getFingerprintRawData function| getPValue function| getFingerprint object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager function| onYouTubeIframeAPIReady object| Scupioads function| hasOwnProperty object| scupiosdk object| ElandTracker function| stfpjs function| cookie_mapping object| ggeac object| google_js_reporting_queue undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| criteo_syncframe_state object| hitag object| brWidgetInit object| truvid_protected object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager

62 Cookies

Domain/Path Name / Value
.reurl.cc/ Name: _gid
Value: GA1.2.796129039.1682625941
.reurl.cc/ Name: _gat
Value: 1
.reurl.cc/ Name: _ga
Value: GA1.1.382969064.1682625941
.reurl.cc/ Name: _ga_N394QBRGC0
Value: GS1.1.1682625940.1.0.1682625940.0.0.0
.reurl.cc/ Name: _fbp
Value: fb.1.1682625940974.924513054
reurl.cc/ Name: CFFPCKUUID
Value: 4239-z2snIaXJ38cDvQ7IZNIrlYNX2HPPgusl
.reurl.cc/ Name: CFFPCKUUIDMAIN
Value: 7027-2stb9yxes7KIXabW0CrrR7NDxEWB9nT3
.reurl.cc/ Name: FPUUID
Value: 7027-22066db3d61dfc0a43ce6367ef61134df557759b5b8912a8242ff7b92822e8d7
.prnasia.com/ Name: __cf_bm
Value: TsbbYkZghx3TbqsUKL9yoIJIN4fHNho3RSJb62UTgoY-1682625941-0-AWI6Yc2n4FOpIQrRlhvUGfLp5oGApPbXLY/QtLRvHktZdB0Ta8QHf4ulJ5kifGuZKnL3iFfV3BQmZz2WvW2oTBY=
.holmesmind.com/ Name: P
Value: 897456-mxkQcoQ0rlAljemzeJml6LhTETpuZvsL
.holmesmind.com/ Name: Vision
Value: 20230428-23:59,20230428-07,20230428-07,20230428-23:59
.holmesmind.com/ Name: C
Value: null
.holmesmind.com/ Name: RK
Value: null
.reurl.cc/ Name: __gads
Value: ID=bedb220d1cf5cf93:T=1682625941:S=ALNI_MZ-1icnlyyuPA4CMVYWHtQSxOrboA
.reurl.cc/ Name: __gpi
Value: UID=00000bf18def0a53:T=1682625941:RT=1682625941:S=ALNI_Mb7kxwalxp8NzmZstrLINa5tgaoRg
.doubleclick.net/ Name: IDE
Value: AHWqTUnmJwgYTROybCokf8r6PtTDtq9Ymu550_b_wU0sJFabBuOYjmBgy7CXvgsgE9M
.reurl.cc/ Name: _ht_em
Value: 1
.hinet.net/ Name: uuid
Value: a86f2cc3-9398-4dd6-a403-606448c34b0d
.reurl.cc/ Name: _ht_a546ca
Value: 1
.c.appier.net/ Name: _auid
Value: j5auO3l-Bq2sGAG1ltVKZA
.criteo.com/ Name: uid
Value: d30e4d1c-bf70-4600-b8d4-3e942a04692a
.reurl.cc/ Name: _ht_hi
Value: 1
.scupio.com/ Name: fxc
Value: 1
rt.ad-score.com/ Name: token
Value: eOoiWwLgBQzcS-zphl-xOqLDxFhuzkQi
.scupio.com/ Name: gx
Value: H4sIABdGS2QA%2fxNmYGDg4ub48vtXx6ybj60FWIVYOOwFmACp5Du6FwAAAA%3d%3d
.reurl.cc/ Name: __htid
Value: a86f2cc3-9398-4dd6-a403-606448c34b0d
.quantserve.com/ Name: d
Value: EF0BCQHtKIEA
.quantserve.com/ Name: mc
Value: 644ad597-b9b30-cca65-e9aec
.3lift.com/ Name: tluid
Value: 1061400748803730044261
.casalemedia.com/ Name: CMID
Value: ZErVl7fw2PGaVbErJnemewAA
.casalemedia.com/ Name: CMPS
Value: 3306
.casalemedia.com/ Name: CMPRO
Value: 3306
.yahoo.com/ Name: A3
Value: d=AQABBJfVSmQCEDbluOU5VIU3T0hKPAh-R0oFEgEBAQEnTGRUZAAAAAAA_eMAAA&S=AQAAAmYRbCDP_6tC0E887SqJg_4
.adform.net/ Name: C
Value: 1
.doubleclick.net/ Name: DSID
Value: NO_DATA
.adnxs.com/ Name: uuid2
Value: 8926250533757970468
.360yield.com/ Name: tuuid
Value: 56fa9198-ad31-4e9e-a0d3-828daec3503c
.360yield.com/ Name: tuuid_lu
Value: 1682625943
.analytics.yahoo.com/ Name: IDSYNC
Value: 18yx~2bbw
.adform.net/ Name: uid
Value: 3689512557860276413
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2GVUl=n1k!]tbPl1M>e)ZlrFUfJ+tGXxoDI3ycRS)jb$FxId)DDJ2xFSW5i_/%#c[z(%73If)y3KL9D3I?+JvE*ih
.scupio.com/ Name: gxc
Value: 1
.holmesmind.com/ Name: R
Value: null
.holmesmind.com/ Name: G
Value: we3u7ZGJymKY5J47cKd8kQ==
.holmesmind.com/ Name: d
Value: /jHzqDFxfoBZ4WTyQK3MPaD5j7NQOgUkv1Txfycvr2ReudB2dm6t0KDrpHJuqax6WjAFQ16PJy71RxDiXPBzgA==
.bidswitch.net/ Name: tuuid
Value: d47a6672-4b08-4bad-85b7-8c8255ae1db9
.bidswitch.net/ Name: c
Value: 1682625943
.bidswitch.net/ Name: tuuid_lu
Value: 1682625943
.bidswitch.net/ Name: google_push
Value: ATf1kGOI5NtINBD8DJLh2H7sh2emy8cKerGrLkpRunfT6Fxu2jws7Fqlmx1q-oVY2heNHQQ6cAvpKdCzy6aNe2LEwpp4BnphQzmX
.aralego.com/ Name: gdpr
Value: 1
.aralego.com/ Name: sspid
Value: 935cfb50-6bcf-3889-af9e-347ce103072c
.scupio.com/ Name: OrgKeyValue
Value: CVA20230428040543816613
.w55c.net/ Name: wfivefivec
Value: JOZ3f5MD1PS7S85
.w55c.net/ Name: matchrubicon
Value: 5
.amazon-adsystem.com/ Name: ad-id
Value: A89LyeivKkZHm50wpFVe2s0
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%22940091D3-85ED-4779-9E6D-35681EE9C0DD%22%7D
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.turn.com/ Name: uid
Value: 2395098278788714007
.pubmatic.com/ Name: KADUSERCOOKIE
Value: EF608704-3033-4D3B-B727-1B1A6E00D9FF
.holmesmind.com/ Name: fcm
Value: 1
.tribalfusion.com/ Name: ANON_ID
Value: afnseFmge06ousnA7ffZdUaE8vgZc9VEIH93bTYJ2ae87JuAOjxUoT4IFZd29uagchh1rVsKCRBKwycIHpfAHZdY

1 Console Messages

Source Level URL
Text
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7d00d2c38336bf5afab542272be5bb69.safeframe.googlesyndication.com
8f6bedd2e91f5340d99aed0251de98c7.safeframe.googlesyndication.com
a.tribalfusion.com
a86f2cc3-9398-4dd6-a403-606448c34b0d.t.ssp.hinet.net
aax-eu.amazon-adsystem.com
ac16f60e9de577bcec5657a5f1dd0157.safeframe.googlesyndication.com
ad.holmesmind.com
ad.sitemaji.com
ad.turn.com
ad2.apx.appier.net
adcdn.holmesmind.com
ads.travelaudience.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
anymind360.com
bidder.criteo.com
blog.alphaloan.co
bttrack.com
bw.scupio.com
c.holmesmind.com
c1.adform.net
cdn.ampproject.org
cdn.holmesmind.com
cdn.jsdelivr.net
cm-dev-poc.holmesmind.com
cm.g.doubleclick.net
cms.quantserve.com
cnt.trvdp.com
connect.facebook.net
creditcards.com.tw
d6ae0804-609b-4b14-a7b6-2e4b7c3f7f2b.t.ssp.hinet.net
dclk-match.dotomi.com
dsum-sec.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
f318be8a124f0324b795a16ac8d60d3c.safeframe.googlesyndication.com
fcm.holmesmind.com
fonts.googleapis.com
fonts.gstatic.com
go.trvdp.com
gocm.c.appier.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hb.aralego.com
i.w55c.net
i0.wp.com
ib.adnxs.com
image6.pubmatic.com
img.gbyhn.com.tw
img.scupio.com
m.holmesmind.com
match.360yield.com
match.adsrvr.org
mma.prnasia.com
mug.criteo.com
pagead2.googlesyndication.com
pixel-apac.rubiconproject.com
pixel.rubiconproject.com
pm.w55c.net
prebid-asia.creativecdn.com
prebid.scupio.com
r.turn.com
re-news.tw
rec.scupio.com
referer-log.holmesmind.com
region1.google-analytics.com
reurl.cc
rt.ad-score.com
rtb.adentifi.com
s.ad.smaato.net
s.tribalfusion.com
s.trvdp.com
s0.2mdn.net
scontent.xx.fbcdn.net
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
static.criteo.net
static.wixstatic.com
static.xx.fbcdn.net
stats.g.doubleclick.net
stg.truvidplayer.com
storage.re-news.tw
sync.adotmob.com
sync.aralego.com
t.ssp.hinet.net
token.rubiconproject.com
tpc.googlesyndication.com
ups.analytics.yahoo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.rayskyinvest.com
x.bidswitch.net
sync.adotmob.com
www.facebook.com
103.132.192.30
104.80.242.37
108.138.199.93
13.248.245.213
13.32.99.40
139.162.23.100
142.250.184.226
15.197.193.217
151.101.129.55
162.210.196.208
172.217.23.98
178.250.1.11
18.156.42.225
18.66.218.111
184.73.158.115
185.80.39.216
185.86.138.150
185.89.210.90
192.0.77.2
192.0.78.187
192.0.78.244
192.132.33.46
198.47.127.19
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
203.69.60.96
203.69.60.97
203.75.214.136
210.59.219.181
23.37.42.132
2600:9000:2127:ec00:3:1794:2540:93a1
2600:9000:223c:4400:0:e06c:e940:93a1
2600:9000:2261:7e00:1b:5138:8a40:93a1
2606:4700::6810:5914
2606:4700::6810:fc04
2606:4700::6812:19ad
2620:116:800d:21:5ed4:8d5d:fed7:f5ef
2a00:1450:4001:800::2003
2a00:1450:4001:801::2004
2a00:1450:4001:802::2002
2a00:1450:4001:802::200e
2a00:1450:4001:803::200a
2a00:1450:4001:806::2003
2a00:1450:4001:808::2006
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::2001
2a00:1450:4001:812::2002
2a00:1450:4001:813::2001
2a00:1450:4001:827::2008
2a00:1450:4001:828::2001
2a00:1450:4001:82a::200a
2a00:1450:400c:c0c::9c
2a02:2638:3::c
2a02:2638:d::2
2a02:2638:d::a
2a02:fa8:8806:12::1370
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a06:98c1:3121::3
3.120.143.228
3.120.80.42
3.75.62.37
34.102.176.152
34.95.67.231
35.185.130.121
35.185.136.122
35.186.215.140
35.190.0.66
35.190.36.98
35.201.76.93
35.208.216.174
35.227.194.51
35.227.249.156
35.244.196.223
37.157.2.234
52.194.27.77
52.197.12.20
52.95.126.160
54.92.30.56
63.35.200.177
65.9.95.28
65.9.95.63
69.173.144.139
69.173.144.165
69.173.158.64
01346ec6df4731fe9e4747999766f32ede3ea4145e04e3b53313e101f8971fc4
056b1f67d7d178e1695f0aa37d1958e76d5bee7883512141deae9172cc355677
06f3ddbbd0c90766d744b824d27c491995029162c303fb9b9263915d1130b5b8
0912eb76845cca43ec976e9bc886ca3f240697afb98c9ec95ec6c34fa32a8a71
091ba5711e7f397eca67fb1da60968a88be608d2f4fb80955ef74f645b6e898b
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c478da78aa856283ebb811de7803f1ab170ac0c5963e8577902aca8e7ab5f85
0d9eedc0f28647bf10e3ad3836102a262527b28dbd9be6cd01f783d7c56733ac
0dbdba4e3ae519ca99e112e64fc41409518bc3356804b0a52116c4d88def2774
0e7ae7978e9374bdfa25d15aa5622977abdd1a1844f24d5e4b98da369f03a2cf
0fc913e461fbd33f43de9417be3481130ab5d496390a2ae7ac0861c100e2a623
0ff89ff2af84556f833f14d3c4e4cf26fbb4d9959a37b13e3c15d2c2959ccf4e
101d9e810c6ee53fddfdeb25b6d9b240adfea4dbc367b116e72b29246b2b007b
107c89290c73e58eb01ef67e23270a260b1e513d646b4ff076a54b20f8d93dc4
112f082e83a90134679472ed38d8f181ae0de5e06a9546667a5789e658dcdfa2
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12c0a1bb080bd6b09d782c6bd5be0f89b2ee6d64eedc0059acca4741432e3112
12eb9631172126e161c7840bcabe4b1cce3126f2d5f1ac3b164981eaf25dc8b4
136194f977cdbf1f48f401ba2ab337033300228a63cb83525be53561a54a5be7
15e6712bec4c5346c30a338c6e89046998e0eaf53cc5a4b6e1bc922c3779b5e3
16287ad0c36897757c5f02f60fa996492fe1f416df0feea3a5ce9a6acc102b6a
16be4732369bed69d2ddb41d61adf1936cf47cd5f24b986b9769af99ad5bbe83
16cf673198b29bb08e83f5d8f74182d97d9c6dfa729c60f90f6195e739de9d20
1703a72fa6f4e4c3e4226e77f416e403c9350226515a4addb2dba832adddec33
17b74954021249d3b59e7ab8c8248edc265666ee65127c8f01825f0ada0adcc2
1bfc2e2068ee2ce434a9273fee1accffeeacdad69ce3c220d9daa5fbed639a62
1ca0ffc56dc082d236e39b5210863e88d7d22cdeaf8284a766a55b6d4a3f0edf
1eff472adf4fd9b969027ff83fa4ce90b4c5e1af000b3417a82c1e35e9c64378
204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c
2f40eec74eadfe630474d2e05285e9c8a8aa47eb1ebef18c176422f11709f3ca
3014acc16bf3744b41bb869785bf686290d9834a5e6f69d4583c4e39fca26bff
3018c5284222e82380ec1570f914f544c35e062c4ff9c64e46fdc01695b2b274
3050a5556edc5876cd83e63f15e56fe19cb428129345a58d1f57687414504698
307fa8a217b5fc574066fdaa24d8496aa73180f3e541c9decb66199f422408fb
30a288f4b8350f8121ceab4313aa78320d3a313c7425136323191ced5b6a0b65
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31f2f76d99d19fe98a0917f2b785a37c683b85fae29d66dd476ffa84c9a999fb
33179e1395b37a37fa60835c8a66765a9983934812d222f809bb525f2bf196e4
3532a807c3416a321a14d2e03f65872f747837a3eb23aa8571304ca6ddc1bec4
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
372be0f9a447232d8a9afb84ae5f1550bd4cd94a7ef8eaf5f7335db89050002d
37e314bfd8e8cb9262b5ea01059377cea510e23b2215fc93de8b34a5726284a8
37fac3fc1a24f4cf2d427f077d4886dae933b2edb961638b4fbae103acbd8bbf
3951f3697f916eed6db93946c2f199c70e3b000f6cd9735f4e3d6912374db0c0
3b2127035d2f4e955c8bb19372f4be0aad2a9fb006a4e3724180d18e93fc8d99
3d9a612f852ba9f3564e53516bcd21b0283341c3b3655c3f439f2e84bdc4faa2
3e09a60a81032d9e86aaff6ea702515fdad0fac4f6783f0d7952eb08f48ac827
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb
4598aacc92f06a61ae939c7190912dc237228d726c0651932b3f2a06ed4faf00
4636fb9df5ae103fbad3764c9f98400be1c9384cbe77fdb6951b96adcac788b1
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47250dcf408154fbceeb1718ad679d42ee01e345734af8637d028f5f867bf997
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
484ec1c347c17d7d3b98d5058aa5d90bb5c7315f3a67f44611e902de4be50831
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4952d97c9013418be3e4b014391c113cfe60624487dcbd14e13c1d8fa10fb66b
49b6c56eb31409bd9d3761794191cce2ecb0de4de4b475ab71810de512cb926e
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4badeb12c7400ff525054ea31808928ed9dec45b47489ca6a107e5e8a969da64
4ce81ecccefb27ce0f347ef564114da2ba450a9e1d9a7260b4597e62b1f71a72
4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55
4de20123af1cec055f3f555ca8f632c5f9b4ec425b29506eaa6d229e25eed691
4ec7e2cdfaf63939b2388677506d602546be7d1a21a55e8ab672d34cbe6ea80f
4f1e7c977a8db7d830d597dd66834f6bf605e75cc6360a3687c3279251f812ae
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
504d9582b3198c76614ed775fbab6b93d90c07b2b5b7318a4d62e05e967bfb7e
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50a0943559c14be29f498e1ac8370feec7474a3ec37420298246ae4de3f24b01
51648fc02147316364663396489b25f808aeab817dd77b927b99d916f19fab13
52bb2d07b65ec544edeb2a33f4103397a28f036f0d100090f3e17e4364aea1fb
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
5492874e3c4e10a7641831b82f14982d639815b4f2d7cd55c7e641e63b10269f
553ddbc91e8979f8819f421934cdc265d3fe15c6537d0960e0654dfd5966543e
5556169d3f68e64d261b1b13799a57f87d5551dd34700c9f5ab1ff4e402f96de
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56baa57e0239dcc012df1180ca809db66046e9688510327b63c61a3dfc2aabf1
56cb66844b6e4806082b345cc9bf870b3e2493a6f4e277b865d85666f0fac439
5849e07d0d6cbb144829b98da75fda4a8eb3fc2b5749d48cc94bb170db54859a
5c70e89e45d0bde12767049cd6220de98e3d908aea7d2c0d9d218ea9e9cd566e
5e6b64548a659799b21cada8e58a9fd1f53faf3208219c395c147194f7acbfe0
605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6570b1c2cbf3c298c9196fe9dfb39125e29e70ef7ab53d23d8d156ff8c2b8e14
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
66af17387128992af4402effee7421b5c6393e3c4b21d398deca36f05c0aae68
67313eca24f0ead69eb27eafccbc0d1c2b264545d2c1f51b527dcbdbbe598a33
67988687e1abdb7513a40ec60f8ed45c834949e86c1c9fa76983d00590ce0da4
6a62c9045ea2f270b225f212f1efd01ac8ca8da43891658c29afebd901b4fd8c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b554798adaf5cb8c2c6f2607f28041ccb952a5727fac5ef07aa1024cab81a74
6b9d1a803c05b8f9f3275c432ce4b1bc7fdb33c75c2e4ae9f7296210fbfbf89b
6bc473f82b442063229910d27a7c5a9fc996cfd87326d0481fb88f3b3f366e65
6daa21548874dcf34e92f0cde004b016e9ee997735b101667434ebd9882eeee9
6de5be46a81e20d4a819c54794885c99a49e7e34f9c677e1f252b6d655da75df
6f5a74ea4fa94eaadca122239fe4031ac54bc6ccd5dc4324c2751ea86a943124
70768ff6639a0398a635a401ab0fe34dd76dff4f39c6311acb3a28bc44632768
7170dfc1482453f027cd78abc4d1a6f05f2dd7cfcb897b770aea8e1362a63507
72e9ecb7db91e5a334caa4e36a70071de2851fe7c5a6e4b1028cc80c5be0fa84
730e74a4858af4d7e640c546da3c0a3e667ba4678bad42fc7b46b2b5bc41a767
749079c4e18ad34ac381e98d3fa23e070937ae17b73e27bb066eae5350ed667d
75147bcc1a5f043c2772e31ec9fb7eba8afad57d32e69e5d95f6a97a6901c2aa
75297c795593ca3ce17644e50df05b460379d57389a9974aaba810729b399dd1
75f5e7fd34dae79b735a4434f09f26dbbc0dd194f9876d2fec88c614a7774453
78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093
7a52a2d6ab809e391e3a1e5eef2dd5a7ac8ae0e01ab0a33faa91bab58354d32c
7d54de0485d977787a80cb49dbeb78edfb7a50ee95b322bb4afa91e5a34ec5d6
7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
7e38a36fa1ddb68d789c195554f0b0bfaa013ae69846b894d0cab2c745dad5d8
80afe9a864ccd78c996f929bda76c6c749c0f2b461051176875a40743a88ed00
812fee8364370eb24b5e585558d3b0df4785cd95a76105c9e0ab987ff8d5cd84
81a83ad8c65b893ec909609444e653b7e0be9395ccf59016e03284e0d1a13844
8290d97b04510b940ddca9f2aea802eaafb36fc7a8f52e4466ed2b77db35c632
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85afe5d6b60132a4c60a797263462587cbedf641bf528a053b9a63753b7a53b8
865bf5abe9e525943e525628d3b140bddb896d832d9a799d6a9226b35cf2a15e
86df418d759487f91b379ac929723336e45cf28b31395bb383bc4439b2150125
87164df907b04e7cc17ecf6cc67fc70758df16f4abe9ae99fdbb24ff5d2ff3ca
8804179d4455fb6e29325fe79d0f98396fd305e1de6067621c6f42e7054a7671
897e9eed81dde63c95ab6318d779c45e19bd9069b0eb6fbf8b29b8d23867e94b
8aa2fd2ba5f420936e45859aa1a7bdd856759604a02f91e1cc67ece7faa7de26
8b70d44dc11ccbbd54f07f0a68caee621c5c590ec42a1181953437cac69725a2
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834
8d2fcc495189430b96578537046dc018a8f35ce50167af818560d1b032c4b201
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dc1f8352569662cbb0e100fe0f7459cfcb0682a67bd50e5246059ba2e97a42a
90102b36c17b8182fcb580b55b917d4807fb037df4dd104a6815ad305e2bea20
94e925bd92ade69939599fc8c57746eb8426f22692b10a3c1c955d5f14b483ed
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
97a8ac3778e546a6f181085011be6050889e44dd212ac3e9782389f0b853c23d
992c5e398f3092e2be5c546c589c4c5d91c20490e78d2f215f76fe2fc48ef592
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9adcc0f056b77e11c767128ee8203df876a2ae0fd42ecbb73ce5fdcb84dc6231
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
9c9f87285251bbcc9a701bc74e755b0c48e1321efdccafd33c28896b40aa3ff3
9dcb97a68a752b64c7962e23147454a8269d1ff3434d635371f673b26ffbe494
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
9ee1b5f0991caed05a8149e2e2d86f43a8a0d8600d5c83d2799601714a8af3c6
9f2aa6af4c0a4d80f08fb43a67de08fa12534cae17a1a1b5aa3a6b903638cea6
9fdb2240fd383c751150db0f6a75fdbb3fdb00a0fc6e7dd4b101be7d7e930a00
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a299de5ae63f860f950ba44ab55437413a7f84ab2ba0bc2e87d294ed5fb641e9
a30fcb91150961c350207b03b274c067c897b0926f9dc924d3ea493c8253f915
a3fb12e0586cb7710bc4ff3f906aa390cd18576b4d2a086389454e72c7f0b8df
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a513eb4b4ea38bf1ed73d218d787d42293c92c108fd205eac2c41978a33157b6
a87feaf65170ded496c597c1f1011a79c39a309e415802b49a3fea32f32dfdb8
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
abec0a7ba958d701c63d785d845ef3b3b9aeb8d71d878e99b5177ade20ed9e9e
ad41fd3b223238a8c460a8ecf0265a9ab67521cc855247196200a367940b2094
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aee80027210ae75f2e8fb3327baa7cb67340c226af488b7aeba254096073e4e4
af49b777cedc8c9c382ce04dadca77091f58d8155d6241ec444c581849cd8852
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0286b0878fde57754caf5c939a752cbaf44f4286f6e3a39b0019a6e3f8b2c08
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1fe95090695af280903624fede6db1a0cbd02614b51a6ca4111318559626d86
b2030569339b862f00a936d97af228b1bc2500d7f7162abc23be7d8acc710482
b73e6cb22f3ae22bcbe36217e226c082f813a2a8a7961644093d849bcbd30294
bff1d1b76f5ae485f0a28df155f55673f424e09164b12084a6747f23d7f82c5b
c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b
c09351d1c18c6164a7f46358a8566ccdd73c2b5f3cc78d05a5c2622f092dd309
c1af8482107a39b623534fdda8cf6cf5f68987d4276a4798e5eb1af94a11d5c2
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c29d5e8e8d0ade78a86cd7350fc5de93d8d3908f9aa2c7e56f8b92ac47e6b715
c3a23a02036d60ca831a506443e35d740f91a81f83063c0bc077c1be6e641d70
c8c6ed661cacbea403ead527bc49607dae2686036f13d443802422183c674675
ca5be5c023fe19e9901cfbca6c0e6822541486cc8d8ebdb045a3cb6335431bb8
cb42e80acfb08ce46a73c5398c4da4215e3bc2f2aeb1f4e0f6547ee8860f37c5
cb5c67ccd076f55e9436fb016a51b3c33f646751187a7e0053908ca5e265108b
cc3c2425bac1acfe581d8ce40f1c3bd7650670fee4e6445afe7d4f808898fe02
cfb9efc885f20a99b4de4a37da33b3d25262b880f14df6b13aadd0c3e3754944
d162b29583fee6b44f056b7d9bace4355606fd406549f5a23079432cd21974ee
d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc
d8c52fe5bb662564ab7edf0abe01a2202dcc36eaa71ce6a465cd64210c4eb2c0
d9a459d4bc882affa0c304c48f3c5f7f40ef14ec9e1807ccf986bf15721347a4
dc64eea41008e0953eb597d829826c65cb9f5a7529a056ae979ef79a6ab13ffe
ddd9d29beabaeecc9c76408242dfc2b76305ec52511992d3cfbc81a500ee0670
de22251de744ea11cc272908446d053d0a9012b7356ee1ba8b7561337d0f71fb
de32b29663bad37d050a2d26d7ca668cf08cd7c80aac07f73504fcebb951d6f6
e13547eec8879c9b576c2e06837303ad06ea15905d4eb075291ff21686a5b3da
e29bdb0686b391e46551abc9587a2880ba03a656ca91c55d33027cec614fadfe
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32
e3693924581f2f8a26851580d27591a29aed6cfdca893c60eb9ae26680c90527
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e527755186d1e662236338e946e9729165c70d428e433b0af4264aec7a2f0230
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6127aad40d107c803e95201461953aa11e62b7f1fcca45ad5eebe7457c9c39e
e64da46ace72a8f3464880f0ee884675137c404432ee3685a467d675b3cf18bd
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e985d166bc9935d2b845294e5d1a4581fbc959f905534259d37c497ca543d7e7
e9b96bc538ceb220fc5caff0d0a67916b74cf07b2bada0b3296a17b1b99c9990
e9e69e15d6ef8ea1c7a0590b19efa29323f4ba40f3af0bcfc665f1c35ca50c8d
ede20041bf104095302e63753987b35d2b4bd8c1761ca246df8d7350385de315
ee5dd0a4359b47cc49bbeaa01ee01d9ab77226267bc4999dce2331f35dd4b930
ee6def896dc828978474aab389e600ab34a18cac6c83e6f71429217f9390884a
eeb3eb1e187914e1b1c8ab2caa84833623a729d5637ba825cd6843c18d6379d3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f15d2e8981f25820d430babc74133465517d65836e9375d4d93168e04356a11d
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f68c8c5b10569e4cfa7a8eb1f137a96a5a6b6623e02e24170d837afe8fe0842e
f7076a83be6fdb42a2c0e323f691e453c625c595d0fb1cc0965c140c717547b0
f7cf499374cfb2383a6986a2195b4167801dc98421d3fecfb4a86fdd08734a2e
f96af15994eba4cd4920da0ae413fc2d1c75ffca1df1498068d1b0efff8938fe
fb4a1ce6dfcba35211052403191f739a43aafef3ebab7af5e3866d02da0e60fe
fe3c06eeffb10add536e52ac60fb6cccc3ea545d6fa16231830de8c4630d4851
ff102d71034914f374671e6a221823b3930a72b45a5d9a202d05fceba2e9770c
ff7752702f4c4c362f1eaec396e6aac8a0aadf3def7dc0817e558c60ce20f0c5