reurl.cc Open in urlscan Pro
35.185.130.121 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://reurl.cc/XV1QXD
Submission Tags: phishing
Submission: On October 14 via api (October 14th 2022, 1:26:01 pm UTC) from US — Scanned from DE

Summary HTTP 306 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 53 IPs in 9 countries across 33 domains to perform 306 HTTP transactions. The main IP is 35.185.130.121, located in Taipei, Taiwan and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is reurl.cc. The Cisco Umbrella rank of the primary domain is 254108.
TLS certificate: Issued by R3 on September 23rd 2022. Valid for: 3 months.

This is the only time reurl.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 7	35.185.130.121 35.185.130.121	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
40	203.75.214.136 203.75.214.136	3462 (HINET Dat...) (HINET Data Communication Business Group)
2	35.186.215.140 35.186.215.140	15169 (GOOGLE) (GOOGLE)
15	13.32.110.16 13.32.110.16	16509 (AMAZON-02) (AMAZON-02)
40	2600:9000:206... 2600:9000:206f:8e00:0:e06c:e940:93a1	16509 (AMAZON-02) (AMAZON-02)
32	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
7	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	35.244.196.223 35.244.196.223	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1288:80:... 2a00:1288:80:807::1	203220 (YAHOO-DEB) (YAHOO-DEB)
4	210.59.219.180 210.59.219.180	3462 (HINET Dat...) (HINET Data Communication Business Group)
1	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
3	34.95.67.231 34.95.67.231	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 6	35.201.76.93 35.201.76.93	15169 (GOOGLE) (GOOGLE)
5	2600:9000:205... 2600:9000:2057:8800:3:1794:2540:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
7	52.198.19.32 52.198.19.32	16509 (AMAZON-02) (AMAZON-02)
8	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
12	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 6	192.96.200.41 192.96.200.41	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
7	210.59.219.181 210.59.219.181	3462 (HINET Dat...) (HINET Data Communication Business Group)
7	103.132.192.30 103.132.192.30	138552 (RTBHOUSE-...) (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD.)
11 22	34.96.119.68 34.96.119.68	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
11 11	172.104.121.22 172.104.121.22	63949 (LINODE-AP...) (LINODE-AP Linode)
5	34.117.219.39 34.117.219.39	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	212.82.100.146 212.82.100.146	34010 (YAHOO-IRD) (YAHOO-IRD)
1	2a00:1288:110... 2a00:1288:110:c204::b000	34010 (YAHOO-IRD) (YAHOO-IRD)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:fc04	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
1	192.0.78.244 192.0.78.244	2635 (AUTOMATTIC) (AUTOMATTIC)
1	35.242.224.42 35.242.224.42	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.102.176.152 34.102.176.152	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	192.0.78.236 192.0.78.236	2635 (AUTOMATTIC) (AUTOMATTIC)
2 7	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6 6	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
2	35.227.249.156 35.227.249.156	15169 (GOOGLE) (GOOGLE)
2	210.59.219.175 210.59.219.175	3462 (HINET Dat...) (HINET Data Communication Business Group)
2 2	23.203.77.3 23.203.77.3	16625 (AKAMAI-AS) (AKAMAI-AS)
4	23.205.235.133 23.205.235.133	16625 (AKAMAI-AS) (AKAMAI-AS)
8	162.210.196.208 162.210.196.208	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
6	2606:4700:20:... 2606:4700:20::681a:467	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	69.173.158.64 69.173.158.64	26667 (RUBICONPR...) (RUBICONPROJECT)
6	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
4	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
306	53

7 35.185.130.121 (Taipei, Taiwan) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 121.130.185.35.bc.googleusercontent.com

reurl.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 203.75.214.136 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-75-214-136.hinet-ip.hinet.net

t.ssp.hinet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
49e3a326-56ea-4719-b8f9-28877c3e4c8e.t.ssp.hinet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dd7d4f91-2e87-44b1-a56e-241cb5bc5343.t.ssp.hinet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.215.140 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 140.215.186.35.bc.googleusercontent.com

ad.sitemaji.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 13.32.110.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-110-16.vie50.r.cloudfront.net

img.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 2600:9000:206f:8e00:0:e06c:e940:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
scontent.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.196.223 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 223.196.244.35.bc.googleusercontent.com

storage.re-news.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 210.59.219.180 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)

bw.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.95.67.231 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 231.67.95.34.bc.googleusercontent.com

fcm.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.201.76.93 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 93.76.201.35.bc.googleusercontent.com

c.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2057:8800:3:1794:2540:93a1 (United States)

ASN16509 (AMAZON-02, US)

adcdn.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.198.19.32 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-198-19-32.ap-northeast-1.compute.amazonaws.com

ad.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 192.96.200.41 (Gaithersburg, United States) 2 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

hb.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 210.59.219.181 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)

prebid.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net

prebid-asia.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 34.96.119.68 (Kansas City, United States) 11 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.119.96.34.bc.googleusercontent.com

ad2.apx.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 172.104.121.22 (Tokyo, Japan) 11 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1731-22.members.linode.com

gocm.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.117.219.39 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 39.219.117.34.bc.googleusercontent.com

fp.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.146 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: media-router-flurry71.prod.media.vip.ir2.yahoo.com

ads.yap.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:c204::b000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)

geo.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

img.gbyhn.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:fc04 (United States)

ASN13335 (CLOUDFLARENET, US)

mma.prnasia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i1.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.78.244 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

creditcards.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.242.224.42 (Frankfurt am Main, Germany)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 42.224.242.35.bc.googleusercontent.com

www.rayskyinvest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

img.racingcharger.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.176.152 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 152.176.102.34.bc.googleusercontent.com

static.wixstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.78.236 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

blog.alphaloan.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:2638::1c (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.130 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.249.156 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 156.249.227.35.bc.googleusercontent.com

m.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 210.59.219.175 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)

rec.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.203.77.3 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-77-3.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 162.210.196.208 (Rockville, United States)

ASN30633 (LEASEWEB-USA-WDC, US)

sync.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::681a:467 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.aralego.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.158.64 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)

pixel-apac.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ff09e735f99011fb9484302dbfe4b294.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
247b4a89a0cf587a097b111c7d55eb0e.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
68	holmesmind.com 1 redirects cdn.holmesmind.com — Cisco Umbrella Rank: 131737 fcm.holmesmind.com — Cisco Umbrella Rank: 143686 c.holmesmind.com — Cisco Umbrella Rank: 104067 adcdn.holmesmind.com — Cisco Umbrella Rank: 132436 ad.holmesmind.com — Cisco Umbrella Rank: 93703 fp.holmesmind.com — Cisco Umbrella Rank: 132976 m.holmesmind.com — Cisco Umbrella Rank: 256990	225 KB
40	hinet.net t.ssp.hinet.net — Cisco Umbrella Rank: 84153 49e3a326-56ea-4719-b8f9-28877c3e4c8e.t.ssp.hinet.net dd7d4f91-2e87-44b1-a56e-241cb5bc5343.t.ssp.hinet.net	29 KB
33	appier.net 22 redirects ad2.apx.appier.net — Cisco Umbrella Rank: 40512 gocm.c.appier.net — Cisco Umbrella Rank: 2273	5 KB
30	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 713 scontent.xx.fbcdn.net — Cisco Umbrella Rank: 420	580 KB
28	scupio.com img.scupio.com — Cisco Umbrella Rank: 85081 bw.scupio.com — Cisco Umbrella Rank: 139779 prebid.scupio.com — Cisco Umbrella Rank: 71395 rec.scupio.com — Cisco Umbrella Rank: 148275	385 KB
23	criteo.com 2 redirects bidder.criteo.com — Cisco Umbrella Rank: 763 gum.criteo.com — Cisco Umbrella Rank: 425 mug.criteo.com — Cisco Umbrella Rank: 2786	10 KB
16	googlesyndication.com ff09e735f99011fb9484302dbfe4b294.safeframe.googlesyndication.com 247b4a89a0cf587a097b111c7d55eb0e.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 147	110 KB
14	aralego.com 2 redirects hb.aralego.com — Cisco Umbrella Rank: 18600 sync.aralego.com — Cisco Umbrella Rank: 2910 ads.aralego.com — Cisco Umbrella Rank: 28151	4 KB
13	doubleclick.net 6 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 84 cm.g.doubleclick.net — Cisco Umbrella Rank: 215 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 188	417 KB
9	rubiconproject.com 2 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 929 eus.rubiconproject.com — Cisco Umbrella Rank: 596 token.rubiconproject.com — Cisco Umbrella Rank: 682 pixel-apac.rubiconproject.com — Cisco Umbrella Rank: 32248	22 KB
8	criteo.net static.criteo.net — Cisco Umbrella Rank: 680	272 KB
7	creativecdn.com prebid-asia.creativecdn.com — Cisco Umbrella Rank: 18573	1 KB
7	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	28 KB
7	reurl.cc 1 redirects reurl.cc — Cisco Umbrella Rank: 254108	6 KB
6	aralego.net cdn.aralego.net — Cisco Umbrella Rank: 8566	89 KB
5	google.com www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 78	2 KB
3	google.de www.google.de — Cisco Umbrella Rank: 6045 adservice.google.de — Cisco Umbrella Rank: 8724	1 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32	20 KB
2	yahoo.com ads.yap.yahoo.com — Cisco Umbrella Rank: 9524 geo.yahoo.com — Cisco Umbrella Rank: 1432	923 B
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 306	67 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 151	34 KB
2	sitemaji.com ad.sitemaji.com — Cisco Umbrella Rank: 101776	11 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 394	57 KB
1	alphaloan.co blog.alphaloan.co	133 KB
1	wixstatic.com static.wixstatic.com — Cisco Umbrella Rank: 5285	1 MB
1	racingcharger.tw img.racingcharger.tw	435 KB
1	rayskyinvest.com www.rayskyinvest.com	61 KB
1	creditcards.com.tw creditcards.com.tw	136 KB
1	wp.com i0.wp.com — Cisco Umbrella Rank: 2976	109 KB
1	prnasia.com mma.prnasia.com — Cisco Umbrella Rank: 469914	63 KB
1	gbyhn.com.tw img.gbyhn.com.tw	111 KB
1	yimg.com s.yimg.com — Cisco Umbrella Rank: 494	30 KB
1	re-news.tw storage.re-news.tw	6 KB
306	33

	Domain	Requested by
40	cdn.holmesmind.com	reurl.cc cdn.holmesmind.com ad.holmesmind.com
32	t.ssp.hinet.net	reurl.cc cdn.holmesmind.com t.ssp.hinet.net
28	static.xx.fbcdn.net	www.facebook.com static.xx.fbcdn.net
22	ad2.apx.appier.net	11 redirects reurl.cc
15	img.scupio.com	reurl.cc img.scupio.com
12	bidder.criteo.com	img.scupio.com static.criteo.net
11	gocm.c.appier.net	11 redirects
8	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
8	sync.aralego.com	img.scupio.com ads.aralego.com reurl.cc
8	static.criteo.net	cdn.holmesmind.com img.scupio.com static.criteo.net
7	gum.criteo.com	2 redirects static.criteo.net
7	prebid-asia.creativecdn.com	img.scupio.com cdn.holmesmind.com
7	prebid.scupio.com	img.scupio.com cdn.holmesmind.com
7	ad.holmesmind.com	cdn.holmesmind.com img.scupio.com
7	www.facebook.com	reurl.cc static.xx.fbcdn.net img.scupio.com
7	reurl.cc	1 redirects reurl.cc
6	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
6	securepubads.g.doubleclick.net	cdn.aralego.net securepubads.g.doubleclick.net
6	cdn.aralego.net	reurl.cc ads.aralego.com
6	cm.g.doubleclick.net	6 redirects
6	c.holmesmind.com	1 redirects cdn.holmesmind.com reurl.cc
5	49e3a326-56ea-4719-b8f9-28877c3e4c8e.t.ssp.hinet.net	reurl.cc t.ssp.hinet.net
5	fp.holmesmind.com	cdn.holmesmind.com
5	adcdn.holmesmind.com	cdn.holmesmind.com
4	mug.criteo.com	reurl.cc
4	ads.aralego.com	2 redirects ads.aralego.com
4	eus.rubiconproject.com	reurl.cc eus.rubiconproject.com
4	bw.scupio.com	img.scupio.com ajax.googleapis.com
3	dd7d4f91-2e87-44b1-a56e-241cb5bc5343.t.ssp.hinet.net	cdn.holmesmind.com t.ssp.hinet.net reurl.cc
3	www.google.com	reurl.cc tpc.googlesyndication.com
3	fcm.holmesmind.com	cdn.holmesmind.com
3	www.google-analytics.com	reurl.cc www.google-analytics.com
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.de	securepubads.g.doubleclick.net
2	token.rubiconproject.com	eus.rubiconproject.com
2	secure-assets.rubiconproject.com	2 redirects
2	rec.scupio.com	img.scupio.com
2	m.holmesmind.com	cdn.holmesmind.com
2	hb.aralego.com	img.scupio.com
2	ajax.googleapis.com	img.scupio.com
2	scontent.xx.fbcdn.net	www.facebook.com
2	connect.facebook.net	reurl.cc connect.facebook.net
2	ad.sitemaji.com	reurl.cc ad.sitemaji.com
2	cdn.jsdelivr.net	reurl.cc
1	247b4a89a0cf587a097b111c7d55eb0e.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	ff09e735f99011fb9484302dbfe4b294.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	pixel-apac.rubiconproject.com	eus.rubiconproject.com
1	blog.alphaloan.co	reurl.cc
1	static.wixstatic.com	reurl.cc
1	img.racingcharger.tw	reurl.cc
1	www.rayskyinvest.com	reurl.cc
1	creditcards.com.tw	reurl.cc
1	i0.wp.com	reurl.cc
1	mma.prnasia.com	reurl.cc
1	img.gbyhn.com.tw	reurl.cc
1	geo.yahoo.com	reurl.cc
1	ads.yap.yahoo.com	s.yimg.com
1	www.google.de	reurl.cc
1	stats.g.doubleclick.net	www.google-analytics.com
1	s.yimg.com	ad.sitemaji.com
1	storage.re-news.tw	reurl.cc
306	61

This site contains links to these domains. Also see Links.

Domain
re-news.tw
youtils.cc
stockinfo.tw

Subject Issuer	Validity	Valid
reurl.cc R3	`2022-09-23` - `2022-12-22`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-02` - `2023-06-01`	a year	crt.sh
*.t.ssp.hinet.net	`2022-04-14` - `2023-04-14`	a year	crt.sh
feebee.com.tw R3	`2022-08-23` - `2022-11-21`	3 months	crt.sh
*.scupio.com Sectigo RSA Organization Validation Secure Server CA	`2022-09-26` - `2023-10-27`	a year	crt.sh
*.holmesmind.com Go Daddy Secure Certificate Authority - G2	`2022-05-19` - `2023-06-20`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-07-23` - `2022-10-21`	3 months	crt.sh
storage.re-news.tw GTS CA 1D4	`2022-08-26` - `2022-11-24`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-09-05` - `2022-10-26`	2 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-01` - `2022-11-30`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-27` - `2022-11-22`	3 months	crt.sh
*.aralego.com Sectigo RSA Domain Validation Secure Server CA	`2021-10-21` - `2022-11-20`	a year	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-17` - `2023-04-12`	a year	crt.sh
m.yap.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-07-05` - `2022-12-28`	6 months	crt.sh
yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-07-12` - `2023-01-04`	6 months	crt.sh
*.gbyhn.com.tw E1	`2022-10-02` - `2022-12-31`	3 months	crt.sh
*.prnasia.com DigiCert TLS RSA SHA256 2020 CA1	`2021-12-08` - `2022-12-08`	a year	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-11` - `2023-07-12`	a year	crt.sh
tls.automattic.com R3	`2022-09-19` - `2022-12-18`	3 months	crt.sh
*.rayskyinvest.com R3	`2022-09-10` - `2022-12-09`	3 months	crt.sh
*.wixstatic.com Sectigo RSA Domain Validation Secure Server CA	`2022-04-30` - `2022-10-27`	6 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-17` - `2023-04-04`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh

This page contains 44 frames:

Primary Page: https://reurl.cc/XV1QXD
Frame ID: 7ADDC261891A0BBBC634F3C69880B8B7
Requests: 39 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FCreditCards.com.tw%252F%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId
Frame ID: 5695C47AF164E2AEE761B579EB945BD5
Requests: 36 HTTP requests in this frame

Frame: https://ad.sitemaji.com/native/reurl_passback.js?s=728x90_pc
Frame ID: FF4D7C40FD43A14642757CD8AFA89CB4
Requests: 4 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 163A408EE2E9424A058A27E4EDFFA805
Requests: 5 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 2A2708108B142BD5522A1123C28C3D76
Requests: 25 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 72CAF67F7A52C5A2EAD02446C41BFA3D
Requests: 12 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: A8223F0C7F769BA5B9FD222EE7184BD0
Requests: 21 HTTP requests in this frame

Frame: https://img.scupio.com/html/ad.html?v=1.0.65
Frame ID: 2E79EC2FC498B7AB551E69DB0D46A596
Requests: 16 HTTP requests in this frame

Frame: https://img.scupio.com/html/ad.html?v=1.0.65
Frame ID: 0B7FA9398797D8245BFC6AB856521DDC
Requests: 16 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: A73851FF58104863D984A9D5D5B0EF68
Requests: 1 HTTP requests in this frame

Frame: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=7193-QV3R0XgoyAyZJrPlKl5h506D7DaARwJO&CFFPCKUUID=2947-EryvUQXQT8deUslXm2d9wazBXT7vcMIf&url=https%3A%2F%2Freurl.cc%2FXV1QXD&maindomain=reurl.cc
Frame ID: 47A88088F8EACE6A739DB865006B8A35
Requests: 1 HTTP requests in this frame

Frame: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=7193-QV3R0XgoyAyZJrPlKl5h506D7DaARwJO&CFFPCKUUID=2947-EryvUQXQT8deUslXm2d9wazBXT7vcMIf&url=https%3A%2F%2Freurl.cc%2FXV1QXD&maindomain=reurl.cc
Frame ID: 771B3FC24DBAEEC7A2C735FA7500A3C3
Requests: 1 HTTP requests in this frame

Frame: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=7193-QV3R0XgoyAyZJrPlKl5h506D7DaARwJO&CFFPCKUUID=2947-EryvUQXQT8deUslXm2d9wazBXT7vcMIf&url=https%3A%2F%2Freurl.cc%2FXV1QXD&maindomain=reurl.cc
Frame ID: B8C5DD2C0432202AB30A6008FAE1DB4B
Requests: 1 HTTP requests in this frame

Frame: https://img.scupio.com/js/adsbyscupio.js?v=1.0.2
Frame ID: 74033A0607133FA671E832329D63146D
Requests: 2 HTTP requests in this frame

Frame: https://img.scupio.com/js/adsbyscupio.js?v=1.0.2
Frame ID: 279AA2C6733DC7A7983B5E96D83011B3
Requests: 2 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/init.js
Frame ID: 9043E1443F54A59746B300495A0E8D67
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: 2D4BDEAA3568864BA8B2BFBBA3481246
Requests: 1 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/init.js
Frame ID: EF8E8052352D84AFBB1AEB852842C2CD
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: BD3B9989C2D148024EB79520F1DA7672
Requests: 1 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: AD4451AB51D928674DDE8BA6F24262EB
Requests: 8 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 0FD7EB363D53D9FA293A97A29D0D92DA
Requests: 21 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 4364C00B91C92CA3BB0D5F248001AA42
Requests: 8 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 5A0A1E9F0FF9C2BD1FA0E2F757D5716E
Requests: 19 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: 734D9CB31493BAA3F341B7518F67BBA8
Requests: 1 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: 1963D44B2631021DB9EA7CAED82EB7D2
Requests: 1 HTTP requests in this frame

Frame: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=7193-QV3R0XgoyAyZJrPlKl5h506D7DaARwJO&CFFPCKUUID=2947-EryvUQXQT8deUslXm2d9wazBXT7vcMIf&url=https%3A%2F%2Freurl.cc%2FXV1QXD&maindomain=reurl.cc
Frame ID: B1755BC897806EFF36186666CDB198AB
Requests: 1 HTTP requests in this frame

Frame: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=7193-QV3R0XgoyAyZJrPlKl5h506D7DaARwJO&CFFPCKUUID=2947-EryvUQXQT8deUslXm2d9wazBXT7vcMIf&url=https%3A%2F%2Freurl.cc%2FXV1QXD&maindomain=reurl.cc
Frame ID: 551EE14EB29221CD1991839DDE847DCC
Requests: 1 HTTP requests in this frame

Frame: https://img.scupio.com/html/ls.html
Frame ID: CDC93C6CE5D70A843307578B2A1E7244
Requests: 1 HTTP requests in this frame

Frame: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEPx3effNiyF_lftwr6mWV8w&google_cver=1&google_ula=3918219,0
Frame ID: 131A9F00636CF8A2C5011FF6CC4F0632
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Frame ID: D6C5FB4B3883E02D4B7F99D347F957F7
Requests: 4 HTTP requests in this frame

Frame: https://img.scupio.com/html/ls.html
Frame ID: 9A9BE1AE347DD00082CB7D6AE4DE68EB
Requests: 1 HTTP requests in this frame

Frame: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEPx3effNiyF_lftwr6mWV8w&google_cver=1&google_ula=3918219,0
Frame ID: 13F5D3079524452346030FA661E01F55
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Frame ID: E355224B0DCE2ABDD6F771E7013BC643
Requests: 3 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Frame ID: 26FB51CC367355339A50CA66C5E9FDBD
Requests: 5 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Frame ID: AFA182C6FFD371824C598C576AFB68BC
Requests: 5 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 617D54D1ECD4C64DD107DFA39E0B205C
Requests: 9 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 546C4627D0C0F89F39623B5A92FF4D14
Requests: 9 HTTP requests in this frame

Frame: https://ff09e735f99011fb9484302dbfe4b294.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=5
Frame ID: D71CBF371CDE95758C3F1066BB899E7E
Requests: 1 HTTP requests in this frame

Frame: https://247b4a89a0cf587a097b111c7d55eb0e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=5
Frame ID: 203AFEBC21ABF4D21CDA5ED81CDE45D8
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: CE8697AD546CC3E5FF358E10C95EC46C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C633CF548888D41619E444F20B915538
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4BADABDC7AC3BAF75E64FAEAE2BAC6D8
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 74ACDF360DB33D041172A5D2D1695312
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4D6ED6EDADFFED191252B4BA050D21EA
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ING

Page URL History Show full URLs

https://reurl.cc/XV1QXD/ HTTP 301
https://reurl.cc/XV1QXD Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/vue(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

306
Requests

93 %
HTTPS

42 %
IPv6

33
Domains

61
Subdomains

53
IPs

9
Countries

4887 kB
Transfer

8685 kB
Size

30
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: https://re-news.tw/
Title: 離開此頁

Search URL Search Domain Scan URL

URL: https://re-news.tw/gbyhn/43470

Search URL Search Domain Scan URL

URL: https://re-news.tw/prnasia/3901475_XG01475_2

Search URL Search Domain Scan URL

URL: https://re-news.tw/golike/8712

Search URL Search Domain Scan URL

URL: https://re-news.tw/creditcard/229661

Search URL Search Domain Scan URL

URL: https://re-news.tw/rayskyinvest/86925

Search URL Search Domain Scan URL

URL: https://re-news.tw/racingcharger/32679

Search URL Search Domain Scan URL

URL: https://re-news.tw/zocha/633ea78692f485e40570dc9d

Search URL Search Domain Scan URL

URL: https://re-news.tw/alphaloan/25070

Search URL Search Domain Scan URL

URL: https://youtils.cc/emoji
Title: 表情符號(emoji)

Search URL Search Domain Scan URL

URL: https://youtils.cc/geoip
Title: IP查詢

Search URL Search Domain Scan URL

URL: https://youtils.cc/big5gb
Title: 繁簡轉換

Search URL Search Domain Scan URL

URL: https://youtils.cc/qrcode
Title: QRCode

Search URL Search Domain Scan URL

URL: https://youtils.cc/length
Title: 身高/長度換算

Search URL Search Domain Scan URL

URL: https://stockinfo.tw/
Title: 台股資訊網

Search URL Search Domain Scan URL

URL: https://youtils.cc/wordcounter/zh-Hants
Title: 字數統計

Search URL Search Domain Scan URL

URL: https://youtils.cc/password/zh-Hants
Title: 密碼序號產生器

Search URL Search Domain Scan URL

URL: https://youtils.cc/dateCalculator
Title: 日期計算機

Search URL Search Domain Scan URL

URL: https://youtils.cc/lunarCalendar
Title: 農曆轉國曆

Search URL Search Domain Scan URL

URL: https://youtils.cc/utm
Title: UTM網址

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://reurl.cc/XV1QXD/ HTTP 301
https://reurl.cc/XV1QXD Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 56

https://c.holmesmind.com/cm HTTP 302
https://c.holmesmind.com/cm?tc=getIn&

Request Chain 109

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=VoeMhKlHALSpJYcmY2NJYw

Request Chain 112

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=7lSURMwuCeq7YLSdY2NJYw

Request Chain 139

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=-xbngQo-DUi8WNX6Y2NJYw

Request Chain 140

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=0RE18tkCB3SdqF1KZGNJYw

Request Chain 141

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=UE-5McR5Bvq8NDxmY2NJYw

Request Chain 142

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=ggHuLeehBw-qzVGmZGNJYw

Request Chain 177

https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=948814-C76ZXxTOtAM1A9fCVMI5bdAOFC2PypPB&uu_m=undefined HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm=&cf_uid=948814-C76ZXxTOtAM1A9fCVMI5bdAOFC2PypPB&uu_m=undefined&google_tc= HTTP 302
https://m.holmesmind.com/ml/google?cf_uid=948814-C76ZXxTOtAM1A9fCVMI5bdAOFC2PypPB&uu_m=undefined&google_gid=CAESEHytxRZFk4F8do2r4XEgOHI&google_cver=1

Request Chain 183

https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=948814-C76ZXxTOtAM1A9fCVMI5bdAOFC2PypPB&uu_m=undefined HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm=&cf_uid=948814-C76ZXxTOtAM1A9fCVMI5bdAOFC2PypPB&uu_m=undefined&google_tc= HTTP 302
https://m.holmesmind.com/ml/google?cf_uid=948814-C76ZXxTOtAM1A9fCVMI5bdAOFC2PypPB&uu_m=undefined&google_gid=CAESEGomNnM5s0SLmzPfTeaC-jY&google_cver=1

Request Chain 202

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=eUzdcwsDDvu6YUlPZGNJYw

Request Chain 203

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=XPGWMYJ1DfyTTOBtZGNJYw

Request Chain 205

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=Q3J-cbEyDXyBjd4PZGNJYw

Request Chain 207

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=qDXbhI_YCVSM1XVXZGNJYw

Request Chain 208

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=3NjybqqjCk2_ZvB6ZGNJYw

Request Chain 236

https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q0hBMjAyMjEwMTQyMTI1NTY2MDc2NTM%3d&layout=js HTTP 302
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEPx3effNiyF_lftwr6mWV8w&google_cver=1&google_ula=3918219,0

Request Chain 237

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac HTTP 301
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac

Request Chain 244

https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q1NBMjAyMjEwMTQyMTI1NTcyNjAyNTY%3d&layout=js HTTP 302
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEPx3effNiyF_lftwr6mWV8w&google_cver=1&google_ula=3918219,0

Request Chain 245

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac HTTP 301
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac

Request Chain 248

https://ads.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 249

https://ads.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 273

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=bimSPHxtSzMwYlBnSFp2WlgxMGtRWk50M2dpbUZxZVJmWGZ2SXNRNXNxR2VnZHNSVjZZWGFGd0kwZ3doSktCRFZXYlZ4YnF5NzEwL0UxaWlIZ0JudkdIZUIvNUdyMnhYdWdsb0wwQWljZ1c0QXN2OUtQcHhKdmwwWU13N0FwdlJTRnYxR2VNZE53RWFOTFM1SlRyYU1GUTZqVFpIaDZaMkR4eW84ajh1c2NBY211VUVsdkwzanZMYW5xZkIybE9KRzBYZVd4Z1pOTHhGYnh3TDErbGtqaFludWpZT25sSVdHWElPQk5MUTdCOFpjai90bzFqRzBsTDNEL2o5QlFyUUtiYmE5cE5ZT0tYWUNGZ2FMYzJ6MnJSNk5SNkZZT2w3czNkQldKdG0wYnNISjZBST18&cppv=2

Request Chain 299

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=qRNCXXw2cm5YL2tRclZ5RnZ4N3YxVjVkOFFaWWMrc3VwUnd6WG9mSU9YZWl6OUhxMmU5em9vTzJjSXZLRVI1clJna3RBL1ZHQjNzQVNERXZFd3NhVEJSaGJucHozdisydFppYTdPa1czUnN3QUxyWFZaQVBwWE9PNHV4RE91cE44aGZyT3VrL2RNQUo1KzRsTWpGNTFLb0NVVW5WUXBkVXB4QjBUeDBjNVhaWFljeGlVb3JQVnFJMXNaaEp2Rml3V1R2NElsNVVvN3hOVGNxaXRldkZGVWI1ajZDRFRGZGFXSEZWeEM5R1BvK0VhNDdHZjhzOTBmWTNsclp5R056TEQ1bnVyaVhqWUhiQU1IQkU0NnZwQ3pqYzJBRDMrSHR4UFNSSGlBM0Roaml0QXZBZz18&cppv=2

306 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request XV1QXD Show response
reurl.cc/
Redirect Chain

https://reurl.cc/XV1QXD/
https://reurl.cc/XV1QXD

7 KB
3 KB

256ms
255ms

Document
text/html

35.185.130.121
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/XV1QXD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 9d40170d7d8a358119bd1d17ac95e9f1832114b4123629090737e9e02d323429

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 14 Oct 2022 13:25:53 GMT
server: nginx/1.18.0 (Ubuntu)
target: https://mustardinkstudios.com/wp-content/plugins/wp/
vary: Accept-Encoding

Redirect headers

content-length: 42
content-type: text/html; charset=utf-8
date: Fri, 14 Oct 2022 13:25:53 GMT
location: /XV1QXD
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/ 152 KB
24 KB 91ms
49ms Stylesheet
text/css 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/bootstrap.min.css

Requested by

Host: reurl.cc
URL: https://reurl.cc/XV1QXD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 9785464
x-jsd-version: 4.3.1
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19163-FRA, cache-iad-kiad7000030-IAD
x-jsd-version-type: version
server: cloudflare
etag: W/"2606e-bhA1SChFSJj9qA9V897LNH/Z7SE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hGrld%2Bd7X8VUgU%2BjF7hk1%2BbcqlTfe9b6yy5DM%2BHkf%2BBgClJxOxYG48DkE3FCwXe3yK8RLWt33upwV8GLWMzNKNP2qfsHrMq4RM2jIK15X9L4Py9%2BvClJtJk1tJ5goC3PySJ2qQXKnv%2BBGAv1RQQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 75a0a4c3ca33bbe5-FRA

GET
H2 200 style.css
reurl.cc/stylesheets/rwd/ 2 KB
1 KB 254ms
253ms Stylesheet
text/css 35.185.130.121
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/stylesheets/rwd/style.css?v=1
Requested by: Host: reurl.cc
URL: https://reurl.cc/XV1QXD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 749079c4e18ad34ac381e98d3fa23e070937ae17b73e27bb066eae5350ed667d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/XV1QXD
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:53 GMT
content-encoding: gzip
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"63356adf-9f6"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
expires: Sat, 14 Oct 2023 13:25:53 GMT

GET
H2 200 pixel.js Show response
reurl.cc/javascripts/ 429 B
524 B 256ms
255ms Script
application/javascript 35.185.130.121
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/javascripts/pixel.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/XV1QXD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3050a5556edc5876cd83e63f15e56fe19cb428129345a58d1f57687414504698

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/XV1QXD
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:53 GMT
content-encoding: gzip
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"63356adf-1ad"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Sat, 14 Oct 2023 13:25:53 GMT

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ 5 KB
2 KB 1901ms
309ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/XV1QXD

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:55 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Mon, 25 Jul 2022 06:51:32 GMT
server: nginx
etag: W/"62de3d74-134a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Fri, 14 Oct 2022 13:35:55 GMT

GET
H2 200 ysm_reurl.js Show response
ad.sitemaji.com/ 17 KB
6 KB 70ms
20ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/ysm_reurl.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/XV1QXD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 8290d97b04510b940ddca9f2aea802eaafb36fc7a8f52e4466ed2b77db35c632

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 06:15:19 GMT
content-encoding: br
via: 1.1 google
last-modified: Thu, 20 Jun 2019 08:48:16 GMT
server: nginx/1.12.1 (Ubuntu)
age: 25835
etag: W/"5d0b4850-4488"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5880
expires: Sat, 15 Oct 2022 06:15:19 GMT

GET
H2 200 ad.js Show response
img.scupio.com/js/ 76 KB
23 KB 176ms
36ms Script
application/javascript 13.32.110.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/ad.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/XV1QXD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-16.vie50.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 0b7c985fafda17e8085fb6ba1cc58444ae9aad39a3f721a627db9e64d4491cea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:23:54 GMT
content-encoding: gzip
via: 1.1 3cf68d8be617999c7beade955cf69ddc.cloudfront.net (CloudFront)
last-modified: Mon, 19 Sep 2022 02:16:55 GMT
server: nginx/1.12.1
x-amz-cf-pop: VIE50-C2
age: 155
etag: W/"6327d117-12f95"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=900
x-amz-cf-id: stqasc3NxARAtnynmcTlwdrvjx1heZplwPDn0AdK7ndqHqJ1RMtehA==
expires: Fri, 14 Oct 2022 13:38:19 GMT

GET
H2 200 init.js Show response
cdn.holmesmind.com/js/ 6 KB
7 KB 159ms
25ms Script
application/javascript 2600:9000:206f:8e00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/init.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/XV1QXD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8e00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

x-amz-version-id: UdwMmUAM2dmZqopCO7YOeMhqjXQRxqvB
date: Fri, 14 Oct 2022 13:25:54 GMT
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
last-modified: Fri, 04 Mar 2022 10:10:49 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 2
etag: "439e160b698f1ec2efb45c3b6cd6b265"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 6552
x-amz-cf-id: BMMyOag_-nwvO8_5CzvM0VkgP4Sf1VvgT-0k6jupRfa335nv4Jjx9w==

GET
H2 200 vue.min.js Show response
cdn.jsdelivr.net/npm/vue@2.5.16/dist/ 84 KB
33 KB 88ms
47ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/vue@2.5.16/dist/vue.min.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/XV1QXD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 9782772
x-jsd-version: 2.5.16
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19132-FRA, cache-cdg20762-CDG
x-jsd-version-type: version
server: cloudflare
etag: W/"151b4-KLsckeN7U/TrtIzkgtzLJAAD4Hg"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UHGSzNQ7YYlmSP1uyNCS%2FAeAFaR6Bh%2FbeM%2BC4j57lFF6VcC884DC3zlEcgGMUj9JLxtgcrgz5t9l%2B1DDMpkx0ixdxlzF2gd%2FgeHYv2g%2F94AodLbim3Ov%2B8rfm%2F%2FZlIKiNFR%2BpGnngG9lxQtpOwM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 75a0a4c3ca41bbe5-FRA

GET
H2 200 renews.js Show response
reurl.cc/javascripts/ 412 B
493 B 257ms
257ms Script
application/javascript 35.185.130.121
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/javascripts/renews.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/XV1QXD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 52bb2d07b65ec544edeb2a33f4103397a28f036f0d100090f3e17e4364aea1fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/XV1QXD
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:53 GMT
content-encoding: gzip
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"63356adf-19c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Sat, 14 Oct 2023 13:25:53 GMT

GET
H2 200 loading.js Show response
reurl.cc/javascripts/ 134 B
339 B 259ms
258ms Script
application/javascript 35.185.130.121
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/javascripts/loading.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/XV1QXD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: ddd9d29beabaeecc9c76408242dfc2b76305ec52511992d3cfbc81a500ee0670

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/XV1QXD
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:53 GMT
content-encoding: gzip
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"63356adf-86"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Sat, 14 Oct 2023 13:25:53 GMT

GET
H2 200 ga2.js Show response
reurl.cc/javascripts/ 536 B
550 B 260ms
260ms Script
application/javascript 35.185.130.121
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/javascripts/ga2.js?v=2
Requested by: Host: reurl.cc
URL: https://reurl.cc/XV1QXD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 16cf673198b29bb08e83f5d8f74182d97d9c6dfa729c60f90f6195e739de9d20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/XV1QXD
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:53 GMT
content-encoding: gzip
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"63356adf-218"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Sat, 14 Oct 2023 13:25:53 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 101 KB
27 KB 65ms
23ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/javascripts/pixel.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b81cc6d28cbf3df9c6127a05a865bef0842d917507cce946712974e748110957

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 14 Oct 2022 13:25:54 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26852
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 1XDou48aSy0xYn7wAAyZVSzv7hW8xI0xmf67giNo5gB+2ic6kDC+gmeoekDpbOWVbvhhhLetf6+OoS8w/Z/8eQ==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 page.php Show response
www.facebook.com/plugins/ Frame 5695 99 KB
26 KB 158ms
115ms Document
text/html 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId

Requested by

Host: reurl.cc
URL: https://reurl.cc/XV1QXD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1898f9dc0d1a98c1664c9cb907d413db6308947cd1a90fc30522121407296af0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Fri, 14 Oct 2022 13:25:54 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: l4wdmugGIbr2QUmQO0SJHDeBFMOdx03OrXSBVOp3m2VNibn9bIGMn1i7yduyVjMQS99l00v+0hRWppbKKyeu0w==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H2 200 feeds Show response
storage.re-news.tw/ 6 KB
6 KB 842ms
296ms XHR
text/html 35.244.196.223
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.re-news.tw/feeds
Requested by: Host: reurl.cc
URL: https://reurl.cc/javascripts/renews.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.196.223 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 223.196.244.35.bc.googleusercontent.com
Software: / Express
Resource Hash: 495eec93b637fe3aa868998c1b0969fe95abaf838e55ded068b407cc898cdbfc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:54 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"190e-olko+bIyAQW12TXMxLrNMt6YS6o"
vary: Origin
content-type: text/html; charset=utf-8
access-control-allow-origin: https://reurl.cc
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6414

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 69ms
20ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/javascripts/ga2.js?v=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 14 Oct 2022 13:15:57 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 597
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Fri, 14 Oct 2022 15:15:57 GMT

GET
H2 200 reurl_passback.js Show response
ad.sitemaji.com/native/ Frame FF4D 15 KB
5 KB 22ms
22ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/native/reurl_passback.js?s=728x90_pc
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_reurl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 9106df425157d837db9798b2b26f25f27f9a4e803f2fb0b2851c88492bec14fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 01:00:06 GMT
content-encoding: br
via: 1.1 google
last-modified: Thu, 29 Aug 2019 10:21:10 GMT
server: nginx/1.12.1 (Ubuntu)
age: 44748
etag: W/"5d67a716-3bbe"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5256
expires: Sat, 15 Oct 2022 01:00:06 GMT

GET
H2 200 1675200226052423 Show response
connect.facebook.net/signals/config/ 25 KB
7 KB 22ms
21ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1675200226052423?v=2.9.84&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

20148056bcdde5d98665843a4c47b0d6cf3403f043265030acc58bc36d8e1b98

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 14 Oct 2022 13:25:54 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 7345
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: uBMRVkSxvbClDtIIjV0z23xMkGekRXTeS/1LYtW6ThMidbka9T8oi4vS6jh4bEwX8P/kUxILxe2QWwAqWQxsgg==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 native.js Show response
s.yimg.com/dy/ads/ Frame FF4D 78 KB
30 KB 514ms
35ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/dy/ads/native.js

Requested by

Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/native/reurl_passback.js?s=728x90_pc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

a19902458ab4a5513642a87b381b9183a2fc725849b581fd953e22d824d1c5a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:22:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552000
x-amz-request-id: K3GBN73AVAGKP80Q
age: 180
x-amz-server-side-encryption: AES256
x-amz-id-2: dSntjFkC8QtYYA75lAxg1KA0229IHGRdSPYiW8qhkr4qxlStZ8UbkT5ScYJBaBmTTuhctW9NXHU=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 08 Feb 2022 12:02:57 GMT
server: ATS
etag: "7e002e241fddeeb8dd76383206c47a3d-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
accept-ranges: bytes

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 69ms
27ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=2099657260&t=pageview&_s=1&dl=https%3A%2F%2Freurl.cc%2FXV1QXD&ul=en-us&de=UTF-8&dt=ING&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1099672175&gjid=108473718&cid=1639071381.1665753954&tid=UA-102456694-1&_gid=180409045.1665753954&_r=1&_slc=1&z=1560095230

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 13:25:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 60ms
20ms Image
image/gif 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=2099657260&t=event&_s=2&dl=https%3A%2F%2Freurl.cc%2FXV1QXD&ul=en-us&de=UTF-8&dt=ING&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=pause&ea=3&el=MjE3LjExNC4yMTguMjc&ev=1&_u=IEBAAEABAAAAACAAI~&jid=&gjid=&cid=1639071381.1665753954&tid=UA-102456694-1&_gid=180409045.1665753954&z=1681005569

Requested by

Host: reurl.cc
URL: https://reurl.cc/XV1QXD

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Thu, 13 Oct 2022 14:04:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 84111
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
204 B 20ms
20ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1675200226052423&ev=PageView&dl=https%3A%2F%2Freurl.cc%2FXV1QXD&rl=&if=false&ts=1665753954232&sw=1600&sh=1200&v=2.9.84&r=stable&ec=0&o=28&fbp=fb.1.1665753954231.1076959687&it=1665753954190&coo=false&rqm=GET

Requested by

Host: reurl.cc
URL: https://reurl.cc/XV1QXD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 14 Oct 2022 13:25:54 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 capmapping.htm Show response
cdn.holmesmind.com/js/ Frame 163A 5 KB
5 KB 22ms
21ms Document
text/html 2600:9000:206f:8e00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/capmapping.htm
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8e00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cc37fba2e98f49c4d9551f72176d3aff72eacd798e5e85436837847e6b967c36

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 23
content-length: 4730
content-type: text/html
date: Fri, 14 Oct 2022 13:25:38 GMT
etag: "c36f5eb091d6195fe8b68f3b263f999b"
last-modified: Mon, 22 Aug 2022 03:00:17 GMT
server: AmazonS3
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
x-amz-cf-id: oNtVPHiTDJ82qn57JftEKELxch7Sb8S1N2elLoN27UXUh7Lk-_MJoQ==
x-amz-cf-pop: FRA56-C1
x-amz-version-id: 9jVaRQ2pP3sbT47ouwg8zArcPp2ddVmt
x-cache: Hit from cloudfront

GET
H2 200 edmp_init.js Show response
cdn.holmesmind.com/js/ 662 B
1012 B 23ms
23ms Script
application/javascript 2600:9000:206f:8e00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/edmp_init.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8e00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

x-amz-version-id: null
date: Fri, 14 Oct 2022 13:25:54 GMT
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
last-modified: Fri, 12 Mar 2021 02:45:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 1
etag: "f58f8a90686f8ffb3325107e8a788b71"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 662
x-amz-cf-id: Et36vFS1es99VtDeFlKBAdxmLSsP-Lkci7uDQbpMMOJdLXn7iWGD5w==

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame 2A27 9 KB
10 KB 26ms
25ms Script
application/javascript 2600:9000:206f:8e00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8e00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 83a37c9bbe8dae0a71e95a0e6401bd5d9576a2b0e35295e640c2d807f9b4424e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

x-amz-version-id: QFAcVwN57aO_RWKPah9bVgfaw1eby0J0
date: Fri, 14 Oct 2022 13:25:54 GMT
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
last-modified: Mon, 22 Aug 2022 03:00:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 2
etag: "ddf163a3d8381378b3e35e39339ad7ab"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 9530
x-amz-cf-id: 5neiIDGW_fo53PJ_4jmvlEmFWIIHpE1jnpDg0oMKnEPCqpnGmIGm1A==

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame 72CA 9 KB
10 KB 22ms
21ms Script
application/javascript 2600:9000:206f:8e00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8e00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 83a37c9bbe8dae0a71e95a0e6401bd5d9576a2b0e35295e640c2d807f9b4424e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

x-amz-version-id: QFAcVwN57aO_RWKPah9bVgfaw1eby0J0
date: Fri, 14 Oct 2022 13:25:54 GMT
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
last-modified: Mon, 22 Aug 2022 03:00:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 2
etag: "ddf163a3d8381378b3e35e39339ad7ab"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 9530
x-amz-cf-id: n2-V5AzSxX9acjmJMIp4f6HAsgFBL7cWJAB1xBniYH-DWY6yxwqiFQ==

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame A822 9 KB
10 KB 22ms
22ms Script
application/javascript 2600:9000:206f:8e00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8e00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 83a37c9bbe8dae0a71e95a0e6401bd5d9576a2b0e35295e640c2d807f9b4424e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

x-amz-version-id: QFAcVwN57aO_RWKPah9bVgfaw1eby0J0
date: Fri, 14 Oct 2022 13:25:54 GMT
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
last-modified: Mon, 22 Aug 2022 03:00:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 2
etag: "ddf163a3d8381378b3e35e39339ad7ab"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 9530
x-amz-cf-id: cI8Iy3XwObbj9u7f9DhMTk0sXV_xsnZ4HL2rC2XuGdTFZiBn8njECw==

GET
H2 200 c0CCYp5loCt.css
static.xx.fbcdn.net/rsrc.php/v3/yr/l/0,cross/ Frame 5695 18 KB
5 KB 53ms
49ms Stylesheet
text/css 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yr/l/0,cross/c0CCYp5loCt.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fd70d83d9ec79862ef95ad384283c5a856bc0c282724291e7f46541f4a523381

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:54 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: G5PJhBXAls/xqDPL3HHZKQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 4645
x-fb-rlafr: 0
x-fb-debug: 8uNkO23KLwjInQIfHFs28hK9xkJqHZEAx1s0MWrCbYCk6xtcVhfgytOElbMqYDIMkldg6x9jQVaHn+zCy7av9w==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 13 Oct 2023 17:47:24 GMT

GET
H2 200 4_8X-2u0CDc.css
static.xx.fbcdn.net/rsrc.php/v3/ys/l/0,cross/ Frame 5695 2 KB
1 KB 26ms
22ms Stylesheet
text/css 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/ys/l/0,cross/4_8X-2u0CDc.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9acfed27c48bed8ca914e0e37f67b2f1da363144e2929ef83279a704e3c94414

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:54 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: KZc887Dvnxb+Me2YGy9lcw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 827
x-fb-rlafr: 0
x-fb-debug: cNAlZPMPzcSsrqgtLfXjZezXUy4GRKVIWxTkDK+4dem8gbl70I+3fxPYVNlNLMU7s27KWuQJwq7bX1eaFUlTYg==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Wed, 04 Oct 2023 21:23:50 GMT

GET
H2 200 SXPfxAVa0rJ.css
static.xx.fbcdn.net/rsrc.php/v3/yo/l/0,cross/ Frame 5695 33 KB
6 KB 53ms
49ms Stylesheet
text/css 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yo/l/0,cross/SXPfxAVa0rJ.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

42773f46a67bdf5fe56d587858f6de72a15b737cc3e886650a84d52ad03206a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:54 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 6sTs0WZ3KysQLT23uq+H9g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 6351
x-fb-rlafr: 0
x-fb-debug: pZD/8FThcgrEy2q/Hgq9z+rflyOLBU2rirswUnTggFPd3cxXOioLNaKogNbqCm5gS5B+9bo7CDBLiYw69xxZ/A==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Wed, 04 Oct 2023 09:31:12 GMT

GET
H2 200 djVIliQkxVH.css
static.xx.fbcdn.net/rsrc.php/v3/yR/l/0,cross/ Frame 5695 17 KB
5 KB 53ms
49ms Stylesheet
text/css 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yR/l/0,cross/djVIliQkxVH.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d636da1b7179999d5693d06c19c98ddca6d29440ce33ce5b5d95894cd964a764

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:54 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: YyBJvbamfskP1DxoUVTW7A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 4554
x-fb-rlafr: 0
x-fb-debug: I43PFemycjRLl705gMakzF1psIbvp30T5l+ky+WnJmg+fz1rJibwaYrRVvQgrteqECBwV1kNEiNExU8qMFGKyQ==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Mon, 09 Oct 2023 16:08:58 GMT

GET
H2 200 9csz9isadFR.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yo/r/ Frame 5695 346 KB
93 KB 53ms
50ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yo/r/9csz9isadFR.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b9f2503399472bac7925ee09d716a23a824634bab7ed8b0c091dc5946c71176c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:54 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: qVJIOS2eJOYMaURNxosJ6g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 95252
x-fb-rlafr: 0
x-fb-debug: C1sYctBVI0BnOOhrZ2BkHmPY/OndmPZP7ZYpFn9rr6K8CrqHAiUvGag4sSoiOgakObruhNJQUwfY+inw2inaVA==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 12 Oct 2023 08:34:40 GMT

GET
H2 200 FGasx_8C7gf.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yS/r/ Frame 5695 38 KB
12 KB 26ms
23ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yS/r/FGasx_8C7gf.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

41b2c8c215be5020e756d8dde6c738ba98ca3a167266a4f708fbb02299771d69

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:54 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: TPH8wCpe+btQJshugd6Gtw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 12272
x-fb-rlafr: 0
x-fb-debug: nOA5nqgN1tYtnE+kA95V3kttugzZmh1ufGKyQ68/btnacYv1DLrB53qxhIfSCWa/921C8lkCTAqEFQcrE3EF2g==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 04 Oct 2023 07:25:14 GMT

GET
H2 200 5I68SGTEBGz.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yj/r/ Frame 5695 51 KB
16 KB 84ms
81ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yj/r/5I68SGTEBGz.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a5fc80af241aec02acf796b66c39027b469e8b54fd30519bb773908d3cd1f600

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:54 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: QjaAwCelpsv7iT4ru+X7MA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 16192
x-fb-rlafr: 0
x-fb-debug: p0IOtbipf2bRa3oQ5TfshVTKbnu764I0LPkXsnj/3WxIxeRhZPzx6XSNqSOarxcSyvp119zwmlB0avPbp6opkg==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 14 Oct 2023 04:48:28 GMT

GET
H2 200 hPZIPTPHqCo.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yQ/r/ Frame 5695 21 KB
7 KB 83ms
80ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yQ/r/hPZIPTPHqCo.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b34e990bcdb512549b66a8703674635168434d960dd725e90285889f1336759e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:54 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: BWIH4To21LUz9RX2gJ76+A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 7126
x-fb-rlafr: 0
x-fb-debug: S5Ohlpgjd7y6mlFPAdRfBy9yd7UmqTEW0s791GXyb3ilODsLXLiDqej3QT9LJ0vzojsi28QG2QIjj3vkG6ZZqg==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 13 Oct 2023 17:21:02 GMT

GET
H2 200 iKOdrVwIJO6.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y1/r/ Frame 5695 26 KB
8 KB 81ms
78ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y1/r/iKOdrVwIJO6.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d295ad9799d17401cc653b47a5c27bd046fe89512861221f1bc6b6738d31a060

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:54 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: ACqcir3ClHkUNdXTCpvPCg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 8427
x-fb-rlafr: 0
x-fb-debug: KDEnm4es30E2t6YZqUJU7B35H5O1A7dt3iD/eJHTDDsxGRJbLd3D06jItkBdbm801xAbdQfc2HAxKwNbpzhBbg==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 13 Oct 2023 17:21:02 GMT

GET
H2 200 dmtE6195c4_.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y-/r/ Frame 5695 18 KB
6 KB 80ms
78ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y-/r/dmtE6195c4_.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

27ddc909a924fa13e1c92c061f1efc24eb5851a8679a49b6d1cbf5b52a30bb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:54 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: NkD8cYDASlJU1GEhNvFoig==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 5804
x-fb-rlafr: 0
x-fb-debug: 0KDsGqkDbta7YSTJMQvxWiiwcCGd1RghjcJHzZP0EvsoOs+2rDpF+aiZDQVdKikQrWBXssyAom1x4F3oAzMY+A==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 13 Oct 2023 17:21:02 GMT

GET
H2 200 p55HfXW__mM.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 5695 588 B
531 B 77ms
74ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2a3d13042506b014659c201105249b75f7101f0c3175eea254b8f33bb5ea7bd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:54 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: dvWT6EJnf3PNCgYjKHSyww==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 338
x-fb-rlafr: 0
x-fb-debug: lnI8PyvKbIUgmqg0kxw4Lqszn4Bpvwy0WUVqktwO+nFxfnEPfc2Lhznab72Srsqcv7RFgx2GK+pR4penA1xR3w==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 05 Oct 2023 15:35:31 GMT

GET
H2 200 UQf8KwbqJif.js Show response
static.xx.fbcdn.net/rsrc.php/v3i2aq4/yX/l/de_DE/ Frame 5695 25 KB
7 KB 26ms
23ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i2aq4/yX/l/de_DE/UQf8KwbqJif.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

506d315d02544f0d8269f294f2da7d047af707dcd41db86012ca90dc1b4f78c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:54 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 3npe0GkJmZlCzbg9uyZ0Kg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 7101
x-fb-rlafr: 0
x-fb-debug: 77VORXrHwEoKenSgTSq28mxa45oNLSh34o0o4dovge03ve9CyGmL6Wb7YOwpdBcxbPZaRAbYvdFtcxh5uLn3ug==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 13 Oct 2023 17:36:02 GMT

GET
H2 200 GG1Y0sYc7My.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yv/r/ Frame 5695 5 KB
2 KB 26ms
23ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

90fc0d4d2666d3f5b0ce950a759f03f7755f52012ba11c5d68bad84ab0ea9a3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:54 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: FvCDsjtWXbnS8g0a11kzwQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1657
x-fb-rlafr: 0
x-fb-debug: NoHMQI8nlRIqoKYzQlBDjVjmnenckToBkVshQWKWSNzoN+8RuQEDJ2gh/63+3dXk2e7Zrr+bmod2lhVUXDSezg==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sun, 01 Oct 2023 03:39:26 GMT

GET
H2 200 I52F_owkvX4.js Show response
static.xx.fbcdn.net/rsrc.php/v3iAxA4/yx/l/de_DE/ Frame 5695 83 KB
23 KB 25ms
23ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iAxA4/yx/l/de_DE/I52F_owkvX4.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

211d6dc20d58202a8270f43f611dcbb34b14f7dd96cd8f2a8cdb6b85c28cf3e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:54 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: d2HI/xcx71WEBU04RmusEQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 23362
x-fb-rlafr: 0
x-fb-debug: g5NxJ6GXUSkBYIUQp18vdr50VP/4XRBqc2t8Ke1nZYnkLs4IC9ke0ymp6UyK2CRju9F+8R27DCURCGC+sTLhrQ==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 13 Oct 2023 17:36:02 GMT

GET
H2 200 oDVETVg4GJv.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yV/r/ Frame 5695 22 KB
7 KB 78ms
76ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yV/r/oDVETVg4GJv.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d7994b4c7055c1dbba3b5b88309fcd1327a08f3412ff73d5633cb3b842a156f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:54 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 0bpo8UawH0rvYNearbkm6g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 7236
x-fb-rlafr: 0
x-fb-debug: iZZA/zO+QeZMm2b2U3g6ir+yVZmk0N/89YpQixhJChDTJQoGM/Xd3mu0DolWUYgb0y+v1hJbZmYcvzmh1brk4A==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sun, 01 Oct 2023 11:25:26 GMT

GET
H2 200 HIpG-zMFMaC.js Show response
static.xx.fbcdn.net/rsrc.php/v3iiuU4/yO/l/de_DE/ Frame 5695 336 KB
79 KB 25ms
23ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iiuU4/yO/l/de_DE/HIpG-zMFMaC.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

064b872dc62ac586dbb1c7c9c9d01b292df105e4d2f6ae624808f15eb300a140

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:54 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: xx6E0JW2i75QdqHU53eL3A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 80487
x-fb-rlafr: 0
x-fb-debug: QyLsgISpNITePM3SqSbyCw/f53wKg2/tlDxMX9WKy8A3R3dtMZGczuR1B1qrkRQj1ivjn77utjUFK0/ROacVBg==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Tue, 10 Oct 2023 19:40:59 GMT

GET
H2 200 fYcoadLKcqx.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yl/r/ Frame 5695 73 KB
19 KB 77ms
75ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yl/r/fYcoadLKcqx.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

05d7b718b14633236a482ade1982ae74c25d2cfe73a43ca3e39840f6f093d71d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:54 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: dnL8k+yw6LQd3AQoGk2E4A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 19181
x-fb-rlafr: 0
x-fb-debug: zUMGpy0ysz3HHKlOfrbHz4ZIlQ1Oae/YQ74CoUUv327NBkqe9VUqT2Ijba/Sfuc8bRgfD6/tp6zmSBz5oNZcEw==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 13 Oct 2023 17:21:02 GMT

GET
H2 200 XOGLqtK6SbW.js Show response
static.xx.fbcdn.net/rsrc.php/v3iMqR4/yq/l/de_DE/ Frame 5695 155 KB
41 KB 78ms
76ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iMqR4/yq/l/de_DE/XOGLqtK6SbW.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

55cea37ba4b4a7545b294b34cfc82339b661f891fcd64c246e3342ad0f7a57c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:54 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: woPTmoM4f5w07qV6SDEBuw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 42146
x-fb-rlafr: 0
x-fb-debug: pQD7Zw6IRHGj4oGfeQrVkfgRKpBHeZCQTplmtm8vlzNMFNIqgtDOO7cop3byb6pVfWC7uWsORLuW9HEYuGUqHA==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 13 Oct 2023 17:36:02 GMT

GET
H2 200 tWToR-gOAEL.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yn/r/ Frame 5695 210 KB
47 KB 77ms
75ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/tWToR-gOAEL.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8274947f071c5bd9734c5e970df088e184c8f463ca9b72688b43eaeab2d635fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:54 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: ASs/HK9M2wJ3ULde+FyQGA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 47802
x-fb-rlafr: 0
x-fb-debug: 7OKXXG3y9AnwXwVlC299uHK41zCNLGMo1cHpwpXK9yt1kzabqa0XlmfRivWsfrYByDINBbnoQcGWpnjZ0mOMuw==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 13 Oct 2023 17:21:02 GMT

GET
H2 200 ehi71tw9UIC.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yB/r/ Frame 5695 22 KB
8 KB 78ms
77ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yB/r/ehi71tw9UIC.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

49712020cdf04c0161b3c7d60d9fa6c073388f2ef009bbad6c5edcf123fa707a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:54 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 813e0p2VQavjAMRiz8/G8g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 7562
x-fb-rlafr: 0
x-fb-debug: sMLFbJCWVEaReR/TekEbT5ORclUKtQmR/ypScZJPye/Vf1g4MyVgwSKCj13Vp9313x00PxXFyKTBbr2AkOQeDA==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 13 Oct 2023 17:21:02 GMT

GET
H2 200 FLvtonlSna1.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yf/r/ Frame 5695 55 KB
15 KB 78ms
76ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yf/r/FLvtonlSna1.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1d6490f44a2180305b547c102812f520f01fb334f167db4091c1816b66166b9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:54 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 4majzMI5X7y53cPlzz/opA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 15209
x-fb-rlafr: 0
x-fb-debug: qTIAaFeOKcQ+yAjIYom5BEsJBYprTcpJw2iktl4o4KtD8gflNcViXwPF34pnU9cbCfnjhUqNf7HLIX5JNk91Xg==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sun, 01 Oct 2023 00:51:19 GMT

GET
H2 200 17229.json Show response
img.scupio.com/js/config/ 461 B
870 B 135ms
49ms XHR
application/json 13.32.110.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/config/17229.json?v=1.0.3839
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-16.vie50.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: b089858662086aaf29d4f37d5cbd92faf267e7f9db55d13df5ec21229d2eb1b0

Request headers

Accept: application/json, text/javascript, */*
Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 14 Oct 2022 13:25:54 GMT
via: 1.1 39103e0eac16074bdce5f23fa11c3dcc.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 232
x-cache: Hit from cloudfront
content-length: 461
last-modified: Fri, 14 Oct 2022 02:20:47 GMT
server: nginx/1.12.1
etag: "6348c77f-1cd"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=10800
accept-ranges: bytes
x-amz-cf-id: DaGjftwKaKeVBBBgHVf5Ud_q-DQ_44ZWFzXEv7oC0nC7TGQuXWaAhQ==
expires: Fri, 14 Oct 2022 16:22:02 GMT

POST
H/1.1 200
OK adreqlog.aspx Show response
bw.scupio.com/adpinline/ 0
711 B 1506ms
298ms XHR
application/json 210.59.219.180
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://bw.scupio.com/adpinline/adreqlog.aspx?cid=17229&cb=0.7357956983745104
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 210.59.219.180 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/javascript, */*
Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Fri, 14 Oct 2022 13:25:55 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: application/json
Access-Control-Allow-Origin: https://reurl.cc
P3P: CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Length: 0

GET
H2 200 ad.html Show response
img.scupio.com/html/ Frame 2E79 83 KB
22 KB 37ms
37ms Document
text/html 13.32.110.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/html/ad.html?v=1.0.65
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-16.vie50.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: f670c1ad9fafff4387b4474fda0e68b090c975ddc416cf9f2aa64f50e1a4077c

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

age: 797
cache-control: max-age=2592000
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 14 Oct 2022 13:12:54 GMT
etag: W/"62fdf772-14d93"
expires: Sun, 13 Nov 2022 13:12:37 GMT
last-modified: Thu, 18 Aug 2022 08:25:22 GMT
server: nginx/1.12.1
vary: Origin
via: 1.1 3cf68d8be617999c7beade955cf69ddc.cloudfront.net (CloudFront)
x-amz-cf-id: sHHwnajfotH3-8zF_dufyAGymEuV6TL02L-tffichV9vVq64XNKxzg==
x-amz-cf-pop: VIE50-C2
x-cache: Hit from cloudfront

GET
H2 200 17253.json Show response
img.scupio.com/js/config/ 461 B
853 B 126ms
48ms XHR
application/json 13.32.110.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/config/17253.json?v=1.0.3839
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-16.vie50.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: b1cbb0a3fc338c889779e2fb023e61a1e039d238f5e42b3920413c83a0e3b71a

Request headers

Accept: application/json, text/javascript, */*
Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 14 Oct 2022 13:22:57 GMT
via: 1.1 39103e0eac16074bdce5f23fa11c3dcc.cloudfront.net (CloudFront)
last-modified: Fri, 14 Oct 2022 02:20:48 GMT
server: nginx/1.12.1
x-amz-cf-pop: VIE50-C2
age: 177
etag: "6348c780-1cd"
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=10800
accept-ranges: bytes
content-length: 461
x-amz-cf-id: USK1BO08_D7zRGgFh5NN07_lxDhNHXBc_ZkBj7knbwh9zXO2jzWtIg==
expires: Fri, 14 Oct 2022 16:22:57 GMT

POST
H/1.1 200
OK adreqlog.aspx Show response
bw.scupio.com/adpinline/ 0
711 B 1510ms
299ms XHR
application/json 210.59.219.180
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://bw.scupio.com/adpinline/adreqlog.aspx?cid=17253&cb=0.6125112462777706
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 210.59.219.180 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/javascript, */*
Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Fri, 14 Oct 2022 13:25:55 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: application/json
Access-Control-Allow-Origin: https://reurl.cc
P3P: CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Length: 0

GET
H2 200 ad.html Show response
img.scupio.com/html/ Frame 0B7F 83 KB
22 KB 41ms
41ms Document
text/html 13.32.110.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/html/ad.html?v=1.0.65
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-16.vie50.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: f670c1ad9fafff4387b4474fda0e68b090c975ddc416cf9f2aa64f50e1a4077c

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

age: 797
cache-control: max-age=2592000
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 14 Oct 2022 13:12:54 GMT
etag: W/"62fdf772-14d93"
expires: Sun, 13 Nov 2022 13:12:37 GMT
last-modified: Thu, 18 Aug 2022 08:25:22 GMT
server: nginx/1.12.1
vary: Origin
via: 1.1 3cf68d8be617999c7beade955cf69ddc.cloudfront.net (CloudFront)
x-amz-cf-id: RPdKi4_Mmoo7_uStlmfObTZYYC8oHQyklYiYYHLboCIXUGk_OSZTig==
x-amz-cf-pop: VIE50-C2
x-cache: Hit from cloudfront

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
437 B 103ms
28ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-102456694-1&cid=1639071381.1665753954&jid=1099672175&gjid=108473718&_gid=180409045.1665753954&_u=IEBAAEAAAAAAACAAI~&z=566775756

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 14 Oct 2022 13:25:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm.php Show response
fcm.holmesmind.com/ Frame A738 39 B
191 B 188ms
119ms Document
text/html 34.95.67.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fcm.holmesmind.com/cm.php
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.67.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.67.95.34.bc.googleusercontent.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795

Request headers

Referer: https://cdn.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39
content-type: text/html; charset=UTF-8
date: Fri, 14 Oct 2022 13:25:54 GMT
server: Apache/2.4.29 (Ubuntu)
via: 1.1 google

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 163A 5 KB
2 KB 1681ms
310ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:55 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Mon, 25 Jul 2022 06:51:32 GMT
server: nginx
etag: W/"62de3d74-134a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Fri, 14 Oct 2022 13:35:55 GMT

GET
H3

200

cm
c.holmesmind.com/ Frame 163A
Redirect Chain

https://c.holmesmind.com/cm
https://c.holmesmind.com/cm?tc=getIn&

0
16 B

174ms
133ms

Image
text/html

35.201.76.93
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm?tc=getIn&
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H3
Server: 35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:54 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

Redirect headers

location: https://c.holmesmind.com/cm?tc=getIn&
date: Fri, 14 Oct 2022 13:25:54 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

GET
H2 200 269546106_682875953118913_5806549178849375890_n.jpg
scontent.xx.fbcdn.net/v/t39.30808-6/ Frame 5695 18 KB
18 KB 22ms
21ms Image
image/jpeg 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.xx.fbcdn.net/v/t39.30808-6/269546106_682875953118913_5806549178849375890_n.jpg?stp=dst-jpg_s350x350&_nc_cat=106&ccb=1-7&_nc_sid=dd9801&_nc_ohc=IDlhf8V5V4sAX_SyFcz&_nc_ht=scontent.xx&edm=ADwHzz8EAAAA&oh=00_AT_4PS7dRSRT6lmqMcNVl1TJw_IfZ7VOY9zVtsN7hr66XA&oe=634E600C
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 571da35bdddda7ec4fccd594181c04e2c5db4285be67907abea45daad789ebf7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

x-haystack-needlechecksum: 2787905246
date: Fri, 14 Oct 2022 13:25:54 GMT
x-fb-trip-id: 917726464
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Fri, 24 Dec 2021 06:59:33 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=3014635661
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 250743086
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 18831

GET
H2 200 305964663_450890893727816_1742559653774706626_n.jpg
scontent.xx.fbcdn.net/v/t39.30808-1/ Frame 5695 1 KB
2 KB 21ms
20ms Image
image/jpeg 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.xx.fbcdn.net/v/t39.30808-1/305964663_450890893727816_1742559653774706626_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=1&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=YtPTnhN78uAAX93Jsvk&_nc_ht=scontent.xx&edm=ADwHzz8EAAAA&oh=00_AT-CAgKuPr6Xb9l0hC3jSHFGdj2hG8Iv5P1Uadvy9Yx1VA&oe=634E8F15
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 4636fb9df5ae103fbad3764c9f98400be1c9384cbe77fdb6951b96adcac788b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

x-haystack-needlechecksum: 760809244
date: Fri, 14 Oct 2022 13:25:54 GMT
x-fb-trip-id: 917726464
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Thu, 08 Sep 2022 19:16:03 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=2540016234
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 88386505
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1345

GET
H2 200 Preset.js Show response
adcdn.holmesmind.com/adserver/ Frame 2A27 756 B
689 B 135ms
25ms Script
text/html 2600:9000:2057:8800:3:1794:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adcdn.holmesmind.com/adserver/Preset.js?z=13847
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8800:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ce1e17725c0565bbdb0d7342bd669fea135d89a610c5f1c9ae7d0eed5e118267

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:18:49 GMT
content-encoding: gzip
via: 1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA6-C1
age: 425
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
x-amz-cf-id: 5ZLVR7YN46Y37WAlycsGjEeYwQbX0orrC3__fXs6VU6t75Ra6Z30NA==

GET
H2 200 Preset.js Show response
adcdn.holmesmind.com/adserver/ Frame 72CA 575 B
643 B 134ms
25ms Script
text/html 2600:9000:2057:8800:3:1794:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adcdn.holmesmind.com/adserver/Preset.js?z=13856
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8800:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 22d4fe7a41e1b5ac442faeccace387a6e59c4f056bc35b71f1b65cf42e7a6721

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:18:49 GMT
content-encoding: gzip
via: 1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA6-C1
age: 425
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
x-amz-cf-id: dyzx01nHl59mDdxqDk0J89ZFNY8Cp3ttUNFGyiBY0AZCtEls72LHmA==

GET
H2 200 Preset.js Show response
adcdn.holmesmind.com/adserver/ Frame A822 760 B
691 B 133ms
26ms Script
text/html 2600:9000:2057:8800:3:1794:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adcdn.holmesmind.com/adserver/Preset.js?z=13848
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8800:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 8f85e51a2f3c094fe6816857f185ca3f81647b4a74c6b06dd0df82e1d7455771

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:22:48 GMT
content-encoding: gzip
via: 1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA6-C1
age: 186
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
x-amz-cf-id: SixD3C9glQkV5cthYgHTQd8d9o7fBAQIGttqik7IbZiCx69ZHqY_Dg==

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame 2E79 95 KB
34 KB 67ms
20ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.scupio.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 04:24:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32468
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Oct 2023 04:24:46 GMT

GET
H2 200 prebid.js Show response
img.scupio.com/js/ Frame 2E79 236 KB
83 KB 38ms
37ms Script
application/javascript 13.32.110.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-16.vie50.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 97a8ac3778e546a6f181085011be6050889e44dd212ac3e9782389f0b853c23d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.scupio.com/html/ad.html?v=1.0.65
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:21:12 GMT
content-encoding: gzip
via: 1.1 3cf68d8be617999c7beade955cf69ddc.cloudfront.net (CloudFront)
last-modified: Tue, 28 Jun 2022 05:54:43 GMT
server: nginx/1.12.1
x-amz-cf-pop: VIE50-C2
age: 295
etag: W/"62ba97a3-3b047"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
x-amz-cf-id: kXbmnl4R_y0lReNCcLlgK9a0vspYH04VMM3N_A0DD-bSt6J5CWyKrQ==
expires: Sun, 13 Nov 2022 13:20:59 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame 0B7F 95 KB
33 KB 69ms
40ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.scupio.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 04:24:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32468
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Oct 2023 04:24:46 GMT

GET
H2 200 prebid.js Show response
img.scupio.com/js/ Frame 0B7F 236 KB
83 KB 47ms
34ms Script
application/javascript 13.32.110.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-16.vie50.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 97a8ac3778e546a6f181085011be6050889e44dd212ac3e9782389f0b853c23d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.scupio.com/html/ad.html?v=1.0.65
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:21:12 GMT
content-encoding: gzip
via: 1.1 3cf68d8be617999c7beade955cf69ddc.cloudfront.net (CloudFront)
last-modified: Tue, 28 Jun 2022 05:54:43 GMT
server: nginx/1.12.1
x-amz-cf-pop: VIE50-C2
age: 295
etag: W/"62ba97a3-3b047"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
x-amz-cf-id: CTNCjSJ2GRonPwqAiBFi8hSC7rD8tM66GSB-qysni57j10pHXrXEPw==
expires: Sun, 13 Nov 2022 13:20:59 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 108ms
58ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-102456694-1&cid=1639071381.1665753954&jid=1099672175&_u=IEBAAEAAAAAAACAAI~&z=39930700

Requested by

Host: reurl.cc
URL: https://reurl.cc/XV1QXD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 13:25:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 114ms
58ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-102456694-1&cid=1639071381.1665753954&jid=1099672175&_u=IEBAAEAAAAAAACAAI~&z=39930700

Requested by

Host: reurl.cc
URL: https://reurl.cc/XV1QXD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 13:25:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 UXtr_j2Fwe-.png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame 5695 573 B
628 B 19ms
19ms Image
image/png 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yr/l/0,cross/c0CCYp5loCt.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yr/l/0,cross/c0CCYp5loCt.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:54 GMT
x-content-type-options: nosniff
content-md5: 07aG/2AEtDHVAZ5LUajMDQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 573
x-fb-rlafr: 0
x-fb-debug: eqJ02I60kecGdrEMxBdIPfCMH+R/0qx715HoEZ7+BI0qSimr4DUZtde66tGQtp4FGGZqEg8z3eXh8pcMi4UdKA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 04 Oct 2023 00:50:13 GMT

GET
H3 200 -a5s-xpqOxO.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yv/r/ Frame 5695 160 KB
47 KB 21ms
21ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yv/r/-a5s-xpqOxO.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yo/r/9csz9isadFR.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5c1285a4ac2eadeaeb1861f7863adb0a97a0a601308d4247e7e81fd79fc611e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:54 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: iNoBd4sMqv7uZxE7a8rNPg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 47814
x-fb-rlafr: 0
x-fb-debug: SCX3plWbIvXLRy0YhSPScy63IGIxWyryVBGigMN3l//CHvr5IDU1+9sZuuN4jTYGIlSFSttq9K/z+P0GWE7t0A==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 13 Oct 2023 17:30:44 GMT

GET
H3 200 0iiVhQwJxVm.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y4/r/ Frame 5695 369 KB
79 KB 42ms
42ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y4/r/0iiVhQwJxVm.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yo/r/9csz9isadFR.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a92379341fb4f1f929f52906cbed5f35bc474ad6e0dce7713768bc8d8c156af6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:54 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: xtCM50AYgTdsxWznXFe7ZQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 80390
x-fb-rlafr: 0
x-fb-debug: dyKVxNqGSp4m13WhhM7S9PTlNiiaOG1GPyZTnt7E/YMoqSaD8r6qHh0z76ONr00KfX3O6lWhov+cLQgO3WSKGg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 03 Oct 2023 20:01:13 GMT

GET
H3 200 Sn-_BbYnlN4.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yK/r/ Frame 5695 52 KB
13 KB 43ms
42ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yK/r/Sn-_BbYnlN4.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yo/r/9csz9isadFR.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

689061066181e2f80c455652eb892d5f2753f4efe880ac9b8924e305f1952f4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:54 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: zI7TYFgzXoPKVi46GwXagg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 12883
x-fb-rlafr: 0
x-fb-debug: JaA3YdnetZ2uwHWAlaLYzZ/YWzNChlZO4zGjMoaCrM/MTbkzYYqTxEAU+lLY+UoJldNnZL5jDPNYFbo7veFvxw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 07 Oct 2023 18:58:23 GMT

GET
H2 200 ads.js Show response
ad.holmesmind.com/adserver/ Frame 72CA 2 KB
999 B 863ms
288ms Script
text/html 52.198.19.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/ads.js?z=13856&rf=https%3A%2F%2Freurl.cc%2FXV1QXD&n=501&o=undefined&d=1&b=undefined&ts=1&ii=3&FPCK=2947-EryvUQXQT8deUslXm2d9wazBXT7vcMIf&initver=210830P
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.198.19.32 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-198-19-32.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 60bb1fd59bfdbf7d629a861cecc3e452939c05ff4aa2331beacb7aedf3cb951a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

access-control-allow-origin: https://reurl.cc
date: Fri, 14 Oct 2022 13:25:55 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 rtbhouseV2.js Show response
cdn.holmesmind.com/js/ Frame 72CA 3 KB
3 KB 21ms
20ms Script
application/javascript 2600:9000:206f:8e00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8e00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

x-amz-version-id: null
date: Fri, 14 Oct 2022 13:25:49 GMT
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
last-modified: Tue, 04 Aug 2020 09:25:10 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 41
etag: "6a605eea47197fa280f27aaf1fa1521d"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2773
x-amz-cf-id: 0A8raNJpIInrJslqOsOUROAOrFujoVVci4T6AZnn1UjjHuARqOIPTQ==

GET
H2 200 appierV2.js Show response
cdn.holmesmind.com/js/ Frame 72CA 3 KB
3 KB 936ms
935ms Script
application/javascript 2600:9000:206f:8e00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appierV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8e00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

x-amz-version-id: null
date: Fri, 14 Oct 2022 13:25:56 GMT
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
last-modified: Thu, 11 Mar 2021 07:54:26 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
etag: "548ed610a8571343fb3022f543174735"
x-cache: RefreshHit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 3177
x-amz-cf-id: W8zE6fwz-M5GPHp8hDmRtvtUxYobeyaSEE8Os_3GlIOPWyMt7ElEQw==

GET
H2 200 ads.js Show response
ad.holmesmind.com/adserver/ Frame 2A27 0
215 B 843ms
270ms Script
text/html 52.198.19.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/ads.js?z=13847&rf=https%3A%2F%2Freurl.cc%2FXV1QXD&n=20&o=undefined&d=1&b=undefined&ts=1&ii=3&FPCK=2947-EryvUQXQT8deUslXm2d9wazBXT7vcMIf&initver=210830P
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.198.19.32 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-198-19-32.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

access-control-allow-origin: https://reurl.cc
date: Fri, 14 Oct 2022 13:25:55 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 rtbhouseV2.js Show response
cdn.holmesmind.com/js/ Frame 2A27 3 KB
3 KB 21ms
20ms Script
application/javascript 2600:9000:206f:8e00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8e00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

x-amz-version-id: null
date: Fri, 14 Oct 2022 13:25:49 GMT
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
last-modified: Tue, 04 Aug 2020 09:25:10 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 41
etag: "6a605eea47197fa280f27aaf1fa1521d"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2773
x-amz-cf-id: qlyZhErl_o3fpn8oAWUtuz21n7zPNMOnnldGdvVUK2Pq-u_aKK1EnA==

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame 2A27 121 KB
40 KB 111ms
52ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

119e37f6f9552a67b6f761070add78e7f93db654027478a7c51e9e34f955b841

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Sat, 01 Oct 2022 02:55:29 GMT
server: nginx
etag: W/"6337ac21-1e358"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 15 Oct 2022 13:25:54 GMT

GET
H2 200 criteoV2.js Show response
cdn.holmesmind.com/js/ Frame 2A27 2 KB
3 KB 22ms
21ms Script
application/javascript 2600:9000:206f:8e00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/criteoV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8e00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

x-amz-version-id: null
date: Fri, 14 Oct 2022 13:25:49 GMT
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
last-modified: Tue, 04 Aug 2020 09:25:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 41
etag: "e8f33fcb581483ced4a09b3c8e7550e4"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2443
x-amz-cf-id: OoXHqodFO7jzJOk-XJ9JO0mCxt38WIFg4-gqfs14OrmPTQZRrDszXQ==

GET
H2 200 bridgewellV3.js Show response
cdn.holmesmind.com/js/ Frame 2A27 4 KB
5 KB 35ms
34ms Script
application/javascript 2600:9000:206f:8e00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8e00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

x-amz-version-id: null
date: Fri, 14 Oct 2022 13:25:54 GMT
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
last-modified: Tue, 20 Apr 2021 06:25:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 55
etag: "c3b948e5a48dd0ec20c265d6d8da7add"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 4530
x-amz-cf-id: 2_ePbONm6sYfwkScXoxANsv4CoEub536glX_IgInEY0arJw3zOhG8Q==

GET
H2 200 appierV2.js Show response
cdn.holmesmind.com/js/ Frame 2A27 3 KB
3 KB 935ms
934ms Script
application/javascript 2600:9000:206f:8e00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appierV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8e00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

x-amz-version-id: null
date: Fri, 14 Oct 2022 13:25:56 GMT
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
last-modified: Thu, 11 Mar 2021 07:54:26 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
etag: "548ed610a8571343fb3022f543174735"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 3177
x-amz-cf-id: s5GQVEtqmvo7QZ3n1tyNIRM8rk1nbhCPN6XnpSJGCYK79wDdAP9AXw==

GET
H2 200 appier_mainV3.js Show response
cdn.holmesmind.com/js/ Frame 2A27 6 KB
6 KB 27ms
26ms Script
application/javascript 2600:9000:206f:8e00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8e00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 13d69b634ceeee6647713a2568ba53d7f956abaf734f3cfad0ad1e35d1e988c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

x-amz-version-id: fIQgLpkPc8Xa6hWRKpG2InO.92XkfeB1
date: Fri, 14 Oct 2022 13:25:54 GMT
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
last-modified: Wed, 12 Oct 2022 08:48:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 4
etag: "945b888de0f0e51f6997f84814931271"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 5760
x-amz-cf-id: qKXxo0mgFwV9dkzdqw2hvf0WNtqaAvL13iYFQ3fH1c5fXdWS8WEaKg==

GET
H2 200 ads.js Show response
ad.holmesmind.com/adserver/ Frame A822 2 KB
1 KB 1081ms
510ms Script
text/html 52.198.19.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/ads.js?z=13848&rf=https%3A%2F%2Freurl.cc%2FXV1QXD&n=652&o=undefined&d=1&b=undefined&ts=1&ii=3&FPCK=2947-EryvUQXQT8deUslXm2d9wazBXT7vcMIf&initver=210830P
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.198.19.32 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-198-19-32.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: b875479d3102caea2e5486a5f53d3d6c465e097589f81c0cd19e14c4d6c9962c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

access-control-allow-origin: https://reurl.cc
date: Fri, 14 Oct 2022 13:25:55 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 rtbhouseV2.js Show response
cdn.holmesmind.com/js/ Frame A822 3 KB
3 KB 21ms
20ms Script
application/javascript 2600:9000:206f:8e00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8e00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

x-amz-version-id: null
date: Fri, 14 Oct 2022 13:25:49 GMT
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
last-modified: Tue, 04 Aug 2020 09:25:10 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 41
etag: "6a605eea47197fa280f27aaf1fa1521d"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2773
x-amz-cf-id: z6AEO7dizx4vxVU5vFL2OtGGvwIZhUjE__Afkkm9-l0oUhtczIAXEg==

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame A822 121 KB
40 KB 137ms
81ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

119e37f6f9552a67b6f761070add78e7f93db654027478a7c51e9e34f955b841

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Sat, 01 Oct 2022 02:55:29 GMT
server: nginx
etag: W/"6337ac21-1e358"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 15 Oct 2022 13:25:54 GMT

GET
H2 200 criteoV2.js Show response
cdn.holmesmind.com/js/ Frame A822 2 KB
3 KB 23ms
23ms Script
application/javascript 2600:9000:206f:8e00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/criteoV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8e00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

x-amz-version-id: null
date: Fri, 14 Oct 2022 13:25:49 GMT
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
last-modified: Tue, 04 Aug 2020 09:25:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 41
etag: "e8f33fcb581483ced4a09b3c8e7550e4"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2443
x-amz-cf-id: w5-XSdMQvm4PhkwULhaaYTaPij1WHel_bLFjTK7mgcQnnsHoKriP9A==

GET
H2 200 bridgewellV3.js Show response
cdn.holmesmind.com/js/ Frame A822 4 KB
5 KB 34ms
33ms Script
application/javascript 2600:9000:206f:8e00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8e00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

x-amz-version-id: null
date: Fri, 14 Oct 2022 13:25:54 GMT
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
last-modified: Tue, 20 Apr 2021 06:25:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 55
etag: "c3b948e5a48dd0ec20c265d6d8da7add"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 4530
x-amz-cf-id: MS3h-VzYkiMjhdKNcts9crpoeMiwQLQLJfBgpde3tqwloepbE4yC6w==

GET
H2 200 appierV2.js Show response
cdn.holmesmind.com/js/ Frame A822 3 KB
3 KB 935ms
934ms Script
application/javascript 2600:9000:206f:8e00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appierV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8e00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

x-amz-version-id: null
date: Fri, 14 Oct 2022 13:25:55 GMT
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
last-modified: Thu, 11 Mar 2021 07:54:26 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
etag: "548ed610a8571343fb3022f543174735"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 3177
x-amz-cf-id: WpZcqRsO8Jt4Fd4iPRzRd4kfpkX4slubJ7kGpmBO7aiaE308ynCWpg==

GET
H2 200 appier_mainV3.js Show response
cdn.holmesmind.com/js/ Frame A822 6 KB
6 KB 36ms
36ms Script
application/javascript 2600:9000:206f:8e00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8e00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 13d69b634ceeee6647713a2568ba53d7f956abaf734f3cfad0ad1e35d1e988c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

x-amz-version-id: fIQgLpkPc8Xa6hWRKpG2InO.92XkfeB1
date: Fri, 14 Oct 2022 13:25:54 GMT
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
last-modified: Wed, 12 Oct 2022 08:48:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 4
etag: "945b888de0f0e51f6997f84814931271"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 5760
x-amz-cf-id: RkGNQbNWtMxptC3tOo5gzwCDbJVfduOuVgaWcGRysbonkUs8r0FyjQ==

GET
H2 200 currency.json Show response
img.scupio.com/js/config/ Frame 2E79 108 B
507 B 32ms
31ms XHR
application/json 13.32.110.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/config/currency.json
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-16.vie50.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: dafd0e1a677a84abf3626d7123b1bcdf332d233f8be42b22577ac2383b095d4b

Request headers

Referer: https://img.scupio.com/html/ad.html?v=1.0.65
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Content-Type: text/plain

Response headers

date: Fri, 14 Oct 2022 13:22:40 GMT
via: 1.1 3cf68d8be617999c7beade955cf69ddc.cloudfront.net (CloudFront)
last-modified: Thu, 13 Oct 2022 19:15:05 GMT
server: nginx/1.12.1
x-amz-cf-pop: VIE50-C2
age: 246
etag: "634863b9-6c"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/json
cache-control: max-age=10800
accept-ranges: bytes
content-length: 108
x-amz-cf-id: w3E8G7IICyCbi3zhqUgPw5IAetqIDCJ-vGBQkNPFq1t0PdR97AT7mA==
expires: Fri, 14 Oct 2022 16:21:48 GMT

GET
H2 200 currency.json Show response
img.scupio.com/js/config/ Frame 0B7F 108 B
496 B 31ms
31ms XHR
application/json 13.32.110.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/config/currency.json
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-16.vie50.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: dafd0e1a677a84abf3626d7123b1bcdf332d233f8be42b22577ac2383b095d4b

Request headers

Referer: https://img.scupio.com/html/ad.html?v=1.0.65
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Content-Type: text/plain

Response headers

date: Fri, 14 Oct 2022 13:22:40 GMT
via: 1.1 3cf68d8be617999c7beade955cf69ddc.cloudfront.net (CloudFront)
last-modified: Thu, 13 Oct 2022 19:15:05 GMT
server: nginx/1.12.1
x-amz-cf-pop: VIE50-C2
age: 246
etag: "634863b9-6c"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/json
cache-control: max-age=10800
accept-ranges: bytes
content-length: 108
x-amz-cf-id: EhhOZ-vC2k8VuL1S0EQ9n3Qdqu8feEZJw3elSXb1c_iBo2stToOR_g==
expires: Fri, 14 Oct 2022 16:21:48 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 2E79 0
216 B 188ms
30ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.21.0-pre&cb=53404339738

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://img.scupio.com/
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Content-Type: text/plain

Response headers

date: Fri, 14 Oct 2022 13:25:54 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://img.scupio.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H/1.1 204
No Content header Show response
hb.aralego.com/ Frame 2E79 0
176 B 454ms
109ms XHR
text/plain 192.96.200.41
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-6272B749823AD3B6FE98336EBDD2A34A&tdid=&schain=1.0%2C1!scupio.com%2C4808%2C1%2C%2C%2C&eids=&pubcid=af324b2b-4e07-48b3-8f85-2ec441175b8e&u=https%3A%2F%2Freurl.cc%2FXV1QXD&host=reurl.cc&xr=0&ao=https%3A%2F%2Freurl.cc&ucfUid=39ec63fa-e67e-41d1-89b1-a57e5dcc40a8&w=300&h=250
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.200.41 Gaithersburg, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://img.scupio.com
Date: Fri, 14 Oct 2022 13:25:54 GMT
Access-Control-Allow-Credentials: true
Connection: close

POST
H2 204 prebid.aspx Show response
prebid.scupio.com/recweb/ Frame 2E79 0
163 B 936ms
307ms XHR
text/html 210.59.219.181
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.scupio.com/recweb/prebid.aspx?cb=0.5231661471120563
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 210.59.219.181 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Content-Type: text/plain

Response headers

date: Fri, 14 Oct 2022 13:25:54 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: text/html
access-control-allow-origin: https://img.scupio.com
cache-control: private
access-control-allow-credentials: true

POST
H2 200 prebid.json Show response
ad.holmesmind.com/adserver/ Frame 2E79 0
218 B 784ms
285ms XHR
text/html 52.198.19.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/prebid.json?cb=1665753954523&hb=1&ver=1.21
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.198.19.32 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-198-19-32.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Fri, 14 Oct 2022 13:25:55 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame 2E79 0
176 B 572ms
182ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Fri, 14 Oct 2022 13:25:55 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 200 prebid.json Show response
ad.holmesmind.com/adserver/ Frame 0B7F 0
218 B 775ms
282ms XHR
text/html 52.198.19.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/prebid.json?cb=1665753954545&hb=1&ver=1.21
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.198.19.32 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-198-19-32.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Fri, 14 Oct 2022 13:25:55 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 0B7F 0
215 B 180ms
31ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.21.0-pre&cb=84361882078

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://img.scupio.com/
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Content-Type: text/plain

Response headers

date: Fri, 14 Oct 2022 13:25:54 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://img.scupio.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H2 204 prebid.aspx Show response
prebid.scupio.com/recweb/ Frame 0B7F 0
27 B 1515ms
893ms XHR
text/html 210.59.219.181
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.scupio.com/recweb/prebid.aspx?cb=0.7129277576813398
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 210.59.219.181 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Content-Type: text/plain

Response headers

date: Fri, 14 Oct 2022 13:25:54 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: text/html
access-control-allow-origin: https://img.scupio.com
cache-control: private
access-control-allow-credentials: true

GET
H/1.1 204
No Content header Show response
hb.aralego.com/ Frame 0B7F 0
176 B 449ms
109ms XHR
text/plain 192.96.200.41
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-9A2A7263E9EB6DA9F4EB86E487B8648A&tdid=&schain=1.0%2C1!scupio.com%2C4808%2C1%2C%2C%2C&eids=&pubcid=af324b2b-4e07-48b3-8f85-2ec441175b8e&u=https%3A%2F%2Freurl.cc%2FXV1QXD&host=reurl.cc&xr=0&ao=https%3A%2F%2Freurl.cc&ucfUid=d851261e-2e70-48b8-a94e-f01e584e3761&w=970&h=250
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.200.41 Gaithersburg, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://img.scupio.com
Date: Fri, 14 Oct 2022 13:25:54 GMT
Access-Control-Allow-Credentials: true
Connection: close

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame 0B7F 0
176 B 564ms
181ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Fri, 14 Oct 2022 13:25:55 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H3 200 / Show response
www.facebook.com/pages/call_to_action/fetch_dialog_data/ Frame 5695 914 B
562 B 75ms
52ms XHR
application/x-javascript 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/pages/call_to_action/fetch_dialog_data/?id=136500184423162&surface=pagePlugin&unit_type=VIEWER

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iAxA4/yx/l/de_DE/I52F_owkvX4.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e78318eb187448f7648760643d7f71d232fe6976d5e67d2b00d14781373fb039

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-FB-LSD: gXKakxQyrgyDFAnhhSJKCa
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 14 Oct 2022 13:25:54 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: FkuhcHnHCTNLVy5SaOiVI2QBSHAIxGGXee+SROGvPYmoBxWzOtDANZnT0vy4ti5eWUakKBLQ1IS90UN+3Q2hNg==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
access-control-allow-methods: OPTIONS
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin, Accept-Encoding
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET /
www.facebook.com/platform/plugin/tab/renderer/ Frame 5695 0
0

POST
H3 200 / Show response
www.facebook.com/platform/plugin/page/logging/ Frame 5695 914 B
556 B 71ms
56ms XHR
application/x-javascript 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/platform/plugin/page/logging/

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iAxA4/yx/l/de_DE/I52F_owkvX4.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3b68ec3a198c29960b8ca0e6e88b60b98ea27741f1858b0f9a55076fa14e1719

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-FB-LSD: gXKakxQyrgyDFAnhhSJKCa
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 14 Oct 2022 13:25:54 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: GR5CgPyQLmTLAJkbd+h1NFF7ZY7O6G1I63XM6Ibs8G2uvpgi1uGqYKds4TDARCpnd+HEUHoswsW8ua4Yoo4JPg==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
access-control-allow-methods: OPTIONS
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin, Accept-Encoding
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 ksSG7BCGzVy.png
static.xx.fbcdn.net/rsrc.php/v3/y0/r/ Frame 5695 12 KB
12 KB 20ms
19ms Image
image/png 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y0/r/ksSG7BCGzVy.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yo/l/0,cross/SXPfxAVa0rJ.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

55e8c619d20bc3f1a22efd0fec83dba0d8bd9e898f0d5847eaff094f0887fad3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yo/l/0,cross/SXPfxAVa0rJ.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:54 GMT
x-content-type-options: nosniff
content-md5: uyn8DKg02tdFYyt7qV6IBg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 12111
x-fb-rlafr: 0
x-fb-debug: sUPEE+rlfebhAiJ9uaVh9h1TaDxgAwdJZf5676yj2GO4qxOi78tV2GoDmyv6kp4zP/84cT1JvM5JkmoODwUG8g==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sun, 01 Oct 2023 03:51:41 GMT

GET
H3 200 xgVgalBG80z.png
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ Frame 5695 1 KB
1 KB 20ms
20ms Image
image/png 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/xgVgalBG80z.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yr/l/0,cross/c0CCYp5loCt.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yr/l/0,cross/c0CCYp5loCt.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:54 GMT
x-content-type-options: nosniff
content-md5: rB4cTW8WNZcBsFntToJGtA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1315
x-fb-rlafr: 0
x-fb-debug: 2VoW4Jyyauh4PRXwJ536tFM6R5jLwYue8G6X+tj0Nd48/7NHVpXSL+2VP1FOY2LtXRSBQOq21VE94lIzUYYfAQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Wed, 04 Oct 2023 00:39:46 GMT

POST
H2 204 prebid.aspx Show response
prebid.scupio.com/recweb/ Frame A822 0
27 B 1481ms
894ms XHR
text/html 210.59.219.181
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.scupio.com/recweb/prebid.aspx?cb=0.7446422004161966
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 210.59.219.181 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 14 Oct 2022 13:25:54 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: text/html
access-control-allow-origin: https://reurl.cc
cache-control: private
access-control-allow-credentials: true

POST
H2 204 prebid.aspx Show response
prebid.scupio.com/recweb/ Frame 2A27 0
40 B 1480ms
893ms XHR
text/html 210.59.219.181
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.scupio.com/recweb/prebid.aspx?cb=0.8935157362783521
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 210.59.219.181 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 14 Oct 2022 13:25:54 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: text/html
access-control-allow-origin: https://reurl.cc
cache-control: private
access-control-allow-credentials: true

POST
H2 204 prebid.aspx Show response
prebid.scupio.com/recweb/ Frame 2A27 0
27 B 1481ms
894ms XHR
text/html 210.59.219.181
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.scupio.com/recweb/prebid.aspx?cb=0.978205138651177
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 210.59.219.181 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 14 Oct 2022 13:25:54 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: text/html
access-control-allow-origin: https://reurl.cc
cache-control: private
access-control-allow-credentials: true

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame A822
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=VoeMhKlHALSpJYcmY2NJYw

2 B
19 B

292ms
292ms

XHR
application/json

34.96.119.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=VoeMhKlHALSpJYcmY2NJYw
Requested by: Host: reurl.cc
URL: https://reurl.cc/XV1QXD
Protocol: H3
Server: 34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:56 GMT
via: 1.1 google
server: nginx/1.19.0
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Fri, 14 Oct 2022 13:25:55 GMT
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=VoeMhKlHALSpJYcmY2NJYw
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame 72CA 0
170 B 525ms
182ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://reurl.cc
date: Fri, 14 Oct 2022 13:25:55 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame 2A27 0
170 B 704ms
361ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://reurl.cc
date: Fri, 14 Oct 2022 13:25:55 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame 2A27
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=7lSURMwuCeq7YLSdY2NJYw

2 B
19 B

292ms
292ms

XHR
application/json

34.96.119.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=7lSURMwuCeq7YLSdY2NJYw
Requested by: Host: reurl.cc
URL: https://reurl.cc/XV1QXD
Protocol: H3
Server: 34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:56 GMT
via: 1.1 google
server: nginx/1.19.0
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Fri, 14 Oct 2022 13:25:55 GMT
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=7lSURMwuCeq7YLSdY2NJYw
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame A822 0
170 B 704ms
361ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://reurl.cc
date: Fri, 14 Oct 2022 13:25:55 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 2A27 177 B
423 B 156ms
57ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=131&profileId=184&cb=82747867970

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

1e3d72c653891925bf5809aa7714d93d01ad695d42962f467af70d90e2338534

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 14 Oct 2022 13:25:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 161

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 2A27 177 B
426 B 155ms
56ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=131&profileId=184&cb=18557546919

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

19ae2c9a18d128b94b61e26921bbf6a7b188a2c3c3bd9b8db30eb397f197528a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 14 Oct 2022 13:25:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 164

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame A822 177 B
425 B 102ms
32ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=131&profileId=184&cb=79999095677

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

9cbcbc603a78025bcfe3e5c97f97cdc6d30d7db64df510f9ecae5b954cbbb843

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 14 Oct 2022 13:25:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 163

GET
H3 200 OZcLupMIkEN.js Show response
static.xx.fbcdn.net/rsrc.php/v3/ya/r/ Frame 5695 279 B
243 B 20ms
20ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/OZcLupMIkEN.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yo/r/9csz9isadFR.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

16089cad50034af52ebca1e2e7c310f76b4b6f625b89ad07d5b59ff377f332b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:54 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: QusOzUJEj2HVYgmawONobw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 189
x-fb-rlafr: 0
x-fb-debug: zxGw8Lh4DvPFpqnRUAei3PxuPAxDgSgpxCet9/W66VM7VhgWvge7uThtldZTOyw3+I2/WM+JwGbrXv4k4DJIMw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 12 Oct 2023 21:44:33 GMT

GET
H2 200 landing.php Show response
fp.holmesmind.com/ Frame 47A8 0
249 B 339ms
290ms Document
text/html 34.117.219.39
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=7193-QV3R0XgoyAyZJrPlKl5h506D7DaARwJO&CFFPCKUUID=2947-EryvUQXQT8deUslXm2d9wazBXT7vcMIf&url=https%3A%2F%2Freurl.cc%2FXV1QXD&maindomain=reurl.cc
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.219.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 39.219.117.34.bc.googleusercontent.com
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: x-requested-with,content-type
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 14 Oct 2022 13:25:54 GMT
server: nginx/1.20.0
vary: Accept-Encoding
via: 1.1 google

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 72CA 5 KB
2 KB 1283ms
311ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:55 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Mon, 25 Jul 2022 06:51:32 GMT
server: nginx
etag: W/"62de3d74-134a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Fri, 14 Oct 2022 13:35:55 GMT

GET
H2 200 landing.php Show response
fp.holmesmind.com/ Frame 771B 0
82 B 338ms
292ms Document
text/html 34.117.219.39
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=7193-QV3R0XgoyAyZJrPlKl5h506D7DaARwJO&CFFPCKUUID=2947-EryvUQXQT8deUslXm2d9wazBXT7vcMIf&url=https%3A%2F%2Freurl.cc%2FXV1QXD&maindomain=reurl.cc
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.219.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 39.219.117.34.bc.googleusercontent.com
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: x-requested-with,content-type
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 14 Oct 2022 13:25:54 GMT
server: nginx/1.20.0
vary: Accept-Encoding
via: 1.1 google

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 2A27 5 KB
2 KB 1279ms
310ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:55 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Mon, 25 Jul 2022 06:51:32 GMT
server: nginx
etag: W/"62de3d74-134a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Fri, 14 Oct 2022 13:35:55 GMT

GET
H2 200 landing.php Show response
fp.holmesmind.com/ Frame B8C5 0
82 B 334ms
291ms Document
text/html 34.117.219.39
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=7193-QV3R0XgoyAyZJrPlKl5h506D7DaARwJO&CFFPCKUUID=2947-EryvUQXQT8deUslXm2d9wazBXT7vcMIf&url=https%3A%2F%2Freurl.cc%2FXV1QXD&maindomain=reurl.cc
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.219.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 39.219.117.34.bc.googleusercontent.com
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: x-requested-with,content-type
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 14 Oct 2022 13:25:54 GMT
server: nginx/1.20.0
vary: Accept-Encoding
via: 1.1 google

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame A822 5 KB
2 KB 1566ms
600ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:55 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Mon, 25 Jul 2022 06:51:32 GMT
server: nginx
etag: W/"62de3d74-134a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Fri, 14 Oct 2022 13:35:55 GMT

GET /
www.facebook.com/login/ Frame 5695 0
0

GET
H3 200 /
www.facebook.com/login/ Frame 5695 0
0 82ms
82ms Document
text/html 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FCreditCards.com.tw%252F%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yo/r/9csz9isadFR.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 14 Oct 2022 13:25:54 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=3,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: SrecyuFtzVELm2H8mkdRO5SjiKJXREeofgmfNa+LM6JFOUXmgWR8HxCUvrwx9MnQyVEUewdQx/nnzRwp0VDCaw==
x-frame-options: DENY
x-xss-protection: 0

POST
H2 204 events
bidder.criteo.com/csm/ Frame A822 0
209 B 27ms
27ms Ping
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 14 Oct 2022 13:25:54 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ Frame FF4D 290 B
477 B 303ms
56ms Script
application/javascript 212.82.100.146
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?locale=en_US&agentVersion=205&adTrackingEnabled=true&adUnitCode=64d289b9-de9a-443b-a2c0-d45680807e46&apiKey=M2G62KV2NBNXKBPVHWQN&usp=&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Freurl.cc%2FXV1QXD&caps=16&cb=jsonpCallback0

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

212.82.100.146 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

media-router-flurry71.prod.media.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

f7a8e9ba173126956cea416f7d8039002d47e39abd29f782ac164884ed216c5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8

GET
H2 200 b
geo.yahoo.com/ Frame FF4D 43 B
446 B 438ms
56ms Image
image/gif 2a00:1288:110:c204::b000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://geo.yahoo.com/b?t=xhkd7&9sdk8454

Requested by

Host: reurl.cc
URL: https://reurl.cc/XV1QXD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 13:25:55 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 1
content-length: 43

POST
H2 204 events
bidder.criteo.com/csm/ Frame 2A27 0
209 B 28ms
28ms Ping
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 14 Oct 2022 13:25:53 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H2 204 events
bidder.criteo.com/csm/ Frame 2A27 0
209 B 27ms
27ms Ping
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 14 Oct 2022 13:25:54 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 1665749949-306c2a06215a64f94353426554122697-840x525.jpg
img.gbyhn.com.tw/2022/10/ 110 KB
111 KB 130ms
51ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gbyhn.com.tw/2022/10/1665749949-306c2a06215a64f94353426554122697-840x525.jpg
Requested by: Host: reurl.cc
URL: https://reurl.cc/XV1QXD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c5c8e621675cc15aacc7e1840199ce84bd380905aea2855e588c3f4909977cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 29
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 112517
last-modified: Fri, 14 Oct 2022 12:19:10 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=433D8%2BYZXVixzYx5v48UsZW7k%2FQsnJ3VT51MpOAYCCsdbQv1QT8OSuEL5hSDfFSGrL7v0oQuY%2FmC%2BY7Wdi2SCmvyBlENVVieHQnzmUmu8OU%2FycIAXjdzG8WG%2F0zzJUbTTgmLm90QSplHfMAqEEgx"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 75a0a4cb4f1d9bc4-FRA
expires: Fri, 21 Oct 2022 12:22:17 GMT

GET
H2 200 image_1.jpg
mma.prnasia.com/media2/1920597/ 63 KB
63 KB 294ms
72ms Image
image/jpeg 2606:4700::6810:fc04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mma.prnasia.com/media2/1920597/image_1.jpg?p=medium600
Requested by: Host: reurl.cc
URL: https://reurl.cc/XV1QXD
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:fc04 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 2be2e25d143f6cc1a0c8ce24e587d41e6c9dc471bc529df34cf7f15a365faec4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:55 GMT
cf-cache-status: HIT
age: 7749
x-powered-by: ASP.NET
server-timing: intid;desc=9589ca4f45453632
content-length: 64110
cf-bgj: h2pri
last-modified: Fri, 14 Oct 2022 11:15:58 GMT
server: cloudflare
vary: *, Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
cf-ray: 75a0a4cc3eea90fe-FRA
access-control-allow-headers: Content-Type
expires: Fri, 14 Oct 2022 11:15:59 GMT

GET
H2 200 img_9583-scaled.jpg
i0.wp.com/golike.tw/wp-content/uploads/2022/09/ 109 KB
109 KB 92ms
19ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/golike.tw/wp-content/uploads/2022/09/img_9583-scaled.jpg?fit=2560%2C1920&ssl=1

Requested by

Host: reurl.cc
URL: https://reurl.cc/XV1QXD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

116c47f47c23ab25ee2a2d95f8f03b295de00fd4b2d1d88164474e7a63733b0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

x-nc: HIT hhn 3
date: Fri, 14 Oct 2022 13:25:55 GMT
x-content-type-options: nosniff
last-modified: Fri, 14 Oct 2022 10:58:18 GMT
server: nginx
etag: "074bbbf8e63c4c14"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://golike.tw/wp-content/uploads/2022/09/img_9583-scaled.jpg>; rel="canonical"
content-length: 111222
expires: Sun, 13 Oct 2024 22:58:18 GMT

GET
H2 200 %E6%97%85%E9%81%8A%E6%8A%98%E6%89%A3-KLOOK-kkday-%E6%8E%A8%E8%96%A6%E5%84%AA%E6%83%A0%E4%BF%A1%E7%94%A8%E5%8D%A1-1080x630.jpg
creditcards.com.tw/wp-content/uploads/2019/12/ 136 KB
136 KB 258ms
210ms Image
image/jpeg 192.0.78.244
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://creditcards.com.tw/wp-content/uploads/2019/12/%E6%97%85%E9%81%8A%E6%8A%98%E6%89%A3-KLOOK-kkday-%E6%8E%A8%E8%96%A6%E5%84%AA%E6%83%A0%E4%BF%A1%E7%94%A8%E5%8D%A1-1080x630.jpg

Requested by

Host: reurl.cc
URL: https://reurl.cc/XV1QXD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.244 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

60358587de5fb1bd7a36b3ac882aca4e84279ce113f7764a31f097cda568bdbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:55 GMT
strict-transport-security: max-age=31536000
x-ac: 2.hhn _atomic_ams BYPASS
last-modified: Mon, 22 Jun 2020 07:22:21 GMT
server: nginx
etag: "5ef05c2d-21e6d"
content-type: image/jpeg
accept-ranges: bytes
content-length: 138861

GET
H2 200 %E5%B0%81%E9%9D%A2%E5%9C%96%E8%A8%AD%E8%A8%88%EF%BC%9A%E4%B8%BB%E7%B6%B2%E4%B8%8A%E7%B7%9A%E5%9B%B0%E9%9B%A3%E9%87%8D%E9%87%8D%EF%BC%8CETHW%E8%B7%AF%E5%9C%A8%E4%BD%95%E6%96%B9%EF%BC%9F-2-750x375.jpg
www.rayskyinvest.com/wp-content/uploads/2022/10/ 61 KB
61 KB 139ms
39ms Image
image/jpeg 35.242.224.42
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rayskyinvest.com/wp-content/uploads/2022/10/%E5%B0%81%E9%9D%A2%E5%9C%96%E8%A8%AD%E8%A8%88%EF%BC%9A%E4%B8%BB%E7%B6%B2%E4%B8%8A%E7%B7%9A%E5%9B%B0%E9%9B%A3%E9%87%8D%E9%87%8D%EF%BC%8CETHW%E8%B7%AF%E5%9C%A8%E4%BD%95%E6%96%B9%EF%BC%9F-2-750x375.jpg
Requested by: Host: reurl.cc
URL: https://reurl.cc/XV1QXD
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.242.224.42 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 42.224.242.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 0f1a89ef64a5d0ffe85da9182cf068683678f5a37aebf6fad9a638ec73a98d50

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

x-proxy-cache: HIT
date: Fri, 14 Oct 2022 13:25:55 GMT
expires: Sat, 14 Oct 2023 04:14:11 GMT
last-modified: Fri, 14 Oct 2022 03:12:05 GMT
server: nginx
etag: "6348d385-f3c5"
content-type: image/jpeg
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 62405
x-cdn-c: static
x-sg-cdn: 1

GET
H2 200 2022101401410863.jpg
img.racingcharger.tw/wp-content/uploads/ 434 KB
435 KB 361ms
32ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.racingcharger.tw/wp-content/uploads/2022101401410863.jpg
Requested by: Host: reurl.cc
URL: https://reurl.cc/XV1QXD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3767d3fcc403ab0f4d4fffbe0ab115077b2416dc640c25e6e4751550a9dae2df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:55 GMT
cf-cache-status: HIT
last-modified: Fri, 14 Oct 2022 01:41:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3914
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WUWYr%2B4qjkK1uCf4bU7OpNsvZocWlyw0XgLja8BJ%2FDSAmiCtuAOKLTS70d3nWoiG8sorG649Vppx%2FNxpBpCkWguQP%2FFod3Faf9wQNQ6wOOWiKw8vJBMUH9QKo1XMlJd8HtLFFFm1YdoyjxBykSA8oOsQQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 75a0a4ccdf25902e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 444138

GET
H2 200 file.png
static.wixstatic.com/media/08c74d_e8861568593b4c8485dd592e1ec6aa4e~mv2.jpg/v1/fit/w_1000,h_720,al_c,q_80/ 1 MB
1 MB 72ms
25ms Image
image/png 34.102.176.152
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.wixstatic.com/media/08c74d_e8861568593b4c8485dd592e1ec6aa4e~mv2.jpg/v1/fit/w_1000,h_720,al_c,q_80/file.png
Requested by: Host: reurl.cc
URL: https://reurl.cc/XV1QXD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.176.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 152.176.102.34.bc.googleusercontent.com
Software: openresty/1.21.4.1 /
Resource Hash: 23b56d8e72e99dcdb222d8a27949b10a2c4c9cefdfd6eed21373f10b62599183

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Wed, 12 Oct 2022 12:03:35 GMT
via: 1.1 google
server: openresty/1.21.4.1
age: 177740
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1466146
wix-tracer: 2G2AHA7zjnvUIZimq4CWo1BfJ5m
x-seen-by: image-manipulator-5cdc794f79-g6wlf

GET
H2 200 %E4%BF%A1%E7%94%A8%E8%B2%B8%E6%AC%BE%E5%8F%AF%E4%BB%A5%E6%8F%90%E6%97%A9%E9%82%84%E6%AC%BE%E5%97%8E%EF%BC%9F%E6%8F%90%E6%97%A9%E9%82%84%E6%AC%BE%E7%AB%9F%E7%84%B6%E8%A6%81%E4%BB%98%E9%81%95%E7%B4%8...
blog.alphaloan.co/wp-content/uploads/2022/10/ 133 KB
133 KB 220ms
157ms Image
image/jpeg 192.0.78.236
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.alphaloan.co/wp-content/uploads/2022/10/%E4%BF%A1%E7%94%A8%E8%B2%B8%E6%AC%BE%E5%8F%AF%E4%BB%A5%E6%8F%90%E6%97%A9%E9%82%84%E6%AC%BE%E5%97%8E%EF%BC%9F%E6%8F%90%E6%97%A9%E9%82%84%E6%AC%BE%E7%AB%9F%E7%84%B6%E8%A6%81%E4%BB%98%E9%81%95%E7%B4%84%E9%87%91%EF%BC%9F%E5%85%8D%E4%BB%98%E9%81%95%E7%B4%84%E9%87%91%E6%8F%90%E6%97%A9%E9%82%84%E6%AC%BE%E6%96%B9%E5%BC%8F%E5%A4%A7%E5%85%AC%E9%96%8B%EF%BC%81.jpg

Requested by

Host: reurl.cc
URL: https://reurl.cc/XV1QXD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.236 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

b3105908d85e5136b409669ee0615fcd3b289a8cef67dc3e2fd77fe7481775e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:55 GMT
strict-transport-security: max-age=31536000
x-ac: 2.hhn _atomic_ams BYPASS
last-modified: Mon, 03 Oct 2022 04:45:24 GMT
server: nginx
etag: "633a68e4-213ff"
access-control-allow-methods: GET, HEAD
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 136191
expires: Fri, 21 Oct 2022 13:25:55 GMT

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame 2A27
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=-xbngQo-DUi8WNX6Y2NJYw

2 B
19 B

294ms
294ms

XHR
application/json

34.96.119.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=-xbngQo-DUi8WNX6Y2NJYw
Requested by: Host: reurl.cc
URL: https://reurl.cc/XV1QXD
Protocol: H3
Server: 34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:56 GMT
via: 1.1 google
server: nginx/1.19.0
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Fri, 14 Oct 2022 13:25:55 GMT
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=-xbngQo-DUi8WNX6Y2NJYw
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame 2A27
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=0RE18tkCB3SdqF1KZGNJYw

2 B
19 B

291ms
291ms

XHR
application/json

34.96.119.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=0RE18tkCB3SdqF1KZGNJYw
Requested by: Host: reurl.cc
URL: https://reurl.cc/XV1QXD
Protocol: H3
Server: 34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:56 GMT
via: 1.1 google
server: nginx/1.19.0
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Fri, 14 Oct 2022 13:25:56 GMT
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=0RE18tkCB3SdqF1KZGNJYw
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame 2A27
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=UE-5McR5Bvq8NDxmY2NJYw

2 B
19 B

293ms
292ms

XHR
application/json

34.96.119.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=UE-5McR5Bvq8NDxmY2NJYw
Requested by: Host: reurl.cc
URL: https://reurl.cc/XV1QXD
Protocol: H3
Server: 34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:56 GMT
via: 1.1 google
server: nginx/1.19.0
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Fri, 14 Oct 2022 13:25:55 GMT
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=UE-5McR5Bvq8NDxmY2NJYw
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame A822
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=ggHuLeehBw-qzVGmZGNJYw

2 B
19 B

292ms
292ms

XHR
application/json

34.96.119.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=ggHuLeehBw-qzVGmZGNJYw
Requested by: Host: reurl.cc
URL: https://reurl.cc/XV1QXD
Protocol: H3
Server: 34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:56 GMT
via: 1.1 google
server: nginx/1.19.0
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Fri, 14 Oct 2022 13:25:56 GMT
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=ggHuLeehBw-qzVGmZGNJYw
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

GET
H2 200 adsbyscupio.js Show response
img.scupio.com/js/ Frame 7403 4 KB
2 KB 32ms
32ms Script
application/javascript 13.32.110.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/adsbyscupio.js?v=1.0.2
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-16.vie50.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: d7fc505653c3573f9bccca93a33e2ed14bd8b4586bdeca9180225dab01f1bbbe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.scupio.com/html/ad.html?v=1.0.65
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:24:25 GMT
content-encoding: gzip
via: 1.1 3cf68d8be617999c7beade955cf69ddc.cloudfront.net (CloudFront)
last-modified: Mon, 19 Apr 2021 03:30:31 GMT
server: nginx/1.12.1
x-amz-cf-pop: VIE50-C2
age: 172
etag: W/"607cf957-11ab"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=10800
x-amz-cf-id: NkXE8QcwiKJrzkQqY_MaGrDmYo-7Bf7miFJoHDQ8c9W134eAQu4dzQ==
expires: Fri, 14 Oct 2022 16:23:03 GMT

POST
H/1.1 200
OK bidinfo.aspx Show response
bw.scupio.com/adpinline/ Frame 2E79 2 KB
2 KB 1586ms
335ms XHR
application/javascript 210.59.219.180
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://bw.scupio.com/adpinline/bidinfo.aspx?cb=0.14601966974144887
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 210.59.219.180 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 489fd078e6787479e881dd925710764aa78451220d7dd096d3f6071252d4256b

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://img.scupio.com/
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Fri, 14 Oct 2022 13:25:56 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin: https://img.scupio.com
Content-Type: application/javascript; charset=utf-8
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Length: 1479

GET
DATA 200
OK truncated
/ Frame 2E79 762 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ce81ecccefb27ce0f347ef564114da2ba450a9e1d9a7260b4597e62b1f71a72

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Content-Type: image/svg+xml

GET
H2 200 300x250.png
img.scupio.com/img/2011_gym/ Frame 7403 47 KB
48 KB 49ms
49ms Image
image/png 13.32.110.16
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.scupio.com/img/2011_gym/300x250.png
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-16.vie50.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 7684143ee568b9ce13d69133030aa4077efd37eb289bac09d70ba9364f2ae93e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.scupio.com/html/ad.html?v=1.0.65
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:55 GMT
via: 1.1 3cf68d8be617999c7beade955cf69ddc.cloudfront.net (CloudFront)
last-modified: Mon, 19 Apr 2021 03:31:40 GMT
server: nginx/1.12.1
x-amz-cf-pop: VIE50-C2
age: 446
etag: "607cf99c-bcf6"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 48374
x-amz-cf-id: MHY8kBV9b3MlSfrLbOTgFw1_uBq8Q70p4LJQlIBRngLBGFiBsS2msg==
expires: Sat, 14 Oct 2023 13:18:29 GMT

GET
H2 200 drawV2.js Show response
cdn.holmesmind.com/js/ Frame 72CA 10 KB
10 KB 24ms
23ms Script
application/javascript 2600:9000:206f:8e00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/drawV2.js
Requested by: Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13856&rf=https%3A%2F%2Freurl.cc%2FXV1QXD&n=501&o=undefined&d=1&b=undefined&ts=1&ii=3&FPCK=2947-EryvUQXQT8deUslXm2d9wazBXT7vcMIf&initver=210830P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8e00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

x-amz-version-id: null
date: Fri, 14 Oct 2022 13:25:50 GMT
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
last-modified: Fri, 16 Oct 2020 09:58:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 59
etag: "84d8b1a745228113e60f5e62f0eff6d3"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 10359
x-amz-cf-id: Hr8xeKt8yeFxqTjlfI3daHPDf_2jbm_57oYvhYqYgkcGgBcjR4lJ1A==

GET
H2 200 drawV2.js Show response
cdn.holmesmind.com/js/ Frame A822 10 KB
10 KB 25ms
25ms Script
application/javascript 2600:9000:206f:8e00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/drawV2.js
Requested by: Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13848&rf=https%3A%2F%2Freurl.cc%2FXV1QXD&n=652&o=undefined&d=1&b=undefined&ts=1&ii=3&FPCK=2947-EryvUQXQT8deUslXm2d9wazBXT7vcMIf&initver=210830P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8e00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

x-amz-version-id: null
date: Fri, 14 Oct 2022 13:25:50 GMT
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
last-modified: Fri, 16 Oct 2020 09:58:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 59
etag: "84d8b1a745228113e60f5e62f0eff6d3"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 10359
x-amz-cf-id: FgSCY8op2zhC_U38x3giQryeiIwxpkeOkuNWI0ISBkOfrwNIFgglbw==

GET
H2 200 / Show response
t.ssp.hinet.net/ 37 B
402 B 294ms
294ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

b89712ce908492f885d992e366c8c6e35226ba731849c31526bb6450cbabaf70

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:56 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame 163A 37 B
409 B 295ms
295ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

4083c413a545b161f44afea82b2273e4ea87086049c6fe33fea6e0e53cb1d782

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:56 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame 2A27 37 B
402 B 296ms
295ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

b234c6bfe9d63a346aed4bfbd378b08da6b116177443a3f1d9a9392c80451c21

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:56 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame 72CA 37 B
401 B 294ms
294ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

6787964c8351ae79de972d6416a4fd1979176942cfaff0db7077355fbcb33f79

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:56 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 adsbyscupio.js Show response
img.scupio.com/js/ Frame 279A 4 KB
2 KB 31ms
30ms Script
application/javascript 13.32.110.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/adsbyscupio.js?v=1.0.2
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-16.vie50.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: d7fc505653c3573f9bccca93a33e2ed14bd8b4586bdeca9180225dab01f1bbbe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.scupio.com/html/ad.html?v=1.0.65
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:24:25 GMT
content-encoding: gzip
via: 1.1 3cf68d8be617999c7beade955cf69ddc.cloudfront.net (CloudFront)
last-modified: Mon, 19 Apr 2021 03:30:31 GMT
server: nginx/1.12.1
x-amz-cf-pop: VIE50-C2
age: 173
etag: W/"607cf957-11ab"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=10800
x-amz-cf-id: Mpl6w8HrmcPnzhxOOM7x2AgVI4Ivz854DCAEA-ZMeZ6isQyyeqI5lg==
expires: Fri, 14 Oct 2022 16:23:03 GMT

POST
H/1.1 200
OK bidinfo.aspx Show response
bw.scupio.com/adpinline/ Frame 0B7F 3 KB
3 KB 1185ms
305ms XHR
application/javascript 210.59.219.180
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://bw.scupio.com/adpinline/bidinfo.aspx?cb=0.012350269080405374
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 210.59.219.180 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 07c45a609a459f5b5c1f27957d07dfbe043f5da3aad484fe991083cfe7c41f0b

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://img.scupio.com/
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Fri, 14 Oct 2022 13:25:57 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin: https://img.scupio.com
Content-Type: application/javascript; charset=utf-8
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Length: 1611

GET
DATA 200
OK truncated
/ Frame 0B7F 762 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ce81ecccefb27ce0f347ef564114da2ba450a9e1d9a7260b4597e62b1f71a72

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Content-Type: image/svg+xml

GET
H2 200 970x250.png
img.scupio.com/img/2011_gym/ Frame 279A 86 KB
86 KB 90ms
90ms Image
image/png 13.32.110.16
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.scupio.com/img/2011_gym/970x250.png
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-16.vie50.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 5c4e555f2cdb1d2c4bc4bd48cf25afb9944c1faed58be0725a8222e9fe2dd67e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.scupio.com/html/ad.html?v=1.0.65
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 12:30:45 GMT
via: 1.1 3cf68d8be617999c7beade955cf69ddc.cloudfront.net (CloudFront)
last-modified: Mon, 19 Apr 2021 03:31:40 GMT
server: nginx/1.12.1
x-amz-cf-pop: VIE50-C2
age: 3311
etag: "607cf99c-156c7"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 87751
x-amz-cf-id: cnO0l9UoCD1SeJjg8RRWQ8IBCD2Jb_lTsUkF9-uuhrtmaCZ-v26xUA==
expires: Sat, 14 Oct 2023 12:30:45 GMT

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame 2E79 87 KB
28 KB 32ms
32ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.scupio.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 15 Oct 2022 13:25:56 GMT

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame 0B7F 87 KB
28 KB 30ms
29ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.scupio.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 15 Oct 2022 13:25:56 GMT

GET
H2 200 init.js Show response
cdn.holmesmind.com/js/ Frame 9043 6 KB
7 KB 20ms
20ms Script
application/javascript 2600:9000:206f:8e00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/init.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/XV1QXD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8e00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

x-amz-version-id: UdwMmUAM2dmZqopCO7YOeMhqjXQRxqvB
date: Fri, 14 Oct 2022 13:25:54 GMT
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
last-modified: Fri, 04 Mar 2022 10:10:49 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 4
etag: "439e160b698f1ec2efb45c3b6cd6b265"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 6552
x-amz-cf-id: -PiFCIIPo7T4mdObYYNuQ100n8g2c4GThAZKOyShwIUWBcTFPm5nCw==

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 2D4B 2 KB
1 KB 86ms
29ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

de4074357122f6dcee51fb5b3b39d3ad99a460316bd2f9f0a477faf0c1bc3135

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://img.scupio.com/
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=0
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 13:25:55 GMT
server: Kestrel
server-processing-duration-in-ticks: 568980
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 2E79 88 KB
29 KB 114ms
56ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b39c934479cfe0991a6eea4f9a0597eebea9da311d8ca1aebffd48fef946b5b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.scupio.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Sat, 01 Oct 2022 02:55:29 GMT
server: nginx
etag: W/"6337ac21-161a8"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 15 Oct 2022 13:25:56 GMT

GET
H2 200 init.js Show response
cdn.holmesmind.com/js/ Frame EF8E 6 KB
7 KB 20ms
20ms Script
application/javascript 2600:9000:206f:8e00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/init.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/XV1QXD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8e00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

x-amz-version-id: UdwMmUAM2dmZqopCO7YOeMhqjXQRxqvB
date: Fri, 14 Oct 2022 13:25:54 GMT
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
last-modified: Fri, 04 Mar 2022 10:10:49 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 4
etag: "439e160b698f1ec2efb45c3b6cd6b265"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 6552
x-amz-cf-id: GWykN14DQgpOjcivaD2ZDWfJ6JtPdSiKre9xZrdBqE8zimA_Q5Sm0w==

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame BD3B 2 KB
1 KB 66ms
28ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

de4074357122f6dcee51fb5b3b39d3ad99a460316bd2f9f0a477faf0c1bc3135

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://img.scupio.com/
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=0
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 13:25:55 GMT
server: Kestrel
server-processing-duration-in-ticks: 545713
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 0B7F 88 KB
29 KB 102ms
64ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b39c934479cfe0991a6eea4f9a0597eebea9da311d8ca1aebffd48fef946b5b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.scupio.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Sat, 01 Oct 2022 02:55:29 GMT
server: nginx
etag: W/"6337ac21-161a8"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 15 Oct 2022 13:25:56 GMT

GET
H2 200 capmapping.htm Show response
cdn.holmesmind.com/js/ Frame AD44 5 KB
5 KB 21ms
21ms Document
text/html 2600:9000:206f:8e00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/capmapping.htm
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8e00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cc37fba2e98f49c4d9551f72176d3aff72eacd798e5e85436837847e6b967c36

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 25
content-length: 4730
content-type: text/html
date: Fri, 14 Oct 2022 13:25:38 GMT
etag: "c36f5eb091d6195fe8b68f3b263f999b"
last-modified: Mon, 22 Aug 2022 03:00:17 GMT
server: AmazonS3
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
x-amz-cf-id: 6jhR0UlTujRmbk4MRPdGXh-6Z5J-0Vc-pGgZh-0m4H0eWLfKtE9-Cw==
x-amz-cf-pop: FRA56-C1
x-amz-version-id: 9jVaRQ2pP3sbT47ouwg8zArcPp2ddVmt
x-cache: Hit from cloudfront

GET
H2 200 edmp_init.js Show response
cdn.holmesmind.com/js/ Frame 9043 662 B
1003 B 21ms
20ms Script
application/javascript 2600:9000:206f:8e00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/edmp_init.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8e00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

x-amz-version-id: null
date: Fri, 14 Oct 2022 13:25:54 GMT
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
last-modified: Fri, 12 Mar 2021 02:45:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 3
etag: "f58f8a90686f8ffb3325107e8a788b71"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 662
x-amz-cf-id: k38sp9u2yApJmo3CMvsZKIlnKt9YGwLQN5t3jrriXOUWllkEJFO20w==

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame 0FD7 9 KB
10 KB 22ms
22ms Script
application/javascript 2600:9000:206f:8e00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8e00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 83a37c9bbe8dae0a71e95a0e6401bd5d9576a2b0e35295e640c2d807f9b4424e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

x-amz-version-id: QFAcVwN57aO_RWKPah9bVgfaw1eby0J0
date: Fri, 14 Oct 2022 13:25:54 GMT
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
last-modified: Mon, 22 Aug 2022 03:00:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 4
etag: "ddf163a3d8381378b3e35e39339ad7ab"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 9530
x-amz-cf-id: xhrvJub7i5n0Y7yKHPca-Z3zuJ6qEh7iGIaXntpaiG_rOHkVgUtkrg==

GET
H2 200 capmapping.htm Show response
cdn.holmesmind.com/js/ Frame 4364 5 KB
5 KB 21ms
21ms Document
text/html 2600:9000:206f:8e00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/capmapping.htm
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8e00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cc37fba2e98f49c4d9551f72176d3aff72eacd798e5e85436837847e6b967c36

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 25
content-length: 4730
content-type: text/html
date: Fri, 14 Oct 2022 13:25:38 GMT
etag: "c36f5eb091d6195fe8b68f3b263f999b"
last-modified: Mon, 22 Aug 2022 03:00:17 GMT
server: AmazonS3
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
x-amz-cf-id: HhcuPX2RcJY8lpsJNXmATaaHoghEtunnzaCwa4HBVg8j0Ia8V8Zqsg==
x-amz-cf-pop: FRA56-C1
x-amz-version-id: 9jVaRQ2pP3sbT47ouwg8zArcPp2ddVmt
x-cache: Hit from cloudfront

GET
H2 200 edmp_init.js Show response
cdn.holmesmind.com/js/ Frame EF8E 662 B
1004 B 21ms
20ms Script
application/javascript 2600:9000:206f:8e00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/edmp_init.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8e00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

x-amz-version-id: null
date: Fri, 14 Oct 2022 13:25:54 GMT
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
last-modified: Fri, 12 Mar 2021 02:45:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 3
etag: "f58f8a90686f8ffb3325107e8a788b71"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 662
x-amz-cf-id: qDFX8Ti-1APcrkcCJrxN-ECgRO0A-zgwDF4uW69FpKjO3dqB9wHYSA==

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame 5A0A 9 KB
10 KB 21ms
21ms Script
application/javascript 2600:9000:206f:8e00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8e00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 83a37c9bbe8dae0a71e95a0e6401bd5d9576a2b0e35295e640c2d807f9b4424e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

x-amz-version-id: QFAcVwN57aO_RWKPah9bVgfaw1eby0J0
date: Fri, 14 Oct 2022 13:25:54 GMT
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
last-modified: Mon, 22 Aug 2022 03:00:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 4
etag: "ddf163a3d8381378b3e35e39339ad7ab"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 9530
x-amz-cf-id: DbdDgTJP7WUMwlNRY-JkKxF56v_EUjsE4lvXPoa7cZGNSxvRhm5Vfg==

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame A822 37 B
402 B 294ms
294ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

4cefb409224d3dd42c55fb05c4e5689a70b00ad5bc88a6935240e0c99cb424a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:56 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 emome2 Show response
t.ssp.hinet.net/ 30 B
271 B 295ms
295ms XHR
application/json 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/emome2?u=49e3a326-56ea-4719-b8f9-28877c3e4c8e

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:56 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 emome2 Show response
t.ssp.hinet.net/ Frame 163A 30 B
278 B 295ms
295ms XHR
application/json 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/emome2?u=7830d078-312d-473a-86c4-6b9e9f597b8e

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:56 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H3 200 cm.php Show response
fcm.holmesmind.com/ Frame 734D 95 B
103 B 163ms
121ms Document
text/html 34.95.67.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fcm.holmesmind.com/cm.php
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.95.67.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.67.95.34.bc.googleusercontent.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: b73e6cb22f3ae22bcbe36217e226c082f813a2a8a7961644093d849bcbd30294

Request headers

Referer: https://cdn.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 86
content-type: text/html; charset=UTF-8
date: Fri, 14 Oct 2022 13:25:56 GMT
server: Apache/2.4.29 (Ubuntu)
vary: Accept-Encoding
via: 1.1 google

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame AD44 5 KB
2 KB 293ms
291ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:56 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Mon, 25 Jul 2022 06:51:32 GMT
server: nginx
etag: W/"62de3d74-134a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Fri, 14 Oct 2022 13:35:56 GMT

GET
H3 200 cm
c.holmesmind.com/ Frame AD44 0
15 B 1192ms
1191ms Image
text/html 35.201.76.93
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:57 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

GET
H2

200

google
m.holmesmind.com/ml/ Frame AD44
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=948814-C76ZXxTOtAM1A9fCVMI5bdAOFC2PypPB&uu_m=undefined
https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm=&cf_uid=948814-C76ZXxTOtAM1A9fCVMI5bdAOFC2PypPB&uu_m=undefined&google_tc=
https://m.holmesmind.com/ml/google?cf_uid=948814-C76ZXxTOtAM1A9fCVMI5bdAOFC2PypPB&uu_m=undefined&google_gid=CAESEHytxRZFk4F8do2r4XEgOHI&google_cver=1

0
469 B

338ms
282ms

Image
image/png

35.227.249.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.holmesmind.com/ml/google?cf_uid=948814-C76ZXxTOtAM1A9fCVMI5bdAOFC2PypPB&uu_m=undefined&google_gid=CAESEHytxRZFk4F8do2r4XEgOHI&google_cver=1
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Server: 35.227.249.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 156.249.227.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:56 GMT
x-guploader-uploadid: ADPycdsdvhCXqfvZD7RBebgcxfP3Tc2DCmmbfxSHQN94nLwI6NN0sdpx9eqvaBv0eIBhnD4Kem_ih3BhVausyck01J9MIJROA70Y
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
last-modified: Wed, 21 Feb 2018 07:36:41 GMT
server: UploadServer
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-goog-generation: 1519198601160228
content-type: image/png
x-goog-hash: crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
cache-control: public, max-age=3600
x-goog-stored-content-length: 0
accept-ranges: bytes
expires: Fri, 14 Oct 2022 14:25:56 GMT

Redirect headers

pragma: no-cache
date: Fri, 14 Oct 2022 13:25:56 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://m.holmesmind.com/ml/google?cf_uid=948814-C76ZXxTOtAM1A9fCVMI5bdAOFC2PypPB&uu_m=undefined&google_gid=CAESEHytxRZFk4F8do2r4XEgOHI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 358
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 emome2 Show response
t.ssp.hinet.net/ Frame 72CA 30 B
271 B 295ms
295ms XHR
application/json 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/emome2?u=49e3a326-56ea-4719-b8f9-28877c3e4c8e

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:56 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 emome2 Show response
t.ssp.hinet.net/ Frame 2A27 30 B
271 B 296ms
296ms XHR
application/json 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/emome2?u=49e3a326-56ea-4719-b8f9-28877c3e4c8e

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:56 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H3 200 cm
c.holmesmind.com/ Frame 4364 0
15 B 1192ms
1191ms Image
text/html 35.201.76.93
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:57 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

GET
H3 200 cm.php Show response
fcm.holmesmind.com/ Frame 1963 95 B
103 B 134ms
122ms Document
text/html 34.95.67.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fcm.holmesmind.com/cm.php
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.95.67.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.67.95.34.bc.googleusercontent.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: b73e6cb22f3ae22bcbe36217e226c082f813a2a8a7961644093d849bcbd30294

Request headers

Referer: https://cdn.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 86
content-type: text/html; charset=UTF-8
date: Fri, 14 Oct 2022 13:25:56 GMT
server: Apache/2.4.29 (Ubuntu)
vary: Accept-Encoding
via: 1.1 google

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 4364 5 KB
2 KB 292ms
291ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:56 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Mon, 25 Jul 2022 06:51:32 GMT
server: nginx
etag: W/"62de3d74-134a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Fri, 14 Oct 2022 13:35:56 GMT

GET
H2

200

google
m.holmesmind.com/ml/ Frame 4364
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=948814-C76ZXxTOtAM1A9fCVMI5bdAOFC2PypPB&uu_m=undefined
https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm=&cf_uid=948814-C76ZXxTOtAM1A9fCVMI5bdAOFC2PypPB&uu_m=undefined&google_tc=
https://m.holmesmind.com/ml/google?cf_uid=948814-C76ZXxTOtAM1A9fCVMI5bdAOFC2PypPB&uu_m=undefined&google_gid=CAESEGomNnM5s0SLmzPfTeaC-jY&google_cver=1

0
160 B

1026ms
969ms

Image
image/png

35.227.249.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.holmesmind.com/ml/google?cf_uid=948814-C76ZXxTOtAM1A9fCVMI5bdAOFC2PypPB&uu_m=undefined&google_gid=CAESEGomNnM5s0SLmzPfTeaC-jY&google_cver=1
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Server: 35.227.249.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 156.249.227.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:57 GMT
x-guploader-uploadid: ADPycdsE3J5bzhokUrWNz4B3UYf-Pyt0ggKi6xsn05bmGb_8XR9iWjh6IGWM0jwv_QFIJOAkYgb9L04UpL2tqh12bUf_2g
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
last-modified: Wed, 21 Feb 2018 07:36:41 GMT
server: UploadServer
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-goog-generation: 1519198601160228
content-type: image/png
x-goog-hash: crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
cache-control: public, max-age=3600
x-goog-stored-content-length: 0
accept-ranges: bytes
expires: Fri, 14 Oct 2022 14:25:57 GMT

Redirect headers

pragma: no-cache
date: Fri, 14 Oct 2022 13:25:56 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://m.holmesmind.com/ml/google?cf_uid=948814-C76ZXxTOtAM1A9fCVMI5bdAOFC2PypPB&uu_m=undefined&google_gid=CAESEGomNnM5s0SLmzPfTeaC-jY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 358
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Preset.js Show response
adcdn.holmesmind.com/adserver/ Frame 0FD7 1 KB
750 B 23ms
23ms Script
text/html 2600:9000:2057:8800:3:1794:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adcdn.holmesmind.com/adserver/Preset.js?z=13857
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8800:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: a7cac69ff4c7b905552b1915305ba548a87acdf6205efe6e5bd1eef0d4700793

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:22:11 GMT
content-encoding: gzip
via: 1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA6-C1
age: 225
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
x-amz-cf-id: QLc3rdhqAsGKewU1M1E_k7l5_0QyysYJReBTm49hTrOiahyUnYG0QQ==

GET
H2 200 Preset.js Show response
adcdn.holmesmind.com/adserver/ Frame 5A0A 1 KB
751 B 23ms
23ms Script
text/html 2600:9000:2057:8800:3:1794:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adcdn.holmesmind.com/adserver/Preset.js?z=13849
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8800:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: a7cac69ff4c7b905552b1915305ba548a87acdf6205efe6e5bd1eef0d4700793

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:22:11 GMT
content-encoding: gzip
via: 1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA6-C1
age: 225
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
x-amz-cf-id: HfjsHAtVoi-Hq8C6BBXBsDo2FjjCA24t4v2J4_bTwpSxVo9qEX8eFw==

GET
H2 200 ads.js Show response
ad.holmesmind.com/adserver/ Frame 0FD7 2 KB
1 KB 292ms
291ms Script
text/html 52.198.19.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/ads.js?z=13857&rf=https%3A%2F%2Freurl.cc%2FXV1QXD&n=313&o=undefined&d=1&b=undefined&ts=1&ii=2&FPCK=2947-EryvUQXQT8deUslXm2d9wazBXT7vcMIf&initver=210830P
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.198.19.32 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-198-19-32.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 57bc1d7bd7bc75c12c5fe637558a2466ea3a65a141ac5ee863644514730cf9cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

access-control-allow-origin: https://reurl.cc
date: Fri, 14 Oct 2022 13:25:56 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 rtbhouseV2.js Show response
cdn.holmesmind.com/js/ Frame 0FD7 3 KB
3 KB 21ms
20ms Script
application/javascript 2600:9000:206f:8e00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8e00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

x-amz-version-id: null
date: Fri, 14 Oct 2022 13:25:49 GMT
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
last-modified: Tue, 04 Aug 2020 09:25:10 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 43
etag: "6a605eea47197fa280f27aaf1fa1521d"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2773
x-amz-cf-id: Yd9Cd7I5xW4QO06wuEUk8W8CFc-nTTQhHuq3s40fXZL2Fav-eld39A==

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame 0FD7 121 KB
40 KB 45ms
44ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

119e37f6f9552a67b6f761070add78e7f93db654027478a7c51e9e34f955b841

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Sat, 01 Oct 2022 02:55:29 GMT
server: nginx
etag: W/"6337ac21-1e358"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 15 Oct 2022 13:25:56 GMT

GET
H2 200 criteoV2.js Show response
cdn.holmesmind.com/js/ Frame 0FD7 2 KB
3 KB 22ms
21ms Script
application/javascript 2600:9000:206f:8e00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/criteoV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8e00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

x-amz-version-id: null
date: Fri, 14 Oct 2022 13:25:49 GMT
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
last-modified: Tue, 04 Aug 2020 09:25:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 43
etag: "e8f33fcb581483ced4a09b3c8e7550e4"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2443
x-amz-cf-id: Cgz2jqhA_V0LH0qWy4DjFDa68wipn53L2y1EGppSo53YyHFxwU8uWg==

GET
H2 200 bridgewellV3.js Show response
cdn.holmesmind.com/js/ Frame 0FD7 4 KB
5 KB 24ms
23ms Script
application/javascript 2600:9000:206f:8e00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8e00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

x-amz-version-id: null
date: Fri, 14 Oct 2022 13:25:54 GMT
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
last-modified: Tue, 20 Apr 2021 06:25:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 57
etag: "c3b948e5a48dd0ec20c265d6d8da7add"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 4530
x-amz-cf-id: IiP-3rCA-divUbvqnzgKIAjhyBG14tOmWkNHtWt4Jx7JE8CCpG5w_Q==

GET
H2 200 appierV2.js Show response
cdn.holmesmind.com/js/ Frame 0FD7 3 KB
3 KB 24ms
24ms Script
application/javascript 2600:9000:206f:8e00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appierV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8e00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

x-amz-version-id: null
date: Fri, 14 Oct 2022 13:25:55 GMT
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
last-modified: Thu, 11 Mar 2021 07:54:26 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 1
etag: "548ed610a8571343fb3022f543174735"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 3177
x-amz-cf-id: HZMlck8k485cQJtbv_Nso2IEjooe9dM1oVlGIqAvDvbFeigFdKg4HA==

GET
H2 200 appier_mainV3.js Show response
cdn.holmesmind.com/js/ Frame 0FD7 6 KB
6 KB 25ms
25ms Script
application/javascript 2600:9000:206f:8e00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8e00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 13d69b634ceeee6647713a2568ba53d7f956abaf734f3cfad0ad1e35d1e988c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

x-amz-version-id: fIQgLpkPc8Xa6hWRKpG2InO.92XkfeB1
date: Fri, 14 Oct 2022 13:25:54 GMT
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
last-modified: Wed, 12 Oct 2022 08:48:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 6
etag: "945b888de0f0e51f6997f84814931271"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 5760
x-amz-cf-id: SwXb14CiLw33hWf__UXIiP2FfAy79TASar2dA9ACoMmFb98oMMbLjA==

GET
H2 200 ads.js Show response
ad.holmesmind.com/adserver/ Frame 5A0A 2 KB
1 KB 292ms
289ms Script
text/html 52.198.19.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/ads.js?z=13849&rf=https%3A%2F%2Freurl.cc%2FXV1QXD&n=485&o=undefined&d=1&b=undefined&ts=1&ii=2&FPCK=2947-EryvUQXQT8deUslXm2d9wazBXT7vcMIf&initver=210830P
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.198.19.32 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-198-19-32.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: f6f4ef93cea14fffb727a602b9fffc2f4be872f95ba4addc2ad1bd06b4fe4f03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

access-control-allow-origin: https://reurl.cc
date: Fri, 14 Oct 2022 13:25:56 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 rtbhouseV2.js Show response
cdn.holmesmind.com/js/ Frame 5A0A 3 KB
3 KB 24ms
21ms Script
application/javascript 2600:9000:206f:8e00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8e00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

x-amz-version-id: null
date: Fri, 14 Oct 2022 13:25:49 GMT
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
last-modified: Tue, 04 Aug 2020 09:25:10 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 43
etag: "6a605eea47197fa280f27aaf1fa1521d"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2773
x-amz-cf-id: -eELrZy7XHVOeYWhg9vZMQMBhzzCK3SGW2xSm5Gd4Q0U5E6ao2RScA==

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame 5A0A 121 KB
40 KB 31ms
28ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

119e37f6f9552a67b6f761070add78e7f93db654027478a7c51e9e34f955b841

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Sat, 01 Oct 2022 02:55:29 GMT
server: nginx
etag: W/"6337ac21-1e358"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 15 Oct 2022 13:25:56 GMT

GET
H2 200 criteoV2.js Show response
cdn.holmesmind.com/js/ Frame 5A0A 2 KB
3 KB 24ms
22ms Script
application/javascript 2600:9000:206f:8e00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/criteoV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8e00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

x-amz-version-id: null
date: Fri, 14 Oct 2022 13:25:49 GMT
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
last-modified: Tue, 04 Aug 2020 09:25:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 43
etag: "e8f33fcb581483ced4a09b3c8e7550e4"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2443
x-amz-cf-id: 03kmv7A9wzaYJagVGb2Vp7dyQfCqiRl_n9Wvx7zII76W0-yJSoGvwA==

GET
H2 200 bridgewellV3.js Show response
cdn.holmesmind.com/js/ Frame 5A0A 4 KB
5 KB 25ms
23ms Script
application/javascript 2600:9000:206f:8e00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8e00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

x-amz-version-id: null
date: Fri, 14 Oct 2022 13:25:54 GMT
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
last-modified: Tue, 20 Apr 2021 06:25:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 57
etag: "c3b948e5a48dd0ec20c265d6d8da7add"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 4530
x-amz-cf-id: nE73KNUlmyF3vFMonb8OnDJvjWTIjtRHNKA-1ZW9tSPL1mI10lIwXA==

GET
H2 200 appierV2.js Show response
cdn.holmesmind.com/js/ Frame 5A0A 3 KB
3 KB 25ms
24ms Script
application/javascript 2600:9000:206f:8e00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appierV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8e00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

x-amz-version-id: null
date: Fri, 14 Oct 2022 13:25:55 GMT
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
last-modified: Thu, 11 Mar 2021 07:54:26 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 1
etag: "548ed610a8571343fb3022f543174735"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 3177
x-amz-cf-id: 91XRbIReKjlIojY4IjiGzCtuwrLxmU0iO5VYMF2bDg-EGHbeHgbrLw==

GET
H2 200 appier_mainV3.js Show response
cdn.holmesmind.com/js/ Frame 5A0A 6 KB
6 KB 26ms
24ms Script
application/javascript 2600:9000:206f:8e00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8e00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 13d69b634ceeee6647713a2568ba53d7f956abaf734f3cfad0ad1e35d1e988c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

x-amz-version-id: fIQgLpkPc8Xa6hWRKpG2InO.92XkfeB1
date: Fri, 14 Oct 2022 13:25:54 GMT
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
last-modified: Wed, 12 Oct 2022 08:48:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 6
etag: "945b888de0f0e51f6997f84814931271"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 5760
x-amz-cf-id: CvDGgTEFyz37SlwSZBYzcJjspnXSvmdDu_pzBST_CZOjMPhi4i9HFA==

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame 0FD7 0
170 B 189ms
182ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://reurl.cc
date: Fri, 14 Oct 2022 13:25:56 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 204 prebid.aspx Show response
prebid.scupio.com/recweb/ Frame 0FD7 0
50 B 306ms
302ms XHR
text/html 210.59.219.181
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.scupio.com/recweb/prebid.aspx?cb=0.6337265217524506
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 210.59.219.181 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 14 Oct 2022 13:25:55 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: text/html
access-control-allow-origin: https://reurl.cc
cache-control: private
access-control-allow-credentials: true

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame 0FD7
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=eUzdcwsDDvu6YUlPZGNJYw

2 B
19 B

298ms
298ms

XHR
application/json

34.96.119.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=eUzdcwsDDvu6YUlPZGNJYw
Requested by: Host: reurl.cc
URL: https://reurl.cc/XV1QXD
Protocol: H3
Server: 34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:57 GMT
via: 1.1 google
server: nginx/1.19.0
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Fri, 14 Oct 2022 13:25:56 GMT
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=eUzdcwsDDvu6YUlPZGNJYw
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame 0FD7
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=XPGWMYJ1DfyTTOBtZGNJYw

2 B
19 B

299ms
299ms

XHR
application/json

34.96.119.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=XPGWMYJ1DfyTTOBtZGNJYw
Requested by: Host: reurl.cc
URL: https://reurl.cc/XV1QXD
Protocol: H3
Server: 34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:57 GMT
via: 1.1 google
server: nginx/1.19.0
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Fri, 14 Oct 2022 13:25:56 GMT
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=XPGWMYJ1DfyTTOBtZGNJYw
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame 5A0A 0
170 B 187ms
185ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://reurl.cc
date: Fri, 14 Oct 2022 13:25:56 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame 0FD7
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=Q3J-cbEyDXyBjd4PZGNJYw

2 B
19 B

293ms
292ms

XHR
application/json

34.96.119.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=Q3J-cbEyDXyBjd4PZGNJYw
Requested by: Host: reurl.cc
URL: https://reurl.cc/XV1QXD
Protocol: H3
Server: 34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:57 GMT
via: 1.1 google
server: nginx/1.19.0
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Fri, 14 Oct 2022 13:25:56 GMT
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=Q3J-cbEyDXyBjd4PZGNJYw
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 204 prebid.aspx Show response
prebid.scupio.com/recweb/ Frame 5A0A 0
27 B 303ms
302ms XHR
text/html 210.59.219.181
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.scupio.com/recweb/prebid.aspx?cb=0.18044393231780775
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 210.59.219.181 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 14 Oct 2022 13:25:55 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: text/html
access-control-allow-origin: https://reurl.cc
cache-control: private
access-control-allow-credentials: true

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame 5A0A
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=qDXbhI_YCVSM1XVXZGNJYw

2 B
19 B

292ms
292ms

XHR
application/json

34.96.119.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=qDXbhI_YCVSM1XVXZGNJYw
Requested by: Host: reurl.cc
URL: https://reurl.cc/XV1QXD
Protocol: H3
Server: 34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:57 GMT
via: 1.1 google
server: nginx/1.19.0
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Fri, 14 Oct 2022 13:25:56 GMT
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=qDXbhI_YCVSM1XVXZGNJYw
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame 5A0A
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=3NjybqqjCk2_ZvB6ZGNJYw

2 B
19 B

300ms
300ms

XHR
application/json

34.96.119.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=3NjybqqjCk2_ZvB6ZGNJYw
Requested by: Host: reurl.cc
URL: https://reurl.cc/XV1QXD
Protocol: H3
Server: 34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:57 GMT
via: 1.1 google
server: nginx/1.19.0
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Fri, 14 Oct 2022 13:25:56 GMT
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=3NjybqqjCk2_ZvB6ZGNJYw
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 5A0A 177 B
425 B 32ms
32ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=131&profileId=184&cb=35361948357

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

01f7ed0e62ed4d71f152bace95f4fc8b51013053b6dfdcf83097d0fb5fe044f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 14 Oct 2022 13:25:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 163

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 0FD7 177 B
424 B 31ms
30ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=131&profileId=184&cb=75306364884

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

78d3ab7a65e3efd63a917084af3b2b48bc1c8060c11c3114348eae55b7d2f5d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 14 Oct 2022 13:25:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 162

POST
H2 204 events
bidder.criteo.com/csm/ Frame 5A0A 0
209 B 27ms
27ms Ping
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 14 Oct 2022 13:25:56 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H2 204 events
bidder.criteo.com/csm/ Frame 0FD7 0
209 B 27ms
27ms Ping
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 14 Oct 2022 13:25:55 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 cm Show response
t.ssp.hinet.net/ 0
187 B 296ms
294ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=a546ca&cid=%%%20Partner%20Cookie%20Here%20%%&mp=49e3a326-56ea-4719-b8f9-28877c3e4c8e

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:56 GMT
strict-transport-security: max-age=0
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 pixel
49e3a326-56ea-4719-b8f9-28877c3e4c8e.t.ssp.hinet.net/ 0
79 B 768ms
292ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://49e3a326-56ea-4719-b8f9-28877c3e4c8e.t.ssp.hinet.net/pixel?bd=49e3a326-56ea-4719-b8f9-28877c3e4c8e&t=a546ca&referrer=%25%25%20referrer%20%25%25

Requested by

Host: reurl.cc
URL: https://reurl.cc/XV1QXD

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:57 GMT
strict-transport-security: max-age=0
server: nginx
content-length: 0
content-type: image/png

GET
H2 200 cm Show response
t.ssp.hinet.net/ Frame 2A27 0
187 B 299ms
298ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=50ef57&cid=7193-QV3R0XgoyAyZJrPlKl5h506D7DaARwJO&mp=49e3a326-56ea-4719-b8f9-28877c3e4c8e

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:56 GMT
strict-transport-security: max-age=0
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 pixel
49e3a326-56ea-4719-b8f9-28877c3e4c8e.t.ssp.hinet.net/ Frame 2A27 0
79 B 768ms
293ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://49e3a326-56ea-4719-b8f9-28877c3e4c8e.t.ssp.hinet.net/pixel?bd=49e3a326-56ea-4719-b8f9-28877c3e4c8e&t=50ef57&referrer=https%3A%2F%2Freurl.cc

Requested by

Host: reurl.cc
URL: https://reurl.cc/XV1QXD

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:57 GMT
strict-transport-security: max-age=0
server: nginx
content-length: 0
content-type: image/png

GET
H2 200 pixel
49e3a326-56ea-4719-b8f9-28877c3e4c8e.t.ssp.hinet.net/ Frame 72CA 0
79 B 768ms
294ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://49e3a326-56ea-4719-b8f9-28877c3e4c8e.t.ssp.hinet.net/pixel?bd=49e3a326-56ea-4719-b8f9-28877c3e4c8e&t=50ef57&referrer=https%3A%2F%2Freurl.cc

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:57 GMT
strict-transport-security: max-age=0
server: nginx
content-length: 0
content-type: image/png

GET
H2 200 cm Show response
t.ssp.hinet.net/ Frame 72CA 0
187 B 295ms
294ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=50ef57&cid=7193-QV3R0XgoyAyZJrPlKl5h506D7DaARwJO&mp=49e3a326-56ea-4719-b8f9-28877c3e4c8e

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:56 GMT
strict-transport-security: max-age=0
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 emome2 Show response
t.ssp.hinet.net/ Frame A822 30 B
271 B 296ms
295ms XHR
application/json 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/emome2?u=49e3a326-56ea-4719-b8f9-28877c3e4c8e

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:56 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H3 200 landing.php Show response
fp.holmesmind.com/ Frame B175 0
37 B 313ms
287ms Document
text/html 34.117.219.39
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=7193-QV3R0XgoyAyZJrPlKl5h506D7DaARwJO&CFFPCKUUID=2947-EryvUQXQT8deUslXm2d9wazBXT7vcMIf&url=https%3A%2F%2Freurl.cc%2FXV1QXD&maindomain=reurl.cc
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.219.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 39.219.117.34.bc.googleusercontent.com
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: x-requested-with,content-type
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 14 Oct 2022 13:25:56 GMT
server: nginx/1.20.0
vary: Accept-Encoding
via: 1.1 google

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 0FD7 5 KB
2 KB 294ms
291ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:56 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Mon, 25 Jul 2022 06:51:32 GMT
server: nginx
etag: W/"62de3d74-134a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Fri, 14 Oct 2022 13:35:56 GMT

GET
H3 200 landing.php Show response
fp.holmesmind.com/ Frame 551E 0
37 B 309ms
288ms Document
text/html 34.117.219.39
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=7193-QV3R0XgoyAyZJrPlKl5h506D7DaARwJO&CFFPCKUUID=2947-EryvUQXQT8deUslXm2d9wazBXT7vcMIf&url=https%3A%2F%2Freurl.cc%2FXV1QXD&maindomain=reurl.cc
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.219.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 39.219.117.34.bc.googleusercontent.com
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: x-requested-with,content-type
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 14 Oct 2022 13:25:56 GMT
server: nginx/1.20.0
vary: Accept-Encoding
via: 1.1 google

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 5A0A 5 KB
2 KB 293ms
292ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:56 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Mon, 25 Jul 2022 06:51:32 GMT
server: nginx
etag: W/"62de3d74-134a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Fri, 14 Oct 2022 13:35:56 GMT

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame AD44 36 B
408 B 295ms
294ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

b45f33e0ab42211e55e81ccddec427f0fb794b9e4e4df5e85f01514e23645714

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:56 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame 4364 36 B
408 B 294ms
294ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

b45f33e0ab42211e55e81ccddec427f0fb794b9e4e4df5e85f01514e23645714

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:56 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 drawV2.js Show response
cdn.holmesmind.com/js/ Frame 0FD7 10 KB
10 KB 23ms
22ms Script
application/javascript 2600:9000:206f:8e00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/drawV2.js
Requested by: Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13857&rf=https%3A%2F%2Freurl.cc%2FXV1QXD&n=313&o=undefined&d=1&b=undefined&ts=1&ii=2&FPCK=2947-EryvUQXQT8deUslXm2d9wazBXT7vcMIf&initver=210830P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8e00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

x-amz-version-id: null
date: Fri, 14 Oct 2022 13:25:50 GMT
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
last-modified: Fri, 16 Oct 2020 09:58:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 60
etag: "84d8b1a745228113e60f5e62f0eff6d3"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 10359
x-amz-cf-id: CNARnkd-NMHcndvRzloDkb-TYfw38YoKpAtn0Yth1ArSCWc6fISHYA==

GET
H2 200 drawV2.js Show response
cdn.holmesmind.com/js/ Frame 5A0A 10 KB
10 KB 24ms
23ms Script
application/javascript 2600:9000:206f:8e00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/drawV2.js
Requested by: Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13849&rf=https%3A%2F%2Freurl.cc%2FXV1QXD&n=485&o=undefined&d=1&b=undefined&ts=1&ii=2&FPCK=2947-EryvUQXQT8deUslXm2d9wazBXT7vcMIf&initver=210830P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8e00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

x-amz-version-id: null
date: Fri, 14 Oct 2022 13:25:50 GMT
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
last-modified: Fri, 16 Oct 2020 09:58:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 60
etag: "84d8b1a745228113e60f5e62f0eff6d3"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 10359
x-amz-cf-id: D2v3CTAcQ_-kfWZ2poNW-TfU7arYJPOozmGMwTsO5KCHJF6iyKkCsA==

GET
H2 200 pixel
49e3a326-56ea-4719-b8f9-28877c3e4c8e.t.ssp.hinet.net/ Frame A822 0
79 B 489ms
294ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://49e3a326-56ea-4719-b8f9-28877c3e4c8e.t.ssp.hinet.net/pixel?bd=49e3a326-56ea-4719-b8f9-28877c3e4c8e&t=50ef57&referrer=https%3A%2F%2Freurl.cc

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:57 GMT
strict-transport-security: max-age=0
server: nginx
content-length: 0
content-type: image/png

GET
H2 200 cm Show response
t.ssp.hinet.net/ Frame A822 0
187 B 296ms
296ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=50ef57&cid=7193-QV3R0XgoyAyZJrPlKl5h506D7DaARwJO&mp=49e3a326-56ea-4719-b8f9-28877c3e4c8e

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:56 GMT
strict-transport-security: max-age=0
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame 0FD7 36 B
401 B 295ms
294ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

b45f33e0ab42211e55e81ccddec427f0fb794b9e4e4df5e85f01514e23645714

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:57 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 emome2 Show response
t.ssp.hinet.net/ Frame AD44 30 B
278 B 296ms
295ms XHR
application/json 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/emome2?u=dd7d4f91-2e87-44b1-a56e-241cb5bc5343

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:57 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 emome2 Show response
t.ssp.hinet.net/ Frame 4364 30 B
278 B 295ms
295ms XHR
application/json 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/emome2?u=dd7d4f91-2e87-44b1-a56e-241cb5bc5343

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:57 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 cm Show response
t.ssp.hinet.net/ Frame AD44 0
194 B 298ms
297ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=cf&cid=948814-C76ZXxTOtAM1A9fCVMI5bdAOFC2PypPB&mp=dd7d4f91-2e87-44b1-a56e-241cb5bc5343

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:57 GMT
strict-transport-security: max-age=0
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 pixel
dd7d4f91-2e87-44b1-a56e-241cb5bc5343.t.ssp.hinet.net/ Frame AD44 0
79 B 590ms
292ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dd7d4f91-2e87-44b1-a56e-241cb5bc5343.t.ssp.hinet.net/pixel?bd=dd7d4f91-2e87-44b1-a56e-241cb5bc5343&t=cf&referrer=https%3A%2F%2Freurl.cc

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:57 GMT
strict-transport-security: max-age=0
server: nginx
content-length: 0
content-type: image/png

GET
H2 200 ls.html Show response
img.scupio.com/html/ Frame CDC9 1 KB
1 KB 33ms
32ms Document
text/html 13.32.110.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/html/ls.html
Requested by: Host: reurl.cc
URL: https://reurl.cc/XV1QXD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-16.vie50.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce

Request headers

Referer: https://img.scupio.com/html/ad.html?v=1.0.65
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

age: 772
cache-control: max-age=604800
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 14 Oct 2022 13:13:26 GMT
etag: W/"583295c9-4dc"
expires: Fri, 21 Oct 2022 13:13:05 GMT
last-modified: Mon, 21 Nov 2016 06:35:53 GMT
server: nginx/1.12.1
vary: Origin
via: 1.1 3cf68d8be617999c7beade955cf69ddc.cloudfront.net (CloudFront)
x-amz-cf-id: c9vdjfdmTEm87sKxVl1LFb4SEKIeHP1LGG0CRviSjfNQdkBHyo005A==
x-amz-cf-pop: VIE50-C2
x-cache: Hit from cloudfront

GET
H/1.1

200
OK

ggid.aspx Show response
rec.scupio.com/recweb/ Frame 131A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q0hBMjAyMjEwMTQyMTI1NTY2MDc2NTM%3d&layout=js
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEPx3effNiyF_lftwr6mWV8w&google_cver=1&google_ula=3918219,0

0
551 B

1509ms
309ms

Script
text/javascript

210.59.219.175
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEPx3effNiyF_lftwr6mWV8w&google_cver=1&google_ula=3918219,0
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol: HTTP/1.1
Server: 210.59.219.175 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.scupio.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Date: Fri, 14 Oct 2022 13:25:57 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: text/javascript
P3P: CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control: private
Content-Length: 0

Redirect headers

pragma: no-cache
date: Fri, 14 Oct 2022 13:25:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEPx3effNiyF_lftwr6mWV8w&google_cver=1&google_ula=3918219,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 332
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame D6C5
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac

281 B
554 B

87ms
20ms

Document
text/html

23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Requested by: Host: reurl.cc
URL: https://reurl.cc/XV1QXD
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://img.scupio.com/
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 14 Oct 2022 13:25:57 GMT
ETag: "40014-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Fri, 14 Oct 2022 13:25:57 GMT
location: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
server: AkamaiGHost

GET
H3 200 /
www.facebook.com/tr/ Frame 131A 0
15 B 21ms
20ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1588263144793165&ev=ViewContent&dl=https%3A%2F%2Fimg.scupio.com%2Fhtml%2Fad.html%3Fv%3D1.0.65&rl=https%3A%2F%2Fimg.scupio.com%2Fhtml%2Fad.html%3Fv%3D1.0.65&if=true&ts=1665753957131&cd[SBST]=17&cd[PuID]=reurl

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.scupio.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 14 Oct 2022 13:25:57 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H/1.1 200
OK /
sync.aralego.com/idSync/ Frame 131A 35 B
413 B 454ms
113ms Image
image/gif 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CHA20221014212556607653
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Rockville, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.scupio.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:57 GMT
connection: close
content-length: 35
content-type: image/gif

GET
H2 200 pixel
dd7d4f91-2e87-44b1-a56e-241cb5bc5343.t.ssp.hinet.net/ Frame 4364 0
79 B 560ms
292ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dd7d4f91-2e87-44b1-a56e-241cb5bc5343.t.ssp.hinet.net/pixel?bd=dd7d4f91-2e87-44b1-a56e-241cb5bc5343&t=cf&referrer=https%3A%2F%2Freurl.cc

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:57 GMT
strict-transport-security: max-age=0
server: nginx
content-length: 0
content-type: image/png

GET
H2 200 cm Show response
t.ssp.hinet.net/ Frame 4364 0
194 B 295ms
294ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=cf&cid=948814-C76ZXxTOtAM1A9fCVMI5bdAOFC2PypPB&mp=dd7d4f91-2e87-44b1-a56e-241cb5bc5343

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:57 GMT
strict-transport-security: max-age=0
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame D6C5 31 KB
10 KB 20ms
20ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 1219d714e27f186eb7bbf428f0553a2a5a32fd30e6321b10af81582c66fa173d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Date: Fri, 14 Oct 2022 13:25:57 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Sep 2022 22:38:47 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=31461
Connection: keep-alive
Content-Length: 9421
Expires: Fri, 14 Oct 2022 22:10:18 GMT

GET
H2 200 ls.html Show response
img.scupio.com/html/ Frame 9A9B 1 KB
1 KB 30ms
30ms Document
text/html 13.32.110.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/html/ls.html
Requested by: Host: reurl.cc
URL: https://reurl.cc/XV1QXD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-16.vie50.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce

Request headers

Referer: https://img.scupio.com/html/ad.html?v=1.0.65
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

age: 772
cache-control: max-age=604800
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 14 Oct 2022 13:13:26 GMT
etag: W/"583295c9-4dc"
expires: Fri, 21 Oct 2022 13:13:05 GMT
last-modified: Mon, 21 Nov 2016 06:35:53 GMT
server: nginx/1.12.1
vary: Origin
via: 1.1 3cf68d8be617999c7beade955cf69ddc.cloudfront.net (CloudFront)
x-amz-cf-id: 0Jle3rtcvZS_F9qAAeQeqrrENf9uWSwf9Fwz3WmwfDSz9uKyvxNRng==
x-amz-cf-pop: VIE50-C2
x-cache: Hit from cloudfront

GET
H/1.1

200
OK

ggid.aspx Show response
rec.scupio.com/recweb/ Frame 13F5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q1NBMjAyMjEwMTQyMTI1NTcyNjAyNTY%3d&layout=js
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEPx3effNiyF_lftwr6mWV8w&google_cver=1&google_ula=3918219,0

0
551 B

1494ms
298ms

Script
text/javascript

210.59.219.175
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEPx3effNiyF_lftwr6mWV8w&google_cver=1&google_ula=3918219,0
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol: HTTP/1.1
Server: 210.59.219.175 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.scupio.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Date: Fri, 14 Oct 2022 13:25:57 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: text/javascript
P3P: CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control: private
Content-Length: 0

Redirect headers

pragma: no-cache
date: Fri, 14 Oct 2022 13:25:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEPx3effNiyF_lftwr6mWV8w&google_cver=1&google_ula=3918219,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 332
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame E355
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac

281 B
554 B

20ms
20ms

Document
text/html

23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Requested by: Host: reurl.cc
URL: https://reurl.cc/XV1QXD
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://img.scupio.com/
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 14 Oct 2022 13:25:57 GMT
ETag: "40014-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Fri, 14 Oct 2022 13:25:57 GMT
location: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
server: AkamaiGHost

GET
H3 200 /
www.facebook.com/tr/ Frame 13F5 0
15 B 19ms
19ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=588795092476391&ev=ViewContent&dl=https%3A%2F%2Fimg.scupio.com%2Fhtml%2Fad.html%3Fv%3D1.0.65&rl=https%3A%2F%2Fimg.scupio.com%2Fhtml%2Fad.html%3Fv%3D1.0.65&if=true&ts=1665753957316&cd[SBST]=17&cd[PuID]=reurl&ud[external_id]=2f928035f65c36b082c06be2ca62515cad314ae18ab9876587ecc20684c16048

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.scupio.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 14 Oct 2022 13:25:57 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H/1.1 200
OK /
sync.aralego.com/idSync/ Frame 13F5 35 B
413 B 425ms
107ms Image
image/gif 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CSA20221014212557260256
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Rockville, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.scupio.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:57 GMT
connection: close
content-length: 35
content-type: image/gif

GET
H2

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/ Frame 26FB
Redirect Chain

https://ads.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

43 KB
43 KB

99ms
27ms

Script
application/octet-stream

2606:4700:20::681a:467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: reurl.cc
URL: https://reurl.cc/XV1QXD
Protocol: H2
Server: 2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28bf646c6e799ca96adb3a5b48fe882639d31e27102cad9ed2979555da55944a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 230
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43705
last-modified: Thu, 22 Sep 2022 10:05:53 GMT
server: cloudflare
etag: "632c3381-aab9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8aRk1VNlB828XTxmy2%2BCDXRuYxRtPUrCEu%2BzFoPHaS9wBo5gWMpx%2F2ghgjTy%2FUfFfH%2FiJL9uo3%2FkNRZ5eBN48Ez9rlTE0ds6J4EWOchPZxPwfNXJuvnCyQsqbSZRjq5kTyuFJP5QVEcVo7UFeg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 75a0a4dcac0b92ab-FRA

Redirect headers

Location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection: close
Content-length: 0

GET
H2

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/ Frame AFA1
Redirect Chain

https://ads.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

43 KB
43 KB

93ms
28ms

Script
application/octet-stream

2606:4700:20::681a:467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: reurl.cc
URL: https://reurl.cc/XV1QXD
Protocol: H2
Server: 2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28bf646c6e799ca96adb3a5b48fe882639d31e27102cad9ed2979555da55944a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 230
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43705
last-modified: Thu, 22 Sep 2022 10:05:53 GMT
server: cloudflare
etag: "632c3381-aab9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z4qya2Ar%2B5fxgn5gSh7Mw88TVhcgTgYFChcpwJs6bICpFp7PalkHfdBEqXW%2FDDjCnEMJTs%2BsrpYumFGTBxCyTnR1iZpC9NGF3KArHY7wOHrCAe3bDmAW1vR9l30OSHUP9%2BIdQ1rH1FIeSDIG7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 75a0a4dcac0d92ab-FRA

Redirect headers

Location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection: close
Content-length: 0

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame D6C5 284 B
536 B 108ms
22ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame E355 31 KB
10 KB 24ms
24ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 1219d714e27f186eb7bbf428f0553a2a5a32fd30e6321b10af81582c66fa173d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Date: Fri, 14 Oct 2022 13:25:57 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Sep 2022 22:38:47 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=31461
Connection: keep-alive
Content-Length: 9421
Expires: Fri, 14 Oct 2022 22:10:18 GMT

GET
H2 200 cm Show response
t.ssp.hinet.net/ Frame 0FD7 0
187 B 296ms
295ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=50ef57&cid=7193-QV3R0XgoyAyZJrPlKl5h506D7DaARwJO&mp=dd7d4f91-2e87-44b1-a56e-241cb5bc5343

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:57 GMT
strict-transport-security: max-age=0
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 pixel
dd7d4f91-2e87-44b1-a56e-241cb5bc5343.t.ssp.hinet.net/ Frame 0FD7 0
79 B 319ms
293ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dd7d4f91-2e87-44b1-a56e-241cb5bc5343.t.ssp.hinet.net/pixel?bd=dd7d4f91-2e87-44b1-a56e-241cb5bc5343&t=50ef57&referrer=https%3A%2F%2Freurl.cc

Requested by

Host: reurl.cc
URL: https://reurl.cc/XV1QXD

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:57 GMT
strict-transport-security: max-age=0
server: nginx
content-length: 0
content-type: image/png

GET
H2 200 cm Show response
t.ssp.hinet.net/ Frame 5A0A 0
187 B 297ms
296ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=50ef57&cid=7193-QV3R0XgoyAyZJrPlKl5h506D7DaARwJO&mp=49e3a326-56ea-4719-b8f9-28877c3e4c8e

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:57 GMT
strict-transport-security: max-age=0
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 pixel
49e3a326-56ea-4719-b8f9-28877c3e4c8e.t.ssp.hinet.net/ Frame 5A0A 0
79 B 293ms
292ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://49e3a326-56ea-4719-b8f9-28877c3e4c8e.t.ssp.hinet.net/pixel?bd=49e3a326-56ea-4719-b8f9-28877c3e4c8e&t=50ef57&referrer=https%3A%2F%2Freurl.cc

Requested by

Host: reurl.cc
URL: https://reurl.cc/XV1QXD

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:57 GMT
strict-transport-security: max-age=0
server: nginx
content-length: 0
content-type: image/png

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame E355 284 B
536 B 76ms
22ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 204
No Content sync.php
pixel-apac.rubiconproject.com/exchange/ Frame D6C5 0
239 B 1192ms
262ms Image
image/gif 69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-apac.rubiconproject.com/exchange/sync.php?p=xapi-bridgewell
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 808ed95536e7f55d8adbcb9fc76d309d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3 200 ucfad-formats.css
cdn.aralego.net/css/dev/ Frame 26FB 975 B
811 B 71ms
45ms Stylesheet
text/css 2606:4700:20::681a:467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 778
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QHajO7sqy8iAZeFWY3brrNnzQxCg6BirsChW49uT3CYFPa3MCpUjG2DheD3RU9wcwbZnrtFkeTU%2BzWJsvt6H8Z9fisug4BF24Wpi6ZbWgxZh5STq70wYnYjmMi9EfK6MriApR8fLJL1GuVw09g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 75a0a4dcfc335b80-FRA

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ Frame 26FB 46 B
486 B 325ms
109ms XHR
text/html 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Rockville, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: b254af137ed556d3e226464d6ace4dc0ac788eed228329f66ecc526d48f4451b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:58 GMT
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
connection: close
content-length: 46

GET
H/1.1 204
No Content ad_request Show response
ads.aralego.com/ Frame 26FB 0
371 B 329ms
115ms XHR
text/plain 192.96.200.41
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=reurl.cc&u=https%3A%2F%2Freurl.cc%2FXV1QXD&adid=ad-BE7A8D43E47B3D23C77A9993A9B8A778&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.04307426594279695&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B&ao=https%3A%2F%2Freurl.cc&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.200.41 Gaithersburg, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Access-Control-Allow-Origin: https://reurl.cc
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Date: Fri, 14 Oct 2022 13:25:58 GMT
Access-Control-Allow-Credentials: true
X-SspId: 14891fec-26fc-3b95-beb5-6195d1143083
Connection: close
Access-Control-Allow-Methods: GET,POST,OPTIONS

GET
H3 200 ucfad-formats.css
cdn.aralego.net/css/dev/ Frame AFA1 975 B
783 B 48ms
45ms Stylesheet
text/css 2606:4700:20::681a:467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 778
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DiZ0b0k8BDPG16w0xDpplQQO%2Fgph3vPxPWAW2Tse%2B01A52FdQ8cYlDYi0i4nlMO6OLPNkvlN7isbHiBUjx7%2BQCpIgnvqGpSkF7uiHjBngOVOvK4seehLknw3zNPwIB8gMtqGUchJqwB%2BK%2F5%2FDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 75a0a4dcfc2f5b80-FRA

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ Frame AFA1 46 B
486 B 334ms
116ms XHR
text/html 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Rockville, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: b254af137ed556d3e226464d6ace4dc0ac788eed228329f66ecc526d48f4451b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:58 GMT
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
connection: close
content-length: 46

GET
H/1.1 204
No Content ad_request Show response
ads.aralego.com/ Frame AFA1 0
371 B 327ms
112ms XHR
text/plain 192.96.200.41
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=reurl.cc&u=https%3A%2F%2Freurl.cc%2FXV1QXD&adid=ad-BE78DB396979B34E17BE3B66A3E7D76B&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.5990788087176688&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B&ao=https%3A%2F%2Freurl.cc&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.200.41 Gaithersburg, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Access-Control-Allow-Origin: https://reurl.cc
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Date: Fri, 14 Oct 2022 13:25:58 GMT
Access-Control-Allow-Credentials: true
X-SspId: 14891fec-26fc-3b95-beb5-6195d1143083
Connection: close
Access-Control-Allow-Methods: GET,POST,OPTIONS

GET
H3 200 cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame 617D 714 B
771 B 27ms
27ms Document
text/html 2606:4700:20::681a:467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
age: 6434
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 75a0a4dee8285b80-FRA
content-encoding: br
content-type: text/html
date: Fri, 14 Oct 2022 13:25:58 GMT
last-modified: Wed, 09 Feb 2022 05:59:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Od9xe4Sktoc9cbJ5pedDc3v0%2FsyCtOqKENi9tr3B4ExvzhOUo3W1EdZX5Mf8CP2fn4Oq486RKWpa0w2gRBS2Bo406OmKjhKGpkpeQ73bBT9FzsMbP7wf4GnfmdMl%2B5ozEwnSNtxPB%2FlOrpr2Kg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK idsync
sync.aralego.com/ Frame 26FB 35 B
384 B 326ms
110ms Image
image/gif 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by: Host: reurl.cc
URL: https://reurl.cc/XV1QXD
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Rockville, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:58 GMT
connection: close
content-length: 35
content-type: image/gif

GET
H3 200 cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame 546C 714 B
779 B 56ms
55ms Document
text/html 2606:4700:20::681a:467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
age: 6434
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 75a0a4df18885b80-FRA
content-encoding: br
content-type: text/html
date: Fri, 14 Oct 2022 13:25:58 GMT
last-modified: Wed, 09 Feb 2022 05:59:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q5to9uLR%2B7NTzHESvYwsyjY9kVBqKEMyhljWyyVavZ%2B%2FPTFvL3fHyCtYUD5pAi6p4ldhUPGFIvSlPVVQYV%2FS446lc5Z1fgsLfCXIKtQkb%2BN1zYxtmj4NxHViCW%2FPdetYl7LeSg8cYTml6TU3kw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK idsync
sync.aralego.com/ Frame AFA1 35 B
384 B 324ms
110ms Image
image/gif 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Rockville, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:58 GMT
connection: close
content-length: 35
content-type: image/gif

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 617D 79 KB
80 KB 105ms
39ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

82c5cd73777ea3f737f7e91bd26ea61443a006401b575854d1e282b6d89dcc50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:58 GMT
x-content-type-options: nosniff
server: sffe
etag: "1363 / 178 of 1000 / last-modified: 1665745594"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 80992
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 14 Oct 2022 13:25:58 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 546C 79 KB
79 KB 88ms
79ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

e40454facd032aa173960f7cdaa006390b705ac2bd0e3f3b3fea207d5e82de4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:58 GMT
x-content-type-options: nosniff
server: sffe
etag: "1363 / 109 of 1000 / last-modified: 1665745594"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 81112
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 14 Oct 2022 13:25:58 GMT

GET
H3 200 pubads_impl_2022101101.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 617D 380 KB
128 KB 72ms
30ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101101.js?cb=31070373

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

0adb253f1936a498f71414d7807eb2feb8fc7269a8eda6146ef73627aa0ea898

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 11:21:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7465
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131337
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 08:35:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 14 Oct 2023 11:21:33 GMT

GET
H3 200 pubads_impl_2022101301.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 546C 380 KB
128 KB 44ms
20ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101301.js?cb=31070374

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

1af2148d7bd5e2a0c9ddc1c5b9ff072996852f4f11ebc19695ba4ee08ddb9c4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 12:57:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1705
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131264
x-xss-protection: 0
last-modified: Thu, 13 Oct 2022 15:30:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 14 Oct 2023 12:57:33 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 101ms
33ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://img.scupio.com
Sec-Fetch-Mode: cors
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://img.scupio.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 14 Oct 2022 13:25:58 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 471395
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame 2E79
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1
https://mug.criteo.com/sid?cpp=bimSPHxtSzMwYlBnSFp2WlgxMGtRWk50M2dpbUZxZVJmWGZ2SXNRNXNxR2VnZHNSVjZZWGFGd0kwZ3doSktCRFZXYlZ4YnF5NzEwL0UxaWlIZ0JudkdIZUIvNUdyMnhYdWdsb0wwQWljZ1c0QXN2OUtQcHhKdmwwWU13N0...

428 B
696 B

104ms
38ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=bimSPHxtSzMwYlBnSFp2WlgxMGtRWk50M2dpbUZxZVJmWGZ2SXNRNXNxR2VnZHNSVjZZWGFGd0kwZ3doSktCRFZXYlZ4YnF5NzEwL0UxaWlIZ0JudkdIZUIvNUdyMnhYdWdsb0wwQWljZ1c0QXN2OUtQcHhKdmwwWU13N0FwdlJTRnYxR2VNZE53RWFOTFM1SlRyYU1GUTZqVFpIaDZaMkR4eW84ajh1c2NBY211VUVsdkwzanZMYW5xZkIybE9KRzBYZVd4Z1pOTHhGYnh3TDErbGtqaFludWpZT25sSVdHWElPQk5MUTdCOFpjai90bzFqRzBsTDNEL2o5QlFyUUtiYmE5cE5ZT0tYWUNGZ2FMYzJ6MnJSNk5SNkZZT2w3czNkQldKdG0wYnNISjZBST18&cppv=2

Requested by

Host: reurl.cc
URL: https://reurl.cc/XV1QXD

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e7089d14066d9c1d86d709d695815d1c2c31be3ecc0618419ba2ac78a5bdc878

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.scupio.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 13:25:58 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2948213
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 14 Oct 2022 13:25:57 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
location: https://mug.criteo.com/sid?cpp=bimSPHxtSzMwYlBnSFp2WlgxMGtRWk50M2dpbUZxZVJmWGZ2SXNRNXNxR2VnZHNSVjZZWGFGd0kwZ3doSktCRFZXYlZ4YnF5NzEwL0UxaWlIZ0JudkdIZUIvNUdyMnhYdWdsb0wwQWljZ1c0QXN2OUtQcHhKdmwwWU13N0FwdlJTRnYxR2VNZE53RWFOTFM1SlRyYU1GUTZqVFpIaDZaMkR4eW84ajh1c2NBY211VUVsdkwzanZMYW5xZkIybE9KRzBYZVd4Z1pOTHhGYnh3TDErbGtqaFludWpZT25sSVdHWElPQk5MUTdCOFpjai90bzFqRzBsTDNEL2o5QlFyUUtiYmE5cE5ZT0tYWUNGZ2FMYzJ6MnJSNk5SNkZZT2w3czNkQldKdG0wYnNISjZBST18&cppv=2
access-control-allow-origin: https://img.scupio.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 246852
content-length: 0
expires: 0

GET
H3 200 cm
c.holmesmind.com/ Frame 2E79 0
13 B 145ms
143ms Image
text/html 35.201.76.93
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm
Requested by: Host: reurl.cc
URL: https://reurl.cc/XV1QXD
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.scupio.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:58 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK idSync
sync.aralego.com/ Frame 2E79 35 B
266 B 313ms
105ms Image
image/gif 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idSync
Requested by: Host: reurl.cc
URL: https://reurl.cc/XV1QXD
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Rockville, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.scupio.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:58 GMT
connection: close
content-length: 35
content-type: image/gif

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 546C 107 B
795 B 101ms
31ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=cdn.aralego.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101301.js?cb=31070374

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=ISO-8859-1
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 546C 107 B
552 B 91ms
30ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101301.js?cb=31070374

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=ISO-8859-1
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 546C 492 B
290 B 66ms
66ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=712957418404835&correlator=764061903527842&eid=31068457%2C31070043%2C31070374&output=ldjh&gdfp_req=1&vrg=2022101301&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-38&fsapi=false&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1665753958592&lmt=1644386353&dlt=1665753958303&idt=266&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=jn06sxjpwl6q&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=5&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Freurl.cc%2F&top=https%3A%2F%2Freurl.cc%2F&frm=8&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1525561713.1665753959&ga_sid=1665753959&ga_hid=1111383807&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101301.js?cb=31070374

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

ebfe637d0f6358ff6dc963745397901dd6a738cf07b7234b5004777fadd58f64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 261
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cdn.aralego.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
ff09e735f99011fb9484302dbfe4b294.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D71C 6 KB
6 KB 121ms
31ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ff09e735f99011fb9484302dbfe4b294.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=5

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101301.js?cb=31070374

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-length: 6094
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 13:25:58 GMT
expires: Sat, 14 Oct 2023 13:25:58 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 617D 107 B
165 B 75ms
43ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=cdn.aralego.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101101.js?cb=31070373

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=ISO-8859-1
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 617D 107 B
165 B 63ms
41ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101101.js?cb=31070373

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=ISO-8859-1
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 617D 492 B
292 B 77ms
76ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3040222618160812&correlator=3895003589252550&eid=31070373%2C31068919&output=ldjh&gdfp_req=1&vrg=2022101101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-38&fsapi=false&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1665753958630&lmt=1644386353&dlt=1665753958245&idt=366&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=1o096gjawyzs&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=5&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Freurl.cc%2F&top=https%3A%2F%2Freurl.cc%2F&frm=8&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=108359756.1665753959&ga_sid=1665753959&ga_hid=465935600&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101101.js?cb=31070373

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

92a8294614a638705fea24302edd9455d684973044409f7dfa6d92709d82d856

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 263
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cdn.aralego.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
247b4a89a0cf587a097b111c7d55eb0e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 203A 6 KB
6 KB 114ms
29ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://247b4a89a0cf587a097b111c7d55eb0e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=5

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101101.js?cb=31070373

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-length: 6094
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 13:25:58 GMT
expires: Sat, 14 Oct 2023 13:25:58 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 137ms
30ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 14 Oct 2022 13:25:58 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 404288
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 546C 14 KB
11 KB 89ms
43ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022101301&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101301.js?cb=31070374

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b34be52ea1e2b9c2a876b0cead7b97d468424a0788dc9257605c4264ae0bf5aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=ISO-8859-1
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10957
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 617D 14 KB
11 KB 49ms
35ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022101101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101101.js?cb=31070373

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bb6be28a46880e4ce37ef1ab3cb4989172903dbff0c9fd20f9097f352476a880

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=ISO-8859-1
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10898
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 617D 17 KB
17 KB 75ms
29ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101101.js?cb=31070373

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:58 GMT
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17314
x-xss-protection: 0
expires: Fri, 14 Oct 2022 13:25:58 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 546C 17 KB
17 KB 92ms
55ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101301.js?cb=31070374

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:58 GMT
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17314
x-xss-protection: 0
expires: Fri, 14 Oct 2022 13:25:58 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame CE86 2 KB
1 KB 30ms
30ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

de4074357122f6dcee51fb5b3b39d3ad99a460316bd2f9f0a477faf0c1bc3135

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=0
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 13:25:58 GMT
server: Kestrel
server-processing-duration-in-ticks: 2445959
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C633 13 KB
5 KB 60ms
19ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 354
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 13:20:04 GMT
expires: Sat, 14 Oct 2023 13:20:04 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4BAD 783 B
534 B 74ms
33ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6bfa33ab7de129bdad9632dde00dbfb4d23274851974e04750521a148071a475

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-HHIT3gs-eXN5ALyVOSvYeA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'nonce-HHIT3gs-eXN5ALyVOSvYeA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 13:25:58 GMT
expires: Fri, 14 Oct 2022 13:25:58 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 74AC 13 KB
5 KB 36ms
21ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 354
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 13:20:04 GMT
expires: Sat, 14 Oct 2023 13:20:04 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4D6E 783 B
534 B 46ms
31ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fa8ffe2bdccaf5c1dbde556ca9f6bbc2ec06d87b6e2ea127069ee7d305fced0a

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-vAxH1DUbLeQ9w3o3yuOUpg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'nonce-vAxH1DUbLeQ9w3o3yuOUpg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 13:25:58 GMT
expires: Fri, 14 Oct 2022 13:25:58 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 ZEudAwKmaTNpvGbgtwbUkI0ybKz2KwCtXmqAoF5myvk.js Show response
pagead2.googlesyndication.com/bg/ Frame C633 36 KB
15 KB 65ms
26ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ZEudAwKmaTNpvGbgtwbUkI0ybKz2KwCtXmqAoF5myvk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

644b9d0302a6693369bc66e0b706d4908d326cacf62b00ad5e6a80a05e66caf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Wed, 12 Oct 2022 18:59:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 152816
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15800
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Oct 2023 18:59:03 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4D6E 0
0 93ms
54ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022101301&jk=712957418404835&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

GET
H3 200 ZEudAwKmaTNpvGbgtwbUkI0ybKz2KwCtXmqAoF5myvk.js Show response
pagead2.googlesyndication.com/bg/ Frame 74AC 36 KB
15 KB 58ms
20ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ZEudAwKmaTNpvGbgtwbUkI0ybKz2KwCtXmqAoF5myvk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

644b9d0302a6693369bc66e0b706d4908d326cacf62b00ad5e6a80a05e66caf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Wed, 12 Oct 2022 18:59:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 152816
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15800
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Oct 2023 18:59:03 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4BAD 0
0 91ms
53ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022101101&jk=3040222618160812&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 33ms
33ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://img.scupio.com
Sec-Fetch-Mode: cors
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://img.scupio.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 14 Oct 2022 13:25:58 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 402179
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame 0B7F
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1
https://mug.criteo.com/sid?cpp=qRNCXXw2cm5YL2tRclZ5RnZ4N3YxVjVkOFFaWWMrc3VwUnd6WG9mSU9YZWl6OUhxMmU5em9vTzJjSXZLRVI1clJna3RBL1ZHQjNzQVNERXZFd3NhVEJSaGJucHozdisydFppYTdPa1czUnN3QUxyWFZaQVBwWE9PNHV4RE...

426 B
696 B

39ms
38ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=qRNCXXw2cm5YL2tRclZ5RnZ4N3YxVjVkOFFaWWMrc3VwUnd6WG9mSU9YZWl6OUhxMmU5em9vTzJjSXZLRVI1clJna3RBL1ZHQjNzQVNERXZFd3NhVEJSaGJucHozdisydFppYTdPa1czUnN3QUxyWFZaQVBwWE9PNHV4RE91cE44aGZyT3VrL2RNQUo1KzRsTWpGNTFLb0NVVW5WUXBkVXB4QjBUeDBjNVhaWFljeGlVb3JQVnFJMXNaaEp2Rml3V1R2NElsNVVvN3hOVGNxaXRldkZGVWI1ajZDRFRGZGFXSEZWeEM5R1BvK0VhNDdHZjhzOTBmWTNsclp5R056TEQ1bnVyaVhqWUhiQU1IQkU0NnZwQ3pqYzJBRDMrSHR4UFNSSGlBM0Roaml0QXZBZz18&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

951a6e72862f867fa7797460aac3c1e0d3b4d6993a86fbe78ca1a02a9ec688e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.scupio.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 13:25:58 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1004500
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 14 Oct 2022 13:25:58 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
location: https://mug.criteo.com/sid?cpp=qRNCXXw2cm5YL2tRclZ5RnZ4N3YxVjVkOFFaWWMrc3VwUnd6WG9mSU9YZWl6OUhxMmU5em9vTzJjSXZLRVI1clJna3RBL1ZHQjNzQVNERXZFd3NhVEJSaGJucHozdisydFppYTdPa1czUnN3QUxyWFZaQVBwWE9PNHV4RE91cE44aGZyT3VrL2RNQUo1KzRsTWpGNTFLb0NVVW5WUXBkVXB4QjBUeDBjNVhaWFljeGlVb3JQVnFJMXNaaEp2Rml3V1R2NElsNVVvN3hOVGNxaXRldkZGVWI1ajZDRFRGZGFXSEZWeEM5R1BvK0VhNDdHZjhzOTBmWTNsclp5R056TEQ1bnVyaVhqWUhiQU1IQkU0NnZwQ3pqYzJBRDMrSHR4UFNSSGlBM0Roaml0QXZBZz18&cppv=2
access-control-allow-origin: https://img.scupio.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 409527
content-length: 0
expires: 0

GET
H/1.1 200
OK idSync
sync.aralego.com/ Frame 0B7F 35 B
266 B 315ms
106ms Image
image/gif 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idSync
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Rockville, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.scupio.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:59 GMT
connection: close
content-length: 35
content-type: image/gif

GET
H3 200 cm
c.holmesmind.com/ Frame 0B7F 0
13 B 136ms
136ms Image
text/html 35.201.76.93
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.scupio.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:59 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 74AC 0
10 B 19ms
18ms Image
text/plain 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?2wUnbA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:59 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C633 0
10 B 19ms
19ms Image
text/plain 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?m90rGg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 14 Oct 2022 13:25:59 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 31ms
30ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 14 Oct 2022 13:25:59 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 301516
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 546C 0
0 56ms
55ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022101301&jk=712957418404835&bg=!7O-l76vNAAYeOJy_Pjg7ACkAdvg8Wnr4DaU6wlMKrAaMG3NMNNDMwzX0PNf5thN3cN--I_46wfxxKQIAAABzUgAAAAhoAQcKAIJJ2-W5tvstPvnS1VVRFA1pgKVVas5IxKwZTp_rnm9lXJnacpOIESdXSEntfpnwlMj-ZLGc1DXBCiNn0TYAgmuyd47Eq8zERHR2poJykjawOO60XpdvmUXpTsiAD0MBDwaoTbUH1gro7bVbpNMeH_bS8hCgY-BFr6DVD2NSPkxjVPvpmQL08oG7lGf-JdcjbkRYtKttbnutUGvHY0n62bpW9DpO3EtDYXnIT3qGskPyLFUTpowAwYo0eDs9sXk-Pzn86u69zh9BCazY1qr9VF75modz_CFB5-71F1QFwJB26EO4SdA1mM2MKpRhD75-oUPkMGsVGEW5CQmTgfJ1r7wIF1ZVyd1Iyb92122EoZTbYCwpL0FlACkGcGeY1pke-cr8fkOlLQ9I3gOg-PNkpB_IETsktKWv9UaSJPXRO0mdx04WYp1pOwzYI_tIX2SdH5-XTa33IdoZk3lstDoug0JSRPuET38-G-jwmyvGWVGkq5Y92bhhhyhFWXBuSHYzfYCKvI5AFh7ofcZiV2LAipJ2RdcBMeKWBjxyaSF25LNSXwa-RE0JrSm-n99P1qa4OFAqfsnEdhdWQQ1WQarI0nn9LK2hleq9QlLdLn6Dna1-kEXFevzuPJaLoq1jQX1QBvNDQsta8cXNXWL-Qb73qajOs-Q3sMXGAzyDKZQyfMacJtZKL5tCsqfCG8kr53e3QoGrN6wQIKNAtiNffLeiL-w44Y94y8osg2_p8ariPhm7_SExizIpaqc2bBbef331CyA2E-j2-Xb2Z3T7S5H6OLqUcQteP0DPLR02En7V2N9JgxVap3GmXlMRGM7ASfkZZsWbe6tRvKMcPwABYaNQTXTRjHg1OldUgAb8EyfFJptJXEY6RrYk6T1eseDtSLeqOVsOmRcQ6jxFWZLpqCzrnrNeiGX6fBJI5KndKxxdULppCSmOT954s4QQpqvKxMRL7ZDf4pHjZ7LB8L9Zxl3J96OCoeV5j_nQj1FijTuzbOJOPbSH0urVZmUMkPkCAiH3y32x6tMge1iYKyQm2V5sufUQ3CiNpFD3SC05yCQqLG1-CswRo8WfEA9fnSs_8x5ndOmifHBfEzfWv3M095rJWnldw8wrf7fTTTGGZShvJgDJRPDWTdyrVKQ3bLJptq3iN0PxwOw_fTDNohTXd0Mh88eOgOIgcur-ZWXc
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 617D 0
0 56ms
55ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022101101&jk=3040222618160812&bg=!iIuli8_NAAYeOJy_Pjg7ACkAdvg8WuoG6LW00Or9UgbsGADsXhALjcsz6yfRhhsbYNUO2rs1rzFtxAIAAABuUgAAAAhoAQcKAAkuVLUYr18nhymZAvR28hOunl8iJPbDW4LHcnT9aZ8KR_xeJX0LGA9jh-O2D2umVkbLP1wM6IjJyXfZfar-xlDDjvDNaWy1aAm5q60hapML3f_c6UhcTORyvhyyHJQAVNeShq1y7kDHrYkDr0H4ADxzJ9hFmivjPl7nNGKrEq7QKl-FCgSRRRVo2jm8jlilooyGl5dFngKnm8RwD5oe6z6aQee_my1SXUrqeKhnAsC2n9QlTVmBfNHoaDOqAtQ8Motp35ZE7LoaAq4GJgCMt0kbAOxj5KNV3z2smxXpegeJVwvACEfSEnjKUCiO7Zwl6A2GQuavyOI2Q-AlWbEwOY6m547-kvhPvQceLkk0eZf5xiHcbB9F09Fvajfk3IHDSK4MCK-Xm3KUlA0A6GpozpMfjgVqokMZUa5xzV4jEGe8aTcvIK1GI4EXikdyxv8-866Ydh-zGKysfk6uDvpXvNY8nxDdh-RG25p5viPpJxsbi2I3fwvMqNQrysKbpdbOGCp5U0eO9Ah8KTuHthT_OGT2bKl5IHJW_egPIhAB8ZAnNIFah0RJjYc6VftzOCpLEqIeOOMgHpsheOSniN44iRgeDlZ-c7789SWymagGY6nDSUfhmqsTyjVlPVbM-QzHXoMl8a9KuBm9PBfFVobJzReDGInWMN6pj2GMhkmNSSdbbbw8Vo1nJETQ72_E9TGETueqWaQlY7Lj-IWLiwYydfsd3dWSFHNG4tc_OYAz9cUd_OAANJ2m2LL0ys0e4JPPOvI6f0u_VhZKnFLYOyonEJJZW319kqpknu6dgi3KShd38QdR44HRM_UJqLNNKclV3-ImpG_kE0nq2LbuVFcLLY0TlYr0m61PimLDkA09l0_yi4ll-O1WuSMO5uzahEYo4KW2sg9blJGWBH-pWoofxBuoWSpB7Cf3KJ1hAiMrvxMYYNYBEia_CDU5pqoxshzb5PNBznqYv4C6kc3cWBWAc7Xa4Pu8e8pUQuO28YlCWP-KuzfJlK7Q-LF5Mifq4oBDMiE
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.facebook.com
URL: https://www.facebook.com/platform/plugin/tab/renderer/?key=timeline&config_json=%7B%22app_id%22%3A%22776730922422337%22%2C%22href%22%3A%22https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F%22%2C%22width%22%3A340%2C%22height%22%3A500%2C%22has_cta%22%3Atrue%2C%22has_small_header%22%3Afalse%2C%22has_adapt_container_width%22%3Atrue%2C%22has_cover%22%3Atrue%2C%22has_posts%22%3Afalse%2C%22tabs%22%3A%22timeline%22%2C%22can_personalize%22%3Afalse%2C%22is_xfbml%22%3Afalse%2C%22referer_uri%22%3A%22https%3A%2F%2Freurl.cc%2F%22%7D&fb_dtsg_ag&__user=0&__a=1&__dyn=7xeUmxa13xu1syUbAihwRwqo98nwgU5Gex-ewSwMwNw8OdwJwvE3vx61cw9y0Ko2_CwjE3awbG782Cwooa85ufw5ZKdwnU14E9kbxS0oG3S0H8-7E2swdq1iwmE2ewnE2Lx-0iS1AyES0gq0Lo4K2e1FwbO&__csr=&__req=2&__hs=19279.BP%3Aplugin_default_pkg.2.0.0.0.0&dpr=1&__ccg=EXCELLENT&__rev=1006391262&__s=%3A%3Ayuy5h9&__hsi=7154358756411629023&__comet_req=0&__sp=1

Domain: www.facebook.com
URL: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FCreditCards.com.tw%252F%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

30 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.reurl.cc/	1970-01-20 16:18:33	Name: _ga Value: GA1.2.1639071381.1665753954
.reurl.cc/	1970-01-20 06:44:00	Name: _gid Value: GA1.2.180409045.1665753954
.reurl.cc/	1970-01-20 06:42:34	Name: _gat Value: 1
.reurl.cc/	1970-01-20 08:52:09	Name: _fbp Value: fb.1.1665753954231.1076959687
reurl.cc/	1970-01-20 07:25:45	Name: CFFPCKUUID Value: 2947-EryvUQXQT8deUslXm2d9wazBXT7vcMIf
.reurl.cc/	1970-01-20 07:25:45	Name: CFFPCKUUIDMAIN Value: 7193-QV3R0XgoyAyZJrPlKl5h506D7DaARwJO
.holmesmind.com/	1970-01-20 16:18:33	Name: P Value: 948814-C76ZXxTOtAM1A9fCVMI5bdAOFC2PypPB
.holmesmind.com/	1970-01-20 07:03:41	Name: Vision Value: 20221014-23:59,20221015-00,20221015-00,20221014-23:59
.holmesmind.com/	1970-01-20 07:03:41	Name: C Value: null
.holmesmind.com/	1970-01-20 09:07:31	Name: RK Value: null
.prnasia.com/	1970-01-20 06:42:35	Name: __cf_bm Value: tf2U96YXxV3UnVqdVviAQqlotmhx55Lwo6UZpmBp1P4-1665753955-0-Adm9STZnnegzMSqcdI3b7K0rGf/Le+sa9dwsbL+36aQ0aNXx9gNs2uHvHphIDL0X383UgPk3m+1F0S0XAAkQoYg=
.criteo.com/	1970-01-20 16:04:09	Name: uid Value: 2108a7be-51f1-4265-bfd5-e9e799392d7d
.holmesmind.com/	1970-01-20 06:44:00	Name: fcm Value: 1
.doubleclick.net/	1970-01-20 16:04:09	Name: IDE Value: AHWqTUnLkx5smGQEZa9KUolmr5w4VVi8Tkb896fZLJpUurBsXdYuLOH1ZxYksx_wMLI
.reurl.cc/	1970-01-20 06:44:00	Name: _ht_a546ca Value: 1
.reurl.cc/	1970-01-20 06:44:00	Name: _ht_50ef57 Value: 1
.hinet.net/	1970-01-20 16:18:33	Name: uuid Value: dd7d4f91-2e87-44b1-a56e-241cb5bc5343
.reurl.cc/	1970-01-20 06:42:37	Name: _ht_em Value: 1
.reurl.cc/	1970-01-20 06:44:00	Name: _ht_hi Value: 1
.scupio.com/	1970-01-20 06:52:38	Name: fxc Value: 1
.reurl.cc/	1970-01-20 15:28:09	Name: __htid Value: dd7d4f91-2e87-44b1-a56e-241cb5bc5343
.scupio.com/	1970-01-20 15:28:09	Name: gx Value: H4sIAOXTSWMA%2fxNmYGDg4uZ4cXFn%2f9Y%2f06wFWIVYOOwFmADFt1HZFwAAAA%3d%3d
.holmesmind.com/	1970-01-20 07:03:41	Name: R Value: null
.holmesmind.com/	1970-01-20 09:07:31	Name: G Value: we3u7ZGJymKY5J47cKd8kQ==
.holmesmind.com/	1970-01-20 16:18:33	Name: d Value: /jHzqDFxfoBZ4WTyQK3MPaD5j7NQOgUkv1Txfycvr2ReudB2dm6t0KDrpHJuqax6WjAFQ16PJy71RxDiXPBzgA==
.aralego.com/	1970-01-20 15:28:09	Name: gdpr Value: 1
.aralego.com/	1970-01-20 15:28:09	Name: sspid Value: 14891fec-26fc-3b95-beb5-6195d1143083
.aralego.com/	1970-01-20 15:28:09	Name: euconsent-v2 Value:
.scupio.com/	1970-01-20 06:52:38	Name: gxc Value: 1
.scupio.com/	1970-01-20 15:28:09	Name: OrgKeyValue Value: CSA20221014212557260256

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

247b4a89a0cf587a097b111c7d55eb0e.safeframe.googlesyndication.com
49e3a326-56ea-4719-b8f9-28877c3e4c8e.t.ssp.hinet.net
ad.holmesmind.com
ad.sitemaji.com
ad2.apx.appier.net
adcdn.holmesmind.com
ads.aralego.com
ads.yap.yahoo.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
bidder.criteo.com
blog.alphaloan.co
bw.scupio.com
c.holmesmind.com
cdn.aralego.net
cdn.holmesmind.com
cdn.jsdelivr.net
cm.g.doubleclick.net
connect.facebook.net
creditcards.com.tw
dd7d4f91-2e87-44b1-a56e-241cb5bc5343.t.ssp.hinet.net
eus.rubiconproject.com
fcm.holmesmind.com
ff09e735f99011fb9484302dbfe4b294.safeframe.googlesyndication.com
fp.holmesmind.com
geo.yahoo.com
gocm.c.appier.net
gum.criteo.com
hb.aralego.com
i0.wp.com
img.gbyhn.com.tw
img.racingcharger.tw
img.scupio.com
m.holmesmind.com
mma.prnasia.com
mug.criteo.com
pagead2.googlesyndication.com
pixel-apac.rubiconproject.com
prebid-asia.creativecdn.com
prebid.scupio.com
rec.scupio.com
reurl.cc
s.yimg.com
scontent.xx.fbcdn.net
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
static.criteo.net
static.wixstatic.com
static.xx.fbcdn.net
stats.g.doubleclick.net
storage.re-news.tw
sync.aralego.com
t.ssp.hinet.net
token.rubiconproject.com
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.rayskyinvest.com
www.facebook.com
103.132.192.30
13.32.110.16
142.250.184.226
142.250.186.130
162.210.196.208
172.104.121.22
178.250.0.157
178.250.0.165
192.0.77.2
192.0.78.236
192.0.78.244
192.96.200.41
203.75.214.136
210.59.219.175
210.59.219.180
210.59.219.181
212.82.100.146
23.203.77.3
23.205.235.133
2600:9000:2057:8800:3:1794:2540:93a1
2600:9000:206f:8e00:0:e06c:e940:93a1
2606:4700:20::681a:467
2606:4700::6810:5914
2606:4700::6810:fc04
2a00:1288:110:c204::b000
2a00:1288:80:807::1
2a00:1450:4001:800::2001
2a00:1450:4001:801::2002
2a00:1450:4001:80b::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:812::2004
2a00:1450:4001:827::2002
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::200a
2a00:1450:400c:c0c::9d
2a02:2638::1c
2a02:2638::3
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a06:98c1:3120::3
2a06:98c1:3121::3
34.102.176.152
34.117.219.39
34.95.67.231
34.96.119.68
35.185.130.121
35.186.215.140
35.201.76.93
35.227.249.156
35.242.224.42
35.244.196.223
52.198.19.32
69.173.144.165
69.173.158.64
01f7ed0e62ed4d71f152bace95f4fc8b51013053b6dfdcf83097d0fb5fe044f4
05d7b718b14633236a482ade1982ae74c25d2cfe73a43ca3e39840f6f093d71d
064b872dc62ac586dbb1c7c9c9d01b292df105e4d2f6ae624808f15eb300a140
07c45a609a459f5b5c1f27957d07dfbe043f5da3aad484fe991083cfe7c41f0b
0adb253f1936a498f71414d7807eb2feb8fc7269a8eda6146ef73627aa0ea898
0b7c985fafda17e8085fb6ba1cc58444ae9aad39a3f721a627db9e64d4491cea
0f1a89ef64a5d0ffe85da9182cf068683678f5a37aebf6fad9a638ec73a98d50
116c47f47c23ab25ee2a2d95f8f03b295de00fd4b2d1d88164474e7a63733b0b
119e37f6f9552a67b6f761070add78e7f93db654027478a7c51e9e34f955b841
1219d714e27f186eb7bbf428f0553a2a5a32fd30e6321b10af81582c66fa173d
13d69b634ceeee6647713a2568ba53d7f956abaf734f3cfad0ad1e35d1e988c5
16089cad50034af52ebca1e2e7c310f76b4b6f625b89ad07d5b59ff377f332b0
16cf673198b29bb08e83f5d8f74182d97d9c6dfa729c60f90f6195e739de9d20
1898f9dc0d1a98c1664c9cb907d413db6308947cd1a90fc30522121407296af0
19ae2c9a18d128b94b61e26921bbf6a7b188a2c3c3bd9b8db30eb397f197528a
1af2148d7bd5e2a0c9ddc1c5b9ff072996852f4f11ebc19695ba4ee08ddb9c4a
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1d6490f44a2180305b547c102812f520f01fb334f167db4091c1816b66166b9e
1e3d72c653891925bf5809aa7714d93d01ad695d42962f467af70d90e2338534
20148056bcdde5d98665843a4c47b0d6cf3403f043265030acc58bc36d8e1b98
204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce
211d6dc20d58202a8270f43f611dcbb34b14f7dd96cd8f2a8cdb6b85c28cf3e1
22d4fe7a41e1b5ac442faeccace387a6e59c4f056bc35b71f1b65cf42e7a6721
23b56d8e72e99dcdb222d8a27949b10a2c4c9cefdfd6eed21373f10b62599183
27ddc909a924fa13e1c92c061f1efc24eb5851a8679a49b6d1cbf5b52a30bb1b
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c
28bf646c6e799ca96adb3a5b48fe882639d31e27102cad9ed2979555da55944a
2a3d13042506b014659c201105249b75f7101f0c3175eea254b8f33bb5ea7bd8
2be2e25d143f6cc1a0c8ce24e587d41e6c9dc471bc529df34cf7f15a365faec4
2c5c8e621675cc15aacc7e1840199ce84bd380905aea2855e588c3f4909977cf
3050a5556edc5876cd83e63f15e56fe19cb428129345a58d1f57687414504698
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6
3767d3fcc403ab0f4d4fffbe0ab115077b2416dc640c25e6e4751550a9dae2df
3b68ec3a198c29960b8ca0e6e88b60b98ea27741f1858b0f9a55076fa14e1719
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4083c413a545b161f44afea82b2273e4ea87086049c6fe33fea6e0e53cb1d782
41b2c8c215be5020e756d8dde6c738ba98ca3a167266a4f708fbb02299771d69
42773f46a67bdf5fe56d587858f6de72a15b737cc3e886650a84d52ad03206a0
45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb
4636fb9df5ae103fbad3764c9f98400be1c9384cbe77fdb6951b96adcac788b1
489fd078e6787479e881dd925710764aa78451220d7dd096d3f6071252d4256b
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
495eec93b637fe3aa868998c1b0969fe95abaf838e55ded068b407cc898cdbfc
49712020cdf04c0161b3c7d60d9fa6c073388f2ef009bbad6c5edcf123fa707a
4ce81ecccefb27ce0f347ef564114da2ba450a9e1d9a7260b4597e62b1f71a72
4cefb409224d3dd42c55fb05c4e5689a70b00ad5bc88a6935240e0c99cb424a6
4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
506d315d02544f0d8269f294f2da7d047af707dcd41db86012ca90dc1b4f78c2
52bb2d07b65ec544edeb2a33f4103397a28f036f0d100090f3e17e4364aea1fb
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55cea37ba4b4a7545b294b34cfc82339b661f891fcd64c246e3342ad0f7a57c1
55e8c619d20bc3f1a22efd0fec83dba0d8bd9e898f0d5847eaff094f0887fad3
571da35bdddda7ec4fccd594181c04e2c5db4285be67907abea45daad789ebf7
57bc1d7bd7bc75c12c5fe637558a2466ea3a65a141ac5ee863644514730cf9cf
5c1285a4ac2eadeaeb1861f7863adb0a97a0a601308d4247e7e81fd79fc611e8
5c4e555f2cdb1d2c4bc4bd48cf25afb9944c1faed58be0725a8222e9fe2dd67e
60358587de5fb1bd7a36b3ac882aca4e84279ce113f7764a31f097cda568bdbc
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
60bb1fd59bfdbf7d629a861cecc3e452939c05ff4aa2331beacb7aedf3cb951a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
644b9d0302a6693369bc66e0b706d4908d326cacf62b00ad5e6a80a05e66caf9
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6787964c8351ae79de972d6416a4fd1979176942cfaff0db7077355fbcb33f79
689061066181e2f80c455652eb892d5f2753f4efe880ac9b8924e305f1952f4c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6bfa33ab7de129bdad9632dde00dbfb4d23274851974e04750521a148071a475
7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba
749079c4e18ad34ac381e98d3fa23e070937ae17b73e27bb066eae5350ed667d
7684143ee568b9ce13d69133030aa4077efd37eb289bac09d70ba9364f2ae93e
78d3ab7a65e3efd63a917084af3b2b48bc1c8060c11c3114348eae55b7d2f5d5
8274947f071c5bd9734c5e970df088e184c8f463ca9b72688b43eaeab2d635fe
8290d97b04510b940ddca9f2aea802eaafb36fc7a8f52e4466ed2b77db35c632
82c5cd73777ea3f737f7e91bd26ea61443a006401b575854d1e282b6d89dcc50
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83a37c9bbe8dae0a71e95a0e6401bd5d9576a2b0e35295e640c2d807f9b4424e
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834
8f85e51a2f3c094fe6816857f185ca3f81647b4a74c6b06dd0df82e1d7455771
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
90fc0d4d2666d3f5b0ce950a759f03f7755f52012ba11c5d68bad84ab0ea9a3d
9106df425157d837db9798b2b26f25f27f9a4e803f2fb0b2851c88492bec14fd
92a8294614a638705fea24302edd9455d684973044409f7dfa6d92709d82d856
951a6e72862f867fa7797460aac3c1e0d3b4d6993a86fbe78ca1a02a9ec688e0
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
97a8ac3778e546a6f181085011be6050889e44dd212ac3e9782389f0b853c23d
9acfed27c48bed8ca914e0e37f67b2f1da363144e2929ef83279a704e3c94414
9cbcbc603a78025bcfe3e5c97f97cdc6d30d7db64df510f9ecae5b954cbbb843
9d40170d7d8a358119bd1d17ac95e9f1832114b4123629090737e9e02d323429
a19902458ab4a5513642a87b381b9183a2fc725849b581fd953e22d824d1c5a7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5fc80af241aec02acf796b66c39027b469e8b54fd30519bb773908d3cd1f600
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7cac69ff4c7b905552b1915305ba548a87acdf6205efe6e5bd1eef0d4700793
a92379341fb4f1f929f52906cbed5f35bc474ad6e0dce7713768bc8d8c156af6
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b089858662086aaf29d4f37d5cbd92faf267e7f9db55d13df5ec21229d2eb1b0
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1cbb0a3fc338c889779e2fb023e61a1e039d238f5e42b3920413c83a0e3b71a
b234c6bfe9d63a346aed4bfbd378b08da6b116177443a3f1d9a9392c80451c21
b254af137ed556d3e226464d6ace4dc0ac788eed228329f66ecc526d48f4451b
b3105908d85e5136b409669ee0615fcd3b289a8cef67dc3e2fd77fe7481775e2
b34be52ea1e2b9c2a876b0cead7b97d468424a0788dc9257605c4264ae0bf5aa
b34e990bcdb512549b66a8703674635168434d960dd725e90285889f1336759e
b39c934479cfe0991a6eea4f9a0597eebea9da311d8ca1aebffd48fef946b5b7
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b45f33e0ab42211e55e81ccddec427f0fb794b9e4e4df5e85f01514e23645714
b73e6cb22f3ae22bcbe36217e226c082f813a2a8a7961644093d849bcbd30294
b81cc6d28cbf3df9c6127a05a865bef0842d917507cce946712974e748110957
b875479d3102caea2e5486a5f53d3d6c465e097589f81c0cd19e14c4d6c9962c
b89712ce908492f885d992e366c8c6e35226ba731849c31526bb6450cbabaf70
b9f2503399472bac7925ee09d716a23a824634bab7ed8b0c091dc5946c71176c
bb6be28a46880e4ce37ef1ab3cb4989172903dbff0c9fd20f9097f352476a880
c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b
cc37fba2e98f49c4d9551f72176d3aff72eacd798e5e85436837847e6b967c36
ce1e17725c0565bbdb0d7342bd669fea135d89a610c5f1c9ae7d0eed5e118267
d295ad9799d17401cc653b47a5c27bd046fe89512861221f1bc6b6738d31a060
d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc
d636da1b7179999d5693d06c19c98ddca6d29440ce33ce5b5d95894cd964a764
d7994b4c7055c1dbba3b5b88309fcd1327a08f3412ff73d5633cb3b842a156f6
d7fc505653c3573f9bccca93a33e2ed14bd8b4586bdeca9180225dab01f1bbbe
dafd0e1a677a84abf3626d7123b1bcdf332d233f8be42b22577ac2383b095d4b
ddd9d29beabaeecc9c76408242dfc2b76305ec52511992d3cfbc81a500ee0670
de4074357122f6dcee51fb5b3b39d3ad99a460316bd2f9f0a477faf0c1bc3135
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40454facd032aa173960f7cdaa006390b705ac2bd0e3f3b3fea207d5e82de4e
e7089d14066d9c1d86d709d695815d1c2c31be3ecc0618419ba2ac78a5bdc878
e78318eb187448f7648760643d7f71d232fe6976d5e67d2b00d14781373fb039
ebfe637d0f6358ff6dc963745397901dd6a738cf07b7234b5004777fadd58f64
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032
f670c1ad9fafff4387b4474fda0e68b090c975ddc416cf9f2aa64f50e1a4077c
f6f4ef93cea14fffb727a602b9fffc2f4be872f95ba4addc2ad1bd06b4fe4f03
f7a8e9ba173126956cea416f7d8039002d47e39abd29f782ac164884ed216c5e
fa8ffe2bdccaf5c1dbde556ca9f6bbc2ec06d87b6e2ea127069ee7d305fced0a
fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818
fd70d83d9ec79862ef95ad384283c5a856bc0c282724291e7f46541f4a523381

reurl.cc Open in urlscan Pro 35.185.130.121 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

306 Requests

93 %HTTPS

42 %IPv6

33 Domains

61 Subdomains

53 IPs

9 Countries

4887 kBTransfer

8685 kBSize

30 Cookies

20 Outgoing links

Page URL History

Redirected requests

306 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

reurl.cc Open in urlscan Pro
35.185.130.121 Public Scan

Screenshot
Live screenshot

Full Image

306
Requests

93 %
HTTPS

42 %
IPv6

33
Domains

61
Subdomains

53
IPs

9
Countries

4887 kB
Transfer

8685 kB
Size

30
Cookies

306 HTTP transactions
2 data transactions