Report - reurl.cc/gvjOLp

Report Overview

Submitted URL
reurl.cc/gvjOLp
IP
35.185.130.121
ASN
#15169 GOOGLE
Submitted
2022-12-09 02:37:14
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
img.scupio.com	59744	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.5 kB	146 kB	143.204.55.37
blog.alphaloan.co	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	651 B	127 kB	192.0.78.236
googleads.g.doubleclick.net	42	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	25 kB	142.250.74.162
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	350 B	1.0 kB	143.204.42.156
fcm.holmesmind.com	119257	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	475 B	561 B	34.95.67.231
reurl.cc	115186	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	1.7 MB	35.185.130.121
ajax.googleapis.com	12905	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	391 B	35 kB	216.58.211.10
www.rayskyinvest.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	540 B	63 kB	35.197.227.153
t.ssp.hinet.net	79300	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.7 kB	87 kB	203.75.214.136
pagead2.googlesyndication.com	101	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	376 B	35 kB	172.217.21.162
eus.rubiconproject.com	556	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	928 B	11 kB	104.88.9.101
wp.re-news.tw	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	398 B	685 kB	35.185.136.122
adservice.google.no	96969	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	383 B	1.1 kB	142.250.74.162
cdn.jsdelivr.net	439	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	780 B	56 kB	151.101.193.229
prebid-asia.creativecdn.com	14308	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	1.2 kB	103.132.192.30
creditcards.com.tw	133234	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	505 B	49 kB	192.0.78.135
ag.gbc.criteo.com	5925	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	2.3 kB	185.235.84.165
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	6.5 kB	13 kB	142.250.74.131
external-lcy1-1.xx.fbcdn.net	24148	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.5 kB	56 kB	157.240.240.1
6bb7d3cf-e931-4d7d-a9c9-0234a48f315e.t.ssp.hinet.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	338 B	203.75.214.136
gum.criteo.com	381	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.5 kB	88 kB	178.250.2.146
tpc.googlesyndication.com	126	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	860 B	18 kB	216.58.207.193
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
static.xx.fbcdn.net	661	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	9.5 kB	404 kB	157.240.221.16
prebid.scupio.com	58537	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	1.4 kB	210.59.219.181
video-lcy1-1.xx.fbcdn.net	20274	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.1 kB	71 kB	157.240.240.2
match.adsrvr.org	349	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	436 B	352 B	35.71.131.137
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.4 kB	14 kB	23.33.119.27
i0.wp.com	3021	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	506 B	211 kB	192.0.77.2
e1.o.lencr.org	6159	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	676 B	1.5 kB	95.101.11.115
sync.extend.tv	1647	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	400 B	668 B	18.210.31.97
www.paypalobjects.com	1467	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	397 B	2.2 kB	151.101.66.133
adcdn.holmesmind.com	122953	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	23 kB	143.204.55.65
dmp.brand-display.com	1834	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	399 B	711 B	34.111.151.213
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	2.9 kB	104.18.32.68
scontent-lcy1-1.xx.fbcdn.net	13813	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.9 kB	45 kB	157.240.240.1
p4-f2hyhjpf3kzqu-ewnn6utaftsrgvu5-if-v6exp3-v4.metric.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	543 B	1.3 kB	142.250.74.131
connect.facebook.net	139	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	366 B	29 kB	157.240.221.16
ad2.apx.appier.net	33126	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	1.2 kB	34.96.119.68
rbp.mxptint.net	5545	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	386 B	911 B	4.78.226.234
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	54.148.77.40
ocsp.godaddy.com	698	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	680 B	4.6 kB	192.124.249.36
pixel.rubiconproject.com	314	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	711 B	213.19.162.80
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	42 kB	34.120.237.76
ad.holmesmind.com	82642	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.8 kB	66 kB	35.75.34.66
ocsp.publicca.hinet.net	350440	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	7.6 kB	210.71.154.18
sync.aralego.com	1930	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	1.1 kB	192.96.203.13
adservice.google.com	76	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	384 B	779 B	216.58.207.194
cdn.holmesmind.com	127584	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	6.9 kB	161 kB	54.230.111.38
c.holmesmind.com	92436	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	818 B	9.0 kB	35.201.76.93
prebid.cht.hinet.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	2.2 kB	203.75.213.62
cm.g.doubleclick.net	202	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	465 B	1.4 kB	216.58.207.226
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	441 B	539 B	142.250.74.164
gem.gbc.criteo.com	6039	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	10 kB	185.235.84.148
ocsp.globalsign.com	2075	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	729 B	3.9 kB	151.101.66.133
hb.aralego.com	14412	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	348 B	162.210.196.208
gocm.c.appier.net	2213	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.9 kB	2.2 kB	139.162.40.113
region1.google-analytics.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	697 B	555 B	216.239.34.36
secure-assets.rubiconproject.com	1057	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	538 B	284 B	104.85.187.217
static.criteo.net	652	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	1.8 kB	178.250.2.130
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.8 kB	12 kB	93.184.220.29
ad.sitemaji.com	72379	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	356 B	6.3 kB	35.186.215.140
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	376 B	80 kB	142.250.74.168
dnacdn.net	3760	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	3.6 kB	178.250.2.146
sync-tm.everesttech.net	552	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	1.2 kB	151.101.66.49
rec.scupio.com	99638	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	780 B	414 B	210.59.219.175
bw.scupio.com	111454	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.0 kB	7.6 kB	210.59.219.180
token.rubiconproject.com	671	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	402 B	212 B	213.19.162.80
status.geotrust.com	3662	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	343 B	797 B	93.184.220.29
pixel-apac.rubiconproject.com	26759	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	427 B	237 B	69.173.158.64
img.gbyhn.com.tw	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	429 B	467 kB	188.114.97.1
bidder.criteo.com	750	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.8 kB	3.3 kB	178.250.2.131
img.racingcharger.tw	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	410 B	159 kB	188.114.96.1

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2022-12-08	medium	reurl.cc/gvjOLp	PayPal Inc.

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (266)

	URL	Size	First Seen	Last Seen
	cdn.holmesmind.com/js/appier_mainV3.js	6.7 kB	2023-03-08	2023-03-12
Pretty URL cdn.holmesmind.com/js/appier_mainV3.js IP 54.230.111.38 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:12:57 Last Seen2023-03-12 08:11:36 Times Seen1 Hash dfd6bf39aeff48b2d3414a18a5a4d36e 1507814cdb7f990254873371a6fe7d3734c00d03 7d1b32ac68941e60bacfe0ab1c5eab749868a0278495eaf50a17da2c95b8f3e1 Loading...

	www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df29eb31f6882fe8%26domain%3Dimg.scupio.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fimg.scupio.com%252Ff2997bf21fe1454%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2F100076309821482%2Fvideos%2F3313141875600806&locale=en_US&sdk=joey&show_text=false&width=280	74 kB	2023-03-08	2023-03-08
Pretty URL www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df29eb31f6882fe8%26domain%3Dimg.scupio.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fimg.scupio.com%252Ff2997bf21fe1454%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2F100076309821482%2Fvideos%2F3313141875600806&locale=en_US&sdk=joey&show_text=false&width=280 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:12:57 Last Seen2023-03-08 23:12:57 Times Seen1 Hash 44d113c3165e0fd136635cbce938587f b1a8588850547bf2af976c2033e75797a4c2c4cb ec5bd72559c0f150876d5ebc6980940b1ba3bfa72f12eb7e160257b0f672e62d Loading...

	gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc#%7B%22uid%22:%7B%22origin%22:0%7D,%22lwid%22:%7B%22origin%22:0%7D,%22bundle%22:%7B%22origin%22:0%7D,%22optout%22:%7B%22value%22:false,%22origin%22:0%7D,%22sid%22:%7B%22origin%22:0%7D,%22ifa%22:%7B%22origin%22:0%7D,%22tld%22:%22img.scupio.com%22,%22topUrl%22:%22reurl.cc%22,%22version%22:117,%22cw%22:false,%22lsw%22:false,%22origin%22:%22publishertag%22%7D	14 kB	2023-03-07	2023-05-06
Pretty URL gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc#%7B%22uid%22:%7B%22origin%22:0%7D,%22lwid%22:%7B%22origin%22:0%7D,%22bundle%22:%7B%22origin%22:0%7D,%22optout%22:%7B%22value%22:false,%22origin%22:0%7D,%22sid%22:%7B%22origin%22:0%7D,%22ifa%22:%7B%22origin%22:0%7D,%22tld%22:%22img.scupio.com%22,%22topUrl%22:%22reurl.cc%22,%22version%22:117,%22cw%22:false,%22lsw%22:false,%22origin%22:%22publishertag%22%7D IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:51:36 Last Seen2023-05-06 00:14:31 Times Seen2035 Hash 49e65b540d43d40997ce3844d41b2dd0 b7331c5edc086ee2c7731b1b36e937e7c44450a7 f185c1b78d87a007d9492a85c6ce64c06cc851ef9f13ca3caf8aaafe243b0ac2 Loading...

	reurl.cc/gvjOLp	296 B	2023-03-08	2023-03-08
Pretty URL reurl.cc/gvjOLp IP 35.185.130.121 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:12:57 Last Seen2023-03-08 23:12:57 Times Seen1 Hash a4bfb188825047c4e3c17b9c3c36ae26 8b8c479001bd354932b9289552ddad15bb85987a 46c0914265a19b433ac40a5f9922a36f6d0de510a5289be84ac3817a1b348218 Loading...

	www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId	10 B	2023-03-07	2024-04-25
Pretty URL www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:18 Last Seen2024-04-25 10:47:21 Times Seen14099 Hash 91b3d54bc665b27a303ea5103da4f0b5 1ea644a3b2b1e427686c79e379e4074d576e732a 8c946addeada771d3dc6866cc23be2d1ef3f84b0ae6a98989cbf25b1a9249a61 Loading...

	static.xx.fbcdn.net/rsrc.php/v3iLl54/yh/l/en_US/m3C9wUm7Rze.js?_nc_x=Ij3Wp8lg5Kz	30 kB	2023-03-08	2023-03-11
Pretty URL static.xx.fbcdn.net/rsrc.php/v3iLl54/yh/l/en_US/m3C9wUm7Rze.js?_nc_x=Ij3Wp8lg5Kz IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:29:30 Last Seen2023-03-11 23:50:47 Times Seen1 Hash d3d73df59a6e5b752c5e1d3b34cb4b4c c9da7b5e313b00f59f9db7d323cec77d6c6145e4 f36dcf7937befedc715a161425fa4e411794a72a5153471ce72f4d0f91231cb0 Loading...

	www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId	22 kB	2023-03-08	2023-03-08
Pretty URL www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:12:57 Last Seen2023-03-08 23:12:57 Times Seen1 Hash aba8e626b1acb6c78e6d4ee1a8c72165 3c9d6405523f1c5f54c8f09f1493166c5142899d 82e3326d40d3d33a9b2ec81025647f41bf4d28981a4f148febd6b25e7ff79283 Loading...

	cdn.holmesmind.com/js/modle/v/v_sdk.js	192 B	2023-03-07	2024-01-06
Pretty URL cdn.holmesmind.com/js/modle/v/v_sdk.js IP 54.230.111.38 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:51:37 Last Seen2024-01-06 09:45:54 Times Seen13 Hash 8644272abfaa44219b2ed3d118b43dbc a4f4ac8d9323e3ddc5d4579bb08345530f63e38d 7490c495bc701b5f3c822f76f18d9f9842e4c3578b4c8e74937ce49a1ca75546 Loading...

	www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df36e593a17c85d6%26domain%3Dreurl.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Freurl.cc%252Ffbe43af709a376%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2F100076309821482%2Fvideos%2F3313141875600806&locale=en_US&sdk=joey&show_text=false&width=280	391 B	2023-03-08	2023-03-08
Pretty URL www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df36e593a17c85d6%26domain%3Dreurl.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Freurl.cc%252Ffbe43af709a376%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2F100076309821482%2Fvideos%2F3313141875600806&locale=en_US&sdk=joey&show_text=false&width=280 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:12:58 Last Seen2023-03-08 23:12:58 Times Seen1 Hash 941a0c63c083f7906360f4da1f4ec419 81e2d4ccd8777365d48412ff424760860c22abd3 464f0c6c568930c09f3c56741d64f1916ebaea5c64ba0fb782a70b80858a417a Loading...

	static.criteo.net/js/ld/publishertag.prebid.117.js	89 kB	2023-03-07	2023-04-06
Pretty URL static.criteo.net/js/ld/publishertag.prebid.117.js IP 178.250.2.130 ASN #44788 Criteo SA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:08 Last Seen2023-04-06 09:19:31 Times Seen66 Hash a6280321a833a10d634984b85cb1c573 71b656b01a6ae465c1f6285a9b90fce7d4fbb33e 90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e Loading...

	reurl.cc/javascripts/renews.js	412 B	2023-03-08	2024-01-27
Pretty URL reurl.cc/javascripts/renews.js IP 35.185.130.121 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:03:18 Last Seen2024-01-27 10:12:13 Times Seen47 Hash 170a85ab984674d611158d24fdc58a02 6e6c6c0bb4d050e30aa8761bcf9aea76b93a4208 52bb2d07b65ec544edeb2a33f4103397a28f036f0d100090f3e17e4364aea1fb Loading...

	static.xx.fbcdn.net/rsrc.php/v3/yH/r/att8vh4fKZW.js?_nc_x=Ij3Wp8lg5Kz	5.9 kB	2023-03-08	2023-03-11
Pretty URL static.xx.fbcdn.net/rsrc.php/v3/yH/r/att8vh4fKZW.js?_nc_x=Ij3Wp8lg5Kz IP 157.240.221.16 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:29:30 Last Seen2023-03-11 23:53:02 Times Seen1 Hash e2629e00ff52c9be47641a586f08f82c 08d588734a11705c824070ef8f83468aea62609e eb3c7dcaabfe03ac2d7d3c41bb630dd73587b3f119962c536377e502e47f5df4 Loading...

	cdn.holmesmind.com/js/appierV2.js	3.2 kB	2023-03-07	2023-09-17
Pretty URL cdn.holmesmind.com/js/appierV2.js IP 54.230.111.38 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07:34 Last Seen2023-09-17 05:48:50 Times Seen29 Hash 548ed610a8571343fb3022f543174735 2e9d891cd6e9345ab1b6489030b4a1ccff1c4e54 8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834 Loading...

	img.scupio.com/js/prebid.js?v=5.20.0	242 kB	2023-03-07	2023-04-10
Pretty URL img.scupio.com/js/prebid.js?v=5.20.0 IP 143.204.55.37 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07:34 Last Seen2023-04-10 05:58:40 Times Seen7 Hash d406556a45e38a3f61a7c27a4f5038b4 7d0299afb2cbb9b7af409ad92053feabff9dcf4b 97a8ac3778e546a6f181085011be6050889e44dd212ac3e9782389f0b853c23d Loading...

	bw.scupio.com/ssp/initid.aspx?mode=L&cb=0.6883085775780955	37 B	2023-03-08	2023-03-08
Pretty URL bw.scupio.com/ssp/initid.aspx?mode=L&cb=0.6883085775780955 IP 210.59.219.180 ASN #3462 Data Communication Business Group Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:12:58 Last Seen2023-03-08 23:12:58 Times Seen1 Hash 10935c5d8cfa4db28f6e140c77ca2c92 3173a9e188c825ac14c7da81e41ee546607d5800 5dc73aad3ffba269d5404933e416df61e9a43f2b3184c6bb11c0d1847c1392ef Loading...

	tpc.googlesyndication.com/sodar/sodar2/225/runner.html	13 kB	2023-03-07	2024-02-23
Pretty URL tpc.googlesyndication.com/sodar/sodar2/225/runner.html IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2024-02-23 22:40:33 Times Seen4633 Hash 04889347291e33491547245846d18c4f fa0e1917fb2630c86eab067505751a72ba001c6a f4a5d6b45c241fa0ce6ba4ae8b035ad725d67c4091ce8a99bc9c2364295b8fd8 Loading...

	cdn.holmesmind.com/js/capmapping.htm	4.4 kB	2023-03-07	2023-03-14
Pretty URL cdn.holmesmind.com/js/capmapping.htm IP 54.230.111.38 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07:35 Last Seen2023-03-14 09:43:33 Times Seen1 Hash 7814c634a85b13f27fcfe6a98338644a 84f43567fe445bf9f48340a518cedfd4881fec72 ae923c4e0f52601bcbe1af56442b985ec3bd815c3ee0787417001434759c1c47 Loading...

	www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId	391 B	2023-03-08	2023-03-08
Pretty URL www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:12:58 Last Seen2023-03-08 23:12:58 Times Seen1 Hash 199a1795b9e52b5b2e385694a99d223e c991069e7e260bd9b1f3448c9cccf2cc531d0b58 d8a9ad2d84af04f83209f1133752b3a20da4ca63fc0158ccc47456b07ef16c1d Loading...

	static.xx.fbcdn.net/rsrc.php/v3/yG/r/h8ulkmpky8f.js?_nc_x=Ij3Wp8lg5Kz	57 kB	2023-03-08	2023-08-01
Pretty URL static.xx.fbcdn.net/rsrc.php/v3/yG/r/h8ulkmpky8f.js?_nc_x=Ij3Wp8lg5Kz IP 157.240.221.16 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:29:22 Last Seen2023-08-01 21:19:53 Times Seen729 Hash 1fd850c5d8a501f4a22843d01be49560 0e2a25e815b00a4526d0304075270c18b37456f5 de22251de744ea11cc272908446d053d0a9012b7356ee1ba8b7561337d0f71fb Loading...

	ad.holmesmind.com/adserver/ads.js?z=14210&rf=https%3A%2F%2Freurl.cc%2FgvjOLp&n=177&o=1&d=1&b=3&ts=1&ii=3&FPCK=5164-YoXNeE2gwGQzQDgedRhnlkXKM1g0BRpS&initver=210830P	2.0 kB	2023-03-08	2023-03-08
Pretty URL ad.holmesmind.com/adserver/ads.js?z=14210&rf=https%3A%2F%2Freurl.cc%2FgvjOLp&n=177&o=1&d=1&b=3&ts=1&ii=3&FPCK=5164-YoXNeE2gwGQzQDgedRhnlkXKM1g0BRpS&initver=210830P IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:12:58 Last Seen2023-03-08 23:12:58 Times Seen1 Hash 51a3a5fd69fd8c7860249b0aa47808e1 e6c319add0f73791a6df9055c7f4aca44bea03a4 22b61bc43edeb3ebbdaa1b47ef882663be3022861e158b3cf5705da23e6c0e34 Loading...

	img.scupio.com/js/adsbyscupio.js?v=1.0.2	4.5 kB	2023-03-07	2023-03-26
Pretty URL img.scupio.com/js/adsbyscupio.js?v=1.0.2 IP 143.204.55.37 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07:35 Last Seen2023-03-26 09:48:42 Times Seen2 Hash 94b934991dfef764e9f88f5e55fa7d7e fd7c65fc32cd603bda6acdb8ab4914d29d8f83d5 d7fc505653c3573f9bccca93a33e2ed14bd8b4586bdeca9180225dab01f1bbbe Loading...

	cdn.holmesmind.com/js/edmp_init.js	662 B	2023-03-07	2023-12-05
Pretty URL cdn.holmesmind.com/js/edmp_init.js IP 54.230.111.38 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07:34 Last Seen2023-12-05 11:32:39 Times Seen27 Hash f58f8a90686f8ffb3325107e8a788b71 d85d37486b87503e0631ff0ee83d95316783cf09 28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c Loading...

	adcdn.holmesmind.com/adserver/Preset.js?z=14209	6.6 kB	2023-03-08	2023-03-12
Pretty URL adcdn.holmesmind.com/adserver/Preset.js?z=14209 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:48:24 Last Seen2023-03-12 12:58:43 Times Seen1 Hash 186d7ccbb1d308b59e82492c074575b1 5931c580f9fea3b61e38048f923cc2b3ee9e1b4a 26bebb3041ca9f054a20a3622385eaf9f8aa7a61b2fac7026111c9ebced41848 Loading...

	static.criteo.net/js/ld/publishertag.js	124 kB	2023-03-08	2023-11-06
Pretty URL static.criteo.net/js/ld/publishertag.js IP 178.250.2.130 ASN #44788 Criteo SA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:24:18 Last Seen2023-11-06 11:27:56 Times Seen9 Hash 2368015de456ee305017059e5da20f56 894123fc4bc72430f714b694174f8fd4ff12a052 87f31cded62015a1d11cce6be7a32b77405de2fb36f4b8a7c2c5a4ccabd6a403 Loading...

	img.scupio.com/html/ad.html?v=1.0.65	273 B	2023-03-08	2023-03-08
Pretty URL img.scupio.com/html/ad.html?v=1.0.65 IP 143.204.55.37 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:12:58 Last Seen2023-03-08 23:12:58 Times Seen1 Hash 8153bd85cdb3a6bb23b88dfdefd85187 0ae6a5b1dd9bb4ee9624b8e766d74f6e0d55090f 17900c939637fb58328c677a36c48bcaae8e1e6c93ae43c866c37aa86aca80fe Loading...

	googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F14210&adk=2180255949&adf=3653020618&pi=t.ma~as.2784%2F14210&w=300&url=https%3A%2F%2Freurl.cc%2FgvjOLp&ea=0&wgl=1&dt=1670553425898&bpp=15&bdt=M&idt=856&shv=r20221206&mjsv=m202212060101&ptt=5&saldr=sa&correlator=3804882616186&frm=23&ife=1&pv=2&ga_vid=573891734.1670553423&ga_sid=1670553427&ga_hid=567915816&ga_fc=1&nhd=2&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=484&ady=108&biw=1268&bih=939&isw=300&ish=250&ifk=1900172581&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C44777506%2C31071250&oid=2&pvsid=1104544433664311&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.e7wpsoup1w8c&fsb=1&dtd=986	3.8 kB	2023-03-08	2023-11-03
Pretty URL googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F14210&adk=2180255949&adf=3653020618&pi=t.ma~as.2784%2F14210&w=300&url=https%3A%2F%2Freurl.cc%2FgvjOLp&ea=0&wgl=1&dt=1670553425898&bpp=15&bdt=M&idt=856&shv=r20221206&mjsv=m202212060101&ptt=5&saldr=sa&correlator=3804882616186&frm=23&ife=1&pv=2&ga_vid=573891734.1670553423&ga_sid=1670553427&ga_hid=567915816&ga_fc=1&nhd=2&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=484&ady=108&biw=1268&bih=939&isw=300&ish=250&ifk=1900172581&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C44777506%2C31071250&oid=2&pvsid=1104544433664311&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.e7wpsoup1w8c&fsb=1&dtd=986 IP 142.250.74.162 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:45 Last Seen2023-11-03 08:02:11 Times Seen3 Hash 87820c822f9e9d8b14f339e30c6d4d5a b021236d93a2b6176144a3eff9ad1539ca69e136 d937b43a9ccd370d053337de2b2d65cf29effd4bf31be41e767358b76cb05101 Loading...

	static.xx.fbcdn.net/rsrc.php/v3/yW/r/vw4xTPlv-KJ.js?_nc_x=Ij3Wp8lg5Kz	28 kB	2023-03-08	2023-03-08
Pretty URL static.xx.fbcdn.net/rsrc.php/v3/yW/r/vw4xTPlv-KJ.js?_nc_x=Ij3Wp8lg5Kz IP 157.240.221.16 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:01:01 Last Seen2023-03-08 23:17:41 Times Seen1 Hash da641e4ed9dfea10828c0973041c8fd0 8f854ff8e3ffb218adc89e4fd4015a06641a16cf c88e291dcecd1cba257464f149abcfe2e0004876f2f679f5a5d66bb326ec357e Loading...

	static.xx.fbcdn.net/rsrc.php/v3ivrH4/yR/l/en_US/6izM_2jvef-.js?_nc_x=Ij3Wp8lg5Kz	342 kB	2023-03-08	2023-03-12
Pretty URL static.xx.fbcdn.net/rsrc.php/v3ivrH4/yR/l/en_US/6izM_2jvef-.js?_nc_x=Ij3Wp8lg5Kz IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:45:18 Last Seen2023-03-12 19:25:09 Times Seen1 Hash b115de076effda8748e6fa2f5ef79637 68151e543d9062c8302fa893f02089a1d3398817 9bcee7bbeaaa3e2c96dc45fb01ec7fbc7df29b3ce4392509e7abc3b4156ac428 Loading...

	static.xx.fbcdn.net/rsrc.php/v3/yf/r/bByMZq44y2U.js?_nc_x=Ij3Wp8lg5Kz	1.6 kB	2023-03-08	2023-03-09
Pretty URL static.xx.fbcdn.net/rsrc.php/v3/yf/r/bByMZq44y2U.js?_nc_x=Ij3Wp8lg5Kz IP 157.240.221.16 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 22:44:34 Last Seen2023-03-09 01:20:08 Times Seen1 Hash 8d2dcc45a353572edcc6cc48ea6662b7 6d31e62305d5a70798b3d5272a0a7aff4a11552f 19a8123c482a9d7f97a39ac9ec7cbbd53691d7baac725e4283ad4b0933e327f3 Loading...

	static.xx.fbcdn.net/rsrc.php/v3/y3/r/P5t729yxbG9.js?_nc_x=Ij3Wp8lg5Kz	354 kB	2023-03-08	2023-03-09
Pretty URL static.xx.fbcdn.net/rsrc.php/v3/y3/r/P5t729yxbG9.js?_nc_x=Ij3Wp8lg5Kz IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:01:01 Last Seen2023-03-09 03:27:47 Times Seen1 Hash 7dae22f437e5feacdbb787a0265bdc06 f6d346ee9a8f91305a95f174ccb23c9ed9d195a4 b2b66a2e112b608d2e06d244b27b9eab950cf0ff7cb00497e868a09b89889cb6 Loading...

	www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df29eb31f6882fe8%26domain%3Dimg.scupio.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fimg.scupio.com%252Ff2997bf21fe1454%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2F100076309821482%2Fvideos%2F3313141875600806&locale=en_US&sdk=joey&show_text=false&width=280	391 B	2023-03-08	2023-03-08
Pretty URL www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df29eb31f6882fe8%26domain%3Dimg.scupio.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fimg.scupio.com%252Ff2997bf21fe1454%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2F100076309821482%2Fvideos%2F3313141875600806&locale=en_US&sdk=joey&show_text=false&width=280 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:12:58 Last Seen2023-03-08 23:12:58 Times Seen1 Hash 00f4a093672ab8a866a509b3f66f4496 8168b0c440d3f5402c679b7af26fa23138867813 ab9c64767a222fd520da851895102bed85f501b5332f2cdb4f5af06a1b9aba4a Loading...

	reurl.cc/gvjOLp	192 B	2023-03-08	2024-01-08
Pretty URL reurl.cc/gvjOLp IP 35.185.130.121 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:48:24 Last Seen2024-01-08 03:34:31 Times Seen23 Hash da7d5cafa13ff3708d8743db49d420c9 39b4f5d2461215205388d91ff38e4a0f025e8048 09509d41fdb0527d1492d1c4d04c9d2dab09ab125d4234ad981d22e07cdfd6be Loading...

	eus.rubiconproject.com/usync.js	34 kB	2023-03-08	2024-02-07
Pretty URL eus.rubiconproject.com/usync.js IP 104.88.9.101 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:12:58 Last Seen2024-02-07 05:06:21 Times Seen1 Hash bd37fd1cb645aaf22c585e72475257e7 b6ee26078803efc3cf2ea1b7fc6485ea99a29221 a8ce464c7b4aaec113916e4e74ddfbf43e536f769e4609dd67fbc1ea852a5d44 Loading...

	googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F14210&adk=2180255949&adf=3653020618&pi=t.ma~as.2784%2F14210&w=300&url=https%3A%2F%2Freurl.cc%2FgvjOLp&ea=0&wgl=1&dt=1670553425898&bpp=15&bdt=M&idt=856&shv=r20221206&mjsv=m202212060101&ptt=5&saldr=sa&correlator=3804882616186&frm=23&ife=1&pv=2&ga_vid=573891734.1670553423&ga_sid=1670553427&ga_hid=567915816&ga_fc=1&nhd=2&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=484&ady=108&biw=1268&bih=939&isw=300&ish=250&ifk=1900172581&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C44777506%2C31071250&oid=2&pvsid=1104544433664311&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.e7wpsoup1w8c&fsb=1&dtd=986	9 B	2023-03-07	2024-04-02
Pretty URL googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F14210&adk=2180255949&adf=3653020618&pi=t.ma~as.2784%2F14210&w=300&url=https%3A%2F%2Freurl.cc%2FgvjOLp&ea=0&wgl=1&dt=1670553425898&bpp=15&bdt=M&idt=856&shv=r20221206&mjsv=m202212060101&ptt=5&saldr=sa&correlator=3804882616186&frm=23&ife=1&pv=2&ga_vid=573891734.1670553423&ga_sid=1670553427&ga_hid=567915816&ga_fc=1&nhd=2&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=484&ady=108&biw=1268&bih=939&isw=300&ish=250&ifk=1900172581&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C44777506%2C31071250&oid=2&pvsid=1104544433664311&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.e7wpsoup1w8c&fsb=1&dtd=986 IP 142.250.74.162 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-02 23:20:20 Times Seen2252 Hash c8308edb31948449adfea16b3e2d316d 38d59d97a7ea7498b50a40eabdfde6c3f446be3b 5c1324674560cf5a651810c1e7ad9643cd2472144d432b7a62a743a19f6f86c4 Loading...

	p4-f2hyhjpf3kzqu-ewnn6utaftsrgvu5-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html	4.4 kB	2023-03-07	2023-03-17
Pretty URL p4-f2hyhjpf3kzqu-ewnn6utaftsrgvu5-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:52 Last Seen2023-03-17 10:41:52 Times Seen1 Hash d828c73904f6478d0ab75dfa7113d9e9 5cdfe8ad7c199f1b8bec450d10c59996c0c252aa 62bd43fe6cedc84a05f5633c50f4a11cf623e26b7e82134c83c825db31fa5118 Loading...

	static.xx.fbcdn.net/rsrc.php/v3/y-/r/oOEvy0vWOy0.js?_nc_x=Ij3Wp8lg5Kz	17 kB	2023-03-08	2023-03-08
Pretty URL static.xx.fbcdn.net/rsrc.php/v3/y-/r/oOEvy0vWOy0.js?_nc_x=Ij3Wp8lg5Kz IP 157.240.221.16 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 22:53:00 Last Seen2023-03-08 23:40:15 Times Seen1 Hash ba172e7f5b84ed2e02baef563405785f 167ebcc86185d51a70a6206a8ac888ab81292b8e 2243c343ed1ee4bb189d314c8df1713b7adb33acbafcfbd3b86ca11bf4ace6a0 Loading...

	tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/window_focus_fy2021.js	2.7 kB	2023-03-08	2024-04-15
Pretty URL tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/window_focus_fy2021.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:45 Last Seen2024-04-15 15:27:29 Times Seen2166 Hash 9ef158292b617d358506529b02c73629 843852d8addbf1a7f96c5607179e1c9423ed8a4c 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Loading...

	reurl.cc/gvjOLp	350 B	2023-03-08	2023-09-24
Pretty URL reurl.cc/gvjOLp IP 35.185.130.121 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:03:18 Last Seen2023-09-24 13:17:18 Times Seen16 Hash e0418abc96a203a41e289f8c81e9420f 5f1bb3f7f12fad1140b627d20648e59f7e9c7289 92f5d721b9b8c864f9e0ab42a274e43be0cc396ae54f17d0e9a6615d8754bacc Loading...

	reurl.cc/gvjOLp	296 B	2023-03-08	2023-03-08
Pretty URL reurl.cc/gvjOLp IP 35.185.130.121 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:12:58 Last Seen2023-03-08 23:12:58 Times Seen1 Hash 0ca3a34aa01939ff4797cab6f5c68a70 feec3f9966724541e222e45663da59c694fec718 8ab030cb2046e91dceb9e4bb5727d3e44c8629af4a36a8a2067ee3838508c96d Loading...

	static.xx.fbcdn.net/rsrc.php/v3/yR/r/bPhRbIw5d4Y.js?_nc_x=Ij3Wp8lg5Kz	53 kB	2023-03-08	2023-03-13
Pretty URL static.xx.fbcdn.net/rsrc.php/v3/yR/r/bPhRbIw5d4Y.js?_nc_x=Ij3Wp8lg5Kz IP 157.240.221.16 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:26:59 Last Seen2023-03-13 02:53:11 Times Seen1 Hash 73a0b1ff652307a0c4f80eefedf0674a 4972c74d05c51b1a6509ad59c145e9575efee260 dc07d382f00a25c7cab4993b3675027b7ba9fdf978474e9611aadde6383d9a57 Loading...

	static.xx.fbcdn.net/rsrc.php/v3/yY/r/7Nmln25n6YE.js?_nc_x=Ij3Wp8lg5Kz	22 kB	2023-03-08	2023-03-13
Pretty URL static.xx.fbcdn.net/rsrc.php/v3/yY/r/7Nmln25n6YE.js?_nc_x=Ij3Wp8lg5Kz IP 157.240.221.16 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:01:01 Last Seen2023-03-13 02:53:12 Times Seen1 Hash 97c6c1a95e893d8c35b7ac6b3ae526c6 0f82859723cc0155e8df7b2e6543fa146c211734 7e0085a77923b9e5a13ae8105a8e54337d44464f114e6d9c58a3c06a9cbcbc61 Loading...

	www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df36e593a17c85d6%26domain%3Dreurl.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Freurl.cc%252Ffbe43af709a376%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2F100076309821482%2Fvideos%2F3313141875600806&locale=en_US&sdk=joey&show_text=false&width=280	19 kB	2023-03-08	2023-03-08
Pretty URL www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df36e593a17c85d6%26domain%3Dreurl.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Freurl.cc%252Ffbe43af709a376%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2F100076309821482%2Fvideos%2F3313141875600806&locale=en_US&sdk=joey&show_text=false&width=280 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:12:58 Last Seen2023-03-08 23:12:58 Times Seen1 Hash 334b6d48e56b0699a1a8f3c268753eed 9de7e91f7ea0d9f81e55f264ac95aedafef75f72 90c3c8e6b57abddc41d19324715e612b1be1aa4dfab17eba8120261fcf08d7ec Loading...

	img.scupio.com/html/ad.html?v=1.0.65	318 B	2023-03-08	2023-03-08
Pretty URL img.scupio.com/html/ad.html?v=1.0.65 IP 143.204.55.37 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:12:58 Last Seen2023-03-08 23:12:58 Times Seen1 Hash 2f08f6762a0de08657deee98dcdd4a8e 546c5fb6eab788ebb8e4f8484c1be30ba75f4197 eff649768b8805f91fb776618ebefea73a7ee042de8222fa303e0c09bf53fc30 Loading...

	www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId	28 kB	2023-03-08	2023-03-08
Pretty URL www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:12:58 Last Seen2023-03-08 23:12:58 Times Seen1 Hash 488e8db7623add2a2654d0eabc20e44b 0e7110bf6b409ae5310f78188bf3262fe5cf9542 031f8b7730b9051f10b84322f245f7efb42f2b65f489d4f4ac3a0b4e77793b29 Loading...

	connect.facebook.net/en_US/sdk.js?hash=84d59f82f1d5865076f0903c45504dc8	313 kB	2023-03-08	2023-03-08
Pretty URL connect.facebook.net/en_US/sdk.js?hash=84d59f82f1d5865076f0903c45504dc8 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:12:58 Last Seen2023-03-08 23:20:14 Times Seen1 Hash e1d914c3510779dbf627ee46dec384df 2b27fd73c321072afc2334b33aec782590b9b4ea bb5f0cd691c56cfdb2b50c0532ab3a2fead75aae0edceb043c26623dd5d77e10 Loading...

	www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df36e593a17c85d6%26domain%3Dreurl.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Freurl.cc%252Ffbe43af709a376%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2F100076309821482%2Fvideos%2F3313141875600806&locale=en_US&sdk=joey&show_text=false&width=280	74 kB	2023-03-08	2023-03-08
Pretty URL www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df36e593a17c85d6%26domain%3Dreurl.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Freurl.cc%252Ffbe43af709a376%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2F100076309821482%2Fvideos%2F3313141875600806&locale=en_US&sdk=joey&show_text=false&width=280 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:12:58 Last Seen2023-03-08 23:12:58 Times Seen1 Hash 788e5e321311456a983cdf4f563146d5 01324111f7021dafe620b100869d68f9c2824972 36cda483f3e782fbfb855fbf6d4ec3d2931100026110c7dbdf25d85c2d67c805 Loading...

	img.scupio.com/html/ad.html?v=1.0.65	192 B	2023-03-07	2023-04-05
Pretty URL img.scupio.com/html/ad.html?v=1.0.65 IP 143.204.55.37 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07:35 Last Seen2023-04-05 01:40:50 Times Seen3 Hash 9716717ab8b6dd06cfcbb397cc08bd5f d50a5e6642830111460431804d19d3bed43dc80f 02587860edf782ab1f0f9bb5cc0b868ab8ce4537627943ae2840187b56ffd08a Loading...

	adcdn.holmesmind.com/adserver/Preset.js?z=13847	784 B	2023-03-08	2023-03-12
Pretty URL adcdn.holmesmind.com/adserver/Preset.js?z=13847 IP 143.204.55.65 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:48:24 Last Seen2023-03-12 12:58:43 Times Seen1 Hash f9fd4ba0d64074ed919d3fe26bb6e67a 91ea24c40760b65c60f271f98e3eb51c7f6937b9 5394648ec6d57a0077c7c0b8fa3bb894a86d224088c201c433a21bc58fd079f9 Loading...

	static.xx.fbcdn.net/rsrc.php/v3/yq/r/6pd4iTcqYl_.js?_nc_x=Ij3Wp8lg5Kz	16 kB	2023-03-08	2023-03-11
Pretty URL static.xx.fbcdn.net/rsrc.php/v3/yq/r/6pd4iTcqYl_.js?_nc_x=Ij3Wp8lg5Kz IP 157.240.221.16 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:26:59 Last Seen2023-03-11 23:38:44 Times Seen1 Hash e37926de3375cad5dc2702ad38268e66 a5e023daa2470168c04e893abe47f78620257865 544252bc5fc9db32935c1e4488107d2bf14f7c6c94d8d8c2cdb1fab30d587de5 Loading...

	cdn.holmesmind.com/js/modle/ade/ade-tracker.js	1.6 kB	2023-03-07	2024-01-06
Pretty URL cdn.holmesmind.com/js/modle/ade/ade-tracker.js IP 54.230.111.38 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:51:37 Last Seen2024-01-06 09:45:54 Times Seen26 Hash cc88de770769cdecaa524a5801120c78 5f25d39f00d22df5f4feb3059d9bc51805dade4d 72e9ecb7db91e5a334caa4e36a70071de2851fe7c5a6e4b1028cc80c5be0fa84 Loading...

	static.xx.fbcdn.net/rsrc.php/v3/yR/r/-QN-nzq60hS.js?_nc_x=Ij3Wp8lg5Kz	159 kB	2023-03-08	2023-10-10
Pretty URL static.xx.fbcdn.net/rsrc.php/v3/yR/r/-QN-nzq60hS.js?_nc_x=Ij3Wp8lg5Kz IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:29:22 Last Seen2023-10-10 23:03:03 Times Seen208 Hash a283be4b741d68408b6cf3f92783a4be bd229ea521701cf24dd930423adb083232d0e101 1bb42d969eda7fe4788b85587af74df0b29ce93e1adb938f825a103a8794d02f Loading...

	tpc.googlesyndication.com/sodar/sodar2.js	17 kB	2023-03-07	2024-04-25
Pretty URL tpc.googlesyndication.com/sodar/sodar2.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2024-04-25 13:12:52 Times Seen17674 Hash 2cc87e9764aebcbbf36ff2061e6a2793 b4f2ffdf4c695aa79f0e63651c18a88729c2407b 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Loading...

	adcdn.holmesmind.com/adserver/Preset.js?z=13856	575 B	2023-03-07	2023-04-05
Pretty URL adcdn.holmesmind.com/adserver/Preset.js?z=13856 IP 143.204.55.65 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07:35 Last Seen2023-04-05 01:40:50 Times Seen3 Hash a6b4508404053d31558a521a34a9ed8b 836eb7df5409c3751cb866554ef40abaa49f04d1 22d4fe7a41e1b5ac442faeccace387a6e59c4f056bc35b71f1b65cf42e7a6721 Loading...

	connect.facebook.net/en_US/sdk.js	3.1 kB	2023-03-08	2023-03-08
Pretty URL connect.facebook.net/en_US/sdk.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:12:58 Last Seen2023-03-08 23:12:58 Times Seen1 Hash 2a5c6beaf35a2f81d0761abbfe0fb14e b5bc6c4a47683418c60fde20eaaac51238385f16 1f8573c3f8a491cba54eee578b0473aefde67dba6161bf92b8096fcaf09189bf Loading...

	static.xx.fbcdn.net/rsrc.php/v3iuWr4/yB/l/en_US/6zXteePFTWz.js?_nc_x=Ij3Wp8lg5Kz	30 kB	2023-03-08	2023-03-13
Pretty URL static.xx.fbcdn.net/rsrc.php/v3iuWr4/yB/l/en_US/6zXteePFTWz.js?_nc_x=Ij3Wp8lg5Kz IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:29:22 Last Seen2023-03-13 19:09:37 Times Seen1 Hash 3c52de4719cedb4e0c284d315a15c535 5e16eb7f87d79602452cedcb765d2764991b5696 f80371784c99feda620e495a09c85b2f1c5fd53f58f16ffe2705016007fb92af Loading...

	tpc.googlesyndication.com/pagead/js/r20221206/r20110914/abg_lite_fy2021.js	24 kB	2023-03-08	2023-03-12
Pretty URL tpc.googlesyndication.com/pagead/js/r20221206/r20110914/abg_lite_fy2021.js IP 216.58.207.193 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:33:17 Last Seen2023-03-12 14:35:21 Times Seen1 Hash f458f507accf48c72fb80e2ba2f9f399 9359f3aba34e2459324ff54f6c2922c6201b7c60 86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a Loading...

	www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914	156 kB	2023-03-08	2023-03-12
Pretty URL www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:12:33 Last Seen2023-03-12 14:28:25 Times Seen1 Hash 471aeb0d2e2f3a3ef81b11a02ee731ba c711f0af4e9581f9797bc67fafb4afc38baaa07e 196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e Loading...

	static.xx.fbcdn.net/rsrc.php/v3/y6/r/8LoDHCcRMmF.js?_nc_x=Ij3Wp8lg5Kz	39 kB	2023-03-08	2023-04-02
Pretty URL static.xx.fbcdn.net/rsrc.php/v3/y6/r/8LoDHCcRMmF.js?_nc_x=Ij3Wp8lg5Kz IP 157.240.221.16 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:26:59 Last Seen2023-04-02 21:25:26 Times Seen2 Hash d0096b3780248d2d053b1826ffa2e991 cb82a7cd24e2afb463141954d925ca118db6000a f93df2735d94cf2ebfc2f07b0f8038e4c9e177d89e3e8b7cd1604e23c556f63b Loading...

	static.xx.fbcdn.net/rsrc.php/v3/yF/r/Nb03oswepEf.js?_nc_x=Ij3Wp8lg5Kz	48 kB	2023-03-08	2023-03-09
Pretty URL static.xx.fbcdn.net/rsrc.php/v3/yF/r/Nb03oswepEf.js?_nc_x=Ij3Wp8lg5Kz IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:45:18 Last Seen2023-03-09 00:56:34 Times Seen1 Hash f5c5408e3d614169b0a0d23b442b237d 45731c2cbc11dc8cd50475fd73292d37a71708c9 015264b4ac64ea0b74a7feb4fbaa92252dc6d7f6fc49966e80a4cb7d186dd2b0 Loading...

	static.xx.fbcdn.net/rsrc.php/v3ivzh4/yd/l/en_US/PIb-qR-KvFS.js?_nc_x=Ij3Wp8lg5Kz	706 kB	2023-03-08	2023-03-09
Pretty URL static.xx.fbcdn.net/rsrc.php/v3ivzh4/yd/l/en_US/PIb-qR-KvFS.js?_nc_x=Ij3Wp8lg5Kz IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 22:18:52 Last Seen2023-03-09 04:08:01 Times Seen1 Hash 1e0802cdb1219058e3e7cc58e2a293af 630f314a85aabe569d296ab1801b62764c745bb0 b7023d833ace1dc8c9ad45e29212e7e086f7adf74662c1ac04a52242f5c410c0 Loading...

	cdn.holmesmind.com/js/presetfn.js	9.7 kB	2023-03-08	2023-03-10
Pretty URL cdn.holmesmind.com/js/presetfn.js IP 54.230.111.38 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:12:58 Last Seen2023-03-10 04:49:44 Times Seen1 Hash f4ecb431f211c53bc51427e18143e0c6 acbb444f864e8754e5a180a5914427b7f73eefd5 3045f705805167d3706eb0054924d90ccb21adefdca4bcbdf5038bb0f1b7ae82 Loading...

	cdn.holmesmind.com/js/criteoV2.js	2.4 kB	2023-03-07	2023-06-24
Pretty URL cdn.holmesmind.com/js/criteoV2.js IP 54.230.111.38 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07:34 Last Seen2023-06-24 07:29:32 Times Seen22 Hash e8f33fcb581483ced4a09b3c8e7550e4 278fdeb6bf2871b7a3a3ca9becef10582e8e87e0 e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32 Loading...

	static.xx.fbcdn.net/rsrc.php/v3/y5/r/Phl-HUfEGSW.js?_nc_x=Ij3Wp8lg5Kz	232 B	2023-03-08	2023-03-11
Pretty URL static.xx.fbcdn.net/rsrc.php/v3/y5/r/Phl-HUfEGSW.js?_nc_x=Ij3Wp8lg5Kz IP 157.240.221.16 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:45:18 Last Seen2023-03-11 23:35:37 Times Seen1 Hash 9e9f7c79f2773bb18cf6ce4cdfa368ef 670d1cdcbdea9485d6a19b67e12f247a19cab3ec bf3e32d807092fa60d6a1cecb6b4d80ce20f1ce7b715a34707184bd31016e189 Loading...

	static.xx.fbcdn.net/rsrc.php/v3/yU/r/4UPyB_fNoOt.js?_nc_x=Ij3Wp8lg5Kz	1.7 kB	2023-03-08	2023-04-19
Pretty URL static.xx.fbcdn.net/rsrc.php/v3/yU/r/4UPyB_fNoOt.js?_nc_x=Ij3Wp8lg5Kz IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:29:22 Last Seen2023-04-19 21:21:57 Times Seen40 Hash a5b4c29856578987e32f581315979327 cf586c43b66bf27c0d15dca3055427a01469998b e117ce508d22eab86014ad62c1fd47df471c2ed678e48591ca318a547b354b6f Loading...

	adservice.google.no/adsid/integrator.js?domain=reurl.cc	107 B	2023-03-07	2024-02-03
Pretty URL adservice.google.no/adsid/integrator.js?domain=reurl.cc IP 142.250.74.162 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-02-03 18:43:04 Times Seen27539 Hash d9c47f48660b656705d0ff86fc850de8 bceb9478f69cdfc2eb87ae6b80e95dbaac8b6769 a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Loading...

	googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F14210&adk=2180255949&adf=3653020618&pi=t.ma~as.2784%2F14210&w=300&url=https%3A%2F%2Freurl.cc%2FgvjOLp&ea=0&wgl=1&dt=1670553425898&bpp=15&bdt=M&idt=856&shv=r20221206&mjsv=m202212060101&ptt=5&saldr=sa&correlator=3804882616186&frm=23&ife=1&pv=2&ga_vid=573891734.1670553423&ga_sid=1670553427&ga_hid=567915816&ga_fc=1&nhd=2&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=484&ady=108&biw=1268&bih=939&isw=300&ish=250&ifk=1900172581&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C44777506%2C31071250&oid=2&pvsid=1104544433664311&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.e7wpsoup1w8c&fsb=1&dtd=986	29 B	2023-03-08	2023-03-09
Pretty URL googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F14210&adk=2180255949&adf=3653020618&pi=t.ma~as.2784%2F14210&w=300&url=https%3A%2F%2Freurl.cc%2FgvjOLp&ea=0&wgl=1&dt=1670553425898&bpp=15&bdt=M&idt=856&shv=r20221206&mjsv=m202212060101&ptt=5&saldr=sa&correlator=3804882616186&frm=23&ife=1&pv=2&ga_vid=573891734.1670553423&ga_sid=1670553427&ga_hid=567915816&ga_fc=1&nhd=2&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=484&ady=108&biw=1268&bih=939&isw=300&ish=250&ifk=1900172581&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C44777506%2C31071250&oid=2&pvsid=1104544433664311&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.e7wpsoup1w8c&fsb=1&dtd=986 IP 142.250.74.162 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:33:17 Last Seen2023-03-09 04:41:46 Times Seen1 Hash e1236ba0b449798bb4177d234608ad86 abe35544764dd37ffbb60fdd388556fb8cba8b34 8f0605eda0e66fa0bc00e0ad2fdeb3104afc2244464771f1ad7ecb813fe0f70f Loading...

	cdn.holmesmind.com/js/bridgewellV3.js	4.5 kB	2023-03-07	2023-05-09
Pretty URL cdn.holmesmind.com/js/bridgewellV3.js IP 54.230.111.38 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07:34 Last Seen2023-05-09 04:38:16 Times Seen8 Hash c3b948e5a48dd0ec20c265d6d8da7add 9fcd995d80439c19a6f8202a181143167e709685 c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b Loading...

	static.xx.fbcdn.net/rsrc.php/v3/yQ/r/3wX2w-O_9zc.js?_nc_x=Ij3Wp8lg5Kz	2.9 kB	2023-03-08	2023-07-24
Pretty URL static.xx.fbcdn.net/rsrc.php/v3/yQ/r/3wX2w-O_9zc.js?_nc_x=Ij3Wp8lg5Kz IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:26:59 Last Seen2023-07-24 09:19:15 Times Seen2 Hash 5c265611d85f826b5d835d77350bfed7 7ec19fb48396038e7794b597ae69202bd08384d5 5180e76115ebb9ef78950d34426aabe5ec6b1acd59a5f09b7291787ad3fa23aa Loading...

	pagead2.googlesyndication.com/pagead/show_ads.js	101 kB	2023-03-08	2023-03-08
Pretty URL pagead2.googlesyndication.com/pagead/show_ads.js IP 172.217.21.162 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:12:58 Last Seen2023-03-08 23:12:58 Times Seen1 Hash 77e03418faf5366f359317a9815fb254 ade2e8efc349b632416561508bc59675b445c573 35e1a438332aa645fcc51dbbf61b22fb1c0c1fe4868e3091ce64c24e68559e13 Loading...

	img.scupio.com/html/ad.html?v=1.0.65	390 B	2023-03-07	2023-04-05
Pretty URL img.scupio.com/html/ad.html?v=1.0.65 IP 143.204.55.37 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07:35 Last Seen2023-04-05 01:40:50 Times Seen3 Hash eede7dfe0c3aac8710aca386192acc0a e64d7882c9d650bee52c6de1cd5a03975f76d15e 3412a41eb7c89753d59810dcc5e5386ca7f2a9f0d762758e5cc6c84063aeb90e Loading...

	gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc#%7B%22uid%22:%7B%22origin%22:0%7D,%22lwid%22:%7B%22origin%22:0%7D,%22bundle%22:%7B%22origin%22:0%7D,%22optout%22:%7B%22value%22:false,%22origin%22:0%7D,%22sid%22:%7B%22origin%22:0%7D,%22ifa%22:%7B%22origin%22:0%7D,%22tld%22:%22img.scupio.com%22,%22topUrl%22:%22reurl.cc%22,%22version%22:117,%22cw%22:false,%22lsw%22:false,%22origin%22:%22publishertag%22%7D	418 B	2023-03-07	2023-03-17
Pretty URL gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc#%7B%22uid%22:%7B%22origin%22:0%7D,%22lwid%22:%7B%22origin%22:0%7D,%22bundle%22:%7B%22origin%22:0%7D,%22optout%22:%7B%22value%22:false,%22origin%22:0%7D,%22sid%22:%7B%22origin%22:0%7D,%22ifa%22:%7B%22origin%22:0%7D,%22tld%22:%22img.scupio.com%22,%22topUrl%22:%22reurl.cc%22,%22version%22:117,%22cw%22:false,%22lsw%22:false,%22origin%22:%22publishertag%22%7D IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:53:17 Last Seen2023-03-17 21:47:34 Times Seen1 Hash 72ad3a00c4af14e8c301e9eafbe741ea 63dc5435a78e8b86fb54fa8be021d2f54b1903b1 d05385301aef1a77fd22c1c56c08102835063c8221b753de58aff20a800c95eb Loading...

	googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F14210&adk=2180255949&adf=3653020618&pi=t.ma~as.2784%2F14210&w=300&url=https%3A%2F%2Freurl.cc%2FgvjOLp&ea=0&wgl=1&dt=1670553425898&bpp=15&bdt=M&idt=856&shv=r20221206&mjsv=m202212060101&ptt=5&saldr=sa&correlator=3804882616186&frm=23&ife=1&pv=2&ga_vid=573891734.1670553423&ga_sid=1670553427&ga_hid=567915816&ga_fc=1&nhd=2&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=484&ady=108&biw=1268&bih=939&isw=300&ish=250&ifk=1900172581&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C44777506%2C31071250&oid=2&pvsid=1104544433664311&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.e7wpsoup1w8c&fsb=1&dtd=986	10 kB	2023-03-08	2023-03-08
Pretty URL googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F14210&adk=2180255949&adf=3653020618&pi=t.ma~as.2784%2F14210&w=300&url=https%3A%2F%2Freurl.cc%2FgvjOLp&ea=0&wgl=1&dt=1670553425898&bpp=15&bdt=M&idt=856&shv=r20221206&mjsv=m202212060101&ptt=5&saldr=sa&correlator=3804882616186&frm=23&ife=1&pv=2&ga_vid=573891734.1670553423&ga_sid=1670553427&ga_hid=567915816&ga_fc=1&nhd=2&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=484&ady=108&biw=1268&bih=939&isw=300&ish=250&ifk=1900172581&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C44777506%2C31071250&oid=2&pvsid=1104544433664311&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.e7wpsoup1w8c&fsb=1&dtd=986 IP 142.250.74.162 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:12:58 Last Seen2023-03-08 23:12:58 Times Seen1 Hash 998ed46dc1edd0ad1c07ba87de724d08 759380381b0a18a41a981fa06b25d3f2c0188139 59a0c9fad328f9ab31668c8d03b3349ebfc5808610a5d5c989ea176d5e86788c Loading...

	cdn.holmesmind.com/js/edmpVL.js	10 kB	2023-03-07	2023-03-14
Pretty URL cdn.holmesmind.com/js/edmpVL.js IP 54.230.111.38 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:51:37 Last Seen2023-03-14 01:11:22 Times Seen1 Hash bb1f54e9cb2e7c9c3e3c1b5adae79ccb ed10616cb0b3952cd5caacccef973a65d57381b3 8d805e1c2cfc4d461ac38a234fdc8c26f767952c75301b21644940dbb3374a5f Loading...

	cdn.holmesmind.com/js/av_old.js	4.0 kB	2023-03-07	2023-03-14
Pretty URL cdn.holmesmind.com/js/av_old.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:51:37 Last Seen2023-03-14 01:11:20 Times Seen1 Hash 77d512f8676b6b3f12cadd9df9d1a1e0 7be9bf092435fb955de1460df5a1e50144181c26 04431a827a36b70d9174180e526ed0000fee866c9688c4009da71d863d5bb73e Loading...

	reurl.cc/gvjOLp	1.4 kB	2023-03-08	2023-03-08
Pretty URL reurl.cc/gvjOLp IP 35.185.130.121 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:12:58 Last Seen2023-03-08 23:12:58 Times Seen1 Hash a98b5fc69afc29f03d992b322a6b009b d7c4c94d6f24b0e2c6c283f0176cd3ff91ba7548 57a989e501dbfcf0e319d021cad01eb66969342a9b88eda67765b39b7bd64b0b Loading...

	img.scupio.com/html/ad.html?v=1.0.65	50 B	2023-03-07	2023-03-26
Pretty URL img.scupio.com/html/ad.html?v=1.0.65 IP 143.204.55.37 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07:35 Last Seen2023-03-26 09:48:43 Times Seen2 Hash d782fdc4f53eacecb7acaa7b47f5b4bd f8d11f702fd41695d8a56930f7be7b79a5f3ca01 fe36447cf3a1ba9d4122bda8516a00a5b2260a1a98dbb66ecf1af7a58bd7114a Loading...

	static.xx.fbcdn.net/rsrc.php/v3/yv/r/yG5Ij0Oj5BV.js?_nc_x=Ij3Wp8lg5Kz	223 kB	2023-03-08	2023-03-13
Pretty URL static.xx.fbcdn.net/rsrc.php/v3/yv/r/yG5Ij0Oj5BV.js?_nc_x=Ij3Wp8lg5Kz IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 22:18:52 Last Seen2023-03-13 19:34:49 Times Seen1 Hash e809cf51b04aae235fe2a0396af7a4c7 f276ac1abc5bf766f4db2ee7f86d03a68ec96ab3 9ae5a9fac63ebb2e953b92a1986aa75d1a43fb31cfd8233ab1d4d95678fecb76 Loading...

	img.scupio.com/html/ls.html	1.2 kB	2023-03-07	2023-04-05
Pretty URL img.scupio.com/html/ls.html IP 143.204.55.37 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07:34 Last Seen2023-04-05 01:40:49 Times Seen3 Hash 0ef78828b0a39fb21f073c3bd02205f8 46511582b6f773c6e700f8fd53920b7cee6aa2ad 842076462bed8d69b6b46beac0c9ee089dc5812be853bfb21d45d1e522542e26 Loading...

	googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F14210&adk=2180255949&adf=3653020618&pi=t.ma~as.2784%2F14210&w=300&url=https%3A%2F%2Freurl.cc%2FgvjOLp&ea=0&wgl=1&dt=1670553425898&bpp=15&bdt=M&idt=856&shv=r20221206&mjsv=m202212060101&ptt=5&saldr=sa&correlator=3804882616186&frm=23&ife=1&pv=2&ga_vid=573891734.1670553423&ga_sid=1670553427&ga_hid=567915816&ga_fc=1&nhd=2&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=484&ady=108&biw=1268&bih=939&isw=300&ish=250&ifk=1900172581&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C44777506%2C31071250&oid=2&pvsid=1104544433664311&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.e7wpsoup1w8c&fsb=1&dtd=986	91 B	2023-03-07	2023-12-09
Pretty URL googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F14210&adk=2180255949&adf=3653020618&pi=t.ma~as.2784%2F14210&w=300&url=https%3A%2F%2Freurl.cc%2FgvjOLp&ea=0&wgl=1&dt=1670553425898&bpp=15&bdt=M&idt=856&shv=r20221206&mjsv=m202212060101&ptt=5&saldr=sa&correlator=3804882616186&frm=23&ife=1&pv=2&ga_vid=573891734.1670553423&ga_sid=1670553427&ga_hid=567915816&ga_fc=1&nhd=2&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=484&ady=108&biw=1268&bih=939&isw=300&ish=250&ifk=1900172581&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C44777506%2C31071250&oid=2&pvsid=1104544433664311&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.e7wpsoup1w8c&fsb=1&dtd=986 IP 142.250.74.162 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2023-12-09 21:56:02 Times Seen1361 Hash c82428a35f2157d1ffc58db62a62642c 23a3ba37c8219ada20ade938bf6ab027ddfaa32e c202f499070bf24f65287263b3c7fd4a221000ebc2e9a9eb1da84c48faf83f7a Loading...

	ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js	97 kB	2023-03-07	2024-04-25
Pretty URL ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js IP 216.58.211.10 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-25 11:55:36 Times Seen118694 Hash 4f252523d4af0b478c810c2547a63e19 5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404 Loading...

	connect.facebook.net/signals/config/1675200226052423?v=2.9.89&r=stable	26 kB	2023-03-08	2023-03-08
Pretty URL connect.facebook.net/signals/config/1675200226052423?v=2.9.89&r=stable IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:12:58 Last Seen2023-03-08 23:12:58 Times Seen1 Hash 4bd61937258ab02bc5286bf02b1c809f aaee9ee8ee8c1e54f051111a308c5c4f5c1ffa62 d98788f1ac890a7d03deeee263708805d0f250d9baebdd32a86961dce722dd70 Loading...

	www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df36e593a17c85d6%26domain%3Dreurl.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Freurl.cc%252Ffbe43af709a376%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2F100076309821482%2Fvideos%2F3313141875600806&locale=en_US&sdk=joey&show_text=false&width=280	81 kB	2023-03-08	2023-03-08
Pretty URL www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df36e593a17c85d6%26domain%3Dreurl.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Freurl.cc%252Ffbe43af709a376%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2F100076309821482%2Fvideos%2F3313141875600806&locale=en_US&sdk=joey&show_text=false&width=280 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:12:58 Last Seen2023-03-08 23:12:58 Times Seen1 Hash 4a67e1ffa2d45db608a11aaf68178146 a16d1b3964e4415324663da69900df4d83cb3cbe 32399d59ad454c9879c4fb8eec680a03de68eda5727ef3fb20cb516be9d48232 Loading...

	img.scupio.com/html/ad.html?v=1.0.65	899 B	2023-03-07	2023-04-05
Pretty URL img.scupio.com/html/ad.html?v=1.0.65 IP 143.204.55.37 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07:34 Last Seen2023-04-05 01:40:50 Times Seen3 Hash ebb6c1fded9891d5a8691b481388ebc4 9f0959b893e6f7eb20f7cb56201133d4056e5260 49085bef672af70617e78f2b8f3647675eb25d9e708a6f22d5e1f279c45a0959 Loading...

	img.scupio.com/html/ad.html?v=1.0.65	318 B	2023-03-08	2023-03-08
Pretty URL img.scupio.com/html/ad.html?v=1.0.65 IP 143.204.55.37 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:12:58 Last Seen2023-03-08 23:12:58 Times Seen1 Hash c6297f7011ee7f5eacf1e96e89144bec 95ebdfae9e48628cc5cda53f5249a82740fb512b 0936dfb9ef9adc432f0508416a65040fa39ab3ca15099053ccb57be17ceab4a7 Loading...

	static.xx.fbcdn.net/rsrc.php/v3/yL/r/2ruvVqMV6iN.js?_nc_x=Ij3Wp8lg5Kz	182 kB	2023-03-08	2023-03-08
Pretty URL static.xx.fbcdn.net/rsrc.php/v3/yL/r/2ruvVqMV6iN.js?_nc_x=Ij3Wp8lg5Kz IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:12:58 Last Seen2023-03-08 23:17:33 Times Seen1 Hash 316ecf62e318b0ed57bb6a3690422f7c 6f4d4684cca9c88f356f7a32d4038fc2059cbb71 7e4f73cf076104c867ee0ebfd6d208e4d6795afdd4a8325f1ef92d4041f0aabd Loading...

	googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F14210&adk=2180255949&adf=3653020618&pi=t.ma~as.2784%2F14210&w=300&url=https%3A%2F%2Freurl.cc%2FgvjOLp&ea=0&wgl=1&dt=1670553425898&bpp=15&bdt=M&idt=856&shv=r20221206&mjsv=m202212060101&ptt=5&saldr=sa&correlator=3804882616186&frm=23&ife=1&pv=2&ga_vid=573891734.1670553423&ga_sid=1670553427&ga_hid=567915816&ga_fc=1&nhd=2&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=484&ady=108&biw=1268&bih=939&isw=300&ish=250&ifk=1900172581&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C44777506%2C31071250&oid=2&pvsid=1104544433664311&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.e7wpsoup1w8c&fsb=1&dtd=986	19 B	2023-03-07	2024-04-02
Pretty URL googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F14210&adk=2180255949&adf=3653020618&pi=t.ma~as.2784%2F14210&w=300&url=https%3A%2F%2Freurl.cc%2FgvjOLp&ea=0&wgl=1&dt=1670553425898&bpp=15&bdt=M&idt=856&shv=r20221206&mjsv=m202212060101&ptt=5&saldr=sa&correlator=3804882616186&frm=23&ife=1&pv=2&ga_vid=573891734.1670553423&ga_sid=1670553427&ga_hid=567915816&ga_fc=1&nhd=2&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=484&ady=108&biw=1268&bih=939&isw=300&ish=250&ifk=1900172581&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C44777506%2C31071250&oid=2&pvsid=1104544433664311&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.e7wpsoup1w8c&fsb=1&dtd=986 IP 142.250.74.162 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-02 23:20:18 Times Seen2232 Hash 65bb46e3f84073f672c022f98f42245e 2d0aed946f65bf94f57fe36798d2540727b212e3 375bc1a8808edc2a20b432f223e06e981b02feb9d34f558260aa537495f3533f Loading...

	www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId	218 B	2023-03-07	2024-04-25
Pretty URL www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:56 Last Seen2024-04-25 10:47:20 Times Seen12517 Hash 23731f926ba1b7856c53bf9c572f9e96 52618c2e6dd1bce8956fd2e2872c524eb1fd59d6 dbf6a6f99233910115437a7d602f004b1287d55441d4f751d152bf216375c07a Loading...

	cdn.holmesmind.com/js/drawV2.js	10 kB	2023-03-07	2023-05-24
Pretty URL cdn.holmesmind.com/js/drawV2.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07:34 Last Seen2023-05-24 09:34:08 Times Seen24 Hash 84d8b1a745228113e60f5e62f0eff6d3 10cd995dbb7293ca49d9bdd93145bf12cb89bdac f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032 Loading...

	static.xx.fbcdn.net/rsrc.php/v3/yR/r/BeAMf4eosqh.js?_nc_x=Ij3Wp8lg5Kz	228 kB	2023-03-08	2023-03-08
Pretty URL static.xx.fbcdn.net/rsrc.php/v3/yR/r/BeAMf4eosqh.js?_nc_x=Ij3Wp8lg5Kz IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:12:58 Last Seen2023-03-08 23:17:33 Times Seen1 Hash fca5e7f40e34aec510ffe39df073e698 4f39b5216cab4dd21ecefde34d82afaa5ef3e70a ce179c80162d056eb60064972ce7940f8bef143fd24ef6cc69b2330fa0616169 Loading...

	img.scupio.com/html/ad.html?v=1.0.65	273 B	2023-03-08	2023-03-08
Pretty URL img.scupio.com/html/ad.html?v=1.0.65 IP 143.204.55.37 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:12:58 Last Seen2023-03-08 23:12:58 Times Seen1 Hash cee2c2e5607f79f4f944838e9f2e68d6 848a9d3dfb299fb86206f1e3516cd7cd16b70b47 03bd77f25104c2cc68f3500c59ca19efbce98ae266301dbca8ef577965eafdb4 Loading...

	partner.googleadservices.com/gampad/cookie.js?domain=reurl.cc&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1	383 B	2023-03-08	2023-03-08
Pretty URL partner.googleadservices.com/gampad/cookie.js?domain=reurl.cc&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:12:58 Last Seen2023-03-08 23:12:58 Times Seen1 Hash b1f0affb5f127a09ec963b64db2c96e4 a02318d5d6e7d862cb815b7138a220ca5d2c1172 8522aa5500defdb8c69e98582d01bbd9fc76d5f82d6ed96acf1558872e822b4f Loading...

	img.scupio.com/js/ad.js	78 kB	2023-03-08	2023-03-26
Pretty URL img.scupio.com/js/ad.js IP 143.204.55.37 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:03:18 Last Seen2023-03-26 09:48:42 Times Seen2 Hash 2ff9a6730c6128f1a9f23a029cf2b00c 40f50dce085f2befce9b25f21eddd5c709c74f07 0b7c985fafda17e8085fb6ba1cc58444ae9aad39a3f721a627db9e64d4491cea Loading...

	static.xx.fbcdn.net/rsrc.php/v3iEBX4/yg/l/en_US/L3rRYxmZ_M5.js?_nc_x=Ij3Wp8lg5Kz	24 kB	2023-03-08	2023-05-04
Pretty URL static.xx.fbcdn.net/rsrc.php/v3iEBX4/yg/l/en_US/L3rRYxmZ_M5.js?_nc_x=Ij3Wp8lg5Kz IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:29:30 Last Seen2023-05-04 01:42:27 Times Seen68 Hash 733fb94c86e278fc05839fa730dd6113 f311c9ac67c05b11ab7aa5b9e9306e87c7c730ba f5071e7eca8991d4df7edbc3b6724f1c09bd6180de11e719a3a3a84ee6337840 Loading...

	reurl.cc/gvjOLp	296 B	2023-03-08	2023-03-08
Pretty URL reurl.cc/gvjOLp IP 35.185.130.121 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:12:58 Last Seen2023-03-08 23:12:58 Times Seen1 Hash 68cedd42d072c5cdfdbb1f4d69f9c17f 7eea25c12bd1502fc77008d83754fad794a61351 f09d511669790426a09d871d52d497e75d760e05654cff2626057e3e57a7b24d Loading...

	cdn.holmesmind.com/js/prebid_mainV3.js	2.9 kB	2023-03-08	2023-03-12
Pretty URL cdn.holmesmind.com/js/prebid_mainV3.js IP 54.230.111.38 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:12:58 Last Seen2023-03-12 08:11:36 Times Seen1 Hash 74ebdc32f6914abe676de8f39ed18139 8473a18aa59f435f57e4c45b48243bc5d6a657c4 60c625527519d2f5c9f477679106c665ccf15efd0083a01e42a404f3e70a590a Loading...

	reurl.cc/gvjOLp	120 B	2023-03-08	2023-03-14
Pretty URL reurl.cc/gvjOLp IP 35.185.130.121 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:48:24 Last Seen2023-03-14 16:38:07 Times Seen1 Hash 369957ece6660da3ce66c4d172bb10e5 fd6ce279d87f5355cfb8c961f470db0c4b3114c4 71896462cdb608d0e6f1f656efc17d5d93214e1197b43c2bf77249b1b3756c54 Loading...

	static.xx.fbcdn.net/rsrc.php/v3/y0/r/nBADLAu7euG.js?_nc_x=Ij3Wp8lg5Kz	6.8 kB	2023-03-08	2023-03-11
Pretty URL static.xx.fbcdn.net/rsrc.php/v3/y0/r/nBADLAu7euG.js?_nc_x=Ij3Wp8lg5Kz IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:29:22 Last Seen2023-03-11 19:32:17 Times Seen1 Hash 46036f092db9e8f014d5b54bf93bcd9f 3ec77ff3176f258960b46e005bcde185da4b7625 808f2b17ad36a59591b9eb42c704c588840eb8183fe72bc3d82d640fa7c1f556 Loading...

	www.googletagmanager.com/gtag/js?id=G-N394QBRGC0	229 kB	2023-03-08	2023-03-08
Pretty URL www.googletagmanager.com/gtag/js?id=G-N394QBRGC0 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:12:58 Last Seen2023-03-08 23:12:58 Times Seen1 Hash f2cdecd9a09d9ed28880fd0f94020cd8 97f46261d44c3ec5fd097a09b0c34611914294fe 04d9b386f0fd979b306e56b4b139a4140e370341c7d9d07f027ae022416afa36 Loading...

	static.xx.fbcdn.net/rsrc.php/v3/yD/r/u-BBUt81dFY.js?_nc_x=Ij3Wp8lg5Kz	63 kB	2023-03-08	2023-03-13
Pretty URL static.xx.fbcdn.net/rsrc.php/v3/yD/r/u-BBUt81dFY.js?_nc_x=Ij3Wp8lg5Kz IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:26:59 Last Seen2023-03-13 06:10:21 Times Seen1 Hash 1952218054365ea706d3df904d8aee35 b23d929365eba0be6daf6026f0f3605c8591ca79 640c1c9b54961c2788bdfe8b114268aa69cd7aca4fe82aa8530cadbd7c164d25 Loading...

	static.xx.fbcdn.net/rsrc.php/v3ij064/yF/l/en_US/uXn0gJ60BX9.js?_nc_x=Ij3Wp8lg5Kz	2.1 MB	2023-03-08	2023-03-08
Pretty URL static.xx.fbcdn.net/rsrc.php/v3ij064/yF/l/en_US/uXn0gJ60BX9.js?_nc_x=Ij3Wp8lg5Kz IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:12:58 Last Seen2023-03-08 23:17:33 Times Seen1 Hash 7b0de5a61a16272a53f0ef51c6fb31f1 e1f835f15b00d0a5c0d3ca67898da040dfd779d1 1eb9f84bcd7e86bfbdd3838f17a64a4b8db780a0ed48513c25a02229fd2f3608 Loading...

	reurl.cc/javascripts/pixel.js	429 B	2023-03-07	2024-04-18
Pretty URL reurl.cc/javascripts/pixel.js IP 35.185.130.121 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:39:12 Last Seen2024-04-18 08:53:21 Times Seen135 Hash 8db606ffbc89a5a15fab90b7aeb7a2e7 1ccf32ca6dbb1fdbc1b049246c08e9e5ddb8bf6f 3050a5556edc5876cd83e63f15e56fe19cb428129345a58d1f57687414504698 Loading...

	cdn.holmesmind.com/js/rtbhouseV2.js	2.8 kB	2023-03-07	2023-06-24
Pretty URL cdn.holmesmind.com/js/rtbhouseV2.js IP 54.230.111.38 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07:35 Last Seen2023-06-24 07:29:32 Times Seen24 Hash 6a605eea47197fa280f27aaf1fa1521d 98323891b349b333d5aef521c4d33e1b8455e4fb d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc Loading...

	img.scupio.com/html/ad.html?v=1.0.65	2.8 kB	2023-03-08	2023-03-08
Pretty URL img.scupio.com/html/ad.html?v=1.0.65 IP 143.204.55.37 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:12:58 Last Seen2023-03-08 23:12:58 Times Seen1 Hash 30381a47036e350416c2634392f722e3 c22af80b4a46c5bbb9126a6062b9e5f2f18a4f19 037869df6117ea6285c9686905383e64d84734beb40af329344350dc10aece67 Loading...

	www.google.com/recaptcha/api2/aframe	614 B	2023-03-07	2023-04-05
Pretty URL www.google.com/recaptcha/api2/aframe IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2023-04-05 02:12:11 Times Seen4624 Hash e9e28069c47a530a55f8c7e015a1b38b 2eced601ebdbe39ca274f61c71376ea4bcb8dfff 5fc84aaac11d3157f560666107a0551c67974bbd141130882f9579a5a92e0c52 Loading...

	connect.facebook.net/en_US/fbevents.js	105 kB	2023-03-08	2023-11-28
Pretty URL connect.facebook.net/en_US/fbevents.js IP 157.240.221.16 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:10 Last Seen2023-11-28 17:55:58 Times Seen32 Hash a6ef7927128284961f4cadd572969f09 57e21033749687e69de710a0be6d4244edf1fe51 d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b Loading...

	t.ssp.hinet.net/utag.js	5.2 kB	2023-03-08	2024-01-02
Pretty URL t.ssp.hinet.net/utag.js IP 203.75.214.136 ASN #3462 Data Communication Business Group Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:48:24 Last Seen2024-01-02 09:45:06 Times Seen87 Hash b0aa0ca8b41cb186d30846d772b29e42 cdbf56a9183b87a37e969ab1fcd8c57c43b728b0 9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b Loading...

	cdn.holmesmind.com/js/modle/Live_Streaming.js	38 kB	2023-03-07	2023-03-14
Pretty URL cdn.holmesmind.com/js/modle/Live_Streaming.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:51:37 Last Seen2023-03-14 01:11:22 Times Seen1 Hash b478631c17ab4e0fca2103e8d324981e 124b13c0f7e6864ebf791ceae590cdcf7abdbd7e e2ce48828cc513e392a4dbc14b34377b236a57fa1e4eea2862067724bad131a7 Loading...

	www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df29eb31f6882fe8%26domain%3Dimg.scupio.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fimg.scupio.com%252Ff2997bf21fe1454%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2F100076309821482%2Fvideos%2F3313141875600806&locale=en_US&sdk=joey&show_text=false&width=280	19 kB	2023-03-08	2023-03-08
Pretty URL www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df29eb31f6882fe8%26domain%3Dimg.scupio.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fimg.scupio.com%252Ff2997bf21fe1454%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2F100076309821482%2Fvideos%2F3313141875600806&locale=en_US&sdk=joey&show_text=false&width=280 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:12:58 Last Seen2023-03-08 23:12:58 Times Seen1 Hash fa6ff09750ae8b7b7d6a1311e5e6f626 8aa9a3cd5c7993e86d77d3a27ee6520b487816b9 e3837103311a1fdccab7e13a1ed327912adf46434e15a58a1bf31479756696d5 Loading...

	www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df29eb31f6882fe8%26domain%3Dimg.scupio.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fimg.scupio.com%252Ff2997bf21fe1454%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2F100076309821482%2Fvideos%2F3313141875600806&locale=en_US&sdk=joey&show_text=false&width=280	81 kB	2023-03-08	2023-03-08
Pretty URL www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df29eb31f6882fe8%26domain%3Dimg.scupio.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fimg.scupio.com%252Ff2997bf21fe1454%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2F100076309821482%2Fvideos%2F3313141875600806&locale=en_US&sdk=joey&show_text=false&width=280 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:12:58 Last Seen2023-03-08 23:12:58 Times Seen1 Hash 79b95e495d72b1afa53da69b1fb5d28b cbfb1a4cae6e71641d70055400f57092d87aff4b 00ff2e1cfd4707087ddfa2897b4dac63512200b5d9f8799d2752ce90b3ab5c11 Loading...

	static.xx.fbcdn.net/rsrc.php/v3i6-G4/yy/l/en_US/TNSDZqr5m9f.js?_nc_x=Ij3Wp8lg5Kz	147 kB	2023-03-08	2023-03-09
Pretty URL static.xx.fbcdn.net/rsrc.php/v3i6-G4/yy/l/en_US/TNSDZqr5m9f.js?_nc_x=Ij3Wp8lg5Kz IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:34:20 Last Seen2023-03-09 04:08:01 Times Seen1 Hash d4c31d87e45b378562899b03697f19ea 44c7c8df2a59d92194ef0c6b381549d6e5dcee99 285c45d80a57c470d10aaa8d21110f0974a1340edae5fe5205a67ee8797a13df Loading...

	googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F14210&adk=2180255949&adf=3653020618&pi=t.ma~as.2784%2F14210&w=300&url=https%3A%2F%2Freurl.cc%2FgvjOLp&ea=0&wgl=1&dt=1670553425898&bpp=15&bdt=M&idt=856&shv=r20221206&mjsv=m202212060101&ptt=5&saldr=sa&correlator=3804882616186&frm=23&ife=1&pv=2&ga_vid=573891734.1670553423&ga_sid=1670553427&ga_hid=567915816&ga_fc=1&nhd=2&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=484&ady=108&biw=1268&bih=939&isw=300&ish=250&ifk=1900172581&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C44777506%2C31071250&oid=2&pvsid=1104544433664311&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.e7wpsoup1w8c&fsb=1&dtd=986	431 B	2023-03-08	2023-03-08
Pretty URL googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F14210&adk=2180255949&adf=3653020618&pi=t.ma~as.2784%2F14210&w=300&url=https%3A%2F%2Freurl.cc%2FgvjOLp&ea=0&wgl=1&dt=1670553425898&bpp=15&bdt=M&idt=856&shv=r20221206&mjsv=m202212060101&ptt=5&saldr=sa&correlator=3804882616186&frm=23&ife=1&pv=2&ga_vid=573891734.1670553423&ga_sid=1670553427&ga_hid=567915816&ga_fc=1&nhd=2&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=484&ady=108&biw=1268&bih=939&isw=300&ish=250&ifk=1900172581&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C44777506%2C31071250&oid=2&pvsid=1104544433664311&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.e7wpsoup1w8c&fsb=1&dtd=986 IP 142.250.74.162 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:12:58 Last Seen2023-03-08 23:12:58 Times Seen1 Hash a48b7d5c448ef849586824b2caac94d2 8e9085ce5a387ac2359d06c437694c8f3f95de5d a6a5e9314b4d29b33d7cc8ab9c1879661ff3d86d3c2794c108b53741083de596 Loading...

	reurl.cc/gvjOLp	861 B	2023-03-08	2023-03-14
Pretty URL reurl.cc/gvjOLp IP 35.185.130.121 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:48:24 Last Seen2023-03-14 16:38:06 Times Seen1 Hash de674f02b898192dbb8b7e56c7b71f2d ccbc1e32a9e00c6c73cbe9fae4d55405741804a0 25016a6f60cd49a996284f30a21adecf849480e1da4426f37eca22e80c77c8e2 Loading...

	static.xx.fbcdn.net/rsrc.php/v3iLl54/yQ/l/en_US/HKt4YSw6-gQ.js?_nc_x=Ij3Wp8lg5Kz	427 kB	2023-03-08	2023-03-08
Pretty URL static.xx.fbcdn.net/rsrc.php/v3iLl54/yQ/l/en_US/HKt4YSw6-gQ.js?_nc_x=Ij3Wp8lg5Kz IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 22:18:52 Last Seen2023-03-08 23:17:33 Times Seen1 Hash a4073d42d3e0c2a36529b5d93e12ee76 8936c12574aeb46896530062f32c9a093816681d 0eebbc4cc9200d108c749fd928feb1574df56f4278c27de60c417ae6ae95efc9 Loading...

	static.xx.fbcdn.net/rsrc.php/v3/yl/r/tLLNGXNgkqj.js?_nc_x=Ij3Wp8lg5Kz	30 kB	2023-03-08	2023-03-13
Pretty URL static.xx.fbcdn.net/rsrc.php/v3/yl/r/tLLNGXNgkqj.js?_nc_x=Ij3Wp8lg5Kz IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:29:22 Last Seen2023-03-13 11:05:15 Times Seen1 Hash 3c0bb7994839e24b991a8342797a048b e856ce4f0598ee94b5d7c92c91e817195df9737f 949bea1eaa307c841786249c9c26a79074dc9bd45fa23e7e67c9f58961ecb4b2 Loading...

	googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F14210&adk=2180255949&adf=3653020618&pi=t.ma~as.2784%2F14210&w=300&url=https%3A%2F%2Freurl.cc%2FgvjOLp&ea=0&wgl=1&dt=1670553425898&bpp=15&bdt=M&idt=856&shv=r20221206&mjsv=m202212060101&ptt=5&saldr=sa&correlator=3804882616186&frm=23&ife=1&pv=2&ga_vid=573891734.1670553423&ga_sid=1670553427&ga_hid=567915816&ga_fc=1&nhd=2&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=484&ady=108&biw=1268&bih=939&isw=300&ish=250&ifk=1900172581&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C44777506%2C31071250&oid=2&pvsid=1104544433664311&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.e7wpsoup1w8c&fsb=1&dtd=986	667 B	2023-03-07	2024-04-02
Pretty URL googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F14210&adk=2180255949&adf=3653020618&pi=t.ma~as.2784%2F14210&w=300&url=https%3A%2F%2Freurl.cc%2FgvjOLp&ea=0&wgl=1&dt=1670553425898&bpp=15&bdt=M&idt=856&shv=r20221206&mjsv=m202212060101&ptt=5&saldr=sa&correlator=3804882616186&frm=23&ife=1&pv=2&ga_vid=573891734.1670553423&ga_sid=1670553427&ga_hid=567915816&ga_fc=1&nhd=2&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=484&ady=108&biw=1268&bih=939&isw=300&ish=250&ifk=1900172581&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C44777506%2C31071250&oid=2&pvsid=1104544433664311&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.e7wpsoup1w8c&fsb=1&dtd=986 IP 142.250.74.162 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:12 Last Seen2024-04-02 23:20:19 Times Seen625 Hash 266fa50e801a713c1a404874cc1e21e5 9f01c436794411577f8137a87cdae54b7edb56f6 2264dec516e93bd143e1888320e2764d38aae7bb9aa3b2822c4095a6605f24dd Loading...

	unknown	0 B	2023-03-07	2024-04-25
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-25 13:38:14 Times Seen37063485 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	static.xx.fbcdn.net/rsrc.php/v3iAUQ4/yi/l/en_US/y6tvf4GzSD5.js?_nc_x=Ij3Wp8lg5Kz	544 kB	2023-03-08	2023-03-08
Pretty URL static.xx.fbcdn.net/rsrc.php/v3iAUQ4/yi/l/en_US/y6tvf4GzSD5.js?_nc_x=Ij3Wp8lg5Kz IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:12:58 Last Seen2023-03-08 23:12:58 Times Seen1 Hash e9322396010a8e0fa8c687ebc95d527b 487c17e771c0743bf4f9b04ff9bdc75e7f23c33e 663d3de2c935779876697626d50d6dd2ac033393f8a14cf00a242ffda5a714cb Loading...

	static.xx.fbcdn.net/rsrc.php/v3i1oF4/yg/l/en_US/MSkkoKlulg0.js?_nc_x=Ij3Wp8lg5Kz	271 kB	2023-03-08	2023-03-08
Pretty URL static.xx.fbcdn.net/rsrc.php/v3i1oF4/yg/l/en_US/MSkkoKlulg0.js?_nc_x=Ij3Wp8lg5Kz IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 22:18:52 Last Seen2023-03-08 23:17:33 Times Seen1 Hash 48806cd484a1115f86ef65f90b36022d 7fff0a259cc33632f25ec98b18727271d7f7b0ec 89669940a06082ed59b7e3c88b93f18ffe7d15280d102dd6b0dd8d105edeeb34 Loading...

	tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/one_click_handler_one_afma_fy2021.js	35 kB	2023-03-08	2023-03-12
Pretty URL tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/one_click_handler_one_afma_fy2021.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:33:16 Last Seen2023-03-12 14:35:21 Times Seen1 Hash 22f7b8c921b7df7ac5ec850387249fb5 39dd57507fe6ad7786d4d08b5877af9f184944db 20e61b393e246051ebe36f186c4c5a8a0ab4efa227f16ec0c4cf57d60e0388d1 Loading...

	p4-f2hyhjpf3kzqu-ewnn6utaftsrgvu5-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html	41 B	2023-03-07	2023-04-05
Pretty URL p4-f2hyhjpf3kzqu-ewnn6utaftsrgvu5-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html IP 142.250.74.131 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:52 Last Seen2023-04-05 02:08:04 Times Seen126 Hash 3771158c63956b18e3b6da88c49e1b41 04606f9af586fbc5e96418531d8801a18f7d957a bd6a7dfa78bde067000dca46cf0ddbd8cb19a81ea642b623a5613011d98502c9 Loading...

	pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js	37 kB	2023-03-08	2023-03-12
Pretty URL pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:58:53 Last Seen2023-03-12 18:56:13 Times Seen1 Hash 58f5bfb7814d97ff9f672388d0a5fae2 cd492c643629604dea1fe470f78b3a2ef4f6d501 cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94 Loading...

	reurl.cc/gvjOLp	296 B	2023-03-08	2023-03-08
Pretty URL reurl.cc/gvjOLp IP 35.185.130.121 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:12:59 Last Seen2023-03-08 23:12:59 Times Seen1 Hash 40e08312945ed4e82b4d3398846f21cc e3e7b4727438500fa991326b3116e6bfc99b986d 65e948ca19be3eb562d9dd165649421cc420e9a285d5be590875d6bd47efe6f2 Loading...

	static.xx.fbcdn.net/rsrc.php/v3/yp/r/EzO7WFjRb1W.js?_nc_x=Ij3Wp8lg5Kz	97 kB	2023-03-08	2023-03-08
Pretty URL static.xx.fbcdn.net/rsrc.php/v3/yp/r/EzO7WFjRb1W.js?_nc_x=Ij3Wp8lg5Kz IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 22:18:51 Last Seen2023-03-08 23:17:33 Times Seen1 Hash c93c2a71372ec38d6d19d23df492335d d8c27f0aa5331814a82dd1898de266ad8064b46c 026b6b9d5a1df0b6b5286323f7013486a2d780ff3dda7432f3707fadc38be03c Loading...

	static.xx.fbcdn.net/rsrc.php/v3isbk4/y3/l/en_US/NtPZ7ermhHA.js?_nc_x=Ij3Wp8lg5Kz	319 kB	2023-03-08	2023-03-08
Pretty URL static.xx.fbcdn.net/rsrc.php/v3isbk4/y3/l/en_US/NtPZ7ermhHA.js?_nc_x=Ij3Wp8lg5Kz IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 22:18:52 Last Seen2023-03-08 23:17:33 Times Seen1 Hash 8983c49b60a58082ad579599ad0aede1 da17299fb74daed47539f3f27185284666f68e6d e54c6a62cb5de351bd46ea290383c874e076334d2d23f3a53a38e431e6d09448 Loading...

	www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId	135 B	2023-03-08	2023-03-11
Pretty URL www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:15:13 Last Seen2023-03-11 23:35:37 Times Seen1 Hash 807e7c8ebd1f28023e957aa8c9052035 1e5179c31fae4c1e2520b3550b585631523a54ab 33c9e422a13f04b91890091a2a2157d269adea587e524df1c3563d674dc6f3e0 Loading...

	img.scupio.com/html/ad.html?v=1.0.65	58 kB	2023-03-07	2023-03-26
Pretty URL img.scupio.com/html/ad.html?v=1.0.65 IP 143.204.55.37 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07:35 Last Seen2023-03-26 09:48:42 Times Seen2 Hash b1254d485caec383a8c4ede41da791c5 048175709a8edeca1a248a4320eab3509c805224 f9e0aa0514554d88e078e15aae503e9a3a63247d91acb1cbcc2424d982beca4d Loading...

	www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df29eb31f6882fe8%26domain%3Dimg.scupio.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fimg.scupio.com%252Ff2997bf21fe1454%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2F100076309821482%2Fvideos%2F3313141875600806&locale=en_US&sdk=joey&show_text=false&width=280	177 B	2023-03-08	2023-03-08
Pretty URL www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df29eb31f6882fe8%26domain%3Dimg.scupio.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fimg.scupio.com%252Ff2997bf21fe1454%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2F100076309821482%2Fvideos%2F3313141875600806&locale=en_US&sdk=joey&show_text=false&width=280 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:12:59 Last Seen2023-03-08 23:12:59 Times Seen1 Hash 0480b7dc717767ff5cc833b265fd2703 3c77b303b64b16f0d7036040748c4c902d28d4fd d793b95632223886de7f504621030c9c75a58136ea31d3a0ddcf411f9f1a7094 Loading...

	static.xx.fbcdn.net/rsrc.php/v3iLl54/yV/l/en_US/9dN_FA4mMHO.js?_nc_x=Ij3Wp8lg5Kz	7.5 kB	2023-03-08	2023-10-10
Pretty URL static.xx.fbcdn.net/rsrc.php/v3iLl54/yV/l/en_US/9dN_FA4mMHO.js?_nc_x=Ij3Wp8lg5Kz IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:29:22 Last Seen2023-10-10 23:03:03 Times Seen42 Hash 15c1aa8eea5e27f133b179003998dcd1 ec75ab81d18acabe90bed5b99e067e7987290b2a 1cdfea8482ec87dbfecfc0b3914b3e9d90e2c32f7f601261cc79369092894312 Loading...

	googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F14210&adk=2180255949&adf=3653020618&pi=t.ma~as.2784%2F14210&w=300&url=https%3A%2F%2Freurl.cc%2FgvjOLp&ea=0&wgl=1&dt=1670553425898&bpp=15&bdt=M&idt=856&shv=r20221206&mjsv=m202212060101&ptt=5&saldr=sa&correlator=3804882616186&frm=23&ife=1&pv=2&ga_vid=573891734.1670553423&ga_sid=1670553427&ga_hid=567915816&ga_fc=1&nhd=2&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=484&ady=108&biw=1268&bih=939&isw=300&ish=250&ifk=1900172581&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C44777506%2C31071250&oid=2&pvsid=1104544433664311&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.e7wpsoup1w8c&fsb=1&dtd=986	5.1 kB	2023-03-08	2023-11-03
Pretty URL googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F14210&adk=2180255949&adf=3653020618&pi=t.ma~as.2784%2F14210&w=300&url=https%3A%2F%2Freurl.cc%2FgvjOLp&ea=0&wgl=1&dt=1670553425898&bpp=15&bdt=M&idt=856&shv=r20221206&mjsv=m202212060101&ptt=5&saldr=sa&correlator=3804882616186&frm=23&ife=1&pv=2&ga_vid=573891734.1670553423&ga_sid=1670553427&ga_hid=567915816&ga_fc=1&nhd=2&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=484&ady=108&biw=1268&bih=939&isw=300&ish=250&ifk=1900172581&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C44777506%2C31071250&oid=2&pvsid=1104544433664311&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.e7wpsoup1w8c&fsb=1&dtd=986 IP 142.250.74.162 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:45 Last Seen2023-11-03 08:02:11 Times Seen3 Hash df27db8ffcbf0f944538ca08b2e722f1 d8a4a51f9f8fecac3b1014a57fcc68330e9b7b54 f8437d110d7cce7fd92835b2907c211876ea9418887bee5f891af764153baec3 Loading...

	static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz	507 B	2023-03-08	2024-04-25
Pretty URL static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz IP 157.240.221.16 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:26:59 Last Seen2024-04-25 10:47:21 Times Seen20701 Hash 759df6e181340ef0a76a1bab457ebb22 2afdfa1808428e97f7f8faea0624c8402956b04e 9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b Loading...

	static.xx.fbcdn.net/rsrc.php/v3/yV/r/dFWSN65aTLw.js?_nc_x=Ij3Wp8lg5Kz	378 kB	2023-03-08	2023-03-09
Pretty URL static.xx.fbcdn.net/rsrc.php/v3/yV/r/dFWSN65aTLw.js?_nc_x=Ij3Wp8lg5Kz IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:10:20 Last Seen2023-03-09 04:40:04 Times Seen1 Hash d438dc3b12fe79f02c72f44bebb83956 942f1daa0bbaa7ff2334ac71b30324e57931e28b bdc0bab73fb6513cfb092ecf0995fbf4791a3bfb24dbaf2f8ae8d99f350c643b Loading...

	static.xx.fbcdn.net/rsrc.php/v3/yi/r/E1W52zVMGHx.js?_nc_x=Ij3Wp8lg5Kz	65 kB	2023-03-08	2023-04-01
Pretty URL static.xx.fbcdn.net/rsrc.php/v3/yi/r/E1W52zVMGHx.js?_nc_x=Ij3Wp8lg5Kz IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:34:20 Last Seen2023-04-01 11:22:15 Times Seen18 Hash ef09b8c17d45cff0d465603fe3b8dffe be38b656c479b8f06800a4a1ffef5459b7ab444d 19e6c62be760514e8846c3853afec5882dfaf81c1da4e374e3fc24630faf5a7e Loading...

	googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F14210&adk=2180255949&adf=3653020618&pi=t.ma~as.2784%2F14210&w=300&url=https%3A%2F%2Freurl.cc%2FgvjOLp&ea=0&wgl=1&dt=1670553425898&bpp=15&bdt=M&idt=856&shv=r20221206&mjsv=m202212060101&ptt=5&saldr=sa&correlator=3804882616186&frm=23&ife=1&pv=2&ga_vid=573891734.1670553423&ga_sid=1670553427&ga_hid=567915816&ga_fc=1&nhd=2&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=484&ady=108&biw=1268&bih=939&isw=300&ish=250&ifk=1900172581&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C44777506%2C31071250&oid=2&pvsid=1104544433664311&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.e7wpsoup1w8c&fsb=1&dtd=986	7.0 kB	2023-03-08	2023-11-03
Pretty URL googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F14210&adk=2180255949&adf=3653020618&pi=t.ma~as.2784%2F14210&w=300&url=https%3A%2F%2Freurl.cc%2FgvjOLp&ea=0&wgl=1&dt=1670553425898&bpp=15&bdt=M&idt=856&shv=r20221206&mjsv=m202212060101&ptt=5&saldr=sa&correlator=3804882616186&frm=23&ife=1&pv=2&ga_vid=573891734.1670553423&ga_sid=1670553427&ga_hid=567915816&ga_fc=1&nhd=2&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=484&ady=108&biw=1268&bih=939&isw=300&ish=250&ifk=1900172581&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C44777506%2C31071250&oid=2&pvsid=1104544433664311&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.e7wpsoup1w8c&fsb=1&dtd=986 IP 142.250.74.162 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:33:16 Last Seen2023-11-03 08:02:11 Times Seen3 Hash 8fb7ae1dfe264bede1883961836d18ac 388b325fea585e6780e0f30cb43a7df0f28b5035 7e206584502ccfa5cd025eb15a4534f380a0ff375e2d988899f7a668935e65bf Loading...

	reurl.cc/javascripts/loading.js	134 B	2023-03-08	2023-12-16
Pretty URL reurl.cc/javascripts/loading.js IP 35.185.130.121 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:03:18 Last Seen2023-12-16 12:50:21 Times Seen30 Hash 15cea07370297423ac71841f524f2164 ee1fb636ddfca8612895f953bb4c8b688ffe0c09 ddd9d29beabaeecc9c76408242dfc2b76305ec52511992d3cfbc81a500ee0670 Loading...

	static.xx.fbcdn.net/rsrc.php/v3/y2/r/1Uq8e-LKgSD.js?_nc_x=Ij3Wp8lg5Kz	322 kB	2023-03-08	2023-03-08
Pretty URL static.xx.fbcdn.net/rsrc.php/v3/y2/r/1Uq8e-LKgSD.js?_nc_x=Ij3Wp8lg5Kz IP 157.240.221.16 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:07:11 Last Seen2023-03-08 23:28:43 Times Seen1 Hash e95f49cc87be6ba2f379861535dafcf5 71b564bbd86ce03d3c6f834c95ed2410294a2a33 f0c7824a11029c3596946818f65ab07d85af309a1c667867f071064a672525dd Loading...

	www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId	43 kB	2023-03-08	2023-03-08
Pretty URL www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:12:59 Last Seen2023-03-08 23:12:59 Times Seen1 Hash ce844a75c23807e73edc32ed45a71d8b 55c71475a1c187718477076bff2c610b7ebe2a8d feed0b62ff33102a29e20fcd1f3f98cb788565d76bb19206f01a9f8221d74fd7 Loading...

	static.xx.fbcdn.net/rsrc.php/v3/y9/r/ie38mp0O07P.js?_nc_x=Ij3Wp8lg5Kz	25 kB	2023-03-08	2024-04-24
Pretty URL static.xx.fbcdn.net/rsrc.php/v3/y9/r/ie38mp0O07P.js?_nc_x=Ij3Wp8lg5Kz IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:26:59 Last Seen2024-04-24 06:00:33 Times Seen1930 Hash d03405286255f92c495fb7cbeb7c9556 0fad02cc6fcfca74b57a1db092b5c16e4e9c0759 a87feaf65170ded496c597c1f1011a79c39a309e415802b49a3fea32f32dfdb8 Loading...

	googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F14210&adk=2180255949&adf=3653020618&pi=t.ma~as.2784%2F14210&w=300&url=https%3A%2F%2Freurl.cc%2FgvjOLp&ea=0&wgl=1&dt=1670553425898&bpp=15&bdt=M&idt=856&shv=r20221206&mjsv=m202212060101&ptt=5&saldr=sa&correlator=3804882616186&frm=23&ife=1&pv=2&ga_vid=573891734.1670553423&ga_sid=1670553427&ga_hid=567915816&ga_fc=1&nhd=2&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=484&ady=108&biw=1268&bih=939&isw=300&ish=250&ifk=1900172581&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C44777506%2C31071250&oid=2&pvsid=1104544433664311&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.e7wpsoup1w8c&fsb=1&dtd=986	48 B	2023-03-08	2024-04-02
Pretty URL googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F14210&adk=2180255949&adf=3653020618&pi=t.ma~as.2784%2F14210&w=300&url=https%3A%2F%2Freurl.cc%2FgvjOLp&ea=0&wgl=1&dt=1670553425898&bpp=15&bdt=M&idt=856&shv=r20221206&mjsv=m202212060101&ptt=5&saldr=sa&correlator=3804882616186&frm=23&ife=1&pv=2&ga_vid=573891734.1670553423&ga_sid=1670553427&ga_hid=567915816&ga_fc=1&nhd=2&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=484&ady=108&biw=1268&bih=939&isw=300&ish=250&ifk=1900172581&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C44777506%2C31071250&oid=2&pvsid=1104544433664311&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.e7wpsoup1w8c&fsb=1&dtd=986 IP 142.250.74.162 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:23:23 Last Seen2024-04-02 23:20:19 Times Seen928 Hash dfd55c442c4c64f52bdc00f1640365b8 185edf749dd7f7e9e306cbd66754014865913418 08ce2c892c70199949416429fdf400b479a4db4187524fdae6b84c9e9676281b Loading...

	www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId	252 B	2023-03-07	2024-03-07
Pretty URL www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:56 Last Seen2024-03-07 18:38:30 Times Seen2234 Hash dfc334cd5201ae3c020f43848b1646c4 b951863e53fd874757a2d5a21c8739a4d3640947 6e28b909a82bf42f6a2b51d7bbdc3ecafc47cd43cd52d1a3b584250c2ae579fe Loading...

	ad.holmesmind.com/adserver/ads.js?z=13856&rf=https%3A%2F%2Freurl.cc%2FgvjOLp&n=872&o=1&d=1&b=3&ts=1&ii=3&FPCK=5164-YoXNeE2gwGQzQDgedRhnlkXKM1g0BRpS&initver=210830P	2.5 kB	2023-03-08	2023-03-08
Pretty URL ad.holmesmind.com/adserver/ads.js?z=13856&rf=https%3A%2F%2Freurl.cc%2FgvjOLp&n=872&o=1&d=1&b=3&ts=1&ii=3&FPCK=5164-YoXNeE2gwGQzQDgedRhnlkXKM1g0BRpS&initver=210830P IP 35.75.34.66 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:12:59 Last Seen2023-03-08 23:12:59 Times Seen1 Hash 1be87cbeb41d5d797abd42424cd5627c a4c1646854824b5ea05e7ca87f0c8d61da5adb86 d41239d431adaa881a3d9f8e700ef3abe9c68f42913e071b116b4c4c699569ab Loading...

	static.xx.fbcdn.net/rsrc.php/v3i7M54/yE/l/en_US/UprCI8A8nVg.js?_nc_x=Ij3Wp8lg5Kz	140 kB	2023-03-08	2023-03-08
Pretty URL static.xx.fbcdn.net/rsrc.php/v3i7M54/yE/l/en_US/UprCI8A8nVg.js?_nc_x=Ij3Wp8lg5Kz IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:12:59 Last Seen2023-03-08 23:12:59 Times Seen1 Hash 0fb6fd228af9fc8b79b2219ab14749cf 48c37efecd03b4eca88c4ab899bc993039fcafce 5443224a2c9a19acbd4c7205dcfac376b5014b48bf27675d97464951805a1aff Loading...

	pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=reurl.cc&bust=31071250	365 kB	2023-03-08	2023-03-09
Pretty URL pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=reurl.cc&bust=31071250 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:12:59 Last Seen2023-03-09 02:47:05 Times Seen1 Hash 95e2ccd9df6c43ef323b9980d10b9bf8 0f5a3d627492a927644a424c6ce3abddcc67ce04 fe6b8148a4d3c4db8c4e988325ee2111a30b9a3765608eeef4bb885cd0e9a9ab Loading...

	tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/qs_click_protection_fy2021.js	18 kB	2023-03-08	2023-03-12
Pretty URL tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/qs_click_protection_fy2021.js IP 216.58.207.193 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:33:16 Last Seen2023-03-12 14:35:21 Times Seen1 Hash 8b9321f847dd35f8b9d7bf4b2f2638d0 a54f3f434e62752fe4653c21b611eb729d56e9d6 000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c Loading...

	cdn.holmesmind.com/js/init.js	6.6 kB	2023-03-07	2023-03-14
Pretty URL cdn.holmesmind.com/js/init.js IP 54.230.111.38 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07:35 Last Seen2023-03-14 09:43:32 Times Seen1 Hash 439e160b698f1ec2efb45c3b6cd6b265 7beee754ce93e58b7f321ff7b8b85c2ffda42a64 fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818 Loading...

	adcdn.holmesmind.com/adserver/Preset.js?z=14210	933 B	2023-03-08	2023-03-12
Pretty URL adcdn.holmesmind.com/adserver/Preset.js?z=14210 IP 143.204.55.65 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:48:24 Last Seen2023-03-12 12:58:43 Times Seen1 Hash af58803dca85ced1b5f8dfc60e218b62 66461df9c27d37014cde344700ba28430ac33b90 e0e1c20c2b43f156e52a318090077f333099dfa88bcab94d37f9aea7a4f99728 Loading...

	bw.scupio.com/ssp/initid.aspx?mode=L&cb=0.4189874881359349	37 B	2023-03-08	2023-03-08
Pretty URL bw.scupio.com/ssp/initid.aspx?mode=L&cb=0.4189874881359349 IP 210.59.219.180 ASN #3462 Data Communication Business Group Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:12:59 Last Seen2023-03-08 23:12:59 Times Seen1 Hash aaedbe743d91af99e26c8b3c0647b4b7 fa218c696a1a880ee4c2c57a8c6455e508233099 33c34df47d71d6603647712549d21e6f7bb3663c75a278f6e3a7328086d3d596 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 5b93c2da7b258caece71f19f661f19fd	330 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 21:58:54 Last Seen2023-03-12 18:56:14 Times Seen1 Hash 5b93c2da7b258caece71f19f661f19fd d46ab01af57a490f545cf75ef5791dfed56e98d1 176be543419967232a00d57d5f3a8093617a2281de257924882c8c392b9c4e87 Loading...

	#2 Eval - f8a23514f972526e92679b3785d33ae1	89 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 21:58:54 Last Seen2023-03-12 18:56:14 Times Seen1 Hash f8a23514f972526e92679b3785d33ae1 7b1784d0f8c1e54d0561fba048ceaebd3800c7f4 b288a220ca48431cff79414a6e202dca10a03447627ae754e6356a9b303a0e5a Loading...

	#3 Eval - e440757435b66ed3077e4358903867c3	272 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 21:58:54 Last Seen2023-03-12 18:56:14 Times Seen1 Hash e440757435b66ed3077e4358903867c3 82c1d9495acf80c6fd4ed17b11fb337cb26e5c78 d4de03f9ddad3d2a5292296efc73f7358fbe309548071bab3523bc66005307d3 Loading...

	#4 Eval - 7f00ac8c93b5754d55fedbcde61f2f14	216 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 21:58:54 Last Seen2023-03-12 18:56:14 Times Seen1 Hash 7f00ac8c93b5754d55fedbcde61f2f14 691ad95303213905b8d6ede569a243d5e824ed03 0b4a98cb05e35be9ee04496c92ba0af61555a7f5e863f80d554fa167bd9a4fd4 Loading...

	#5 Eval - 92c9e795a52d293a526e35a5f5b0e46e	47 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 21:58:54 Last Seen2023-03-12 18:56:14 Times Seen1 Hash 92c9e795a52d293a526e35a5f5b0e46e af8e6839fa45126544d38f594094efc86d63fb14 bc133ede97756221ae8911f5ed6ec6624a8fad2efea763b1414e091cb5b27d5f Loading...

	#6 Eval - 8192c484afdb5fc21489ad746b9abf55	22 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 21:58:54 Last Seen2023-03-12 18:56:14 Times Seen1 Hash 8192c484afdb5fc21489ad746b9abf55 857bfb6ec728ee920f068cc75d3269141959d857 1bb149a0fdcf12951f6262417b68e7e2753d61799afb8156ec2bc3bae419bc7f Loading...

	#7 Eval - 9387ee7421635e3aab9001fad317dace	94 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 21:58:54 Last Seen2023-03-12 18:56:14 Times Seen1 Hash 9387ee7421635e3aab9001fad317dace f1d16782213fa88a129ba124030b3c817063900e 22e52dc78594b95bd527f44b3f38a73dfd513cef5154e661ca21e46bef540555 Loading...

	#8 Eval - d2deb2d6394b37882e2aad3749beaf28	356 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 21:58:54 Last Seen2023-03-12 18:56:14 Times Seen1 Hash d2deb2d6394b37882e2aad3749beaf28 759f077956bdadec597eddc78400e9bec27adeef 9329b73d7b7ddd03ee2c839e44496af6a5d829ef18fe239bacb0e62c2f6deacc Loading...

	#9 Eval - 1f14e172264a5a365c323283baf675f8	53 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 21:58:54 Last Seen2023-03-12 18:56:14 Times Seen1 Hash 1f14e172264a5a365c323283baf675f8 e9c4889089f6a19208480f2de5507e2776560657 f4addbf368eafb5eab48318ab450366d4fe099778ff13435fd5ff05eb19a5de3 Loading...

	#10 Eval - 415290769594460e2e485922904f345d	1 B	2023-03-07	2024-04-22
Pretty Observations First Seen2023-03-07 01:11:47 Last Seen2024-04-22 16:59:43 Times Seen9856 Hash 415290769594460e2e485922904f345d 95cb0bfd2977c761298d9624e4b4d4c72a39974a a1fce4363854ff888cff4b8e7875d600c2682390412a8cf79b37d0b11148b0fa Loading...

	#11 Eval - 77233940214cd6138c81bc8eb19853c5	133 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 21:58:54 Last Seen2023-03-12 18:56:14 Times Seen1 Hash 77233940214cd6138c81bc8eb19853c5 d230b28d18f2898b030fa5ae8f1ee9592aca520f a03f87afd64f5427efe3175c9566a924fb787c9bc16cba2d6b4fc168e09a899c Loading...

	#12 Eval - ae43506c449ef22b6966e14168e2ed77	39 kB	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 23:12:59 Last Seen2023-03-12 13:08:16 Times Seen1 Hash ae43506c449ef22b6966e14168e2ed77 339d81821b4d52ee13e70cf4b6ad07ce9bce163d 3bdf28396c0711bac5433621523385e528a7f60dc118742fced3cf183557755c Loading...

	#13 Eval - 474e6c59d39ab2b9f9eb79ab75b9da90	2 B	2023-03-08	2024-03-04
Pretty Observations First Seen2023-03-08 21:58:54 Last Seen2024-03-04 13:09:43 Times Seen863 Hash 474e6c59d39ab2b9f9eb79ab75b9da90 ed3ecb50026ed6678c2461bc4c914ecbdbecb738 30dbca900d1617441c40eeee84d3ad783dc9d0b4a1d572ac5882806229791cf6 Loading...

	#14 Eval - f9eab7a52fbda6f4788f438ba1a8da94	2 B	2023-03-08	2024-04-21
Pretty Observations First Seen2023-03-08 21:58:54 Last Seen2024-04-21 08:50:27 Times Seen158 Hash f9eab7a52fbda6f4788f438ba1a8da94 7abc8b445c35d211046a856f946dde96a8b48bf8 b3c51f8a64fa28ac50ec1233d1178413cc04536d4ae21bb290ffc8d053074456 Loading...

	#15 Eval - 46fee00be7a15b602d4649aaec4f14be	22 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 21:58:54 Last Seen2023-03-12 18:56:14 Times Seen1 Hash 46fee00be7a15b602d4649aaec4f14be 30d5c4b091875a3d8c27d267a307d62cffdd770b 2666ceb18e8d35cdb2f8cae3690645adf88c9d20b9e136d3a6c3a4eec9be74b2 Loading...

	#16 Eval - 16e8bc967d7a534f2c6266e2777b519e	77 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 21:58:54 Last Seen2023-03-12 18:56:14 Times Seen1 Hash 16e8bc967d7a534f2c6266e2777b519e 98cae512b60ae37ebb2565e778784cb5335eb6f0 9a832e9d4c19eb569cd9031b83e9ca148a89c2d88d234a6bd6af005d6bc92ccd Loading...

	#17 Eval - c1d9f50f86825a1a2302ec2449c17196	1 B	2023-03-07	2024-04-25
Pretty Observations First Seen2023-03-07 01:11:48 Last Seen2024-04-25 10:25:32 Times Seen8354 Hash c1d9f50f86825a1a2302ec2449c17196 7cf184f4c67ad58283ecb19349720b0cae756829 44bd7ae60f478fae1061e11a7739f4b94d1daf917982d33b6fc8a01a63f89c21 Loading...

	#18 Eval - cd241ed7a765abf9a51854586e4a6b93	557 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 21:58:54 Last Seen2023-03-12 18:56:14 Times Seen1 Hash cd241ed7a765abf9a51854586e4a6b93 54875ac3de269da4bf4be7429bd370a8368f62a2 e5259d064dc1c1f0630f461aeadc45637c3c84795bfe0c44cdc7a58fa4fb0ca2 Loading...

	#19 Eval - 4fe636bb1d28e4c42a955539aaef8e60	2 B	2023-03-07	2024-04-12
Pretty Observations First Seen2023-03-07 01:27:27 Last Seen2024-04-12 08:21:00 Times Seen36 Hash 4fe636bb1d28e4c42a955539aaef8e60 5591fb428144acf6c59d1ed3fca314271e5c31a6 0c089c69e96fb2c8e9ee984e8123a703772e55d9178db1343b3e34cf7b1652cc Loading...

	#20 Eval - 97630d950aa3ef2132577dc4cf71a1c1	209 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 21:58:54 Last Seen2023-03-12 18:56:14 Times Seen1 Hash 97630d950aa3ef2132577dc4cf71a1c1 ceae18b27a869d5e517958fada09dfe6dd5bf3d2 7d0e3d5929f4d637c148cfb889f943d0dec353f04d1997c6472ef586e00076e3 Loading...

	#21 Eval - 9c1aa762193738c2e9bc75da4e1c5191	72 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 21:58:54 Last Seen2023-03-12 18:56:14 Times Seen1 Hash 9c1aa762193738c2e9bc75da4e1c5191 fa223b694a0bd8f2c0e3d5e9a9eb982a567a9dd8 fc87b127f47d782750518ff6e97fcfb0949da9a5e228b8e0c0c2cdb08ad41b18 Loading...

	#22 Eval - d48a24ae9672ee573050e4d3aeeebe4d	29 B	2023-03-07	2024-04-25
Pretty Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-25 13:12:51 Times Seen53198 Hash d48a24ae9672ee573050e4d3aeeebe4d 8f8c4d27852980a1ec5a8b1aba30769001314ec8 53e5b7d706a350fe98d52499058624e15cddc1541f17370f94a899a386c50255 Loading...

	#23 Eval - c663da401cf173784bd3d00ace1c30c9	321 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 21:58:54 Last Seen2023-03-12 18:56:14 Times Seen1 Hash c663da401cf173784bd3d00ace1c30c9 9bdddc3a1096ea04925679f9c3c38949b9237d0d 7f5d74cd3e4b01577558dfdc0fa57968dd377400f5788054b6dc4443147f306d Loading...

	#24 Eval - c3c2f1ea7d98ba8ac21ed962de473ff5	44 kB	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 23:12:59 Last Seen2023-03-08 23:12:59 Times Seen1 Hash c3c2f1ea7d98ba8ac21ed962de473ff5 7b53bdc8ba81063ad6501e05438fcf21cd81d149 c7a31c6d71dbb806e9a54942f4cd3be459cacbee3b2b37c8b99c9086f8411102 Loading...

	#25 Eval - 583eb722b77d6c7791d1811f6a42450c	2 B	2023-03-08	2024-02-13
Pretty Observations First Seen2023-03-08 21:58:54 Last Seen2024-02-13 15:47:23 Times Seen778 Hash 583eb722b77d6c7791d1811f6a42450c d5f10c9bc8370694a415ccbaabcb062e36948c5a fc74181ece96ac0d3a8d14da85058f9a336cab3ea77d797cfbb9fadcf49e86d0 Loading...

	#26 Eval - 24cc3dc813f384fde380df619f1525cb	19 B	2023-03-07	2024-04-25
Pretty Observations First Seen2023-03-07 01:02:05 Last Seen2024-04-25 13:12:51 Times Seen48801 Hash 24cc3dc813f384fde380df619f1525cb 56399e3ce57ff98d68c7de98a563e572230dff6b 5421715bbdaf2550e31d10fc28d444310a8fe7147bbddecf0abb490358a1553b Loading...

	#27 Eval - 85a94610378e7e237cc730d80a5f03a6	166 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 21:58:54 Last Seen2023-03-12 18:56:14 Times Seen1 Hash 85a94610378e7e237cc730d80a5f03a6 c4b07a5fe3a8100d459b539cfbb6011ea2697f70 ecc8484b6ec20e0ce46bbb4874d306234521b718e08fabf539c587291ab20699 Loading...

	#28 Eval - 9d07a947d9ce04208e4948d66e1e54e5	93 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 21:58:54 Last Seen2023-03-12 18:56:14 Times Seen1 Hash 9d07a947d9ce04208e4948d66e1e54e5 422e5142e5eb903dfbd890e52436d4518b83d5e6 d647fcb4a8386bd05a52f7d1e11f09659a455a5b8a5e4903a09ce1e4b52b35fc Loading...

	#29 Eval - bae3f90cb000352645e35fad60da411c	35 B	2023-03-07	2024-04-25
Pretty Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-25 13:12:51 Times Seen53235 Hash bae3f90cb000352645e35fad60da411c 00023f94c170125b979cb1914925d06ab1abfbce 1e3606d95ce27d593157594820335681a9380f51a96147303cd8000e60a95e12 Loading...

	#30 Eval - 2db95e8e1a9267b7a1188556b2013b33	1 B	2023-03-07	2024-04-25
Pretty Observations First Seen2023-03-07 01:15:12 Last Seen2024-04-25 13:12:51 Times Seen10566 Hash 2db95e8e1a9267b7a1188556b2013b33 07c342be6e560e7f43842e2e21b774e61d85f047 acac86c0e609ca906f632b0e2dacccb2b77d22b0621f20ebece1a4835b93f6f0 Loading...

	#31 Eval - fc99dfc08b126c323e0e40b81cd72b05	156 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 21:58:54 Last Seen2023-03-12 18:56:14 Times Seen1 Hash fc99dfc08b126c323e0e40b81cd72b05 6f1c6ebf4a2d7b98db01402d17524aa99d031da5 1811be105e52eae6efacabce37d2b61d32429e9df2955bcc458a69257874fa1c Loading...

	#32 Eval - 25ec916d56b8212e569dbf2e4e4b51d4	2 B	2023-03-08	2024-03-19
Pretty Observations First Seen2023-03-08 21:58:54 Last Seen2024-03-19 02:39:23 Times Seen15 Hash 25ec916d56b8212e569dbf2e4e4b51d4 80d305c58f97edfae92a3627f5a66d9bef4d8d46 c8f48a68649d1cae147fb8afd54801e3e82622465c98ff1ee29075da2c201d78 Loading...

	#33 Eval - 1d71b736bd9494f61817374f5095015b	464 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 21:58:54 Last Seen2023-03-12 18:56:14 Times Seen1 Hash 1d71b736bd9494f61817374f5095015b 4bbf9e9ae4f38bd6ce23b8ba1604ebc083c26dbf 6b82ddc59d8ef90397d39a25d5f6473795b0115e9edc00e28f51b6edae9e8a0b Loading...

	#34 Eval - b5dafc726433e35f61f2e867156e7974	141 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 21:58:54 Last Seen2023-03-12 18:56:14 Times Seen1 Hash b5dafc726433e35f61f2e867156e7974 443203e95c150209379ff7cd1e38cdb67175a7c3 f2441d8e6a831705e24d0c2d8adcf4d3342fd23bedd80dd4cdd1801c6101820c Loading...

	#35 Eval - 7944c26a406ca12f1f917116cdcc74a3	22 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 21:58:54 Last Seen2023-03-12 18:56:14 Times Seen1 Hash 7944c26a406ca12f1f917116cdcc74a3 6a7d9a944fd636455006c5f90e6bec04137811fa d0f92c8f8e897c6a966e19048f7397f68fc31e78d11c890c156611eb7cc18d2b Loading...

	#36 Eval - b89fb5c484caf52fd686e263743f7f54	723 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 21:58:54 Last Seen2023-03-12 18:56:14 Times Seen1 Hash b89fb5c484caf52fd686e263743f7f54 7892121fad17f204f68b39c4e3fc471554c88339 112d702364dd979eb55299d5bf748cf9106702b9b55894677ed51094d85e7f23 Loading...

	#37 Eval - 30d5b99c654da853b920174227a214fc	82 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 21:58:54 Last Seen2023-03-12 18:56:14 Times Seen1 Hash 30d5b99c654da853b920174227a214fc df1a886e5f0aa32d6e3efdc1b67dd1960d0a9c9e f29a9f09877d5eab4e39570c8e289b6f6a1a5ec1a9a9c86568e1f7f19619485d Loading...

	#38 Eval - 3a3375c990df534f7edcbe160b379a6a	406 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 21:58:54 Last Seen2023-03-12 18:56:14 Times Seen1 Hash 3a3375c990df534f7edcbe160b379a6a 4737d593407ad9b1550d57d80e08eeaa0418cdf3 bf922f62830791627ddace9408a34c0e023b3b00eee2920c005aca94badfb328 Loading...

	#39 Eval - 85f77007a9e604394d9644ca16949ea3	131 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 21:58:54 Last Seen2023-03-12 18:56:14 Times Seen1 Hash 85f77007a9e604394d9644ca16949ea3 62afc54ece0d00f56863baf5af99e264eef2f200 d197c8f5ff1a9997f6877478f67029e174d9eb8beff38afea9c3ed4c365911f0 Loading...

	#40 Eval - 3c19e7bf79c0cad4f3592b075fc29c32	2 B	2023-03-08	2023-09-19
Pretty Observations First Seen2023-03-08 21:58:54 Last Seen2023-09-19 08:44:22 Times Seen115 Hash 3c19e7bf79c0cad4f3592b075fc29c32 838ec76bd683cc94ebe655ef04656e6bd273bb03 43f02fcda5eca7b6d0d9c9b1fe1b75dfb5fca6b667b8fc5be65efb1804ba93c6 Loading...

	#41 Eval - c02fbe7cc8e67411dbadd81fcf935e8e	529 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 21:58:54 Last Seen2023-03-12 18:56:14 Times Seen1 Hash c02fbe7cc8e67411dbadd81fcf935e8e 0d31a50890d46debcace77647e96f70a15c5bb92 b787f63da2b2bcd8a55ab0d60e64aea4245bf24f5da937de68a713a7eede7687 Loading...

	#42 Eval - 0ac0dd65e82e143ab04d378a0133bf9e	2 B	2023-03-08	2024-04-15
Pretty Observations First Seen2023-03-08 21:58:54 Last Seen2024-04-15 15:27:27 Times Seen24 Hash 0ac0dd65e82e143ab04d378a0133bf9e 6fc823a7a2112f457790477915251a750c62eca3 fc7e9c0ba3b43a140aceeca91075b7c5fdfe7bdf09def12e521457d959370cb1 Loading...

	#43 Eval - 5ab0471d172cb45eacd93ded7611cbf0	130 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 21:58:54 Last Seen2023-03-12 18:56:14 Times Seen1 Hash 5ab0471d172cb45eacd93ded7611cbf0 a8e8f5209abcb18cbd84e0623c8fc097b9cb82c4 01cc9298337bf742061782ba446349092669c4e3491add233c877c41b4ab8aba Loading...

	#44 Eval - 8bcc25c96aa5a71f7a76309077753e67	2 B	2023-03-07	2023-06-15
Pretty Observations First Seen2023-03-07 12:23:15 Last Seen2023-06-15 17:32:36 Times Seen2 Hash 8bcc25c96aa5a71f7a76309077753e67 f095160c09b366f6e7cf905fc1b6024f956231f6 632cd2fea71dcde005af4e07f14b8bc1f68b63d9c1b373dc6048fb87e90af22b Loading...

	#45 Eval - 5ce34759b9b46554064e2e2544b76187	214 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 21:58:54 Last Seen2023-03-12 18:56:14 Times Seen1 Hash 5ce34759b9b46554064e2e2544b76187 170d49205ecb47855f571692dc83361649c84928 bcf1298eed87f800c444e6a7e403fcd1e2802ae8a99680a7bb8bd537117a8ee0 Loading...

	#46 Eval - 8d9c307cb7f3c4a32822a51922d1ceaa	1 B	2023-03-07	2024-04-22
Pretty Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-22 08:45:31 Times Seen8236 Hash 8d9c307cb7f3c4a32822a51922d1ceaa b51a60734da64be0e618bacbea2865a8a7dcd669 8ce86a6ae65d3692e7305e2c58ac62eebd97d3d943e093f577da25c36988246b Loading...

	#47 Eval - 219de28d04a28434abf07f948a9c6b7f	274 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 21:58:54 Last Seen2023-03-12 18:56:14 Times Seen1 Hash 219de28d04a28434abf07f948a9c6b7f 15f391bb90618af545a59dc9ab6606018360f4a8 ba9e66c7fc026f6bb7ac0c513ccefb9890b360a027b89a2ac1dff2c97780607e Loading...

	#48 Eval - 1d4095257d5e37a3bdfbf7d267a6cd08	79 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 21:58:54 Last Seen2023-03-12 18:56:13 Times Seen1 Hash 1d4095257d5e37a3bdfbf7d267a6cd08 8a3f11a723d02cbd99209e2ff6dec8408f5917af f51d568c66aaed844efd88697a7ec5478e2ce8789553487dcc10093ff501e6e1 Loading...

	#49 Eval - d8f9c224452ecb68eab1fcf40804a6ed	79 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 21:58:54 Last Seen2023-03-12 18:56:14 Times Seen1 Hash d8f9c224452ecb68eab1fcf40804a6ed 2b9b2137fb0cd4cc83418991512455528d7d764a 5259ebd3ef4b5c5275672dc6dcab0c4d671e6bb2cf9fffb28a97dd065951eab3 Loading...

	#50 Eval - 8a037f133bb0e8c182fc57d57b715447	143 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 21:58:54 Last Seen2023-03-12 18:56:14 Times Seen1 Hash 8a037f133bb0e8c182fc57d57b715447 bbe078f115b90e4fd0e38613d1480e7b6f7a7094 46435e36cef2e9bf652f9b20ad854f74fbbdd03dc71e088aeaf52fc29dc5bfe4 Loading...

	#51 Eval - c50ffbfcf1f9cf454057c5b386187c9d	51 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 21:58:54 Last Seen2023-03-12 18:56:14 Times Seen1 Hash c50ffbfcf1f9cf454057c5b386187c9d b939b76ff37bc55f87dab13542349b10afbb4f12 cead81dc8de8eca67b094d289cd292b2c7d6006ee3a6786d75089b69627e4c84 Loading...

	#52 Eval - aca7d6df136cdb3bea789172e11bd7c4	22 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 21:58:54 Last Seen2023-03-12 18:56:14 Times Seen1 Hash aca7d6df136cdb3bea789172e11bd7c4 e3a9c4cae4746133ff8ef87e6e5837d92cbbeaaa 35a3f992447b5304a28b319bab35f4bf7914c68a9b00411d46e9cae803003874 Loading...

	#53 Eval - a8d34b6838393b55e63f616fb7c7d85e	252 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 21:58:54 Last Seen2023-03-12 18:56:14 Times Seen1 Hash a8d34b6838393b55e63f616fb7c7d85e 951dc6d0f48cd703ff8a30eb220713fedb765042 6397642823763622644f63797d9f017940aec04589701bf797efe39e3ec55467 Loading...

	#54 Eval - fa78929240bdae94cf899eaf3631df0e	140 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 21:58:54 Last Seen2023-03-12 18:56:14 Times Seen1 Hash fa78929240bdae94cf899eaf3631df0e d97b46a2ee74b2c11c0bda883911276cbd5e8e1b f1bc0396d5c7a0be469cc462d5a3ab737dbdf59b34757eae30a2c6a50545041c Loading...

	#55 Eval - d4f481b59fab6ecb6bbecb226bab48c7	354 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 21:58:54 Last Seen2023-03-12 18:56:14 Times Seen1 Hash d4f481b59fab6ecb6bbecb226bab48c7 99264fe47a0c6cad8b87d858a97e4920e642f7bd e77371160c28da068c1daddd7eee2f882b4b6c1291a3051d23d9e01f0c7bd8e6 Loading...

	#56 Eval - 4efc6436bf7fb6078171376735b85588	2 B	2023-03-08	2023-11-28
Pretty Observations First Seen2023-03-08 05:58:52 Last Seen2023-11-28 21:13:40 Times Seen106 Hash 4efc6436bf7fb6078171376735b85588 afe1b0e14f0fb9704af1bf8bb80899028773c93d 3c446a7acea9dcccc99fa1ad613808b2980d3b091867c91c49c4784e71549354 Loading...

	#57 Eval - 083d5545c464f4155420ea811429e099	255 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 21:58:54 Last Seen2023-03-12 18:56:14 Times Seen1 Hash 083d5545c464f4155420ea811429e099 7d088922180968a1601a986b78186dfc34bcb126 a564cfc2295da0bcab0c0001ec76cd2cb28e6b380a5dcca7fa57a0ad5eac3553 Loading...

	#58 Eval - 4b866d82665b3bcd1f03e8c651d06a09	128 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 21:58:54 Last Seen2023-03-12 18:56:14 Times Seen1 Hash 4b866d82665b3bcd1f03e8c651d06a09 96f345b717f6dde0f34c57deca3e4d8de9e54c52 eb31097a40e9f4eea82063869e362049a176d90febd58d24e52570d3c509dbbf Loading...

	#59 Eval - 6a7026b6354a0eab5d721970cdce909c	527 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 21:58:54 Last Seen2023-03-12 18:56:14 Times Seen1 Hash 6a7026b6354a0eab5d721970cdce909c faaea0f7898cbcd9e7bc4a5b522507f3c83590aa 193b70d1e87b4acad166997e0401d5a85fb059be5fc3f06fa187d4bf6b99dca7 Loading...

	#60 Eval - 71805d10b9ea2a56437652aba0daf9bf	2 B	2023-03-08	2024-04-21
Pretty Observations First Seen2023-03-08 21:58:54 Last Seen2024-04-21 08:50:27 Times Seen147 Hash 71805d10b9ea2a56437652aba0daf9bf aec1474bc15922092bdcc0fe6a22b0993dc9fddf cb0f6349d7f4b961d8b4c8deb6f4744d68bdc98d27283aefd7b40869c9d0c2fe Loading...

	#61 Eval - be898e2f823f78c247fda9598e85bf38	165 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 21:58:54 Last Seen2023-03-12 18:56:14 Times Seen1 Hash be898e2f823f78c247fda9598e85bf38 bb4d87b1c68a52464e66c5a861eb0b173fef7806 7180da2abc994d2ec32de9668cdbda19e5da45348326b47e6a5858dd5f703436 Loading...

	#62 Eval - 2f41f4ef8979ab3953a20db62d77b5da	22 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 21:58:54 Last Seen2023-03-12 18:56:14 Times Seen1 Hash 2f41f4ef8979ab3953a20db62d77b5da ddbffee2cd05f39732a031b8b5479b95f1e46796 cff9259f6da44140ce14576ca46634b13d87cdc9cbe8c63d1444f6ecf69b5921 Loading...

	#63 Eval - 1a3972b084f77cfe66220d0c0c5561f9	96 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 21:58:54 Last Seen2023-03-12 18:56:13 Times Seen1 Hash 1a3972b084f77cfe66220d0c0c5561f9 7d1fd851187b172758314e62476cd87d393fbbba 418de3a13680073fcb3efedc8710b0938518effaacd0dc53c9824265cdcbfe4f Loading...

	#64 Eval - 8a9dc886b54ceb7387c8c40273cd38ca	95 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 21:58:54 Last Seen2023-03-12 18:56:14 Times Seen1 Hash 8a9dc886b54ceb7387c8c40273cd38ca 2ca5b1e999a1bd7c5290432b3995b25464f070ea f65f0bb25694a29f0a5ae83c4b47251ea00cf3cbe1dcb555b9c225f148f740ab Loading...

	#65 Eval - e24eec093f91ccfb0bfbf92fa539794e	70 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 21:58:54 Last Seen2023-03-12 18:56:14 Times Seen1 Hash e24eec093f91ccfb0bfbf92fa539794e f5871c7c06d57677e7e137d7e9f4e6a0e78dbefa e157a32d262dd9d09792c42b3441ce3eb2d11ca9955e7730c3dd9697b8ac7e1e Loading...

	#66 Eval - 37eb0f5d21cf9b646fcc7fed33099672	138 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 21:58:54 Last Seen2023-03-12 18:56:14 Times Seen1 Hash 37eb0f5d21cf9b646fcc7fed33099672 02e51531080e79eb2093e4089eef39cf9c18b6ad e81df36e20659d8a472054a437f305d4a075506d36ac0d235ba656d3c6be0888 Loading...

	#67 Eval - f9307fb3de425a9c8904df8099db21b2	31 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 21:58:54 Last Seen2023-03-12 18:56:14 Times Seen1 Hash f9307fb3de425a9c8904df8099db21b2 f596838b5f50ffceefb9cd9e69d7841655e13825 f8638cf403131b54e23e2b09c19814edcdfb114c42cd62032f96d7782a2b5a2a Loading...

	#68 Eval - ac2e849c337a0f5ed74558ec110132c0	77 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 21:58:54 Last Seen2023-03-12 18:56:14 Times Seen1 Hash ac2e849c337a0f5ed74558ec110132c0 d089bcc25fa40d9ec784901f3eea3dc64e308512 f1d3e7c6103637ee7c73b495d1464eee3c5b289dec8a570743e32461e81e480e Loading...

	#69 Eval - 1c4176eb812faed22c5821ed53823336	2 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 21:58:54 Last Seen2023-03-12 18:56:14 Times Seen1 Hash 1c4176eb812faed22c5821ed53823336 3e6fb38cc8a13f1359647e788a330d4a3dc2b6b8 d8f5a4e22eab4d17babacec1aeba331ebe2eae98344d73213f79cebd2d4cb07f Loading...

	#70 Eval - f2323161ffee07a37f458ad9d8e1b42a	250 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 21:58:54 Last Seen2023-03-12 18:56:14 Times Seen1 Hash f2323161ffee07a37f458ad9d8e1b42a cd54b8bf2a56e8996af3a016bff66d39dd514018 f313f2b9e30edda5e63bcea9c5880580cf0219d5c7f0b3710829742ebd291eb0 Loading...

	#71 Eval - 7694f4a66316e53c8cdd9d9954bd611d	1 B	2023-03-07	2024-04-25
Pretty Observations First Seen2023-03-07 01:20:09 Last Seen2024-04-25 10:25:31 Times Seen10954 Hash 7694f4a66316e53c8cdd9d9954bd611d 22ea1c649c82946aa6e479e1ffd321e4a318b1b0 8e35c2cd3bf6641bdb0e2050b76932cbb2e6034a0ddacc1d9bea82a6ba57f7cf Loading...

	#72 Eval - 87a47565be4714701a8bc2354cbaea36	2 B	2023-03-07	2023-09-29
Pretty Observations First Seen2023-03-07 17:52:42 Last Seen2023-09-29 08:38:56 Times Seen294 Hash 87a47565be4714701a8bc2354cbaea36 0f4d56d1e20778bf2e1052ecb3219509238fb660 24349c8054862cb8cbd4d857d096943e21434041ea744799074e2e28e753c14c Loading...

	#73 Eval - 5154ddb90b2d3fefe5dacf0397bb63bf	31 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 21:58:54 Last Seen2023-03-12 18:56:14 Times Seen1 Hash 5154ddb90b2d3fefe5dacf0397bb63bf b1cb46d3074b1da4bef47fefd31ee7ccc3110500 a9028710b7006d32a5504fa4ae9da274a360d5c74871a256a0af10099235e389 Loading...

	#74 Eval - c98ba01b37e8ed5ca95b042f3259e5be	115 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 21:58:54 Last Seen2023-03-12 18:56:14 Times Seen1 Hash c98ba01b37e8ed5ca95b042f3259e5be 2bc278dd82e3372b80cf7fdb339f79b8d5343383 b1a91d9270591a5d486b8467d368c68e37338f82e3a3063db1c7c74e48598731 Loading...

	#75 Eval - be2761781d6e727a2a220609bd56dcde	725 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 21:58:54 Last Seen2023-03-12 18:56:14 Times Seen1 Hash be2761781d6e727a2a220609bd56dcde 94a08f2766ba75cc34044bc123746e40deea06e9 7739b6e02de13d05cafbc2aeec5dc4c26f8d40e846ff2ee51e06fe2998750d94 Loading...

	#76 Eval - c074bba1840d44dfa7d9738ddbc83e59	79 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 21:58:54 Last Seen2023-03-12 18:56:14 Times Seen1 Hash c074bba1840d44dfa7d9738ddbc83e59 341003009c03427e69f9a3ef953467453db6cf4d 2bf0e4efd925fd3e9d5b0ebe32b887db28ede52b39006056f173c92e78f88194 Loading...

	#77 Eval - ae2ceda60db397ff5031547e2eb66122	132 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 21:58:54 Last Seen2023-03-12 18:56:14 Times Seen1 Hash ae2ceda60db397ff5031547e2eb66122 d625f251252969422c87a5703043197a0022ed52 92f822f2032a25631b3c64f1bb3625b2439863acb5fcc6ab9619ab4be29c8af3 Loading...

	#78 Eval - 68308c54b2669f0acce12671bbd5f775	291 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 21:58:54 Last Seen2023-03-12 18:56:14 Times Seen1 Hash 68308c54b2669f0acce12671bbd5f775 cb745c34e88c9b95455b530bc22f43db04f78864 5af6c7c4f4f179c0e1aee1832fd44a83a0ace2eef7ab06e623ca345f69bd639c Loading...

	#79 Eval - ee6d621e21b81e443fe70914f972143d	31 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 21:58:54 Last Seen2023-03-12 18:56:14 Times Seen1 Hash ee6d621e21b81e443fe70914f972143d 191ff36fbd5fedf89963033f4786b6d88ed93f02 d85321049425322b68dfd8d5b89d83eb4a8b8eade4e57310aff1705608c8e632 Loading...

	#80 Eval - a5ead69fa75a835acb064aa1179cb815	135 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 21:58:54 Last Seen2023-03-12 18:56:14 Times Seen1 Hash a5ead69fa75a835acb064aa1179cb815 f4196c8b01fc84087d2d7a265da64b1fbbb381a1 da9490ff178cb4334561dc2ec2dc1367225466451910cb86679dcfcd94f7d809 Loading...

	#81 Eval - 2eb4e0d2a71b19b7e47378c99d4f2ee5	100 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 21:58:54 Last Seen2023-03-12 18:56:14 Times Seen1 Hash 2eb4e0d2a71b19b7e47378c99d4f2ee5 d1b3d733ff092eb0c04aad9ff4614d5ab383e8af 763d575e264d2660d81f83b9dbe3e8ffd4bd1cff0188c3423e463e4a363894a3 Loading...

	#82 Eval - a30d1d799512fc28422db8254cc8770f	255 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 21:58:54 Last Seen2023-03-12 18:56:14 Times Seen1 Hash a30d1d799512fc28422db8254cc8770f b853b278714f58ce4679a7e499a16ab6e7fd62f4 f23e4906d713af5e88afece71e0ce578fed9487481fc6ce2f70e7334bb5f6aa6 Loading...

	#83 Eval - eb547e1979a4a68b69a2c0a0849c848e	328 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 21:58:54 Last Seen2023-03-12 18:56:14 Times Seen1 Hash eb547e1979a4a68b69a2c0a0849c848e befd1037eb6c5190a651500f446bce646f52d63f c13d2eb98101c4a0e1523a144784e65d74da9405590ac5a9c98d26297f36abca Loading...

	#84 Eval - 1f941eafc9c151387b7839eda9c6dcc7	212 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 21:58:54 Last Seen2023-03-12 18:56:14 Times Seen1 Hash 1f941eafc9c151387b7839eda9c6dcc7 02609c1957ba16cdc6db60c43600dda7cac01b82 38617756983621fd8159e51b9ba392f885a4805a25039f597648cc19dacca257 Loading...

	#85 Eval - b9ece18c950afbfa6b0fdbfa4ff731d3	1 B	2023-03-07	2024-04-25
Pretty Observations First Seen2023-03-07 01:02:18 Last Seen2024-04-25 13:12:51 Times Seen9279 Hash b9ece18c950afbfa6b0fdbfa4ff731d3 c2c53d66948214258a26ca9ca845d7ac0c17f8e7 e632b7095b0bf32c260fa4c539e9fd7b852d0de454e9be26f24d0d6f91d069d3 Loading...

	#86 Eval - 56eed2048d4b6d6496abd68715a0cb24	76 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 21:58:54 Last Seen2023-03-12 18:56:14 Times Seen1 Hash 56eed2048d4b6d6496abd68715a0cb24 006f4a8b0176fe83aa50dbc2fa77a7f21bf0443d 1eb672e6e101a793c82797ef568253a24b93482292fc6c519f5f8430e3144915 Loading...

	#87 Eval - c9a0338b248a88dd1b4c8968614fa26e	415 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 21:58:54 Last Seen2023-03-12 18:56:14 Times Seen1 Hash c9a0338b248a88dd1b4c8968614fa26e 609d8ad19c40f33ca3ed64ad853a19e35864ec45 01cb992b815abc6aeadd7500c31179e25cc6ee3e4c289edd6e6f4b318fdb363d Loading...

	#88 Eval - a362de1b3758d0e1618a318ba034920e	22 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 21:58:54 Last Seen2023-03-12 18:56:14 Times Seen1 Hash a362de1b3758d0e1618a318ba034920e 7f48357a82ca36dbfbab1e8d7841c85a9582b86c afb3cd1a04124893a1a9e64cdc3591761a7bdeafb759f6f2bd85e082292afdde Loading...

	#89 Eval - 11a35b973649177d432e86de97b70c45	59 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 21:58:54 Last Seen2023-03-12 18:56:13 Times Seen1 Hash 11a35b973649177d432e86de97b70c45 6676b7ebdd5154d24b9abebcdb77f9b93e594fa3 cde959370a71912d80b29e81e6e79a1317a17fe7664a15d9430c0e74ee697017 Loading...

	#90 Eval - dfcf28d0734569a6a693bc8194de62bf	1 B	2023-03-07	2024-04-23
Pretty Observations First Seen2023-03-07 01:02:14 Last Seen2024-04-23 19:41:22 Times Seen8420 Hash dfcf28d0734569a6a693bc8194de62bf a36a6718f54524d846894fb04b5b885b4e43e63b 333e0a1e27815d0ceee55c473fe3dc93d56c63e3bee2b3b4aee8eed6d70191a3 Loading...

	#91 Eval - 626a147558b612b9636706158d266642	78 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 21:58:54 Last Seen2023-03-12 18:56:14 Times Seen1 Hash 626a147558b612b9636706158d266642 2113eca7ba8b39766e1fbc6389fb190db2ad7c79 c12e3c737c59fc61203a4c566624ae61085b0c71490cc6e800d552a876402473 Loading...

	#92 Eval - 1f1d6da9808f6906366e1a8f0aecb02e	154 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 21:58:54 Last Seen2023-03-12 18:56:14 Times Seen1 Hash 1f1d6da9808f6906366e1a8f0aecb02e 17c704ec2388352df7e14c2755c3030c51217d68 1576dfbbae2c10213683672ff8f9beea79f92fd22a28f065598da173890fb1d3 Loading...

	#93 Eval - 42a26b968d176776c61e0093cba9d314	2 B	2023-03-08	2024-03-05
Pretty Observations First Seen2023-03-08 21:58:54 Last Seen2024-03-05 23:41:49 Times Seen813 Hash 42a26b968d176776c61e0093cba9d314 08254b82e0c1bab21cbac04266ec05fa42c01ffb dc248255056595845ee176a9458e3b1626bd7840cfb94cd4913beebfb7932bf7 Loading...

	#94 Eval - bd4496eb0285aba06273987971f6063a	35 B	2023-03-07	2024-04-25
Pretty Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-25 11:56:24 Times Seen38620 Hash bd4496eb0285aba06273987971f6063a 8c7d085c9d54b41debd437430b6852de7f898857 f2a353ed5469812b863c5fbeb58b4d46b864ba4e20a49f57f9c44c7cda45f46b Loading...

	#95 Eval - 6ec66e124fb93c190e9207b0b82f542a	2 B	2023-03-07	2024-02-13
Pretty Observations First Seen2023-03-07 12:23:19 Last Seen2024-02-13 07:52:21 Times Seen376 Hash 6ec66e124fb93c190e9207b0b82f542a 5efb4ac2212f109ebc889dc2a735f791dfc4119a 3d9fc4bde7ceef058d65b00186e79c1f14b42687b491644c303065135b644e18 Loading...

	#96 Eval - 16ff8082e28339416baa7519a2f61dfc	71 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 21:58:54 Last Seen2023-03-12 18:56:14 Times Seen1 Hash 16ff8082e28339416baa7519a2f61dfc 702a6f47e4528cdcacbacd4c04fb76a15238944e ff77b8969117b61fb6480bac6ef142fe015f7b53adc1fefb59a2b39ec7e5f506 Loading...

	#97 Eval - 0d80d99d7f209071a284c9ab6d14accf	83 B	2023-03-07	2024-04-25
Pretty Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-25 13:12:51 Times Seen53492 Hash 0d80d99d7f209071a284c9ab6d14accf c91e7389c28a7b35eeb114484808a20cddb8c20e 0cb21d1de060008bab472c15c63e6f15828de601f85deff00d701d26c0f6819a Loading...

	#98 Eval - 051e3b55117dd4e81a4ae19860a2cd26	2 B	2023-03-08	2023-11-04
Pretty Observations First Seen2023-03-08 21:58:54 Last Seen2023-11-04 03:32:07 Times Seen6 Hash 051e3b55117dd4e81a4ae19860a2cd26 96c2b633735be0ea89a5301e61957b0c1376c398 63a41c9d13a510122872993da51cdde1c69ee628fef540d83e8d9d8e61a74bd0 Loading...

	#99 Eval - 3c16b94e5b9ab2dc3358ef2d4751f5a5	66 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 21:58:54 Last Seen2023-03-12 18:56:14 Times Seen1 Hash 3c16b94e5b9ab2dc3358ef2d4751f5a5 c83a73bc8d81c32d8bcb0ddbdea7bd41b253ba26 7005a1013362553efe87492ff5cf2a7bc856ac1677e4258e071565658a8d4dba Loading...

	#100 Eval - abe295e74fbc82f9450d6537bcfebbed	2 B	2023-03-07	2023-06-28
Pretty Observations First Seen2023-03-07 22:48:07 Last Seen2023-06-28 08:56:20 Times Seen151 Hash abe295e74fbc82f9450d6537bcfebbed 6f31beb67567c94a02c382a3172cd288883189ba c1581457554816bb9acd0212f6be8a7466be96f75846634bd5621ede5d7deed5 Loading...

	#101 Eval - 481a8b720121e14b5142b36a310f4b0c	75 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 21:58:54 Last Seen2023-03-12 18:56:14 Times Seen1 Hash 481a8b720121e14b5142b36a310f4b0c ebba326a0def6e6ffa85bf0aae09129c3a142c8e 02455c6dd393a294106a782e1901c0aea2ca3a8446f29151b026e0483987f8f9 Loading...

	#102 Eval - 0c5678c66e7742cdfeaa325bf2a2bdf7	79 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 21:58:54 Last Seen2023-03-12 18:56:14 Times Seen1 Hash 0c5678c66e7742cdfeaa325bf2a2bdf7 b05ad47c0357e98301782557d2f99825eebcca52 d1f3a2dad0444b5121433939d93e88dd5f706c4864bd3a6182627e8189fc36ed Loading...

	#103 Eval - 923db922542fbe09e7ff87bb31b2f310	2 B	2023-03-08	2024-04-15
Pretty Observations First Seen2023-03-08 21:58:54 Last Seen2024-04-15 15:27:28 Times Seen916 Hash 923db922542fbe09e7ff87bb31b2f310 aaeeecafb1a594ca179abb5eeb0eeb326b85a2a7 96d5c2e9349201e3a6adc06614678133de408b0314fe9742b9c2fb30db31add6 Loading...

	#104 Eval - aa78371dd3139f1b78decc1153481029	22 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 21:58:54 Last Seen2023-03-12 18:56:14 Times Seen1 Hash aa78371dd3139f1b78decc1153481029 aa9a8e6c307f73143d69e53259fe53ea6ca2dcc4 117ebefcff04346cb5bbe262f10939ada9ad84af8dd3420270732059a36bf130 Loading...

	#105 Eval - 987055457d7b10ee3d3ee0ab63189dff	118 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 21:58:54 Last Seen2023-03-12 18:56:14 Times Seen1 Hash 987055457d7b10ee3d3ee0ab63189dff 6ba8405d9a832f5b7e1a6c9d2b081603caf7f6e8 d722fade6bf951931c7376b1ea55ad2b4fffd0c2459e97f23e71c3ef055260d4 Loading...

	#106 Eval - ddee7da61cdd8e3aefea63782149c136	561 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 21:58:54 Last Seen2023-03-12 18:56:14 Times Seen1 Hash ddee7da61cdd8e3aefea63782149c136 dccdc7303a9b651c63912b8eae41ed9ba2b087b8 b6ab5ad75b0d849f2e5e3c8477efe5326c77da37bb3117b333d0efd840d60736 Loading...

	#107 Eval - 79ff3bb5540254b87b088afb74c772a1	2 B	2023-03-08	2024-04-21
Pretty Observations First Seen2023-03-08 21:58:54 Last Seen2024-04-21 08:50:27 Times Seen117 Hash 79ff3bb5540254b87b088afb74c772a1 f569c03276f60311f8a8fcab755fc6ea420da689 6171614c470b797aa286ccc4014a39dbe1baa04311f8e1729ea0b030b157f459 Loading...

		Size	First Seen	Last Seen
	#1 Write - 55fdf107f6e6cf2f7eeb518f55711015	457 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 23:12:59 Last Seen2023-03-08 23:12:59 Times Seen1 Hash 55fdf107f6e6cf2f7eeb518f55711015 4d7f2fd66baf1dd2a3388fc4eadbd377a13b8458 fb638e6cba2db1307957e1856a4fbefcf85c55ad71a5f198ab000cf8451f73a0 Loading...

	#2 Write - 50866b0051a9ec5bb543cd5a11fd7210	2.8 kB	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 23:12:59 Last Seen2023-03-08 23:12:59 Times Seen1 Hash 50866b0051a9ec5bb543cd5a11fd7210 8302ae86592c9f1f2461564b25946bcf6d26adab f20c0a1ae318c56b20f25cdf2f25e8e440ec80326db6f7ea28f231ddb84c162c Loading...

	#3 Write - 658741a3f58e270de8be821b422329ff	1.3 kB	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 23:12:59 Last Seen2023-03-08 23:12:59 Times Seen1 Hash 658741a3f58e270de8be821b422329ff d62728bb1d369ba6d1e42c9916b8046fc1a74432 383a700a83a0df388cbc0cf2fa3c5ed5ac15643e54b2dd610abfb576609707a9 Loading...

	#4 Write - be3ad5099845b0719d5837f4b6ab6036	270 B	2023-03-08	2023-03-14
Pretty Observations First Seen2023-03-08 15:48:24 Last Seen2023-03-14 16:38:08 Times Seen1 Hash be3ad5099845b0719d5837f4b6ab6036 542a6ae75f9d3bbd6f795d5b1d36ead148c5a902 29c849da95084afa0a0b7d1adc1e3ec868ba23651e87fbae07f9ec9f760b46c5 Loading...

	#5 Write - 677f915ddcd96978635bad81d993a68f	208 B	2023-03-08	2023-03-14
Pretty Observations First Seen2023-03-08 15:48:24 Last Seen2023-03-14 16:38:08 Times Seen1 Hash 677f915ddcd96978635bad81d993a68f 01efaeb2bfd8259d0ac86a5ef526d646057dde7c 241f4c5f9fcd6b6a1375c85c10fc6b5ab962ccb6d62f49750dd26438a6edd674 Loading...

	#6 Write - 0490d7d76bfcea3ffe8bc7d4fbe4eee7	2.2 kB	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 23:12:59 Last Seen2023-03-08 23:12:59 Times Seen1 Hash 0490d7d76bfcea3ffe8bc7d4fbe4eee7 3b9d454c9f6e8e38249ffdd0daa04d5bf3274e34 5d9b5fb960f2fe37ef062cc8b9c4fb53f7d48d254cb4e7504b6ff3ed20c262e7 Loading...

	#7 Write - f315f5f2c187a05af1ace62d5f6aa477	54 B	2023-03-07	2024-04-25
Pretty Observations First Seen2023-03-07 01:02:50 Last Seen2024-04-25 10:27:34 Times Seen3837 Hash f315f5f2c187a05af1ace62d5f6aa477 47d77a2a1665cb6202028ecd89b50920287d9148 166a4ec3cb90d525f7f744c7616c01b36bebd6dcecd486c8f5be14ccc0a7b3da Loading...

	#8 Write - fbfd082edfb14a1c895428ba62ed313a	457 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 23:12:59 Last Seen2023-03-08 23:12:59 Times Seen1 Hash fbfd082edfb14a1c895428ba62ed313a 00100f182d6a871e6982c23f4859e464c23d6b55 24092c7f1a585e8b26dfe5b3f4bac6d9b35d6cef1aa6fe62673be893b137ae13 Loading...

	#9 Write - ae1a0242acc880418b95a48cbf3ef7ee	457 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 23:12:59 Last Seen2023-03-08 23:12:59 Times Seen1 Hash ae1a0242acc880418b95a48cbf3ef7ee 0bf4eeb57c47ea271fa1ef34b6a086b3384f32a6 fc2bf705cd5c334db759396ffa9cb4f018577fcca4536e72c0814662e245f9e1 Loading...

	#10 Write - c77f4c303f853de5410fc374f4afc57d	457 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 23:12:59 Last Seen2023-03-08 23:12:59 Times Seen1 Hash c77f4c303f853de5410fc374f4afc57d 5a352c9cc17115ef1488472cf6af97457544cd87 93c6c9060ecf662103784073707b315291d98125d8bf47840eee2363ab64f267 Loading...

	#11 Write - 41aac00f379b8c3d9b168d80ad6cf32f	1.3 kB	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 23:12:59 Last Seen2023-03-08 23:12:59 Times Seen1 Hash 41aac00f379b8c3d9b168d80ad6cf32f 30cbc58e38d5abac450f3ad7206b0cac5f49c900 1d0e08a64b6fc055d4489ee7e5fa336a4be0f90e47fa56de9652237a15635b2a Loading...

	#12 Write - cc62c8465eabf6d158ef6f80e86b9ed0	370 B	2023-03-08	2023-03-26
Pretty Observations First Seen2023-03-08 04:31:06 Last Seen2023-03-26 09:48:44 Times Seen2 Hash cc62c8465eabf6d158ef6f80e86b9ed0 9acd76d58db83e24c5608823bae175669739b3fc a8a73ddee6aef53ad97519547f0d2924a0a4ff90ffc24c5aa0f72a37829ad990 Loading...

	#13 Write - 046b32abdcbaf73d706b0c5f2b4b335c	2.2 kB	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 23:12:59 Last Seen2023-03-08 23:12:59 Times Seen1 Hash 046b32abdcbaf73d706b0c5f2b4b335c 1f53fab6d0432030e347410da7e7af40d1e39ae8 e05af825398a711076a3b81c292f86d81e907bc9e7974936edaf4018a7e28eb0 Loading...

HTTP Transactions (267)

URL IP Response Size

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
aea93551fa9deb76ae49a3b4019d64fe
e3b8862057ebe839959228e42246d7b1807fc90c
7e210f03b140418085e94ec20c1d27d6ecf7a404cbd323e16476ae5ae95d6dac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E210F03B140418085E94EC20C1D27D6ECF7A404CBD323E16476AE5AE95D6DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10583
Expires: Fri, 09 Dec 2022 05:33:25 GMT
Date: Fri, 09 Dec 2022 02:37:02 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f2acd891dc6eb1f09f57a2b086791781
1e2088306501a61edcca1ade62c4d54f23b3b083
51148fed95cc00d60dc3640350f135b1b2763ff0e3cfbffc40f0948317894be9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "51148FED95CC00D60DC3640350F135B1B2763FF0E3CFBFFC40F0948317894BE9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12312
Expires: Fri, 09 Dec 2022 06:02:14 GMT
Date: Fri, 09 Dec 2022 02:37:02 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4ee537977be9c03702f8ffe0025bf1fe
21637881c4aa34c4add703f8bff4eff573159f45
4819229fd8f502a0c68c80bd7409e104c1b4d1a98ca8a6cd9deba629b1511aea

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA"
Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9666
Expires: Fri, 09 Dec 2022 05:18:08 GMT
Date: Fri, 09 Dec 2022 02:37:02 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Backoff, Content-Length, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 09 Dec 2022 02:08:16 GMT
content-type: application/json
age: 1726
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: NxZA9Rp3HflhZQS6r98zZIDapIfo3/dDJYzrC12aI5h7JdAoohezwwFbzbBcNaurrqMXZDvrKcM=
x-amz-request-id: MS7QRSQT4RTV08KS
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 09 Dec 2022 01:48:08 GMT
age: 2934
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 02:37:02 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 09 Dec 2022 02:07:55 GMT
age: 1747
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1a7935e8bdd2c2b1bbc3e3221425339b
a62270fc483c408064882e7d7cafcc7162aa73be
e24cd496af4ecb84ec8a1e9bc575c514615a0d81351839a3ed8f9166b2e30d85

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E24CD496AF4ECB84EC8A1E9BC575C514615A0D81351839A3ED8F9166B2E30D85"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8434
Expires: Fri, 09 Dec 2022 04:57:36 GMT
Date: Fri, 09 Dec 2022 02:37:02 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
fd55f4aaaab6ec40bc7dc10252cd819a
a72523f60be265a391fa9edc43e0a93418ad1fd0
bae354b3db14f4fd115311a0c412c9b5e436dd9e0a151afd8b9c18831dd8c2dd

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5659
Cache-Control: max-age=115448
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 02:37:02 GMT
Etag: "6391a92c-1d7"
Expires: Sat, 10 Dec 2022 10:41:10 GMT
Last-Modified: Thu, 08 Dec 2022 09:06:52 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

54.148.77.40

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.148.77.40:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: +BCxkm/8dAveWgYFIG314g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 7G0IqhJ9MgNoXOTtOiiV/MS5SAI=

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9b7c3f8d673fab011e127106a1f600e6
5135e44e1ebc965efdac37542d93ade2e7590fb1
9e4b1299127dc1d3f3ac05c557d991df586812d3ed2c18ea265b32978c3f462d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9E4B1299127DC1D3F3AC05C557D991DF586812D3ED2C18EA265B32978C3F462D"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2431
Expires: Fri, 09 Dec 2022 03:17:34 GMT
Date: Fri, 09 Dec 2022 02:37:03 GMT
Connection: keep-alive

ad.sitemaji.com/ysm_reurl.js

35.186.215.140

200 OK

5.9 kB

URL HTTP/2
ad.sitemaji.com/ysm_reurl.js
IP
35.186.215.140:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (17511), with no line terminators
Size
5.9 kB (5880 bytes)
Hash
779efdbd5582d597c74bc312123d3583
45140afb1e0536578577db2f890ba0f061644742
e03139efccb95e61153de5280e3ce8a11147dc6be20657c906e76eca0278d9c1

HTTP Headers

GET /ysm_reurl.js HTTP/1.1
Host: ad.sitemaji.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reurl.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx/1.12.1 (Ubuntu)
vary: Accept-Encoding,Accept-Encoding
content-encoding: br
via: 1.1 google
content-length: 5880
date: Thu, 08 Dec 2022 08:49:00 GMT
expires: Fri, 09 Dec 2022 08:49:00 GMT
cache-control: max-age=86400,public
age: 64083
last-modified: Thu, 20 Jun 2019 08:48:16 GMT
etag: W/"5d0b4850-4488"
content-type: application/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/bootstrap.min.css

151.101.193.229

200 OK

23 kB

URL HTTP/2
cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/bootstrap.min.css
IP
151.101.193.229:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (65324)
Size
23 kB (23235 bytes)
Hash
5f830a7943bb09d9f6832866f38f12bc
35ed4aca72bd95f7730260858ca62bd76ca8e40a
cbf083212e165469984201c0e0bc3420de20a1857646858c947a53dfc2e2f383

HTTP Headers

GET /npm/bootstrap@4.3.1/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reurl.cc/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 4.3.1
x-jsd-version-type: version
etag: W/"2606e-bhA1SChFSJj9qA9V897LNH/Z7SE"
content-encoding: gzip
accept-ranges: bytes
date: Fri, 09 Dec 2022 02:37:03 GMT
age: 7519605
x-served-by: cache-fra19141-FRA, cache-bma1622-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23235
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/vue@2.5.16/dist/vue.min.js

151.101.193.229

200 OK

32 kB

URL HTTP/2
cdn.jsdelivr.net/npm/vue@2.5.16/dist/vue.min.js
IP
151.101.193.229:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (65449)
Size
32 kB (31634 bytes)
Hash
a262d6de4f7f5f79c31cef7787a35a8c
6a16edde3116cad866736e9fc20443edceaa1cba
92dcfacfb59287c2f9de9c69f78ae96bb3bd8a8c5a20b4e577db40bdc8fe06c1

HTTP Headers

GET /npm/vue@2.5.16/dist/vue.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reurl.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 2.5.16
x-jsd-version-type: version
etag: W/"151b4-KLsckeN7U/TrtIzkgtzLJAAD4Hg"
content-encoding: gzip
accept-ranges: bytes
date: Fri, 09 Dec 2022 02:37:03 GMT
age: 4219609
x-served-by: cache-fra-eddf8230099-FRA, cache-bma1622-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 31634
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9b7c3f8d673fab011e127106a1f600e6
5135e44e1ebc965efdac37542d93ade2e7590fb1
9e4b1299127dc1d3f3ac05c557d991df586812d3ed2c18ea265b32978c3f462d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9E4B1299127DC1D3F3AC05C557D991DF586812D3ED2C18EA265B32978C3F462D"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2431
Expires: Fri, 09 Dec 2022 03:17:34 GMT
Date: Fri, 09 Dec 2022 02:37:03 GMT
Connection: keep-alive

ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1

151.101.66.133

200 OK

1.5 kB

URL HTTP/1.1
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP
151.101.66.133:0
ASN
#54113 FASTLY

File type
data
Size
1.5 kB (1462 bytes)
Hash
299d45ebdf8b6c3ba6d709f106916c02
95b21c19086ebc1f11289d799ce27d2addeb0f80
5e96a8de02b8b90ca82510064cd8ddb6cceca853af2ced52aee1008953531fe6

HTTP Headers

POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1462
Content-Type: application/ocsp-response
Etag: "6C69385DBF5C97B18404E675A5B2B5BDC59069C5"
Expires: Fri, 09 Dec 2022 13:00:00 UTC
Last-Modified: Fri, 09 Dec 2022 01:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
Accept-Ranges: bytes
Date: Fri, 09 Dec 2022 02:37:03 GMT
Via: 1.1 varnish
Age: 2398
X-Served-By: cache-bma1681-BMA
X-Cache: HIT
X-Cache-Hits: 6
X-Timer: S1670553423.111495,VS0,VE0

www.googletagmanager.com/gtag/js?id=G-N394QBRGC0

142.250.74.168

200 OK

79 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (26337)
Size
79 kB (78997 bytes)
Hash
47d94c4274c56b2ad1547ad149c7e8d8
5983aa2acf516b4abb22abe871269a2dfa6369d1
5f34309759a259c9f033efdd5a7edb48ce4636ac902437a47976907b163979ec

HTTP Headers

GET /gtag/js?id=G-N394QBRGC0 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reurl.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 09 Dec 2022 02:37:03 GMT
expires: Fri, 09 Dec 2022 02:37:03 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 78997
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
795e67bdfadc3c890a663080413b56b7
fdefde3befb6aceac3c337c34c8d738f5091908c
8375b55cfc13989b0cf96293b7bead2ce5811a993b3445da1776ca7015c36985

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 02:37:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.godaddy.com/

192.124.249.36

200 OK

1.8 kB

URL HTTP/1.1
ocsp.godaddy.com/
IP
192.124.249.36:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1777 bytes)
Hash
0ca1f38a21373582ef332ceccda90d9e
4a511ab930643118edf1a2745b640bb1c8e3a6ed
e9f4bb1089566fb8b10bf6e6729f78dcda3416ddeda8c365d2737a3b1d1af3ab

HTTP Headers

POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 09 Dec 2022 02:37:03 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 08 Dec 2022 21:05:47 GMT
Expires: Fri, 09 Dec 2022 21:05:47 GMT
ETag: "4a511ab930643118edf1a2745b640bb1c8e3a6ed"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

cdn.holmesmind.com/js/init.js

54.230.111.38

200 OK

6.6 kB

URL HTTP/2
cdn.holmesmind.com/js/init.js
IP
54.230.111.38:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (4994), with CRLF line terminators
Size
6.6 kB (6552 bytes)
Hash
439e160b698f1ec2efb45c3b6cd6b265
7beee754ce93e58b7f321ff7b8b85c2ffda42a64
fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818

HTTP Headers

GET /js/init.js HTTP/1.1
Host: cdn.holmesmind.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reurl.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
content-length: 6552
last-modified: Fri, 04 Mar 2022 10:10:49 GMT
x-amz-version-id: UdwMmUAM2dmZqopCO7YOeMhqjXQRxqvB
accept-ranges: bytes
server: AmazonS3
date: Fri, 09 Dec 2022 02:37:03 GMT
etag: "439e160b698f1ec2efb45c3b6cd6b265"
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: OS_lfgOMbUfEoQb3FjJYSJg_EQEZAXAqGbkB5mkthDoCG233c79s4w==
age: 2
X-Firefox-Spdy: h2

cdn.holmesmind.com/js/capmapping.htm

54.230.111.38

200 OK

4.7 kB

URL HTTP/2
cdn.holmesmind.com/js/capmapping.htm
IP
54.230.111.38:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- C source text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (437), with CRLF line terminators
Size
4.7 kB (4730 bytes)
Hash
c36f5eb091d6195fe8b68f3b263f999b
43c4760cb0bb957ffed4fb754c4eaaa247b734c5
cc37fba2e98f49c4d9551f72176d3aff72eacd798e5e85436837847e6b967c36

HTTP Headers

GET /js/capmapping.htm HTTP/1.1
Host: cdn.holmesmind.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: text/html
content-length: 4730
last-modified: Mon, 22 Aug 2022 03:00:17 GMT
x-amz-version-id: 9jVaRQ2pP3sbT47ouwg8zArcPp2ddVmt
accept-ranges: bytes
server: AmazonS3
date: Fri, 09 Dec 2022 02:37:03 GMT
etag: "c36f5eb091d6195fe8b68f3b263f999b"
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: _z8VhlOAUS__CCVr9Q7ikKCo35uxHztv53V8-JSJ_V99hZiYWhYO5g==
age: 4
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
615fddb7dcff0826f0a7dd4140f370b6
06d26c99fcf20516839a656c4c5b023088eb4eaa
f561bef7be5b58a820d37e40135c8bc83511ae9298e6317bf1761f7cc24941bf

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3368
Cache-Control: max-age=139451
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 02:37:03 GMT
Etag: "63920fe2-1d7"
Expires: Sat, 10 Dec 2022 17:21:14 GMT
Last-Modified: Thu, 08 Dec 2022 16:25:06 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471

cdn.holmesmind.com/js/edmp_init.js

54.230.111.38

200 OK

662 B

URL HTTP/2
cdn.holmesmind.com/js/edmp_init.js
IP
54.230.111.38:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (662), with no line terminators
Size
662 B (662 bytes)
Hash
f58f8a90686f8ffb3325107e8a788b71
d85d37486b87503e0631ff0ee83d95316783cf09
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

HTTP Headers

GET /js/edmp_init.js HTTP/1.1
Host: cdn.holmesmind.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reurl.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 662
last-modified: Fri, 12 Mar 2021 02:45:40 GMT
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Fri, 09 Dec 2022 02:37:03 GMT
etag: "f58f8a90686f8ffb3325107e8a788b71"
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: FuHJ7oxe0YS1fkIZfMGvAxBwHYwMaH3QxWYWlS2_xhJVDgLUS3Tr2Q==
age: 51
X-Firefox-Spdy: h2

cdn.holmesmind.com/js/presetfn.js

54.230.111.38

200 OK

9.7 kB

URL HTTP/2
cdn.holmesmind.com/js/presetfn.js
IP
54.230.111.38:0
ASN
#16509 AMAZON-02

File type
C source, ASCII text, with CRLF line terminators
Size
9.7 kB (9734 bytes)
Hash
f4ecb431f211c53bc51427e18143e0c6
acbb444f864e8754e5a180a5914427b7f73eefd5
3045f705805167d3706eb0054924d90ccb21adefdca4bcbdf5038bb0f1b7ae82

HTTP Headers

GET /js/presetfn.js HTTP/1.1
Host: cdn.holmesmind.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reurl.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 9734
last-modified: Tue, 06 Dec 2022 02:57:32 GMT
x-amz-version-id: HJNF7r9of2_sOm9z1QjDORpVt24wOljW
accept-ranges: bytes
server: AmazonS3
date: Fri, 09 Dec 2022 02:37:03 GMT
etag: "f4ecb431f211c53bc51427e18143e0c6"
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: QWiXln32ck4xYzqGnHmp1q3IpegNm6yIu6gWiyTfy3_O22NJSX8sxg==
age: 59
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4/WnnVaKpG-Cc

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/WnnVaKpG-Cc
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d90440377b9bad230e2b379b1f59a546
d99a7c57d1bc02562287ed685a9f3e42e58be95c
fb8fcb5f38c666e8eb308efaf9725abee2976ea586343fe437c5718ef3ef9faf

HTTP Headers

POST /s/gts1d4/WnnVaKpG-Cc HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 02:37:03 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
615fddb7dcff0826f0a7dd4140f370b6
06d26c99fcf20516839a656c4c5b023088eb4eaa
f561bef7be5b58a820d37e40135c8bc83511ae9298e6317bf1761f7cc24941bf

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3368
Cache-Control: max-age=139451
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 02:37:03 GMT
Etag: "63920fe2-1d7"
Expires: Sat, 10 Dec 2022 17:21:14 GMT
Last-Modified: Thu, 08 Dec 2022 16:25:06 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471

static.xx.fbcdn.net/rsrc.php/v3/y1/l/0,cross/jfhkzk0jci3.css?_nc_x=Ij3Wp8lg5Kz

157.240.221.16

200 OK

5.0 kB

URL HTTP/2
static.xx.fbcdn.net/rsrc.php/v3/y1/l/0,cross/jfhkzk0jci3.css?_nc_x=Ij3Wp8lg5Kz
IP
157.240.221.16:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (4431)
Size
5.0 kB (5015 bytes)
Hash
0d5c092c6b11d59ef4cca6da9c288e67
1e1109590bec09b0c84b31dead5d04a221630143
dd829a562de3cff3683e66e7c4323cba6bf39bac959088788d354d6b087d5aca

HTTP Headers

GET /rsrc.php/v3/y1/l/0,cross/jfhkzk0jci3.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 08 Dec 2023 16:03:40 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: DVwJLGsR1Z70zKbanCiOZw==
x-fb-debug: 389s1Q0jV1kfVfp+5ofqe1p4Wboooon02N+xLT1dkxN6QhxcXNJlg6PjCudlkmYdmD7peEKeKG3VgQUqHmP9sg==
priority: u=3,i
content-length: 5015
x-fb-trip-id: 1679558926
date: Fri, 09 Dec 2022 02:37:03 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

static.xx.fbcdn.net/rsrc.php/v3/yH/r/att8vh4fKZW.js?_nc_x=Ij3Wp8lg5Kz

157.240.221.16

200 OK

1.8 kB

URL HTTP/2
static.xx.fbcdn.net/rsrc.php/v3/yH/r/att8vh4fKZW.js?_nc_x=Ij3Wp8lg5Kz
IP
157.240.221.16:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (1984)
Size
1.8 kB (1847 bytes)
Hash
3eec5e9a11ba7da3a0f8cd0af8b4bdcb
462922ace2e24121fb02f42966abb8004b24c98c
92e829ebf854a5a759b0f718ea0f31b4870e1dbbd7f09e8c2e1cac0b21e6d69c

HTTP Headers

GET /rsrc.php/v3/yH/r/att8vh4fKZW.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 30 Nov 2023 16:10:58 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: PuxemhG6faOg+M0K+LS9yw==
x-fb-debug: TcjEsQTRTFYDX8vKzAd2DsyQtOWOyApwB7jIMVirGVV2qvg8raSDpsv52sRJEeO20ZyQv6gYKOuOrwYoCFbkcA==
content-length: 1847
x-fb-trip-id: 1679558926
date: Fri, 09 Dec 2022 02:37:03 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.holmesmind.com/js/rtbhouseV2.js

54.230.111.38

200 OK

2.8 kB

URL HTTP/2
cdn.holmesmind.com/js/rtbhouseV2.js
IP
54.230.111.38:0
ASN
#16509 AMAZON-02

File type
ASCII text, with CRLF line terminators
Size
2.8 kB (2773 bytes)
Hash
6a605eea47197fa280f27aaf1fa1521d
98323891b349b333d5aef521c4d33e1b8455e4fb
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

HTTP Headers

GET /js/rtbhouseV2.js HTTP/1.1
Host: cdn.holmesmind.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reurl.cc/
Cookie: test_cookie=CheckForPermission
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 2773
last-modified: Tue, 04 Aug 2020 09:25:10 GMT
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Fri, 09 Dec 2022 02:37:03 GMT
etag: "6a605eea47197fa280f27aaf1fa1521d"
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 0VzB22HXu4CfyGd5PFny9FwjyPXeMP5ufylU_fqUMudxFRzw0DHTUQ==
age: 55
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
6b8313f9e33695225653527e2d423cd7
f93d3c7e748b85edc6f0209e73813f13e5bf2070
9fbcb6376f48faf9fab6fada8876197456bb8c5c1c0b5c34b25dcfe323e18354

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3452
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 02:37:03 GMT
Last-Modified: Fri, 09 Dec 2022 01:39:31 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471

static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz

157.240.221.16

200 OK

293 B

URL HTTP/2
static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
IP
157.240.221.16:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (327)
Size
293 B (293 bytes)
Hash
2f913d812811ef7e6fca30334c5972e2
d17caaa167443dc08696c672380f237e0db3fb02
ee8918a2f5d163099104b70f79065abc8fd309e69add57170546f2706956eef8

HTTP Headers

GET /rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 25 Nov 2023 05:06:59 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: L5E9gSgR735vyjAzTFly4g==
x-fb-debug: UNKDg3pOtoZiLNC9ZFdPEC0IzcyYd4pN9+ozvo95ytG4xEKwG4njnmILj6IxSuOs16T8qV80Tosyqodep0u7Og==
content-length: 293
x-fb-trip-id: 1679558926
date: Fri, 09 Dec 2022 02:37:03 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.holmesmind.com/js/criteoV2.js

54.230.111.38

200 OK

2.4 kB

URL HTTP/2
cdn.holmesmind.com/js/criteoV2.js
IP
54.230.111.38:0
ASN
#16509 AMAZON-02

File type
HTML document, ASCII text, with CRLF line terminators
Size
2.4 kB (2443 bytes)
Hash
e8f33fcb581483ced4a09b3c8e7550e4
278fdeb6bf2871b7a3a3ca9becef10582e8e87e0
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

HTTP Headers

GET /js/criteoV2.js HTTP/1.1
Host: cdn.holmesmind.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reurl.cc/
Cookie: test_cookie=CheckForPermission
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 2443
last-modified: Tue, 04 Aug 2020 09:25:12 GMT
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Fri, 09 Dec 2022 02:37:03 GMT
etag: "e8f33fcb581483ced4a09b3c8e7550e4"
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: vnwiNO7PzaN6V02bXv2dExyj69X_rXyw3FbURCwSQB59eI-1mvCCmQ==
age: 55
X-Firefox-Spdy: h2

cdn.holmesmind.com/js/appier_mainV3.js

54.230.111.38

200 OK

6.7 kB

URL HTTP/2
cdn.holmesmind.com/js/appier_mainV3.js
IP
54.230.111.38:0
ASN
#16509 AMAZON-02

File type
ASCII text, with CRLF line terminators
Size
6.7 kB (6650 bytes)
Hash
dfd6bf39aeff48b2d3414a18a5a4d36e
1507814cdb7f990254873371a6fe7d3734c00d03
7d1b32ac68941e60bacfe0ab1c5eab749868a0278495eaf50a17da2c95b8f3e1

HTTP Headers

GET /js/appier_mainV3.js HTTP/1.1
Host: cdn.holmesmind.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reurl.cc/
Cookie: test_cookie=CheckForPermission
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 6650
last-modified: Mon, 05 Dec 2022 08:02:01 GMT
x-amz-version-id: OsKd1EEmixEwNImqE_Ez2qHyKZ95G9Ob
accept-ranges: bytes
server: AmazonS3
date: Fri, 09 Dec 2022 02:37:03 GMT
etag: "dfd6bf39aeff48b2d3414a18a5a4d36e"
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: X1-Sv6wvT9YbYp6vAAB5Vg3qAahp7QxaUqBdl6IBk_v_jbGOl-Et8A==
age: 19
X-Firefox-Spdy: h2

static.xx.fbcdn.net/rsrc.php/v3/yW/r/vw4xTPlv-KJ.js?_nc_x=Ij3Wp8lg5Kz

157.240.221.16

200 OK

8.9 kB

URL HTTP/2
static.xx.fbcdn.net/rsrc.php/v3/yW/r/vw4xTPlv-KJ.js?_nc_x=Ij3Wp8lg5Kz
IP
157.240.221.16:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (9898)
Size
8.9 kB (8890 bytes)
Hash
212c06499e4e3b0b2b6953086efeb1a6
f701bb8922107165411047e2a7e2b0f3fffedeb7
c28d18da71e8e044eb809bea1981e78147ffa87c81cf4fd4df860ef7bd3509ed

HTTP Headers

GET /rsrc.php/v3/yW/r/vw4xTPlv-KJ.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 08 Dec 2023 20:58:53 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: ISwGSZ5OOwsraVMIbv6xpg==
x-fb-debug: H59hBFCLYPIo+58BEjJYGxrI+TiFi/OsTEwngA2cbt0KCDC6auO8HHG9qjPZgHV8+W9pGBjMVCqEmYqvOLz/ew==
priority: u=3,i
content-length: 8890
x-fb-trip-id: 1679558926
date: Fri, 09 Dec 2022 02:37:03 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.godaddy.com/

192.124.249.36

200 OK

1.8 kB

URL HTTP/1.1
ocsp.godaddy.com/
IP
192.124.249.36:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1777 bytes)
Hash
0ca1f38a21373582ef332ceccda90d9e
4a511ab930643118edf1a2745b640bb1c8e3a6ed
e9f4bb1089566fb8b10bf6e6729f78dcda3416ddeda8c365d2737a3b1d1af3ab

HTTP Headers

POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 09 Dec 2022 02:37:03 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 08 Dec 2022 21:05:47 GMT
Expires: Fri, 09 Dec 2022 21:05:47 GMT
ETag: "4a511ab930643118edf1a2745b640bb1c8e3a6ed"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

reurl.cc/stylesheets/rwd/style.css?v=1

35.185.130.121

200 OK

36 kB

URL HTTP/2
reurl.cc/stylesheets/rwd/style.css?v=1
IP
35.185.130.121:0
ASN
#15169 GOOGLE

File type
data
Size
36 kB (35835 bytes)
Hash
38ec95425ad38cb13820e9fb4c217a8b
8ffbe6c26cc6685dfc4e705f8b3bd9a52a30420d
0308394a4f167e54a6871553cd55fd91048047d13aaf6c039270bb51f09899c3

HTTP Headers

GET /stylesheets/rwd/style.css?v=1 HTTP/1.1
Host: reurl.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reurl.cc/gvjOLp
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 09 Dec 2022 02:37:03 GMT
content-type: text/css
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
vary: Accept-Encoding
etag: W/"63356adf-9f6"
expires: Sat, 09 Dec 2023 02:37:03 GMT
cache-control: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

static.xx.fbcdn.net/rsrc.php/v3/yR/r/bPhRbIw5d4Y.js?_nc_x=Ij3Wp8lg5Kz

157.240.221.16

200 OK

16 kB

URL HTTP/2
static.xx.fbcdn.net/rsrc.php/v3/yR/r/bPhRbIw5d4Y.js?_nc_x=Ij3Wp8lg5Kz
IP
157.240.221.16:0
ASN
#32934 FACEBOOK

File type
C source, ASCII text, with very long lines (8741)
Size
16 kB (16232 bytes)
Hash
c92ef94e30a2dd9473fd9fe533472b73
97049e47de026939c75a885df9e8bb0fb56515ba
f2981c7109e60cf9f5a9e846a25800dbec20a923db028f310b6feb79415650bb

HTTP Headers

GET /rsrc.php/v3/yR/r/bPhRbIw5d4Y.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Mon, 27 Nov 2023 08:32:31 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: yS75TjCi3ZRz/Z/lM0crcw==
x-fb-debug: eSAmd7x/l92kA0x6IBdJYoQ+aZXS4LsWAIfW4J2A3AuJ53OurDl4WC76ijZh5boQoF4lREdup5onQfgYFtonKg==
priority: u=3,i
content-length: 16232
x-fb-trip-id: 1679558926
date: Fri, 09 Dec 2022 02:37:03 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

static.xx.fbcdn.net/rsrc.php/v3/yY/r/7Nmln25n6YE.js?_nc_x=Ij3Wp8lg5Kz

157.240.221.16

200 OK

7.2 kB

URL HTTP/2
static.xx.fbcdn.net/rsrc.php/v3/yY/r/7Nmln25n6YE.js?_nc_x=Ij3Wp8lg5Kz
IP
157.240.221.16:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (4057)
Size
7.2 kB (7199 bytes)
Hash
7cb89797cea2a84b948dfae53d0c90d4
312bdda4ae1efe3ab71fb0aec473ddc725627f5b
9093dc3e084b6a216b34c7a603eae5a93f793dc5b0a606ccb0da051d5aa12cd4

HTTP Headers

GET /rsrc.php/v3/yY/r/7Nmln25n6YE.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 08 Dec 2023 20:58:53 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: fLiXl86iqEuUjfrlPQyQ1A==
x-fb-debug: vR7WRHHjTTLk9l2Tdy2r4cjqy7+NJ8qMEVkpEeF7/VD7Q/CgqZLuWqU9uop9eTDc5yRY7zJkdezD5uwYqUjUQA==
priority: u=3,i
content-length: 7199
x-fb-trip-id: 1679558926
date: Fri, 09 Dec 2022 02:37:03 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.paypalobjects.com/webstatic/icon/favicon.ico

151.101.66.133

200 OK

1.4 kB

URL HTTP/2
www.paypalobjects.com/webstatic/icon/favicon.ico
IP
151.101.66.133:0
ASN
#54113 FASTLY

File type
MS Windows icon resource - 2 icons, 32x32, 32 bits/pixel, 16x16, 32 bits/pixel\012- data
Size
1.4 kB (1431 bytes)
Hash
455deaddcb9436734b2144429ae53ff7
e173c07062d5ea7d98da48a8973d7dd24969fe61
5c958cea39018dd9f80738db7d3a8c2f28a0d539e5d481b296daafea829897f2

HTTP Headers

GET /webstatic/icon/favicon.ico HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reurl.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: gzip
content-type: image/x-icon
etag: W/"5362bc15-1536"
last-modified: Thu, 01 May 2014 21:26:45 GMT
paypal-debug-id: 9b70ceb10a1fc
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
dc: ccg11-origin-www-1.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 09 Dec 2022 02:37:03 GMT
x-served-by: cache-sjc10064-SJC, cache-bma1672-BMA
x-cache: HIT, HIT
x-cache-hits: 1428, 3011
x-timer: S1670553424.787412,VS0,VE0
vary: Accept-Encoding
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET
strict-transport-security: max-age=31557600
content-length: 1431
X-Firefox-Spdy: h2

static.xx.fbcdn.net/rsrc.php/v3iEpO4/yD/l/en_US/BeoRHyqk60y.js?_nc_x=Ij3Wp8lg5Kz

157.240.221.16

200 OK

23 kB

URL HTTP/2
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yD/l/en_US/BeoRHyqk60y.js?_nc_x=Ij3Wp8lg5Kz
IP
157.240.221.16:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (41964)
Size
23 kB (23340 bytes)
Hash
71d3ec75d3a005a13f282f0d2762b970
a37e118cbf0b28475ea447d0146fefa53e7f04e3
c6836af642ee8e9b7b193fde8f9308ab015253ac212a40510b4f4ac6c736109e

HTTP Headers

GET /rsrc.php/v3iEpO4/yD/l/en_US/BeoRHyqk60y.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Wed, 06 Dec 2023 23:04:08 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: cdPsddOgBaE/KC8NJ2K5cA==
x-fb-debug: kwJ/ASd+CqYyOX6Z/p2z5q9DSxaC98AT4Bsb7q0v6V/R6LebXICoEL5XMrpqV0sAYJeGu8wY8exqd5h0LQUkZQ==
content-length: 23340
x-fb-trip-id: 1679558926
date: Fri, 09 Dec 2022 02:37:03 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

static.xx.fbcdn.net/rsrc.php/v3/y5/r/Phl-HUfEGSW.js?_nc_x=Ij3Wp8lg5Kz

157.240.221.16

200 OK

232 B

URL HTTP/2
static.xx.fbcdn.net/rsrc.php/v3/y5/r/Phl-HUfEGSW.js?_nc_x=Ij3Wp8lg5Kz
IP
157.240.221.16:0
ASN
#32934 FACEBOOK

File type
ASCII text
Size
232 B (232 bytes)
Hash
9e9f7c79f2773bb18cf6ce4cdfa368ef
670d1cdcbdea9485d6a19b67e12f247a19cab3ec
bf3e32d807092fa60d6a1cecb6b4d80ce20f1ce7b715a34707184bd31016e189

HTTP Headers

GET /rsrc.php/v3/y5/r/Phl-HUfEGSW.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: np98efJ3O7GM9s5M36No7w==
expires: Sat, 02 Dec 2023 18:24:21 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
x-fb-debug: KM1aYgE7oApF3gVWjVL+R4Iv0HUVXEMikjF9k6+UNIdgUVz0TLCYiQ/TJ9Orat83r0RzqJLW1I7soUaIwcujHQ==
priority: u=3,i
content-length: 232
x-fb-trip-id: 1679558926
date: Fri, 09 Dec 2022 02:37:03 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

static.xx.fbcdn.net/rsrc.php/v3i59j4/y5/l/en_US/_gtNKENNpoU.js?_nc_x=Ij3Wp8lg5Kz

157.240.221.16

200 OK

43 kB

URL HTTP/2
static.xx.fbcdn.net/rsrc.php/v3i59j4/y5/l/en_US/_gtNKENNpoU.js?_nc_x=Ij3Wp8lg5Kz
IP
157.240.221.16:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (10798)
Size
43 kB (42688 bytes)
Hash
acf9c6eac6ceca5ba3a81841f8d1e626
84e3612ccb1de82ab62e33f4d3a53a6ed6981924
30ca0cc895318116cd8fbab9313c6227d0c2846fb996cb8cc63bc6cfaae2b4af

HTTP Headers

GET /rsrc.php/v3i59j4/y5/l/en_US/_gtNKENNpoU.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Wed, 29 Nov 2023 18:30:32 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: rPnG6sbOylujqBhB+NHmJg==
x-fb-debug: cAwwZmRTWhu47la9kmsYv1PgYkvRC54IgAuURL1+0/72CNhai8W2pJVDQmgSPz1VBlSH3LyonyMpB1XdgxL0TQ==
content-length: 42688
x-fb-trip-id: 1679558926
date: Fri, 09 Dec 2022 02:37:03 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

static.xx.fbcdn.net/rsrc.php/v3/yf/r/bByMZq44y2U.js?_nc_x=Ij3Wp8lg5Kz

157.240.221.16

200 OK

647 B

URL HTTP/2
static.xx.fbcdn.net/rsrc.php/v3/yf/r/bByMZq44y2U.js?_nc_x=Ij3Wp8lg5Kz
IP
157.240.221.16:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (704)
Size
647 B (647 bytes)
Hash
5b69f25e07653cf3fe7e3c2f27018cbe
1dc660322bfc7389ac985495e6b722fb0e249646
aaaacf832fc17811f9e05c06a4b7b0cf42fb902231772d3142f59c1c210adbdb

HTTP Headers

GET /rsrc.php/v3/yf/r/bByMZq44y2U.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 08 Dec 2023 15:51:43 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: W2nyXgdlPPP+fjwvJwGMvg==
x-fb-debug: 0TDiTUSZuyFeJaDxpyvRhUDzKAouKBscwIeJi64uNinS7AjTp/FApr2N4TpmqXLv3G33onCH0bJevOn9s003kQ==
priority: u=3,i
content-length: 647
x-fb-trip-id: 1679558926
date: Fri, 09 Dec 2022 02:37:03 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

connect.facebook.net/en_US/fbevents.js

157.240.221.16

200 OK

27 kB

URL HTTP/2
connect.facebook.net/en_US/fbevents.js
IP
157.240.221.16:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (64348)
Size
27 kB (27340 bytes)
Hash
44ecaa3c2a4929a40141edc4540aaf84
f29a573182333b2500d41bfc389d6c5232dfb348
6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396

HTTP Headers

GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reurl.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: +LPXt+5fm5s7V3CQq0Xnne/HV20lDPvuBJlGdCh7BzNBGibzLspEo4gyr/+tBlb6/HA6wNTifZFr/8yU576kkw==
priority: u=3,i
content-length: 27340
x-fb-trip-id: 1679558926
date: Fri, 09 Dec 2022 02:37:03 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

static.xx.fbcdn.net/rsrc.php/v3/yn/l/0,cross/-HGPTKcj37t.css?_nc_x=Ij3Wp8lg5Kz

157.240.221.16

200 OK

830 B

URL HTTP/2
static.xx.fbcdn.net/rsrc.php/v3/yn/l/0,cross/-HGPTKcj37t.css?_nc_x=Ij3Wp8lg5Kz
IP
157.240.221.16:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (724)
Size
830 B (830 bytes)
Hash
d63a02ce87c07ffcfa869fef7fc5f233
cae745fef84088abe3525bb77f75c55cd1d4cc2c
bf9d4d71541a0a1f31b10be351add847ee935da6de355756314c8ca96512444d

HTTP Headers

GET /rsrc.php/v3/yn/l/0,cross/-HGPTKcj37t.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 01 Dec 2023 16:46:09 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 1joCzofAf/z6hp/vf8XyMw==
x-fb-debug: laSioG4RYPLo0KE2cuMVLYVJ8dt4zfxDd86TybTbDIRS4lVwxGAfkAed+W883QQBkc5CI6AawlcC8avE9t2izA==
content-length: 830
x-fb-trip-id: 1679558926
date: Fri, 09 Dec 2022 02:37:03 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/7zY2CRG7XJ_.css?_nc_x=Ij3Wp8lg5Kz

157.240.221.16

200 OK

3.3 kB

URL HTTP/2
static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/7zY2CRG7XJ_.css?_nc_x=Ij3Wp8lg5Kz
IP
157.240.221.16:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (4200)
Size
3.3 kB (3255 bytes)
Hash
b5caaf6332d298cc7e098a074ed4ae73
ad3f41b2265c33b596da9dbcb9aa539464651c79
04e8f43d84e0400ca93cd84b5e7402c5f3164bc1a21a6953703eb8ba34958c74

HTTP Headers

GET /rsrc.php/v3/yx/l/0,cross/7zY2CRG7XJ_.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 02 Dec 2023 18:43:51 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: tcqvYzLSmMx+CYoHTtSucw==
x-fb-debug: uUVmYliYC9cfJfRkflfELQbn7MSTGpGSPa5V/EOUc6zBD27AMo4ApZfKxOgUCOGgSEUUHwSfXn0XK71vRk62aw==
priority: u=3,i
content-length: 3255
x-fb-trip-id: 1679558926
date: Fri, 09 Dec 2022 02:37:03 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

static.xx.fbcdn.net/rsrc.php/v3/y-/r/oOEvy0vWOy0.js?_nc_x=Ij3Wp8lg5Kz

157.240.221.16

200 OK

5.7 kB

URL HTTP/2
static.xx.fbcdn.net/rsrc.php/v3/y-/r/oOEvy0vWOy0.js?_nc_x=Ij3Wp8lg5Kz
IP
157.240.221.16:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (4488)
Size
5.7 kB (5712 bytes)
Hash
41a0e9c4f0a6e32bf32aa95fd4108197
e1ec46613a050d9e5545233e0144fae023a1e6a2
974d57ed297fdc198a6c422c0ebd6884b76f9586fde36fba453e69cd538e992f

HTTP Headers

GET /rsrc.php/v3/y-/r/oOEvy0vWOy0.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 08 Dec 2023 15:45:49 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: QaDpxPCm4yvzKqlf1BCBlw==
x-fb-debug: ki1YUTZ0sKjCu8QGX8lxoCPFiMGjhcwdomGGJG7ADd4kPqZzFV/6VJnMw+A+my+OPZTj3QojTluG7LggIWRETg==
priority: u=3,i
content-length: 5712
x-fb-trip-id: 1679558926
date: Fri, 09 Dec 2022 02:37:03 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

static.xx.fbcdn.net/rsrc.php/v3/yq/r/6pd4iTcqYl_.js?_nc_x=Ij3Wp8lg5Kz

157.240.221.16

200 OK

5.0 kB

URL HTTP/2
static.xx.fbcdn.net/rsrc.php/v3/yq/r/6pd4iTcqYl_.js?_nc_x=Ij3Wp8lg5Kz
IP
157.240.221.16:0
ASN
#32934 FACEBOOK

File type
C source, ASCII text, with very long lines (10494)
Size
5.0 kB (4980 bytes)
Hash
8d2072d6624b51be56303ac9b3ff2e32
dcdfacb3375e65e9e8fb2e6888820b9a777b6e61
24aee0833249ea9efc50731ab81924cea2a1f6798698b7f2e294067bbdc3a0a3

HTTP Headers

GET /rsrc.php/v3/yq/r/6pd4iTcqYl_.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 30 Nov 2023 16:16:23 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: jSBy1mJLUb5WMDrJs/8uMg==
x-fb-debug: BqzfIE5Vse6OtQu13/PK63ViEdqShW4aJUmlpVYC1aeC+MJILZiCx44YBf8EeduMIxFkzNA3KuIEPnZI7WxRbA==
priority: u=3,i
content-length: 4980
x-fb-trip-id: 1679558926
date: Fri, 09 Dec 2022 02:37:03 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

static.xx.fbcdn.net/rsrc.php/v3/yF/r/oJm7DIspwU3.js?_nc_x=Ij3Wp8lg5Kz

157.240.221.16

200 OK

7.8 kB

URL HTTP/2
static.xx.fbcdn.net/rsrc.php/v3/yF/r/oJm7DIspwU3.js?_nc_x=Ij3Wp8lg5Kz
IP
157.240.221.16:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (4643)
Size
7.8 kB (7778 bytes)
Hash
f462569d14f6001bd4f1c6816b28c69c
13720aa278a61d24a321f3ba82f00a8146a7efbc
6f81aea1eb8b4d0751abb8bb89bd7f4e308b75b75d5b4a5ef728f5d076c5e27f

HTTP Headers

GET /rsrc.php/v3/yF/r/oJm7DIspwU3.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 07 Dec 2023 17:59:47 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 9GJWnRT2ABvU8caBayjGnA==
x-fb-debug: mpDfnsn/B/O134g5HVS7j33vdrNFt8eVL3oef5oOTQ5vVkO+SFKJeIbsQddiHsoYH79VZYxseh5QzeyCpVMH+Q==
content-length: 7778
x-fb-trip-id: 1679558926
date: Fri, 09 Dec 2022 02:37:03 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

static.xx.fbcdn.net/rsrc.php/v3/yW/l/0,cross/NJiNNgzn9FZ.css?_nc_x=Ij3Wp8lg5Kz

157.240.221.16

200 OK

6.4 kB

URL HTTP/2
static.xx.fbcdn.net/rsrc.php/v3/yW/l/0,cross/NJiNNgzn9FZ.css?_nc_x=Ij3Wp8lg5Kz
IP
157.240.221.16:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (8976)
Size
6.4 kB (6445 bytes)
Hash
f18f13f03eb9d52cf83c0aded64079c1
179fdcc3bd0003cfcce42e26e8660556a6dc7c8d
eb3454aa82bab984d96df0c169a4d2fcc20b98d50f2b96eef42452aa1f139d54

HTTP Headers

GET /rsrc.php/v3/yW/l/0,cross/NJiNNgzn9FZ.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 01 Dec 2023 15:11:14 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 8Y8T8D651Sz4PAre1kB5wQ==
x-fb-debug: JdMEXBdkSvP98Yva3F+4xKDjTvIsNQuaq6Oa8qNct5riHMNdkK2e0lo1wHj14MzfmWNMAW+/VCPrkOVMu2NgCA==
priority: u=2
content-length: 6445
x-fb-trip-id: 1679558926
date: Fri, 09 Dec 2022 02:37:03 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

static.xx.fbcdn.net/rsrc.php/v3/y6/r/8LoDHCcRMmF.js?_nc_x=Ij3Wp8lg5Kz

157.240.221.16

200 OK

12 kB

URL HTTP/2
static.xx.fbcdn.net/rsrc.php/v3/y6/r/8LoDHCcRMmF.js?_nc_x=Ij3Wp8lg5Kz
IP
157.240.221.16:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (5542)
Size
12 kB (12334 bytes)
Hash
1ad15afc034f310427c81b0759603a2b
e5efd1d029dccf5fa8128c84aadb6544a4ab60e0
fedf63f655f9eef24c517c3d6762fb07b142213ba623d4a0b06614fb5d9754bd

HTTP Headers

GET /rsrc.php/v3/y6/r/8LoDHCcRMmF.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 01 Dec 2023 17:56:48 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: GtFa/ANPMQQnyBsHWWA6Kw==
x-fb-debug: b7x+jeNOtVmAEj8UB8L+5Yus9aOwUMT0oWoondBNAkiXVI53tFqPvc5E77uoms2RENAqLERsSm5GqO4Czs+FIg==
priority: u=3,i
content-length: 12334
x-fb-trip-id: 1679558926
date: Fri, 09 Dec 2022 02:37:03 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

img.scupio.com/js/config/17253.json?v=1.0.3839

143.204.55.37

200 OK

461 B

URL HTTP/2
img.scupio.com/js/config/17253.json?v=1.0.3839
IP
143.204.55.37:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (461), with no line terminators
Size
461 B (461 bytes)
Hash
e6d2e6cd158cf424b6d89d96cdc0850a
a4da708d37ab2bbeb362004051efa7ab77ddb6eb
ae7728e6e73d7c4e2357f47184e5cbd3079f0590d52e7293c59bd5c10a98dc2a

HTTP Headers

GET /js/config/17253.json?v=1.0.3839 HTTP/1.1
Host: img.scupio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Origin: https://reurl.cc
Connection: keep-alive
Referer: https://reurl.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/json
content-length: 461
server: nginx/1.12.1
date: Fri, 09 Dec 2022 02:32:21 GMT
last-modified: Fri, 09 Dec 2022 02:20:41 GMT
etag: "63929b79-1cd"
expires: Fri, 09 Dec 2022 05:32:21 GMT
cache-control: max-age=10800
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Kbqsz_YK_9OaNvQ7SFZYgryi13FxCdoqo_S3_jH1d0nTav59BHc7Nw==
age: 281
access-control-allow-origin: *
X-Firefox-Spdy: h2

static.xx.fbcdn.net/rsrc.php/v3/yS/r/6YDcW8EHjbp.js?_nc_x=Ij3Wp8lg5Kz

157.240.221.16

200 OK

19 kB

URL HTTP/2
static.xx.fbcdn.net/rsrc.php/v3/yS/r/6YDcW8EHjbp.js?_nc_x=Ij3Wp8lg5Kz
IP
157.240.221.16:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (8606)
Size
19 kB (19088 bytes)
Hash
eab4d9652bb152973a26936fc85f09f5
756a00cb73057d7aebf869b203663a635de8e74a
01cf1611e7f1431f2532cea3c2377f5b56ce369beb6ab0fdf7c0cb22d8a8fa3d

HTTP Headers

GET /rsrc.php/v3/yS/r/6YDcW8EHjbp.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Wed, 29 Nov 2023 09:04:03 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 6rTZZSuxUpc6JpNvyF8J9Q==
x-fb-debug: oQojTSf5dEVYDsFR7fgzt4ArC3lzrzCPVI3dAGO0KaxrRctPdaRY579oKOo4fqyN9myOOSDG0X31yM6Xqqyedg==
priority: u=3,i
content-length: 19088
x-fb-trip-id: 1679558926
date: Fri, 09 Dec 2022 02:37:03 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

reurl.cc/javascripts/pixel.js

35.185.130.121

200 OK

7.3 kB

URL HTTP/2
reurl.cc/javascripts/pixel.js
IP
35.185.130.121:0
ASN
#15169 GOOGLE

File type
data
Size
7.3 kB (7349 bytes)
Hash
55f14c254858969fb7a13be412bfb10d
7e8eb49079d7f5a89f25f9547a62207d06700c37
30e579021cbab09988951e70e36a3032531f65d69966b40d4e653730f6e21900

HTTP Headers

GET /javascripts/pixel.js HTTP/1.1
Host: reurl.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reurl.cc/gvjOLp
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 09 Dec 2022 02:37:03 GMT
content-type: application/javascript
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
vary: Accept-Encoding
etag: W/"63356adf-1ad"
expires: Sat, 09 Dec 2023 02:37:03 GMT
cache-control: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

static.xx.fbcdn.net/rsrc.php/v3/ye/r/jOndqenRnJo.js?_nc_x=Ij3Wp8lg5Kz

157.240.221.16

200 OK

48 kB

URL HTTP/2
static.xx.fbcdn.net/rsrc.php/v3/ye/r/jOndqenRnJo.js?_nc_x=Ij3Wp8lg5Kz
IP
157.240.221.16:0
ASN
#32934 FACEBOOK

File type
C source, ASCII text, with very long lines (5068)
Size
48 kB (48007 bytes)
Hash
c8897f335c1b9bb5f35b61d43a8b8e29
b777c227f93d2093545b49e23715d715049c195b
665a5b99324d87f1f6441ecdace6cffd0eda5bebe0477ff896693eb4b356eb4f

HTTP Headers

GET /rsrc.php/v3/ye/r/jOndqenRnJo.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 07 Dec 2023 23:01:51 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: yIl/M1wbm7XzW2HUOouOKQ==
x-fb-debug: IOEcOmCqSwco16IlPTHHya3E/7lPuu/lWFNneyn2oEBFWVEXNZkIgjQ2R5Rda5cpjcCQa56Q4X3QZPkP8dnGew==
priority: u=3,i
content-length: 48007
x-fb-trip-id: 1679558926
date: Fri, 09 Dec 2022 02:37:03 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

img.scupio.com/js/config/17229.json?v=1.0.3839

143.204.55.37

200 OK

461 B

URL HTTP/2
img.scupio.com/js/config/17229.json?v=1.0.3839
IP
143.204.55.37:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (461), with no line terminators
Size
461 B (461 bytes)
Hash
e18c124cb509ae5e96978f3a02f61303
648556d01bf3eccd69d3189c691243001932243e
58d372dd1a0a3f79f88bc4e3ec811860d6b223692e3f4115ec571f06639f280d

HTTP Headers

GET /js/config/17229.json?v=1.0.3839 HTTP/1.1
Host: img.scupio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Origin: https://reurl.cc
Connection: keep-alive
Referer: https://reurl.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/json
content-length: 461
server: nginx/1.12.1
date: Fri, 09 Dec 2022 02:32:21 GMT
last-modified: Fri, 09 Dec 2022 02:20:40 GMT
expires: Fri, 09 Dec 2022 05:32:21 GMT
cache-control: max-age=10800
accept-ranges: bytes
etag: "63929b78-1cd"
x-cache: Hit from cloudfront
via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: A_mvWd62yOrHDF0s3o84nM6Wr_SwJHyUcwVSljlKWmvAhxZvZ0VYSA==
age: 282
access-control-allow-origin: *
X-Firefox-Spdy: h2

static.xx.fbcdn.net/rsrc.php/v3/y2/r/1Uq8e-LKgSD.js?_nc_x=Ij3Wp8lg5Kz

157.240.221.16

200 OK

85 kB

URL HTTP/2
static.xx.fbcdn.net/rsrc.php/v3/y2/r/1Uq8e-LKgSD.js?_nc_x=Ij3Wp8lg5Kz
IP
157.240.221.16:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (18622)
Size
85 kB (85066 bytes)
Hash
f6e57a27dda31c2b2023e265cb1535c5
32684012a51bc854810a077eb6a0e65e3053d683
bbbd04dcbcae5be2e305b8f0edb6b0c30c14fd208067d5da60e964c1431ce38d

HTTP Headers

GET /rsrc.php/v3/y2/r/1Uq8e-LKgSD.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 08 Dec 2023 21:12:51 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 9uV6J92jHCsgI+JlyxU1xQ==
x-fb-debug: zAYMi7t+BAXI9/ld4Wu/2DYTWP1Pc8Yky8LNal/852X7Bl64yX1IQOS2tS/16AN8uZDBfYaaDtl1MlpjJOnd+w==
priority: u=3,i
content-length: 85066
x-fb-trip-id: 1679558926
date: Fri, 09 Dec 2022 02:37:03 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4/WnnVaKpG-Cc

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/WnnVaKpG-Cc
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d90440377b9bad230e2b379b1f59a546
d99a7c57d1bc02562287ed685a9f3e42e58be95c
fb8fcb5f38c666e8eb308efaf9725abee2976ea586343fe437c5718ef3ef9faf

HTTP Headers

POST /s/gts1d4/WnnVaKpG-Cc HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 02:37:04 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6ec5f6261a8262e9f94b29627f54cefe
7ac766cf2ac8c2d960ec033388a767ff8a7d45e2
5f6ee11d840909fc5272c2c32f7874d55f49d831abc88d527e35562d218890f9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 02:37:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5d96adb682ef39ebb33466026108edf9
88871a7bb3dd6956d63c9b91a9a33870ab4873f2
287f9f6b795e0f0415abf458171d03772bd2c7ceb842816c0dffa4bc04d7a695

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "287F9F6B795E0F0415ABF458171D03772BD2C7CEB842816C0DFFA4BC04D7A695"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12716
Expires: Fri, 09 Dec 2022 06:09:00 GMT
Date: Fri, 09 Dec 2022 02:37:04 GMT
Connection: keep-alive

ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

216.58.211.10

200 OK

34 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
IP
216.58.211.10:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (32077)
Size
34 kB (33951 bytes)
Hash
fd2b58574f9637ba7ef639267349d848
6eda5ea93f549ceb5693f6f1c038893fa56a510d
75627d4b97e5e6294a8f88f5eeaf9b616696dc8600db9701c47ef05f067880ec

HTTP Headers

GET /ajax/libs/jquery/1.12.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://img.scupio.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33951
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Dec 2022 16:26:50 GMT
expires: Tue, 05 Dec 2023 16:26:50 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 295814
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

region1.google-analytics.com/g/collect?v=2&tid=G-N394QBRGC0&gtm=2oebu0&_p=1380886622&cid=573891734.1670553423&ul=en-us&sr=1280x1024&_s=1&sid=1670553422&sct=1&seg=0&dl=https%3A%2F%2Freurl.cc%2FgvjOLp&dt=Send%20Money%2C%20Pay%20Online%20or%20Set%20Up%20a%20Merchant%20Account%20-%20PayPal&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1

216.239.34.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-N394QBRGC0&gtm=2oebu0&_p=1380886622&cid=573891734.1670553423&ul=en-us&sr=1280x1024&_s=1&sid=1670553422&sct=1&seg=0&dl=https%3A%2F%2Freurl.cc%2FgvjOLp&dt=Send%20Money%2C%20Pay%20Online%20or%20Set%20Up%20a%20Merchant%20Account%20-%20PayPal&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP
216.239.34.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-N394QBRGC0&gtm=2oebu0&_p=1380886622&cid=573891734.1670553423&ul=en-us&sr=1280x1024&_s=1&sid=1670553422&sct=1&seg=0&dl=https%3A%2F%2Freurl.cc%2FgvjOLp&dt=Send%20Money%2C%20Pay%20Online%20or%20Set%20Up%20a%20Merchant%20Account%20-%20PayPal&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://reurl.cc
Connection: keep-alive
Referer: https://reurl.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://reurl.cc
date: Fri, 09 Dec 2022 02:37:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
03da22be376222d03828aac28a2febcc
05a94d327b1c3a25654c4c264f7e3471dad41b84
27357db6722dbc8f411f0f735d92eb129eb074c13d96fefbf4862eb84fc72f51

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "27357DB6722DBC8F411F0F735D92EB129EB074C13D96FEFBF4862EB84FC72F51"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14130
Expires: Fri, 09 Dec 2022 06:32:34 GMT
Date: Fri, 09 Dec 2022 02:37:04 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
03da22be376222d03828aac28a2febcc
05a94d327b1c3a25654c4c264f7e3471dad41b84
27357db6722dbc8f411f0f735d92eb129eb074c13d96fefbf4862eb84fc72f51

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "27357DB6722DBC8F411F0F735D92EB129EB074C13D96FEFBF4862EB84FC72F51"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15676
Expires: Fri, 09 Dec 2022 06:58:20 GMT
Date: Fri, 09 Dec 2022 02:37:04 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5d96adb682ef39ebb33466026108edf9
88871a7bb3dd6956d63c9b91a9a33870ab4873f2
287f9f6b795e0f0415abf458171d03772bd2c7ceb842816c0dffa4bc04d7a695

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "287F9F6B795E0F0415ABF458171D03772BD2C7CEB842816C0DFFA4BC04D7A695"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12698
Expires: Fri, 09 Dec 2022 06:08:42 GMT
Date: Fri, 09 Dec 2022 02:37:04 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13435
Expires: Fri, 09 Dec 2022 06:20:59 GMT
Date: Fri, 09 Dec 2022 02:37:04 GMT
Connection: keep-alive

adcdn.holmesmind.com/adserver/Preset.js?z=13856

143.204.55.65

200 OK

789 B

URL HTTP/2
adcdn.holmesmind.com/adserver/Preset.js?z=13856
IP
143.204.55.65:0
ASN
#16509 AMAZON-02

File type
data
Size
789 B (789 bytes)
Hash
189c7a33d04b6720ea38f1398a593497
6b8fdbc88b327aaac495eb6200d72a4052313156
882144ffab91378298bb83c645ae71a73564fa3220949e0b28e683d2a14060f0

HTTP Headers

GET /adserver/Preset.js?z=13856 HTTP/1.1
Host: adcdn.holmesmind.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reurl.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/html; charset=UTF-8
date: Fri, 09 Dec 2022 02:32:37 GMT
server: nginx/1.14.0 (Ubuntu)
access-control-allow-credentials: true
access-control-allow-origin: https://reurl.cc
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: juExLQTdUOOPtqeU0_Bf2xYd2mOoawNHoM1RftuENpBJaSFrzbPpjw==
age: 266
X-Firefox-Spdy: h2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49a0678c-8bda-434a-a337-63696994d79c.jpeg

34.120.237.76

200 OK

5.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49a0678c-8bda-434a-a337-63696994d79c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.5 kB (5530 bytes)
Hash
a22fc7807fb3337f0af5e546c7ad366a
0d5969394b370a5c77c53ed58f55e5f8a45da3ab
98b4f4fd27dc036697fb0328083bce6e691b7493428f3a54991087d9d1165d97

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49a0678c-8bda-434a-a337-63696994d79c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5530
x-amzn-requestid: adecbb8c-cec3-46a0-b32c-0026b8421fe5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cw4d8Fg6IAMF61g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63903abf-4bcb385f27cb438c36a2cd5e;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 07:03:27 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UDD0v-1I1sFVMsJl64nQDe_hHExMrSLXPrbou_J79YEQf3YwS2oklA==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 07:48:13 GMT
age: 67731
etag: "0d5969394b370a5c77c53ed58f55e5f8a45da3ab"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.2 kB (5188 bytes)
Hash
fba9a3854df65740512f96efe7442e58
8fbff7725c842d70e047c635a725723a9dc9c55a
6e639298ebc82343cee9267d2910d15735af55f910e2c3de9218266b7c6fffc9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5188
x-amzn-requestid: afb8cbd2-3674-4dac-9cd9-9ff83618ac0a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ck2-5G9joAMFlPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638b6b92-2979ff216b9028aa70baef8b;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 15:30:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7Dp35PIr_WYUI1bBa21AvmCMEPi0d3jnhuS8eEk3Q3CXRcGWAnkD8g==
via: 1.1 8ae6af4d17aae7471e5fe2792eb6abcc.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 17:01:04 GMT
age: 34560
etag: "8fbff7725c842d70e047c635a725723a9dc9c55a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.9 kB (7897 bytes)
Hash
8c3214044657f3b876d1f1848bca5684
7558222788f06623ddae6e883413e38e1146281e
e1f9c9c445bba7765f371dbb655cab43c1e12de7cbd015f8034c494118f7f708

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7897
x-amzn-requestid: 032fd8ae-b7e9-4e12-8546-838191a73688
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cwVM_F51IAMFunw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63900252-345ae6cd107d207f5dbe29a8;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 03:02:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: N-zFZ8yeL7RrOZ5xfqvfBaE3zcXWecvr6Jd-93nKiUZlCXp2n2_Bgw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 03:42:37 GMT
age: 82467
etag: "7558222788f06623ddae6e883413e38e1146281e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5fa81aa5-4138-458e-9bd7-de9d6211763c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11027 bytes)
Hash
8d1605154a552a8c3165c1358ea2e185
2e677da1f57c112d984180ead80481e8797ff2e8
12b075ad3e786dc68ab3fab1e4ce9d6f7810bdebc7bdafd993e19bc5bc7c0abc

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5fa81aa5-4138-458e-9bd7-de9d6211763c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11027
x-amzn-requestid: e0d56100-13aa-44e5-ae80-bedfeece87db
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cwV19EUOIAMFjcg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63900359-5a5402381d61db921a00404d;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 03:07:05 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7ET6kgGgWAKa4_CFCgSwnN8m7FnplxP7zOp8lEyodxn5lmlIIHD4vQ==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 04:37:30 GMT
age: 79174
etag: "2e677da1f57c112d984180ead80481e8797ff2e8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6ec5f6261a8262e9f94b29627f54cefe
7ac766cf2ac8c2d960ec033388a767ff8a7d45e2
5f6ee11d840909fc5272c2c32f7874d55f49d831abc88d527e35562d218890f9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 02:37:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

c.holmesmind.com/cm

35.201.76.93

302 Found

503 B

URL HTTP/2
c.holmesmind.com/cm
IP
35.201.76.93:0
ASN
#15169 GOOGLE

File type
data
Size
503 B (503 bytes)
Hash
7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38

HTTP Headers

GET /cm HTTP/1.1
Host: c.holmesmind.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.holmesmind.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 302 Found
server: nginx/1.10.3 (Ubuntu)
date: Fri, 09 Dec 2022 02:37:03 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
set-cookie: test_cookie=CheckForPermission;Expires=Friday, 09-Dec-2022 18:38:03 CST;Domain=.holmesmind.com;Path=/;SameSite=none;secure;
location: https://c.holmesmind.com/cm?tc=getIn&
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

adcdn.holmesmind.com/adserver/Preset.js?z=14210

143.204.55.65

200 OK

20 kB

URL HTTP/2
adcdn.holmesmind.com/adserver/Preset.js?z=14210
IP
143.204.55.65:0
ASN
#16509 AMAZON-02

File type
data
Size
20 kB (19704 bytes)
Hash
aa175ea47063f2bf9d9606f883a23bdd
ed1ff2fd099caa506f80d38db560069d48b7ade4
a177b440810c1109cd81ebd058b10ce6f8f36757c47e79f7402a25feba1e09d1

HTTP Headers

GET /adserver/Preset.js?z=14210 HTTP/1.1
Host: adcdn.holmesmind.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reurl.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/html; charset=UTF-8
date: Fri, 09 Dec 2022 02:32:37 GMT
server: nginx/1.14.0 (Ubuntu)
access-control-allow-credentials: true
access-control-allow-origin: https://reurl.cc
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: VxF5eILNuvI3cMMJ90TmMugP6es3cRJzZPA2SUPqLvNd-PG4bjnBhQ==
age: 266
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13435
Expires: Fri, 09 Dec 2022 06:20:59 GMT
Date: Fri, 09 Dec 2022 02:37:04 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
733f13edbe174e94eab812ebc06d857c
aa58fec1016a3761976bbe2c50d17247dba494ba
df4f66c561361cae276bb4b1595f32bfc647bdd0b38c36a5133968ee7aa40b60

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4183
Cache-Control: max-age=89141
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 02:37:04 GMT
Etag: "6391482e-1d7"
Expires: Sat, 10 Dec 2022 03:22:45 GMT
Last-Modified: Thu, 08 Dec 2022 02:13:02 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471

34.120.237.76

200 OK

7.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde6483ed-68c7-4999-8a46-9249a82ae253.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.0 kB (6979 bytes)
Hash
f04d1dc05d36822d7368cdb4d19316c9
5c611ceaf8d4c79edfe37a6201d40917cebeda28
a9336a736295e694564259c4806ed96a00d20844f78f2688ed28251e62a71ceb

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde6483ed-68c7-4999-8a46-9249a82ae253.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6979
x-amzn-requestid: e8dc7a72-f5b3-48cd-a82d-353bace3ed7f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cwVM_F8GIAMFojw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63900252-4c62a5ea0572081c44fd601c;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 03:02:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: iiVTNich5HpqlSgfEWIjQ60wOiemqVrn8OyjLle_xLj8WP0yPsU-dQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 04:16:45 GMT
age: 80419
etag: "5c611ceaf8d4c79edfe37a6201d40917cebeda28"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

c.holmesmind.com/cm?tc=getIn&

35.201.76.93

200 OK

7.2 kB

URL HTTP/2
c.holmesmind.com/cm?tc=getIn&
IP
35.201.76.93:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.2 kB (7217 bytes)
Hash
955c6ac69b89f6cbd497df53fcb2ae1b
2506152cdd1056533116feb9350124356e570e54
fca1b303a554aa9cdd13c4769a1088e1905ef888ed703de17864fe76ff880abe

HTTP Headers

GET /cm?tc=getIn& HTTP/1.1
Host: c.holmesmind.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cdn.holmesmind.com/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.10.3 (Ubuntu)
date: Fri, 09 Dec 2022 02:37:03 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
set-cookie: P=667963-wz4aGs31AAUOwm1UOB7AQTvh9MrI7en4;Expires=Monday, 06-Dec-2032 18:37:03 CST;Domain=.holmesmind.com;Path=/;SameSite=none;secure;
test_cookie=;Expires=Thursday, 01-Jan-1970 08:00:00 CST;Domain=.holmesmind.com;Path=/;SameSite=none;secure;
Vision=20221209-23:59,20221209-13,20221209-13,20221209-23:59;Expires=Friday, 23-Dec-2022 18:37:03 CST;Domain=.holmesmind.com;Path=/;SameSite=none;secure;
C=null;Expires=Friday, 23-Dec-2022 18:37:03 CST;Domain=.holmesmind.com;Path=/;SameSite=none;secure;
RK=null;Expires=Sunday, 19-Mar-2023 18:37:03 CST;Domain=.holmesmind.com;Path=/;SameSite=none;secure;
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
733f13edbe174e94eab812ebc06d857c
aa58fec1016a3761976bbe2c50d17247dba494ba
df4f66c561361cae276bb4b1595f32bfc647bdd0b38c36a5133968ee7aa40b60

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4183
Cache-Control: max-age=89141
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 02:37:04 GMT
Etag: "6391482e-1d7"
Expires: Sat, 10 Dec 2022 03:22:45 GMT
Last-Modified: Thu, 08 Dec 2022 02:13:02 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
733f13edbe174e94eab812ebc06d857c
aa58fec1016a3761976bbe2c50d17247dba494ba
df4f66c561361cae276bb4b1595f32bfc647bdd0b38c36a5133968ee7aa40b60

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4183
Cache-Control: max-age=89141
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 02:37:04 GMT
Etag: "6391482e-1d7"
Expires: Sat, 10 Dec 2022 03:22:45 GMT
Last-Modified: Thu, 08 Dec 2022 02:13:02 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471

i0.wp.com/golike.tw/wp-content/uploads/2022/09/LINE_ALBUM_%E4%BE%86%E5%8E%BB%E6%A1%83%E5%9C%92%E4%B8%80%E6%97%A5%E9%81%8A_220902_97.jpg?fit=1478%2C1108&ssl=1

192.0.77.2

200 OK

211 kB

URL HTTP/2
i0.wp.com/golike.tw/wp-content/uploads/2022/09/LINE_ALBUM_%E4%BE%86%E5%8E%BB%E6%A1%83%E5%9C%92%E4%B8%80%E6%97%A5%E9%81%8A_220902_97.jpg?fit=1478%2C1108&ssl=1
IP
192.0.77.2:0
ASN
#2635 AUTOMATTIC

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1478x1108, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
211 kB (210600 bytes)
Hash
547193ce9a5a7281950af114301d3772
1e899a47997f83b03fc3156c821f40e993929ae1
bf5a90a389a9f8111572c77f7539408846f53aa3d71da0387151ae61b0f706c3

HTTP Headers

GET /golike.tw/wp-content/uploads/2022/09/LINE_ALBUM_%E4%BE%86%E5%8E%BB%E6%A1%83%E5%9C%92%E4%B8%80%E6%97%A5%E9%81%8A_220902_97.jpg?fit=1478%2C1108&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reurl.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 02:37:04 GMT
content-type: image/webp
content-length: 210600
last-modified: Mon, 05 Dec 2022 09:55:11 GMT
expires: Wed, 04 Dec 2024 21:55:11 GMT
cache-control: public, max-age=63115200
link: <https://golike.tw/wp-content/uploads/2022/09/LINE_ALBUM_%E4%BE%86%E5%8E%BB%E6%A1%83%E5%9C%92%E4%B8%80%E6%97%A5%E9%81%8A_220902_97.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "123998cbdc33effb"
vary: Accept
x-nc: HIT arn 6
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

img.scupio.com/js/config/currency.json

143.204.55.37

200 OK

108 B

URL HTTP/2
img.scupio.com/js/config/currency.json
IP
143.204.55.37:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 (with BOM) text, with no line terminators
Size
108 B (108 bytes)
Hash
be50d0faf9c81248cfc882392c520740
34eca29d4accc150f08373869a550d28d05f6481
3aca153e6cf75049b4ce3bd9496cf0d6760236df5560f8720e5b7192d32bccbc

HTTP Headers

GET /js/config/currency.json HTTP/1.1
Host: img.scupio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Connection: keep-alive
Referer: https://img.scupio.com/html/ad.html?v=1.0.65
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/json
content-length: 108
server: nginx/1.12.1
last-modified: Thu, 08 Dec 2022 19:15:04 GMT
accept-ranges: bytes
date: Fri, 09 Dec 2022 02:34:56 GMT
expires: Fri, 09 Dec 2022 05:34:13 GMT
cache-control: max-age=10800
etag: "639237b8-6c"
x-cache: Hit from cloudfront
via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: gZSS1cCc88G0uVa-6bjYCPqnagGS-xUyIAX_5PH7DGhe3aM_veay4w==
age: 171
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
4b715511e526fb70461e5f4e3008d75b
d23c60c5f373b6c3baf1150fc76537c383139b17
cbc81bf10c57840cebcece1de9ee0198d7f8cf0f10d8c0a049a0652c0162c883

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 02:37:04 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 20:16:28 GMT
Expires: Tue, 13 Dec 2022 20:16:27 GMT
Etag: "d23c60c5f373b6c3baf1150fc76537c383139b17"
Cache-Control: max-age=408562,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 776a5b562f26b4fa-OSL

ad2.apx.appier.net/v1/prebid/bid

34.96.119.68

307 Temporary Redirect

0 B

URL HTTP/2
ad2.apx.appier.net/v1/prebid/bid
IP
34.96.119.68:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /v1/prebid/bid HTTP/1.1
Host: ad2.apx.appier.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 504
Origin: https://reurl.cc
Connection: keep-alive
Referer: https://reurl.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 307 Temporary Redirect
server: nginx/1.19.0
date: Fri, 09 Dec 2022 02:37:04 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://reurl.cc
cache-control: no-store
location: https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

reurl.cc/javascripts/loading.js

35.185.130.121

200 OK

1.7 MB

URL HTTP/2
reurl.cc/javascripts/loading.js
IP
35.185.130.121:0
ASN
#15169 GOOGLE

File type
data
Size
1.7 MB (1650054 bytes)
Hash
76f676458c23bb6054a41906d64a3b2e
c81d60fd19a61792942995379e758f65c8817e48
5af19fe707520d8fc7843ee5b1fe10c30af4a4eea9c3d119e6737bdf4a17d4ae

HTTP Headers

GET /javascripts/loading.js HTTP/1.1
Host: reurl.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reurl.cc/gvjOLp
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 09 Dec 2022 02:37:03 GMT
content-type: application/javascript
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
vary: Accept-Encoding
etag: W/"63356adf-86"
expires: Sat, 09 Dec 2023 02:37:03 GMT
cache-control: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f6d79d4508681802da4fb17bf59489ae
8c29d5c4150d1600b98654d2b9000827ab35a617
f6fe5f87b2ef4b258ebcd7dd7a416c835b8af93720f6872f99005ce6885673dd

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F6FE5F87B2EF4B258EBCD7DD7A416C835B8AF93720F6872F99005CE6885673DD"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Fri, 09 Dec 2022 08:37:04 GMT
Date: Fri, 09 Dec 2022 02:37:04 GMT
Connection: keep-alive

prebid-asia.creativecdn.com/bidder/prebid/bids

103.132.192.30

204 No Content

0 B

URL HTTP/2
prebid-asia.creativecdn.com/bidder/prebid/bids
IP
103.132.192.30:0
ASN
#138552 RTB HOUSE PTE. LTD.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /bidder/prebid/bids HTTP/1.1
Host: prebid-asia.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 274
Origin: https://reurl.cc
Connection: keep-alive
Referer: https://reurl.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Fri, 09 Dec 2022 02:37:04 GMT
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2

ad2.apx.appier.net/v1/prebid/bid

34.96.119.68

307 Temporary Redirect

0 B

URL HTTP/2
ad2.apx.appier.net/v1/prebid/bid
IP
34.96.119.68:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /v1/prebid/bid HTTP/1.1
Host: ad2.apx.appier.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 502
Origin: https://reurl.cc
Connection: keep-alive
Referer: https://reurl.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 307 Temporary Redirect
server: nginx/1.19.0
date: Fri, 09 Dec 2022 02:37:04 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://reurl.cc
cache-control: no-store
location: https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

e1.o.lencr.org/

95.101.11.115

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
0ec12e912207a0b599ea3ad54ecf6d07
0610ed4ac707aaad421177defe1e6ff9d1cae161
3ca2c232c26d043c7f1f9b77a5e3be8628927b19d9ed9d14dc800e67ca6d4028

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "3CA2C232C26D043C7F1F9B77A5E3BE8628927B19D9ED9D14DC800E67CA6D4028"
Last-Modified: Wed, 07 Dec 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21598
Expires: Fri, 09 Dec 2022 08:37:02 GMT
Date: Fri, 09 Dec 2022 02:37:04 GMT
Connection: keep-alive

img.scupio.com/html/ad.html?v=1.0.65

143.204.55.37

200 OK

22 kB

URL HTTP/2
img.scupio.com/html/ad.html?v=1.0.65
IP
143.204.55.37:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (13977)
Size
22 kB (22337 bytes)
Hash
a9743429e7d4017de0a5fe52bd9ab08e
2168fd77762ffee32028b0b2bb9011e6e7475841
df4ebac78fcc9bd7cf4a38224d71d060fc3f6b61437f5221ccfdad5145c22475

HTTP Headers

GET /html/ad.html?v=1.0.65 HTTP/1.1
Host: img.scupio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: text/html; charset=utf-8
server: nginx/1.12.1
last-modified: Thu, 18 Aug 2022 08:25:22 GMT
content-encoding: gzip
date: Fri, 09 Dec 2022 01:54:41 GMT
expires: Sun, 08 Jan 2023 01:53:08 GMT
cache-control: max-age=2592000
etag: W/"62fdf772-14d93"
x-cache: Hit from cloudfront
via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 8I6OM5Peit5ybEk0WQMjEcmdD2P3ixcJONjo5jdA2B2WlkWZdsZLyQ==
age: 2635
vary: Origin
X-Firefox-Spdy: h2

prebid-asia.creativecdn.com/bidder/prebid/bids

103.132.192.30

204 No Content

0 B

URL HTTP/2
prebid-asia.creativecdn.com/bidder/prebid/bids
IP
103.132.192.30:0
ASN
#138552 RTB HOUSE PTE. LTD.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /bidder/prebid/bids HTTP/1.1
Host: prebid-asia.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 274
Origin: https://reurl.cc
Connection: keep-alive
Referer: https://reurl.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Fri, 09 Dec 2022 02:37:04 GMT
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2

ad2.apx.appier.net/v1/prebid/bid

34.96.119.68

307 Temporary Redirect

0 B

URL HTTP/2
ad2.apx.appier.net/v1/prebid/bid
IP
34.96.119.68:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /v1/prebid/bid HTTP/1.1
Host: ad2.apx.appier.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 502
Origin: https://reurl.cc
Connection: keep-alive
Referer: https://reurl.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 307 Temporary Redirect
server: nginx/1.19.0
date: Fri, 09 Dec 2022 02:37:04 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://reurl.cc
cache-control: no-store
location: https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

prebid-asia.creativecdn.com/bidder/prebid/bids

103.132.192.30

204 No Content

0 B

URL HTTP/2
prebid-asia.creativecdn.com/bidder/prebid/bids
IP
103.132.192.30:0
ASN
#138552 RTB HOUSE PTE. LTD.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /bidder/prebid/bids HTTP/1.1
Host: prebid-asia.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 272
Origin: https://reurl.cc
Connection: keep-alive
Referer: https://reurl.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Fri, 09 Dec 2022 02:37:04 GMT
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5d96adb682ef39ebb33466026108edf9
88871a7bb3dd6956d63c9b91a9a33870ab4873f2
287f9f6b795e0f0415abf458171d03772bd2c7ceb842816c0dffa4bc04d7a695

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "287F9F6B795E0F0415ABF458171D03772BD2C7CEB842816C0DFFA4BC04D7A695"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12698
Expires: Fri, 09 Dec 2022 06:08:42 GMT
Date: Fri, 09 Dec 2022 02:37:04 GMT
Connection: keep-alive

prebid-asia.creativecdn.com/bidder/prebid/bids

103.132.192.30

204 No Content

0 B

URL HTTP/2
prebid-asia.creativecdn.com/bidder/prebid/bids
IP
103.132.192.30:0
ASN
#138552 RTB HOUSE PTE. LTD.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /bidder/prebid/bids HTTP/1.1
Host: prebid-asia.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 437
Origin: https://img.scupio.com
Connection: keep-alive
Referer: https://img.scupio.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
date: Fri, 09 Dec 2022 02:37:04 GMT
access-control-allow-origin: https://img.scupio.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

313 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
313 B (313 bytes)
Hash
15e3b0c296969f81335cfd2dc136478a
45c617468feb907652356179090be9fc36790b03
0388ea0c98ed3ab0a27735128f347d2c626997fb1406dfe7e54796c3245cf8d4

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5541
Cache-Control: max-age=122522
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 02:37:04 GMT
Etag: "6391c545-139"
Expires: Sat, 10 Dec 2022 12:39:06 GMT
Last-Modified: Thu, 08 Dec 2022 11:06:45 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 313

img.gbyhn.com.tw/2022/12/1670509392-ff3f059376186324858adbff92d7a767-840x525.png

188.114.97.1

200 OK

466 kB

URL HTTP/2
img.gbyhn.com.tw/2022/12/1670509392-ff3f059376186324858adbff92d7a767-840x525.png
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 840 x 525, 8-bit/color RGBA, non-interlaced\012- data
Size
466 kB (466236 bytes)
Hash
70f7e1dde00e5adc819cd500ff997782
351d99d4b20301398d082245f7505a7191435522
3a7f2b8e4475cac180a13b6fb8791340577f1d88db372cd382c01f5e5f9bffc8

HTTP Headers

GET /2022/12/1670509392-ff3f059376186324858adbff92d7a767-840x525.png HTTP/1.1
Host: img.gbyhn.com.tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reurl.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 09 Dec 2022 02:37:04 GMT
content-type: image/png
content-length: 466236
cache-control: public, max-age=604800
expires: Thu, 15 Dec 2022 14:23:42 GMT
last-modified: Thu, 08 Dec 2022 14:23:14 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 40649
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dCPwDsazhYBTnUB07CifdA2cm6JGuawsHc4%2BrWaNSJGoTksZsP60cK5dJLczoCuwvND1dUARb6YM%2Br2RIVT03Lm%2BqYaidlu2VKq%2BGkA%2B7q%2Fggd2XxZZ15JbquovLQbFCAlva"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 776a5b576f8d1c0e-OSL
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
4b715511e526fb70461e5f4e3008d75b
d23c60c5f373b6c3baf1150fc76537c383139b17
cbc81bf10c57840cebcece1de9ee0198d7f8cf0f10d8c0a049a0652c0162c883

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 02:37:04 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 20:16:28 GMT
Expires: Tue, 13 Dec 2022 20:16:27 GMT
Etag: "d23c60c5f373b6c3baf1150fc76537c383139b17"
Cache-Control: max-age=408562,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 776a5b574fcdb4fa-OSL

e1.o.lencr.org/

95.101.11.115

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
0ec12e912207a0b599ea3ad54ecf6d07
0610ed4ac707aaad421177defe1e6ff9d1cae161
3ca2c232c26d043c7f1f9b77a5e3be8628927b19d9ed9d14dc800e67ca6d4028

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "3CA2C232C26D043C7F1F9B77A5E3BE8628927B19D9ED9D14DC800E67CA6D4028"
Last-Modified: Wed, 07 Dec 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21598
Expires: Fri, 09 Dec 2022 08:37:02 GMT
Date: Fri, 09 Dec 2022 02:37:04 GMT
Connection: keep-alive

bidder.criteo.com/cdb?profileId=207&av=34&wv=6.21.0-pre&cb=31055108336

178.250.2.131

204 No Content

0 B

URL HTTP/2
bidder.criteo.com/cdb?profileId=207&av=34&wv=6.21.0-pre&cb=31055108336
IP
178.250.2.131:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cdb?profileId=207&av=34&wv=6.21.0-pre&cb=31055108336 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 331
Origin: https://img.scupio.com
Connection: keep-alive
Referer: https://img.scupio.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Fri, 09 Dec 2022 02:37:04 GMT
vary: Origin
server: Finatra
timing-allow-origin: *
access-control-allow-origin: https://img.scupio.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2

www.rayskyinvest.com/wp-content/uploads/2020/06/%E6%96%87%E7%AB%A0%E5%B0%81%E9%9D%A2size-%E5%B9%A3%E5%AE%89%E5%AE%8C%E6%95%B4%E8%A8%BB%E5%86%8A%E9%96%8B%E6%88%B6%E6%95%99%E5%AD%B8-750x375.jpg

35.197.227.153

200 OK

62 kB

URL HTTP/2
www.rayskyinvest.com/wp-content/uploads/2020/06/%E6%96%87%E7%AB%A0%E5%B0%81%E9%9D%A2size-%E5%B9%A3%E5%AE%89%E5%AE%8C%E6%95%B4%E8%A8%BB%E5%86%8A%E9%96%8B%E6%88%B6%E6%95%99%E5%AD%B8-750x375.jpg
IP
35.197.227.153:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 750x375, components 3\012- data
Size
62 kB (62460 bytes)
Hash
c9177f3332355863b057093ad231cd57
7ac949ad26e1aca11e79bb8fb29f7e06557b6010
d35ab771ece0804e3cb4034595351b1a38e472fc1ccead07dcef54dce1d81363

HTTP Headers

GET /wp-content/uploads/2020/06/%E6%96%87%E7%AB%A0%E5%B0%81%E9%9D%A2size-%E5%B9%A3%E5%AE%89%E5%AE%8C%E6%95%B4%E8%A8%BB%E5%86%8A%E9%96%8B%E6%88%B6%E6%95%99%E5%AD%B8-750x375.jpg HTTP/1.1
Host: www.rayskyinvest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reurl.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 02:37:04 GMT
content-type: image/jpeg
content-length: 62460
last-modified: Thu, 11 Mar 2021 08:26:43 GMT
etag: "6049d443-f3fc"
expires: Thu, 07 Dec 2023 07:49:10 GMT
cache-control: max-age=31536000
x-cdn-c: static
x-sg-cdn: 1
x-proxy-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
X-Firefox-Spdy: h2

bidder.criteo.com/cdb?profileId=207&av=34&wv=6.21.0-pre&cb=98570257238

178.250.2.131

204 No Content

0 B

URL HTTP/2
bidder.criteo.com/cdb?profileId=207&av=34&wv=6.21.0-pre&cb=98570257238
IP
178.250.2.131:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cdb?profileId=207&av=34&wv=6.21.0-pre&cb=98570257238 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 331
Origin: https://img.scupio.com
Connection: keep-alive
Referer: https://img.scupio.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
date: Fri, 09 Dec 2022 02:37:04 GMT
vary: Origin
server: Finatra
timing-allow-origin: *
access-control-allow-origin: https://img.scupio.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2

cdn.holmesmind.com/js/bridgewellV3.js

54.230.111.38

200 OK

4.5 kB

URL HTTP/2
cdn.holmesmind.com/js/bridgewellV3.js
IP
54.230.111.38:0
ASN
#16509 AMAZON-02

File type
ASCII text, with CRLF line terminators
Size
4.5 kB (4530 bytes)
Hash
c3b948e5a48dd0ec20c265d6d8da7add
9fcd995d80439c19a6f8202a181143167e709685
c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b

HTTP Headers

GET /js/bridgewellV3.js HTTP/1.1
Host: cdn.holmesmind.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reurl.cc/
Cookie: test_cookie=CheckForPermission
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 4530
last-modified: Tue, 20 Apr 2021 06:25:23 GMT
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Fri, 09 Dec 2022 02:37:05 GMT
etag: "c3b948e5a48dd0ec20c265d6d8da7add"
x-cache: RefreshHit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: sW55w5IKXPC_Jf8wtFcMCrJ33kxlS_-8hPMNwZ2vZmCOeZvjSj_gwQ==
X-Firefox-Spdy: h2

cdn.holmesmind.com/js/prebid_mainV3.js

54.230.111.38

200 OK

2.9 kB

URL HTTP/2
cdn.holmesmind.com/js/prebid_mainV3.js
IP
54.230.111.38:0
ASN
#16509 AMAZON-02

File type
ASCII text, with CRLF line terminators
Size
2.9 kB (2948 bytes)
Hash
74ebdc32f6914abe676de8f39ed18139
8473a18aa59f435f57e4c45b48243bc5d6a657c4
60c625527519d2f5c9f477679106c665ccf15efd0083a01e42a404f3e70a590a

HTTP Headers

GET /js/prebid_mainV3.js HTTP/1.1
Host: cdn.holmesmind.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reurl.cc/
Cookie: test_cookie=CheckForPermission
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 2948
last-modified: Thu, 17 Nov 2022 07:33:16 GMT
x-amz-version-id: LtEcKp1i.dyPXOQ0XdBFKyTCWm7W87uY
accept-ranges: bytes
server: AmazonS3
date: Fri, 09 Dec 2022 02:37:05 GMT
etag: "74ebdc32f6914abe676de8f39ed18139"
x-cache: RefreshHit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: tOw3JKf-HJzf5gMP7rQ8CWw2fmkbkJD_wnTy1i33ADMTMONdAMjQrQ==
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
4832b1550e87b8313c7d9212600abab5
d83a41812e1fdf5519f678639ff7d7bcfbcb7bac
ccde06d94102bfe1e07ead7089416c15d7d843b0fa533ce6e4094cee28f899b1

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 02:37:04 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 21:44:58 GMT
Expires: Mon, 12 Dec 2022 21:44:57 GMT
Etag: "d83a41812e1fdf5519f678639ff7d7bcfbcb7bac"
Cache-Control: max-age=327472,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 776a5b580821b4fa-OSL

creditcards.com.tw/wp-content/uploads/2022/09/%E5%8F%B0%E7%81%A3%E5%A4%A7%E8%BB%8A%E9%9A%8A%E6%8E%A8%E8%96%A6%E4%BF%A1%E7%94%A8%E5%8D%A1-1080x630.jpg?crop=1

192.0.78.135

200 OK

48 kB

URL HTTP/2
creditcards.com.tw/wp-content/uploads/2022/09/%E5%8F%B0%E7%81%A3%E5%A4%A7%E8%BB%8A%E9%9A%8A%E6%8E%A8%E8%96%A6%E4%BF%A1%E7%94%A8%E5%8D%A1-1080x630.jpg?crop=1
IP
192.0.78.135:0
ASN
#2635 AUTOMATTIC

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1080x630, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
48 kB (48210 bytes)
Hash
330f35998349348d53e1c9dd145ad59d
e373fe97872fd7b5522a6c8b7570c17e59cd5b57
a2497c65ddfce6584c95e71e9b5ce87e502a4ad1f5ae63c593b120d9b216fe38

HTTP Headers

GET /wp-content/uploads/2022/09/%E5%8F%B0%E7%81%A3%E5%A4%A7%E8%BB%8A%E9%9A%8A%E6%8E%A8%E8%96%A6%E4%BF%A1%E7%94%A8%E5%8D%A1-1080x630.jpg?crop=1 HTTP/1.1
Host: creditcards.com.tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reurl.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 02:37:04 GMT
content-type: image/webp
content-length: 48210
strict-transport-security: max-age=31536000
last-modified: Thu, 01 Sep 2022 07:31:22 GMT
expires: Sat, 31 Aug 2024 19:31:22 GMT
cache-control: public, max-age=63115200
x-content-type-options: nosniff
etag: "aefd71552d3c2518"
vary: Accept
x-nc: HIT bur 1
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
x-ac: 3.arn _atomic_ams BYPASS
X-Firefox-Spdy: h2

prebid-asia.creativecdn.com/bidder/prebid/bids

103.132.192.30

204 No Content

0 B

URL HTTP/2
prebid-asia.creativecdn.com/bidder/prebid/bids
IP
103.132.192.30:0
ASN
#138552 RTB HOUSE PTE. LTD.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /bidder/prebid/bids HTTP/1.1
Host: prebid-asia.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 437
Origin: https://img.scupio.com
Connection: keep-alive
Referer: https://img.scupio.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
date: Fri, 09 Dec 2022 02:37:04 GMT
access-control-allow-origin: https://img.scupio.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
d7750457f7e1436e0bdcdcad7f29ac1c
5cb7cd4c3110ac32ea20582b089fd68da9794c74
a85ccc2c74e4be2e8feae8664b2f185a6e3cf715371a1e5c775d44dcc5149051

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=104737
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 02:37:04 GMT
Etag: "63919571-117"
Expires: Sat, 10 Dec 2022 07:42:41 GMT
Last-Modified: Thu, 08 Dec 2022 07:42:41 GMT
Server: nginx
Content-Length: 279

img.racingcharger.tw/wp-content/uploads/20221206114545100.jpg

188.114.96.1

200 OK

158 kB

URL HTTP/2
img.racingcharger.tw/wp-content/uploads/20221206114545100.jpg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75", baseline, precision 8, 1600x900, components 3\012- data
Size
158 kB (158289 bytes)
Hash
b027a1fcf3d2db85c1d51db19bb2959b
9a045565fda3cb62acdafb3d2d8c0d9488bde237
143b228f50158a573732b32e5efd8b9a3bbaf16d04e8efd51a3c3858866a429f

HTTP Headers

GET /wp-content/uploads/20221206114545100.jpg HTTP/1.1
Host: img.racingcharger.tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reurl.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 09 Dec 2022 02:37:04 GMT
content-type: image/jpeg
content-length: 158289
last-modified: Tue, 06 Dec 2022 11:45:53 GMT
cache-control: max-age=28800
cf-cache-status: HIT
age: 18041
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MDoiKzkuwMEuXTgW1iiBgi8YTdxtHXhxtNb4n6n0bv6%2Fqjvqr0kOjTY4EMPS5Bl%2BLItAGT4FM6opUNG4r5Sl7nq5hfMjfqC6nvPaE6pgVUcuaATaG8J%2FnW%2Fv5D%2BnxrWrfqxcfCkRxg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 776a5b592bdcb515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

bw.scupio.com/adpinline/adreqlog.aspx?cid=17229&cb=0.3723892853344921

210.59.219.180

200 OK

0 B

URL HTTP/1.1
bw.scupio.com/adpinline/adreqlog.aspx?cid=17229&cb=0.3723892853344921
IP
210.59.219.180:0
ASN
#3462 Data Communication Business Group

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /adpinline/adreqlog.aspx?cid=17229&cb=0.3723892853344921 HTTP/1.1
Host: bw.scupio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 169
Origin: https://reurl.cc
Connection: keep-alive
Referer: https://reurl.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: application/json
Server: Microsoft-IIS/8.5
P3P: CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI   Sa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin: https://reurl.cc
Access-Control-Allow-Credentials: true
X-AspNet-Version: 4.0.30319
Set-Cookie: ASP.NET_SessionId=xsfitqirmn3gcdsulhgjzghc; path=/; HttpOnly; SameSite=Lax
ASP.NET_SessionId=xsfitqirmn3gcdsulhgjzghc; path=/; HttpOnly; SameSite=Lax
OrgKeyValue=CFA20221209103704413278; domain=scupio.com; expires=Thu, 09-Dec-2027 02:37:04 GMT; path=/; secure; SameSite=None
X-Powered-By: ASP.NET
Date: Fri, 09 Dec 2022 02:37:03 GMT
Content-Length: 0

blog.alphaloan.co/wp-content/uploads/2022/10/%E8%B2%B7%E9%9B%BB%E5%8B%95%E6%B1%BD%E8%BB%8A%E9%81%B8%E4%BF%A1%E8%B2%B8%E9%82%84%E6%98%AF%E8%BB%8A%E8%B2%B8%EF%BC%9F%E7%B4%94%E9%9B%BB%E8%BB%8A%E7%94%A8%E9%9B%BB%E5%8B%95%E8%BB%8A%E8%B2%B8%E6%AC%BE%E5%B0%88%E6%A1%88%E6%9C%80%E5%88%92%E7%AE%97%EF%BC%81-.jpg

192.0.78.236

200 OK

127 kB

URL HTTP/2
blog.alphaloan.co/wp-content/uploads/2022/10/%E8%B2%B7%E9%9B%BB%E5%8B%95%E6%B1%BD%E8%BB%8A%E9%81%B8%E4%BF%A1%E8%B2%B8%E9%82%84%E6%98%AF%E8%BB%8A%E8%B2%B8%EF%BC%9F%E7%B4%94%E9%9B%BB%E8%BB%8A%E7%94%A8%E9%9B%BB%E5%8B%95%E8%BB%8A%E8%B2%B8%E6%AC%BE%E5%B0%88%E6%A1%88%E6%9C%80%E5%88%92%E7%AE%97%EF%BC%81-.jpg
IP
192.0.78.236:0
ASN
#2635 AUTOMATTIC

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, resolutionunit=2], baseline, precision 8, 1640x924, components 3\012- data
Size
127 kB (126583 bytes)
Hash
d8d6fe0fd0bf418ec99179cda60bf33d
2e7935638606630f493df4280cd1687da60e7746
8ece289c9fae84acbb22a2544ab116a875968f6656e4fc18bdda40252ca62d04

HTTP Headers

GET /wp-content/uploads/2022/10/%E8%B2%B7%E9%9B%BB%E5%8B%95%E6%B1%BD%E8%BB%8A%E9%81%B8%E4%BF%A1%E8%B2%B8%E9%82%84%E6%98%AF%E8%BB%8A%E8%B2%B8%EF%BC%9F%E7%B4%94%E9%9B%BB%E8%BB%8A%E7%94%A8%E9%9B%BB%E5%8B%95%E8%BB%8A%E8%B2%B8%E6%AC%BE%E5%B0%88%E6%A1%88%E6%9C%80%E5%88%92%E7%AE%97%EF%BC%81-.jpg HTTP/1.1
Host: blog.alphaloan.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reurl.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 02:37:04 GMT
content-type: image/jpeg
content-length: 126583
strict-transport-security: max-age=31536000
last-modified: Mon, 24 Oct 2022 07:38:56 GMT
etag: "63564110-1ee77"
expires: Fri, 16 Dec 2022 02:37:04 GMT
cache-control: max-age=604800
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
accept-ranges: bytes
x-ac: 3.arn _atomic_ams BYPASS
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
d7750457f7e1436e0bdcdcad7f29ac1c
5cb7cd4c3110ac32ea20582b089fd68da9794c74
a85ccc2c74e4be2e8feae8664b2f185a6e3cf715371a1e5c775d44dcc5149051

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=104737
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 02:37:04 GMT
Etag: "63919571-117"
Expires: Sat, 10 Dec 2022 07:42:41 GMT
Last-Modified: Thu, 08 Dec 2022 07:42:41 GMT
Server: nginx
Content-Length: 279

bw.scupio.com/adpinline/adreqlog.aspx?cid=17253&cb=0.7068189362571269

210.59.219.180

200 OK

0 B

URL HTTP/1.1
bw.scupio.com/adpinline/adreqlog.aspx?cid=17253&cb=0.7068189362571269
IP
210.59.219.180:0
ASN
#3462 Data Communication Business Group

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /adpinline/adreqlog.aspx?cid=17253&cb=0.7068189362571269 HTTP/1.1
Host: bw.scupio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 169
Origin: https://reurl.cc
Connection: keep-alive
Referer: https://reurl.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: application/json
Server: Microsoft-IIS/8.5
P3P: CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI   Sa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin: https://reurl.cc
Access-Control-Allow-Credentials: true
X-AspNet-Version: 4.0.30319
Set-Cookie: ASP.NET_SessionId=dr0hgksiz5f1jikuqsw3suob; path=/; HttpOnly; SameSite=Lax
ASP.NET_SessionId=dr0hgksiz5f1jikuqsw3suob; path=/; HttpOnly; SameSite=Lax
OrgKeyValue=CRA2022120910370450461; domain=scupio.com; expires=Thu, 09-Dec-2027 02:37:04 GMT; path=/; secure; SameSite=None
X-Powered-By: ASP.NET
Date: Fri, 09 Dec 2022 02:37:04 GMT
Content-Length: 0

t.ssp.hinet.net/

203.75.214.136

200 OK

4.0 kB

URL HTTP/2
t.ssp.hinet.net/
IP
203.75.214.136:0
ASN
#3462 Data Communication Business Group

File type
data
Size
4.0 kB (3984 bytes)
Hash
b62c548100d9ee36f26d6afb226dfd6f
cc50a821d33bb6ac80f9be9fac606e72a7b03619
598f403a875ad2ea96148d34fb5e83e3729709134c1a62e1319a78a71a855000

HTTP Headers

GET / HTTP/1.1
Host: t.ssp.hinet.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://reurl.cc
Connection: keep-alive
Referer: https://reurl.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
date: Fri, 09 Dec 2022 02:37:04 GMT
access-control-allow-origin: https://reurl.cc
vary: Accept-Encoding, Origin
access-control-allow-credentials: true
set-cookie: uuid=fedf9184-a3f5-4a33-bc3a-24148c13bcde; expires=Sun, 08-Dec-2024 02:37:04 GMT; Max-Age=63072000; path=/; domain=hinet.net; secure; samesite=none
strict-transport-security: max-age=0
content-encoding: gzip
X-Firefox-Spdy: h2

t.ssp.hinet.net/

203.75.214.136

200 OK

1.3 kB

URL HTTP/2
t.ssp.hinet.net/
IP
203.75.214.136:0
ASN
#3462 Data Communication Business Group

File type
data
Size
1.3 kB (1300 bytes)
Hash
57c992f196d97da9427c554d2467f0cd
b0ed37c0a051f2b88937698e2e93710e23a46b8b
3a14470c535f31b1650cdc3c2b0e8dc13a72e428c8b68cf47ce0239798fd595b

HTTP Headers

GET / HTTP/1.1
Host: t.ssp.hinet.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://reurl.cc
Connection: keep-alive
Referer: https://reurl.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
date: Fri, 09 Dec 2022 02:37:04 GMT
access-control-allow-origin: https://reurl.cc
vary: Accept-Encoding, Origin
access-control-allow-credentials: true
set-cookie: uuid=6bb7d3cf-e931-4d7d-a9c9-0234a48f315e; expires=Sun, 08-Dec-2024 02:37:04 GMT; Max-Age=63072000; path=/; domain=hinet.net; secure; samesite=none
strict-transport-security: max-age=0
content-encoding: gzip
X-Firefox-Spdy: h2

hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-6272B749823AD3B6FE98336EBDD2A34A&tdid=&schain=1.0%2C1!scupio.com%2C4808%2C1%2C%2C%2C&eids=&u=https%3A%2F%2Freurl.cc%2FgvjOLp&host=reurl.cc&xr=0&w=300&h=250

162.210.196.208

204 No Content

0 B

URL HTTP/1.1
hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-6272B749823AD3B6FE98336EBDD2A34A&tdid=&schain=1.0%2C1!scupio.com%2C4808%2C1%2C%2C%2C&eids=&u=https%3A%2F%2Freurl.cc%2FgvjOLp&host=reurl.cc&xr=0&w=300&h=250
IP
162.210.196.208:0
ASN
#30633 LEASEWEB-USA-WDC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-6272B749823AD3B6FE98336EBDD2A34A&tdid=&schain=1.0%2C1!scupio.com%2C4808%2C1%2C%2C%2C&eids=&u=https%3A%2F%2Freurl.cc%2FgvjOLp&host=reurl.cc&xr=0&w=300&h=250 HTTP/1.1
Host: hb.aralego.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://img.scupio.com
Connection: keep-alive
Referer: https://img.scupio.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 204 No Content
date: Fri, 09 Dec 2022 02:37:05 GMT
access-control-allow-origin: https://img.scupio.com
access-control-allow-credentials: true
connection: close

scontent-lcy1-1.xx.fbcdn.net/v/t45.1600-4/314495817_23852077334250652_5412996356229190293_n.jpg?stp=c0.36.1200.628a_cp0_dst-jpg_q75_s350x350_spS444&_nc_cat=108&ccb=1-7&_nc_sid=67cdda&_nc_ohc=TqRdUYl_1mQAX-E8X5g&_nc_ht=scontent-lcy1-1.xx&oh=00_AfBRuvoorUpbxKyWYb6w34fGfH-VBrZtaqwe9kkwRnx5Gw&oe=6396987A

157.240.240.1

200 OK

17 kB

URL HTTP/2
scontent-lcy1-1.xx.fbcdn.net/v/t45.1600-4/314495817_23852077334250652_5412996356229190293_n.jpg?stp=c0.36.1200.628a_cp0_dst-jpg_q75_s350x350_spS444&_nc_cat=108&ccb=1-7&_nc_sid=67cdda&_nc_ohc=TqRdUYl_1mQAX-E8X5g&_nc_ht=scontent-lcy1-1.xx&oh=00_AfBRuvoorUpbxKyWYb6w34fGfH-VBrZtaqwe9kkwRnx5Gw&oe=6396987A
IP
157.240.240.1:0
ASN
#32934 FACEBOOK

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 350x183, components 3\012- data
Size
17 kB (16974 bytes)
Hash
6e07261366fa563d11e29b0c842d7d7a
9f94a04202d054512bc39b48799445d371a138ba
353f921303b8899ce0cc7de3859e604b58181564b9eca13a10a6d12c053704a3

HTTP Headers

GET /v/t45.1600-4/314495817_23852077334250652_5412996356229190293_n.jpg?stp=c0.36.1200.628a_cp0_dst-jpg_q75_s350x350_spS444&_nc_cat=108&ccb=1-7&_nc_sid=67cdda&_nc_ohc=TqRdUYl_1mQAX-E8X5g&_nc_ht=scontent-lcy1-1.xx&oh=00_AfBRuvoorUpbxKyWYb6w34fGfH-VBrZtaqwe9kkwRnx5Gw&oe=6396987A HTTP/1.1
Host: scontent-lcy1-1.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Fri, 11 Nov 2022 02:56:36 GMT
x-haystack-needlechecksum: 3507917466
x-needle-checksum: 686899312
content-type: image/jpeg
content-digest: adler32=3461394291
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
content-length: 16974
x-fb-trip-id: 1679558926
date: Fri, 09 Dec 2022 02:37:05 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

scontent-lcy1-1.xx.fbcdn.net/v/t39.30808-6/317804177_517451287071776_202408517459447862_n.jpg?stp=dst-jpg_p235x350&_nc_cat=1&ccb=1-7&_nc_sid=8024bb&_nc_ohc=4rhVyW3YzOYAX9OaeIl&_nc_ht=scontent-lcy1-1.xx&oh=00_AfCsVu6RF27HycjV-Y9R4KfgWLxZKy27pbS38QvCY7ucrA&oe=6396D5EF

157.240.240.1

200 OK

25 kB

URL HTTP/2
scontent-lcy1-1.xx.fbcdn.net/v/t39.30808-6/317804177_517451287071776_202408517459447862_n.jpg?stp=dst-jpg_p235x350&_nc_cat=1&ccb=1-7&_nc_sid=8024bb&_nc_ohc=4rhVyW3YzOYAX9OaeIl&_nc_ht=scontent-lcy1-1.xx&oh=00_AfCsVu6RF27HycjV-Y9R4KfgWLxZKy27pbS38QvCY7ucrA&oe=6396D5EF
IP
157.240.240.1:0
ASN
#32934 FACEBOOK

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 350x350, components 3\012- data
Size
25 kB (24678 bytes)
Hash
3b7be0ae88efca6e1768192c0f09118e
16e3b4d79cfd5bd5a6175ff5110db4eb217f96bf
994e77b9ea84983465f70541f9bb11bdb7261e4ff7e7fe2d9b7a071c96f62e5c

HTTP Headers

GET /v/t39.30808-6/317804177_517451287071776_202408517459447862_n.jpg?stp=dst-jpg_p235x350&_nc_cat=1&ccb=1-7&_nc_sid=8024bb&_nc_ohc=4rhVyW3YzOYAX9OaeIl&_nc_ht=scontent-lcy1-1.xx&oh=00_AfCsVu6RF27HycjV-Y9R4KfgWLxZKy27pbS38QvCY7ucrA&oe=6396D5EF HTTP/1.1
Host: scontent-lcy1-1.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Sat, 03 Dec 2022 16:57:36 GMT
x-haystack-needlechecksum: 3260002693
x-needle-checksum: 3807705429
content-type: image/jpeg
content-digest: adler32=3857915714
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
content-length: 24678
x-fb-trip-id: 1679558926
date: Fri, 09 Dec 2022 02:37:05 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

t.ssp.hinet.net/

203.75.214.136

200 OK

10 kB

URL HTTP/2
t.ssp.hinet.net/
IP
203.75.214.136:0
ASN
#3462 Data Communication Business Group

File type
data
Size
10 kB (10416 bytes)
Hash
0e5a7997be2318cebc909328a6e3abe0
dee30c23fb3c1372c755fe4ace4f63cf654ff14e
d3fed44a0f21a63ba85497229a0581dea6a2e02cd1e7e8f7f549dc8c3b768e10

HTTP Headers

GET / HTTP/1.1
Host: t.ssp.hinet.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://reurl.cc
Connection: keep-alive
Referer: https://reurl.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
date: Fri, 09 Dec 2022 02:37:04 GMT
access-control-allow-origin: https://reurl.cc
vary: Accept-Encoding, Origin
access-control-allow-credentials: true
set-cookie: uuid=33ed3207-80a6-4030-9036-26195dcf063a; expires=Sun, 08-Dec-2024 02:37:04 GMT; Max-Age=63072000; path=/; domain=hinet.net; secure; samesite=none
strict-transport-security: max-age=0
content-encoding: gzip
X-Firefox-Spdy: h2

t.ssp.hinet.net/

203.75.214.136

200 OK

31 kB

URL HTTP/2
t.ssp.hinet.net/
IP
203.75.214.136:0
ASN
#3462 Data Communication Business Group

File type
data
Size
31 kB (31345 bytes)
Hash
0339842654319ab474713cc9489db6c8
550c0d7ce786ebfc191f8819bd4a4e3c878e5aee
650a514f6d17bd56a4e5950aa42a710fe2a608f8b9e79676c0215bb4fcc9fc2b

HTTP Headers

GET / HTTP/1.1
Host: t.ssp.hinet.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://reurl.cc
Connection: keep-alive
Referer: https://reurl.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
date: Fri, 09 Dec 2022 02:37:04 GMT
access-control-allow-origin: https://reurl.cc
vary: Accept-Encoding, Origin
access-control-allow-credentials: true
set-cookie: uuid=aae64491-2556-4ea7-ad8f-7cbb0cdd7ebe; expires=Sun, 08-Dec-2024 02:37:04 GMT; Max-Age=63072000; path=/; domain=hinet.net; secure; samesite=none
strict-transport-security: max-age=0
content-encoding: gzip
X-Firefox-Spdy: h2

hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-9A2A7263E9EB6DA9F4EB86E487B8648A&tdid=&schain=1.0%2C1!scupio.com%2C4808%2C1%2C%2C%2C&eids=&u=https%3A%2F%2Freurl.cc%2FgvjOLp&host=reurl.cc&xr=0&w=970&h=250

162.210.196.208

204 No Content

0 B

URL HTTP/1.1
hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-9A2A7263E9EB6DA9F4EB86E487B8648A&tdid=&schain=1.0%2C1!scupio.com%2C4808%2C1%2C%2C%2C&eids=&u=https%3A%2F%2Freurl.cc%2FgvjOLp&host=reurl.cc&xr=0&w=970&h=250
IP
162.210.196.208:0
ASN
#30633 LEASEWEB-USA-WDC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-9A2A7263E9EB6DA9F4EB86E487B8648A&tdid=&schain=1.0%2C1!scupio.com%2C4808%2C1%2C%2C%2C&eids=&u=https%3A%2F%2Freurl.cc%2FgvjOLp&host=reurl.cc&xr=0&w=970&h=250 HTTP/1.1
Host: hb.aralego.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://img.scupio.com
Connection: keep-alive
Referer: https://img.scupio.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 204 No Content
date: Fri, 09 Dec 2022 02:37:04 GMT
access-control-allow-origin: https://img.scupio.com
access-control-allow-credentials: true
connection: close

external-lcy1-1.xx.fbcdn.net/emg1/v/t13/17827665096760657764?url=http%3A%2F%2Fcreditcards.com.tw%2Fwp-content%2Fuploads%2F2022%2F02%2F2022-JCB-%E6%82%A0%E9%81%8A%E8%81%AF%E5%90%8D%E5%8D%A1%E6%8E%A8%E8%96%A6.jpg&fb_obo=1&utld=com.tw&stp=c0.5000x0.5000f_dst-emg0_p476x249_q75_u&ccb=13-1&oh=06_AbH3ldN41WLR5zBu9ISufEYKZDBwJCmdtzqZGxsQF5z-lw&oe=63944923&_nc_sid=698a6b

157.240.240.1

200 OK

30 kB

URL HTTP/2
external-lcy1-1.xx.fbcdn.net/emg1/v/t13/17827665096760657764?url=http%3A%2F%2Fcreditcards.com.tw%2Fwp-content%2Fuploads%2F2022%2F02%2F2022-JCB-%E6%82%A0%E9%81%8A%E8%81%AF%E5%90%8D%E5%8D%A1%E6%8E%A8%E8%96%A6.jpg&fb_obo=1&utld=com.tw&stp=c0.5000x0.5000f_dst-emg0_p476x249_q75_u&ccb=13-1&oh=06_AbH3ldN41WLR5zBu9ISufEYKZDBwJCmdtzqZGxsQF5z-lw&oe=63944923&_nc_sid=698a6b
IP
157.240.240.1:0
ASN
#32934 FACEBOOK

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 476x249, components 3\012- data
Size
30 kB (29735 bytes)
Hash
c1a9620b0fc3a38b2ca43afd0ce843aa
0a3ed3eb658213836c66a7205f9b95d84ea7e945
60f5e1ea9d00b69aea6a6948d8d8db73b8c7891043da48a4b95b359897674b33

HTTP Headers

GET /emg1/v/t13/17827665096760657764?url=http%3A%2F%2Fcreditcards.com.tw%2Fwp-content%2Fuploads%2F2022%2F02%2F2022-JCB-%E6%82%A0%E9%81%8A%E8%81%AF%E5%90%8D%E5%8D%A1%E6%8E%A8%E8%96%A6.jpg&fb_obo=1&utld=com.tw&stp=c0.5000x0.5000f_dst-emg0_p476x249_q75_u&ccb=13-1&oh=06_AbH3ldN41WLR5zBu9ISufEYKZDBwJCmdtzqZGxsQF5z-lw&oe=63944923&_nc_sid=698a6b HTTP/1.1
Host: external-lcy1-1.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
last-modified: Thu, 08 Dec 2022 09:15:16 GMT
content-type: image/jpeg
content-digest: adler32=2585493435
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 29735
x-fb-trip-id: 1679558926
date: Fri, 09 Dec 2022 02:37:05 GMT
cache-control: max-age=1209600, no-transform
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

t.ssp.hinet.net/cm?c=50ef57&cid=3245-XxgUAAiPLUYynjQK1hF8JDyci06ahavs&mp=6bb7d3cf-e931-4d7d-a9c9-0234a48f315e

203.75.214.136

200 OK

31 kB

URL HTTP/2
t.ssp.hinet.net/cm?c=50ef57&cid=3245-XxgUAAiPLUYynjQK1hF8JDyci06ahavs&mp=6bb7d3cf-e931-4d7d-a9c9-0234a48f315e
IP
203.75.214.136:0
ASN
#3462 Data Communication Business Group

File type
data
Size
31 kB (31183 bytes)
Hash
70e1488e1374fbe39c188ac1f30557d3
2c50fcad9a4805da9340032fa902db98a55955da
0556539e828b5c9d181bdd531e66dea81aecfac0a62c49d324f37e92bcc6c7d0

HTTP Headers

GET /cm?c=50ef57&cid=3245-XxgUAAiPLUYynjQK1hF8JDyci06ahavs&mp=6bb7d3cf-e931-4d7d-a9c9-0234a48f315e HTTP/1.1
Host: t.ssp.hinet.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://reurl.cc
Connection: keep-alive
Referer: https://reurl.cc/
Cookie: uuid=c1298d8d-7f19-4f3c-b735-cc5c7baf0a7a
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: image/png
cache-control: no-cache, private
date: Fri, 09 Dec 2022 02:37:05 GMT
access-control-allow-origin: https://reurl.cc
vary: Origin
access-control-allow-credentials: true
strict-transport-security: max-age=0
X-Firefox-Spdy: h2

external-lcy1-1.xx.fbcdn.net/emg1/v/t13/15286241683216029812?url=http%3A%2F%2Fcreditcards.com.tw%2Fwp-content%2Fuploads%2F2022%2F11%2F2022-%E7%BE%8E%E5%9C%8B%E9%81%8B%E9%80%9A%E5%9F%BA%E6%9C%AC%E4%BB%8B%E7%B4%B9-%E5%84%AA%E6%83%A0%E5%8C%AF%E6%95%B4.jpg&fb_obo=1&utld=com.tw&stp=c0.5000x0.5000f_dst-emg0_p476x249_q75_u&ccb=13-1&oh=06_AbH62JQXLWACMd69glK8W2Z1lW6H75XLM0QNqm9mCj8PIQ&oe=63940AF6&_nc_sid=698a6b

157.240.240.1

200 OK

26 kB

URL HTTP/2
external-lcy1-1.xx.fbcdn.net/emg1/v/t13/15286241683216029812?url=http%3A%2F%2Fcreditcards.com.tw%2Fwp-content%2Fuploads%2F2022%2F11%2F2022-%E7%BE%8E%E5%9C%8B%E9%81%8B%E9%80%9A%E5%9F%BA%E6%9C%AC%E4%BB%8B%E7%B4%B9-%E5%84%AA%E6%83%A0%E5%8C%AF%E6%95%B4.jpg&fb_obo=1&utld=com.tw&stp=c0.5000x0.5000f_dst-emg0_p476x249_q75_u&ccb=13-1&oh=06_AbH62JQXLWACMd69glK8W2Z1lW6H75XLM0QNqm9mCj8PIQ&oe=63940AF6&_nc_sid=698a6b
IP
157.240.240.1:0
ASN
#32934 FACEBOOK

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 476x249, components 3\012- data
Size
26 kB (25504 bytes)
Hash
2fca99520d9bf35955ec5297bd1907a5
053f541c38666c839e585e385c1aae9101b2ab4e
aaa662a592ef4cae1519637923de7d6b5a4e4aa696b24c0506aeb153076b3cf5

HTTP Headers

GET /emg1/v/t13/15286241683216029812?url=http%3A%2F%2Fcreditcards.com.tw%2Fwp-content%2Fuploads%2F2022%2F11%2F2022-%E7%BE%8E%E5%9C%8B%E9%81%8B%E9%80%9A%E5%9F%BA%E6%9C%AC%E4%BB%8B%E7%B4%B9-%E5%84%AA%E6%83%A0%E5%8C%AF%E6%95%B4.jpg&fb_obo=1&utld=com.tw&stp=c0.5000x0.5000f_dst-emg0_p476x249_q75_u&ccb=13-1&oh=06_AbH62JQXLWACMd69glK8W2Z1lW6H75XLM0QNqm9mCj8PIQ&oe=63940AF6&_nc_sid=698a6b HTTP/1.1
Host: external-lcy1-1.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
last-modified: Fri, 25 Nov 2022 08:24:13 GMT
content-type: image/jpeg
content-digest: adler32=1490369935
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 25504
x-fb-trip-id: 1679558926
date: Fri, 09 Dec 2022 02:37:05 GMT
cache-control: max-age=1209600, no-transform
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

scontent-lcy1-1.xx.fbcdn.net/v/t39.30808-1/305964663_450890893727816_1742559653774706626_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=1&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=SbTtk5W4ABoAX_ohaNw&_nc_ht=scontent-lcy1-1.xx&oh=00_AfC2jwEGahZnsv1N2hnqL7XX5df5G2idI7IR4ZzvRzvLHA&oe=6397BA55

157.240.240.1

200 OK

1.3 kB

URL HTTP/2
scontent-lcy1-1.xx.fbcdn.net/v/t39.30808-1/305964663_450890893727816_1742559653774706626_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=1&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=SbTtk5W4ABoAX_ohaNw&_nc_ht=scontent-lcy1-1.xx&oh=00_AfC2jwEGahZnsv1N2hnqL7XX5df5G2idI7IR4ZzvRzvLHA&oe=6397BA55
IP
157.240.240.1:0
ASN
#32934 FACEBOOK

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3\012- data
Size
1.3 kB (1345 bytes)
Hash
2bd9f1e3cdd6f434f665ca96d5447e16
897e849a303184615443c52a6bfdc0846d9dd2d5
4636fb9df5ae103fbad3764c9f98400be1c9384cbe77fdb6951b96adcac788b1

HTTP Headers

GET /v/t39.30808-1/305964663_450890893727816_1742559653774706626_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=1&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=SbTtk5W4ABoAX_ohaNw&_nc_ht=scontent-lcy1-1.xx&oh=00_AfC2jwEGahZnsv1N2hnqL7XX5df5G2idI7IR4ZzvRzvLHA&oe=6397BA55 HTTP/1.1
Host: scontent-lcy1-1.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Thu, 08 Sep 2022 19:16:03 GMT
x-haystack-needlechecksum: 760809244
x-needle-checksum: 88386505
content-type: image/jpeg
content-digest: adler32=2540016234
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
content-length: 1345
x-fb-trip-id: 1679558926
date: Fri, 09 Dec 2022 02:37:05 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

prebid.scupio.com/recweb/prebid.aspx?cb=0.8304861672068244

210.59.219.181

204 No Content

0 B

URL HTTP/1.1
prebid.scupio.com/recweb/prebid.aspx?cb=0.8304861672068244
IP
210.59.219.181:0
ASN
#3462 Data Communication Business Group

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /recweb/prebid.aspx?cb=0.8304861672068244 HTTP/1.1
Host: prebid.scupio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 457
Origin: https://img.scupio.com
Connection: keep-alive
Referer: https://img.scupio.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/1.1 204 No Content
Cache-Control: private
Content-Type: text/html
Server: Microsoft-IIS/8.5
Access-Control-Allow-Origin: https://img.scupio.com
Access-Control-Allow-Credentials: true
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Fri, 09 Dec 2022 02:37:05 GMT

6bb7d3cf-e931-4d7d-a9c9-0234a48f315e.t.ssp.hinet.net/pixel?bd=6bb7d3cf-e931-4d7d-a9c9-0234a48f315e&t=a546ca&referrer=%25%25%20referrer%20%25%25

203.75.214.136

200 OK

0 B

URL HTTP/2
6bb7d3cf-e931-4d7d-a9c9-0234a48f315e.t.ssp.hinet.net/pixel?bd=6bb7d3cf-e931-4d7d-a9c9-0234a48f315e&t=a546ca&referrer=%25%25%20referrer%20%25%25
IP
203.75.214.136:0
ASN
#3462 Data Communication Business Group

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pixel?bd=6bb7d3cf-e931-4d7d-a9c9-0234a48f315e&t=a546ca&referrer=%25%25%20referrer%20%25%25 HTTP/1.1
Host: 6bb7d3cf-e931-4d7d-a9c9-0234a48f315e.t.ssp.hinet.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reurl.cc/
Cookie: uuid=c1298d8d-7f19-4f3c-b735-cc5c7baf0a7a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 02:37:05 GMT
content-type: image/png
content-length: 0
strict-transport-security: max-age=0
X-Firefox-Spdy: h2

6bb7d3cf-e931-4d7d-a9c9-0234a48f315e.t.ssp.hinet.net/pixel?bd=6bb7d3cf-e931-4d7d-a9c9-0234a48f315e&t=50ef57&referrer=

203.75.214.136

200 OK

0 B

URL HTTP/2
6bb7d3cf-e931-4d7d-a9c9-0234a48f315e.t.ssp.hinet.net/pixel?bd=6bb7d3cf-e931-4d7d-a9c9-0234a48f315e&t=50ef57&referrer=
IP
203.75.214.136:0
ASN
#3462 Data Communication Business Group

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pixel?bd=6bb7d3cf-e931-4d7d-a9c9-0234a48f315e&t=50ef57&referrer= HTTP/1.1
Host: 6bb7d3cf-e931-4d7d-a9c9-0234a48f315e.t.ssp.hinet.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reurl.cc/
Cookie: uuid=c1298d8d-7f19-4f3c-b735-cc5c7baf0a7a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 02:37:05 GMT
content-type: image/png
content-length: 0
strict-transport-security: max-age=0
X-Firefox-Spdy: h2

cdn.holmesmind.com/js/edmpVL.js

54.230.111.38

200 OK

10 kB

URL HTTP/2
cdn.holmesmind.com/js/edmpVL.js
IP
54.230.111.38:0
ASN
#16509 AMAZON-02

File type
C source, Unicode text, UTF-8 text, with CRLF line terminators
Size
10 kB (10022 bytes)
Hash
bb1f54e9cb2e7c9c3e3c1b5adae79ccb
ed10616cb0b3952cd5caacccef973a65d57381b3
8d805e1c2cfc4d461ac38a234fdc8c26f767952c75301b21644940dbb3374a5f

HTTP Headers

GET /js/edmpVL.js HTTP/1.1
Host: cdn.holmesmind.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://img.scupio.com/
Cookie: P=667963-wz4aGs31AAUOwm1UOB7AQTvh9MrI7en4; Vision=20221209-23:59,20221209-13,20221209-13,20221209-23:59; C=null; RK=null
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 10022
last-modified: Tue, 27 Jun 2017 10:23:08 GMT
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Fri, 09 Dec 2022 02:36:10 GMT
etag: "bb1f54e9cb2e7c9c3e3c1b5adae79ccb"
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: bzoEXuOqWo1tVZLwtiSHm8MOk_KI-f1Rk5J5Xiv7WMVMyyrzAIpFuw==
age: 56
X-Firefox-Spdy: h2

ad.holmesmind.com/adserver/ads.js?z=13856&rf=https%3A%2F%2Freurl.cc%2FgvjOLp&n=872&o=1&d=1&b=3&ts=1&ii=3&FPCK=5164-YoXNeE2gwGQzQDgedRhnlkXKM1g0BRpS&initver=210830P

35.75.34.66

200 OK

39 kB

URL HTTP/2
ad.holmesmind.com/adserver/ads.js?z=13856&rf=https%3A%2F%2Freurl.cc%2FgvjOLp&n=872&o=1&d=1&b=3&ts=1&ii=3&FPCK=5164-YoXNeE2gwGQzQDgedRhnlkXKM1g0BRpS&initver=210830P
IP
35.75.34.66:0
ASN
#16509 AMAZON-02

File type
data
Size
39 kB (39337 bytes)
Hash
36664254e37e9a17565ce2c8129f2b58
636aaadceef6f5a730271cbfc76a618d60696d7d
6c7d8a49b00cb3ae7a48bcc9530ad3baa7fda1d01366eaf44233d4cc48162d78

HTTP Headers

GET /adserver/ads.js?z=13856&rf=https%3A%2F%2Freurl.cc%2FgvjOLp&n=872&o=1&d=1&b=3&ts=1&ii=3&FPCK=5164-YoXNeE2gwGQzQDgedRhnlkXKM1g0BRpS&initver=210830P HTTP/1.1
Host: ad.holmesmind.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reurl.cc/
Cookie: test_cookie=CheckForPermission
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 09 Dec 2022 02:37:04 GMT
content-type: text/html; charset=UTF-8
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-origin: https://reurl.cc
content-encoding: gzip
X-Firefox-Spdy: h2

img.scupio.com/js/ad.js

143.204.55.37

200 OK

28 kB

URL HTTP/2
img.scupio.com/js/ad.js
IP
143.204.55.37:0
ASN
#16509 AMAZON-02

File type
data
Size
28 kB (28496 bytes)
Hash
73a026bd72679bb94622857b455681ad
8c66fcf0c6b30f32a4167ab6de33ea5c19d554e4
d878698e432dcffed5d8bdb48e716c756f51d9d104801730a83da8648a3285d9

HTTP Headers

GET /js/ad.js HTTP/1.1
Host: img.scupio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reurl.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
server: nginx/1.12.1
last-modified: Mon, 19 Sep 2022 02:16:55 GMT
content-encoding: gzip
date: Fri, 09 Dec 2022 02:37:03 GMT
expires: Fri, 09 Dec 2022 02:52:00 GMT
cache-control: max-age=900
etag: W/"6327d117-12f95"
x-cache: Hit from cloudfront
via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: zsnuk0ZTZcu_TVyAK2HRbl787TVCxyPSxXBvGJwmMgrN1CIRh4jeKw==
age: 3
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
181252df23fb34db3997a1e483f6ed59
ea36a6b9625ebe8f4d5d81c217b9118aa8dd5354
962b3d5361da7726a380b729dcd0f827f56bdb4d0cc85372122e5f30e4e1205d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "962B3D5361DA7726A380B729DCD0F827F56BDB4D0CC85372122E5F30E4E1205D"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6458
Expires: Fri, 09 Dec 2022 04:24:43 GMT
Date: Fri, 09 Dec 2022 02:37:05 GMT
Connection: keep-alive

cdn.holmesmind.com/js/modle/ade/ade-tracker.js

54.230.111.38

200 OK

1.6 kB

URL HTTP/2
cdn.holmesmind.com/js/modle/ade/ade-tracker.js
IP
54.230.111.38:0
ASN
#16509 AMAZON-02

File type
ASCII text
Size
1.6 kB (1646 bytes)
Hash
cc88de770769cdecaa524a5801120c78
5f25d39f00d22df5f4feb3059d9bc51805dade4d
72e9ecb7db91e5a334caa4e36a70071de2851fe7c5a6e4b1028cc80c5be0fa84

HTTP Headers

GET /js/modle/ade/ade-tracker.js HTTP/1.1
Host: cdn.holmesmind.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://img.scupio.com/
Cookie: P=667963-wz4aGs31AAUOwm1UOB7AQTvh9MrI7en4; Vision=20221209-23:59,20221209-13,20221209-13,20221209-23:59; C=null; RK=null
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 1646
last-modified: Wed, 20 Apr 2022 09:24:31 GMT
x-amz-version-id: NaKVz_HCicjxM9ESQPttcJqfpSisoaZU
accept-ranges: bytes
server: AmazonS3
date: Fri, 09 Dec 2022 02:36:11 GMT
etag: "cc88de770769cdecaa524a5801120c78"
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Z-ZzFvxsawRFi0v-etqhQodGa7HtCo2f7_HSMbIyYUvspSOFMu402A==
age: 55
X-Firefox-Spdy: h2

cdn.holmesmind.com/js/modle/v/v_sdk.js

54.230.111.38

200 OK

192 B

URL HTTP/2
cdn.holmesmind.com/js/modle/v/v_sdk.js
IP
54.230.111.38:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
192 B (192 bytes)
Hash
8644272abfaa44219b2ed3d118b43dbc
a4f4ac8d9323e3ddc5d4579bb08345530f63e38d
7490c495bc701b5f3c822f76f18d9f9842e4c3578b4c8e74937ce49a1ca75546

HTTP Headers

GET /js/modle/v/v_sdk.js HTTP/1.1
Host: cdn.holmesmind.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://img.scupio.com/
Cookie: P=667963-wz4aGs31AAUOwm1UOB7AQTvh9MrI7en4; Vision=20221209-23:59,20221209-13,20221209-13,20221209-23:59; C=null; RK=null
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 192
last-modified: Tue, 29 Mar 2022 07:13:07 GMT
x-amz-version-id: XbcfHlCv0YU6yVSgKouNneQhxA5kNsN1
accept-ranges: bytes
server: AmazonS3
date: Fri, 09 Dec 2022 02:36:11 GMT
etag: "8644272abfaa44219b2ed3d118b43dbc"
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: zFD2G_TBryfz0SIWDtDH62VpryPnM-gGmEZVlTHeVMFBRy9t4s1bQQ==
age: 55
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4188cdc21a8632a1a1bcfb1f7e48723b
c1a44e0f6b6d9a03b5fc5e5d690c49f1d138459a
203e5bbb729ab1311c2d16e09fe98ba544d298aa19ac634b1008369dc226f444

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "203E5BBB729AB1311C2D16E09FE98BA544D298AA19AC634B1008369DC226F444"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Fri, 09 Dec 2022 08:37:05 GMT
Date: Fri, 09 Dec 2022 02:37:05 GMT
Connection: keep-alive

cdn.holmesmind.com/image/14355/e1c83b3a9f9016afce9892009e345898.jpg

54.230.111.38

200 OK

100 kB

URL HTTP/2
cdn.holmesmind.com/image/14355/e1c83b3a9f9016afce9892009e345898.jpg
IP
54.230.111.38:0
ASN
#16509 AMAZON-02

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 300x250, components 3\012- data
Size
100 kB (100401 bytes)
Hash
07b4a3871a1e4d499e115d0006138122
d974c9c6d9c1c53a57de6a90a734046d3826ff7e
f635f7f1ef51e84105ef163f7096a4b1a3b535736238487b81577e8a0cc4cdb7

HTTP Headers

GET /image/14355/e1c83b3a9f9016afce9892009e345898.jpg HTTP/1.1
Host: cdn.holmesmind.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://img.scupio.com/
Cookie: P=667963-wz4aGs31AAUOwm1UOB7AQTvh9MrI7en4; Vision=20221209-23:59,20221209-13,20221209-13,20221209-23:59; C=null; RK=null
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 100401
date: Fri, 09 Dec 2022 02:22:59 GMT
last-modified: Fri, 09 Dec 2022 01:06:38 GMT
etag: "07b4a3871a1e4d499e115d0006138122"
x-amz-version-id: nJpvtdjabtlKEWeYqLqaXipKX_uV9Yjb
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5oGIrahgTGE8FFkqDxEGjR5bIeMyI1CQO81ZmAwbfaDfJewkDVQ0XA==
age: 847
X-Firefox-Spdy: h2

cdn.holmesmind.com/image/14355/e1c83b3a9f9016afce9892009e345898.jpg

54.230.111.38

304 Not Modified

0 B

URL HTTP/2
cdn.holmesmind.com/image/14355/e1c83b3a9f9016afce9892009e345898.jpg
IP
54.230.111.38:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /image/14355/e1c83b3a9f9016afce9892009e345898.jpg HTTP/1.1
Host: cdn.holmesmind.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reurl.cc/
Cookie: P=667963-wz4aGs31AAUOwm1UOB7AQTvh9MrI7en4; Vision=20221209-23:59,20221209-13,20221209-13,20221209-23:59; C=null; RK=null
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Fri, 09 Dec 2022 01:06:38 GMT
If-None-Match: "07b4a3871a1e4d499e115d0006138122"
TE: trailers

HTTP/2 304 Not Modified
date: Fri, 09 Dec 2022 02:22:59 GMT
last-modified: Fri, 09 Dec 2022 01:06:38 GMT
etag: "07b4a3871a1e4d499e115d0006138122"
x-amz-version-id: nJpvtdjabtlKEWeYqLqaXipKX_uV9Yjb
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: L3ybspS1i8AW2WUdIcya4OR5Tscm7Jyv4wqXEdcXpuBXE-ENYqfDzQ==
age: 847
X-Firefox-Spdy: h2

prebid.scupio.com/recweb/prebid.aspx?cb=0.12333737018623103

210.59.219.181

204 No Content

0 B

URL HTTP/1.1
prebid.scupio.com/recweb/prebid.aspx?cb=0.12333737018623103
IP
210.59.219.181:0
ASN
#3462 Data Communication Business Group

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /recweb/prebid.aspx?cb=0.12333737018623103 HTTP/1.1
Host: prebid.scupio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 457
Origin: https://img.scupio.com
Connection: keep-alive
Referer: https://img.scupio.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/1.1 204 No Content
Cache-Control: private
Content-Type: text/html
Server: Microsoft-IIS/8.5
Access-Control-Allow-Origin: https://img.scupio.com
Access-Control-Allow-Credentials: true
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Fri, 09 Dec 2022 02:37:05 GMT

prebid.scupio.com/recweb/prebid.aspx?cb=0.6572811123097783

210.59.219.181

204 No Content

0 B

URL HTTP/1.1
prebid.scupio.com/recweb/prebid.aspx?cb=0.6572811123097783
IP
210.59.219.181:0
ASN
#3462 Data Communication Business Group

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /recweb/prebid.aspx?cb=0.6572811123097783 HTTP/1.1
Host: prebid.scupio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 404
Origin: https://reurl.cc
Connection: keep-alive
Referer: https://reurl.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 204 No Content
Cache-Control: private
Content-Type: text/html
Server: Microsoft-IIS/8.5
Access-Control-Allow-Origin: https://reurl.cc
Access-Control-Allow-Credentials: true
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Fri, 09 Dec 2022 02:37:05 GMT

prebid.scupio.com/recweb/prebid.aspx?cb=0.8522013960162442

210.59.219.181

204 No Content

0 B

URL HTTP/1.1
prebid.scupio.com/recweb/prebid.aspx?cb=0.8522013960162442
IP
210.59.219.181:0
ASN
#3462 Data Communication Business Group

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /recweb/prebid.aspx?cb=0.8522013960162442 HTTP/1.1
Host: prebid.scupio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 403
Origin: https://reurl.cc
Connection: keep-alive
Referer: https://reurl.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 204 No Content
Cache-Control: private
Content-Type: text/html
Server: Microsoft-IIS/8.5
Access-Control-Allow-Origin: https://reurl.cc
Access-Control-Allow-Credentials: true
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Fri, 09 Dec 2022 02:37:05 GMT

prebid.scupio.com/recweb/prebid.aspx?cb=0.5932616338908295

210.59.219.181

204 No Content

0 B

URL HTTP/1.1
prebid.scupio.com/recweb/prebid.aspx?cb=0.5932616338908295
IP
210.59.219.181:0
ASN
#3462 Data Communication Business Group

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /recweb/prebid.aspx?cb=0.5932616338908295 HTTP/1.1
Host: prebid.scupio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 403
Origin: https://reurl.cc
Connection: keep-alive
Referer: https://reurl.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 204 No Content
Cache-Control: private
Content-Type: text/html
Server: Microsoft-IIS/8.5
Access-Control-Allow-Origin: https://reurl.cc
Access-Control-Allow-Credentials: true
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Fri, 09 Dec 2022 02:37:05 GMT

static.xx.fbcdn.net/rsrc.php/v3/yG/r/h8ulkmpky8f.js?_nc_x=Ij3Wp8lg5Kz

157.240.221.16

200 OK

88 kB

URL HTTP/2
static.xx.fbcdn.net/rsrc.php/v3/yG/r/h8ulkmpky8f.js?_nc_x=Ij3Wp8lg5Kz
IP
157.240.221.16:0
ASN
#32934 FACEBOOK

File type
data
Size
88 kB (88439 bytes)
Hash
779cc28a35c7a8047e6af135fdf0d766
e0f8c5f5a5f1552c056c779b7a6cbf84df364808
ac8658ca1e26f87d355dc0b1d8dfbf972b2f753fb528c20733ec6d370300dba4

HTTP Headers

GET /rsrc.php/v3/yG/r/h8ulkmpky8f.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 30 Nov 2023 10:50:05 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: lbhbphR1BNPxW6RqDJiiow==
x-fb-debug: uHL412O7Rk+HFmsqFfVmlQDld3+xyf6ra5jE1O6eoiul/yVns1Om5SrABoQ5NBv03Yh3h3JE/owXpKx9AR1LqA==
priority: u=3,i
content-length: 15174
x-fb-trip-id: 1679558926
date: Fri, 09 Dec 2022 02:37:03 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid

139.162.40.113

307 Temporary Redirect

0 B

URL HTTP/2
gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
IP
139.162.40.113:0
ASN
#63949 Linode, LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP/1.1
Host: gocm.c.appier.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 502
Origin: null
Referer: https://reurl.cc/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 307 Temporary Redirect
server: nginx
date: Fri, 09 Dec 2022 02:37:05 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: null
cache-control: no-store
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=JdQId9-bCviLiO-BUZ-SYw
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
set-cookie: _auid=JdQId9-bCviLiO-BUZ-SYw; Path=/; Domain=c.appier.net; Expires=Sat, 09 Dec 2023 02:37:05 GMT; Max-Age=31536000; HttpOnly; Secure; SameSite=None
X-Firefox-Spdy: h2

gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid

139.162.40.113

307 Temporary Redirect

0 B

URL HTTP/2
gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
IP
139.162.40.113:0
ASN
#63949 Linode, LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP/1.1
Host: gocm.c.appier.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 502
Origin: null
Referer: https://reurl.cc/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 307 Temporary Redirect
server: nginx
date: Fri, 09 Dec 2022 02:37:05 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: null
cache-control: no-store
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=42iXW6vZC3OTrokeUZ-SYw
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
set-cookie: _auid=42iXW6vZC3OTrokeUZ-SYw; Path=/; Domain=c.appier.net; Expires=Sat, 09 Dec 2023 02:37:05 GMT; Max-Age=31536000; HttpOnly; Secure; SameSite=None
X-Firefox-Spdy: h2

gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid

139.162.40.113

307 Temporary Redirect

0 B

URL HTTP/2
gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
IP
139.162.40.113:0
ASN
#63949 Linode, LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP/1.1
Host: gocm.c.appier.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 504
Origin: null
Referer: https://reurl.cc/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 307 Temporary Redirect
server: nginx
date: Fri, 09 Dec 2022 02:37:05 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: null
cache-control: no-store
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=VrSSiuPdDuuYKWP-UZ-SYw
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
set-cookie: _auid=VrSSiuPdDuuYKWP-UZ-SYw; Path=/; Domain=c.appier.net; Expires=Sat, 09 Dec 2023 02:37:05 GMT; Max-Age=31536000; HttpOnly; Secure; SameSite=None
X-Firefox-Spdy: h2

gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid

139.162.40.113

307 Temporary Redirect

0 B

URL HTTP/2
gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
IP
139.162.40.113:0
ASN
#63949 Linode, LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP/1.1
Host: gocm.c.appier.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 504
Origin: null
Referer: https://reurl.cc/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 307 Temporary Redirect
server: nginx
date: Fri, 09 Dec 2022 02:37:05 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: null
cache-control: no-store
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=ZnMXgHxuDESeLZgGUZ-SYw
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
set-cookie: _auid=ZnMXgHxuDESeLZgGUZ-SYw; Path=/; Domain=c.appier.net; Expires=Sat, 09 Dec 2023 02:37:05 GMT; Max-Age=31536000; HttpOnly; Secure; SameSite=None
X-Firefox-Spdy: h2

img.scupio.com/img/2011_gym/970x250.png

143.204.55.37

200 OK

88 kB

URL HTTP/2
img.scupio.com/img/2011_gym/970x250.png
IP
143.204.55.37:0
ASN
#16509 AMAZON-02

File type
PNG image data, 970 x 250, 8-bit/color RGBA, non-interlaced\012- data
Size
88 kB (87751 bytes)
Hash
631554deae2879a2037e0edf55de2f82
56f44bfa0e33195c2ecf0524cbf985a8e23295d1
5c4e555f2cdb1d2c4bc4bd48cf25afb9944c1faed58be0725a8222e9fe2dd67e

HTTP Headers

GET /img/2011_gym/970x250.png HTTP/1.1
Host: img.scupio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://img.scupio.com/html/ad.html?v=1.0.65
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 87751
server: nginx/1.12.1
last-modified: Mon, 19 Apr 2021 03:31:40 GMT
accept-ranges: bytes
date: Fri, 09 Dec 2022 02:00:58 GMT
expires: Sat, 09 Dec 2023 02:00:58 GMT
cache-control: max-age=31536000
etag: "607cf99c-156c7"
x-cache: Hit from cloudfront
via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 4pdVJ-ipCRfT-UGykNuSYMwvzwVfUR3C9MIUy4Ktx6tHSfbmLqG6kA==
age: 2168
vary: Origin
X-Firefox-Spdy: h2

ad.holmesmind.com/adserver/prebid.json?cb=1670553423516&hb=1&ver=1.21

35.75.34.66

200 OK

1.2 kB

URL HTTP/2
ad.holmesmind.com/adserver/prebid.json?cb=1670553423516&hb=1&ver=1.21
IP
35.75.34.66:0
ASN
#16509 AMAZON-02

File type
data
Size
1.2 kB (1174 bytes)
Hash
c5da937dde533029d403104e4882ca70
69a2be93d587f9a34aca0baa112d6f5c0f0bca6a
db0d68c8310ad3ad44dbd60b3a770372cadd8d04751f072970691fbf38a3d1dd

HTTP Headers

POST /adserver/prebid.json?cb=1670553423516&hb=1&ver=1.21 HTTP/1.1
Host: ad.holmesmind.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 41
Origin: https://img.scupio.com
Connection: keep-alive
Referer: https://img.scupio.com/
Cookie: P=667963-wz4aGs31AAUOwm1UOB7AQTvh9MrI7en4; Vision=20221209-23:59,20221209-13,20221209-13,20221209-23:59; C=null; RK=null
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 09 Dec 2022 02:37:05 GMT
content-type: text/html; charset=UTF-8
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-origin: https://img.scupio.com
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.publicca.hinet.net/OCSP/ocspG2

210.71.154.18

200 OK

1.8 kB

URL HTTP/1.1
ocsp.publicca.hinet.net/OCSP/ocspG2
IP
210.71.154.18:0
ASN
#3462 Data Communication Business Group

File type
data
Size
1.8 kB (1773 bytes)
Hash
b72f41850a992518935d45c068afe7ba
ad358dd2389a6e3ae2b093090bf213f93a4041ee
f283d76ffa5aa35b13ec1610964ef9e8766c4700710f94256a9e9be79761495d

HTTP Headers

POST /OCSP/ocspG2 HTTP/1.1
Host: ocsp.publicca.hinet.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 02:37:00 GMT
Content-Length: 1773
Content-Type: application/ocsp-response

ocsp.publicca.hinet.net/OCSP/ocspG2

210.71.154.18

200 OK

1.8 kB

URL HTTP/1.1
ocsp.publicca.hinet.net/OCSP/ocspG2
IP
210.71.154.18:0
ASN
#3462 Data Communication Business Group

File type
data
Size
1.8 kB (1773 bytes)
Hash
b72f41850a992518935d45c068afe7ba
ad358dd2389a6e3ae2b093090bf213f93a4041ee
f283d76ffa5aa35b13ec1610964ef9e8766c4700710f94256a9e9be79761495d

HTTP Headers

POST /OCSP/ocspG2 HTTP/1.1
Host: ocsp.publicca.hinet.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 02:37:00 GMT
Content-Length: 1773
Content-Type: application/ocsp-response

ocsp.publicca.hinet.net/OCSP/ocspG2

210.71.154.18

200 OK

1.8 kB

URL HTTP/1.1
ocsp.publicca.hinet.net/OCSP/ocspG2
IP
210.71.154.18:0
ASN
#3462 Data Communication Business Group

File type
data
Size
1.8 kB (1773 bytes)
Hash
b72f41850a992518935d45c068afe7ba
ad358dd2389a6e3ae2b093090bf213f93a4041ee
f283d76ffa5aa35b13ec1610964ef9e8766c4700710f94256a9e9be79761495d

HTTP Headers

POST /OCSP/ocspG2 HTTP/1.1
Host: ocsp.publicca.hinet.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 02:37:00 GMT
Content-Length: 1773
Content-Type: application/ocsp-response

t.ssp.hinet.net/utag.js

203.75.214.136

200 OK

4.2 kB

URL HTTP/2
t.ssp.hinet.net/utag.js
IP
203.75.214.136:0
ASN
#3462 Data Communication Business Group

File type
data
Size
4.2 kB (4157 bytes)
Hash
1dd7fcbae9be36befb77c9f871fdb2b6
bc10a71c2a7355cc694869a7a5537f5b633ee8f8
28e0e6c425cbdfa1009f71ee8faae8c3228b4533e0f6bbe08a89f4325480efc4

HTTP Headers

GET /utag.js HTTP/1.1
Host: t.ssp.hinet.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reurl.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 02:37:04 GMT
content-type: application/javascript
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
vary: Accept-Encoding
etag: W/"63745fcb-142e"
expires: Fri, 09 Dec 2022 02:47:04 GMT
cache-control: max-age=600
strict-transport-security: max-age=0
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.publicca.hinet.net/OCSP/ocspG2

210.71.154.18

200 OK

1.8 kB

URL HTTP/1.1
ocsp.publicca.hinet.net/OCSP/ocspG2
IP
210.71.154.18:0
ASN
#3462 Data Communication Business Group

File type
data
Size
1.8 kB (1773 bytes)
Hash
b72f41850a992518935d45c068afe7ba
ad358dd2389a6e3ae2b093090bf213f93a4041ee
f283d76ffa5aa35b13ec1610964ef9e8766c4700710f94256a9e9be79761495d

HTTP Headers

POST /OCSP/ocspG2 HTTP/1.1
Host: ocsp.publicca.hinet.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 02:37:00 GMT
Content-Length: 1773
Content-Type: application/ocsp-response

ocsp.digicert.com/

93.184.220.29

200 OK

312 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
312 B (312 bytes)
Hash
32e23db68e6459cedb27f9a1b43182b5
4bf54accce9d81647a83046153f16f328b171d1a
52f39bb67168ff0cab603f7e6c719708da5ca2db7e307b4751099865ddad4380

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5401
Cache-Control: max-age=160538
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 02:37:06 GMT
Etag: "63925a53-138"
Expires: Sat, 10 Dec 2022 23:12:44 GMT
Last-Modified: Thu, 08 Dec 2022 21:42:43 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 312

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2556512b197b09798af71bea10bb4bbb
23b647aca5f8294ae82fa8cc7e2215ebe3347b60
3b5bd592342d978bcf8919d1a1e2f87295e2e4af5b5b266e6017b7a25725d08d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 02:37:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

pagead2.googlesyndication.com/pagead/show_ads.js

172.217.21.162

200 OK

34 kB

URL HTTP/2
pagead2.googlesyndication.com/pagead/show_ads.js
IP
172.217.21.162:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (3583)
Size
34 kB (34239 bytes)
Hash
cfec7a5830840ff4fec9559a3d7280e6
daf4d81b07a14b336ff6005d383c392307567889
0941cce29135df31c4827b0a5d835ff0fbce73014be73f9857c574b989a00b17

HTTP Headers

GET /pagead/show_ads.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reurl.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 09 Dec 2022 02:37:06 GMT
expires: Fri, 09 Dec 2022 02:37:06 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 588612896702097000
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 34239
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2556512b197b09798af71bea10bb4bbb
23b647aca5f8294ae82fa8cc7e2215ebe3347b60
3b5bd592342d978bcf8919d1a1e2f87295e2e4af5b5b266e6017b7a25725d08d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 02:37:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

prebid.cht.hinet.net/api/v1/request/prebid.json

203.75.213.62

200 OK

721 B

URL HTTP/1.1
prebid.cht.hinet.net/api/v1/request/prebid.json
IP
203.75.213.62:0
ASN
#3462 Data Communication Business Group

File type
data
Size
721 B (721 bytes)
Hash
1b7f1ee9e99ac4fdd528ee0674620f9f
8c950fb02a8f1f1762d50e2ea7d3d093807a768f
062c796e3b023877c86b940646abde9893ffd9e251f14edeca839d02a3f3fe57

HTTP Headers

POST /api/v1/request/prebid.json HTTP/1.1
Host: prebid.cht.hinet.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 427
Origin: https://reurl.cc
Connection: keep-alive
Referer: https://reurl.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.21.1
Date: Fri, 09 Dec 2022 02:37:06 GMT
Content-Type: application/json
Content-Length: 2
Connection: keep-alive
set-cookie: uuid=5db5e1f8-aca9-48ec-85fe-d97580ccf4b0; Max-Age=864000; Path=/; SameSite=lax
uuid=5db5e1f8-aca9-48ec-85fe-d97580ccf4b0; Domain=hinet.net; Max-Age=864000; Path=/; SameSite=lax
access-control-allow-credentials: true
access-control-allow-origin: https://reurl.cc
vary: Origin
Strict-Transport-Security: max-age=0

prebid.cht.hinet.net/api/v1/request/prebid.json

203.75.213.62

200 OK

2 B

URL HTTP/1.1
prebid.cht.hinet.net/api/v1/request/prebid.json
IP
203.75.213.62:0
ASN
#3462 Data Communication Business Group

File type
JSON data\012- , ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
d751713988987e9331980363e24189ce
97d170e1550eee4afc0af065b78cda302a97674c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

HTTP Headers

POST /api/v1/request/prebid.json HTTP/1.1
Host: prebid.cht.hinet.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 428
Origin: https://reurl.cc
Connection: keep-alive
Referer: https://reurl.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.21.1
Date: Fri, 09 Dec 2022 02:37:06 GMT
Content-Type: application/json
Content-Length: 2
Connection: keep-alive
set-cookie: uuid=024a0c38-7db9-4e86-89a7-ab2ae8a41e44; Max-Age=864000; Path=/; SameSite=lax
uuid=024a0c38-7db9-4e86-89a7-ab2ae8a41e44; Domain=hinet.net; Max-Age=864000; Path=/; SameSite=lax
access-control-allow-credentials: true
access-control-allow-origin: https://reurl.cc
vary: Origin
Strict-Transport-Security: max-age=0

prebid.cht.hinet.net/api/v1/request/prebid.json

203.75.213.62

200 OK

2 B

URL HTTP/1.1
prebid.cht.hinet.net/api/v1/request/prebid.json
IP
203.75.213.62:0
ASN
#3462 Data Communication Business Group

File type
JSON data\012- , ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
d751713988987e9331980363e24189ce
97d170e1550eee4afc0af065b78cda302a97674c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

HTTP Headers

POST /api/v1/request/prebid.json HTTP/1.1
Host: prebid.cht.hinet.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 427
Origin: https://reurl.cc
Connection: keep-alive
Referer: https://reurl.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.21.1
Date: Fri, 09 Dec 2022 02:37:06 GMT
Content-Type: application/json
Content-Length: 2
Connection: keep-alive
set-cookie: uuid=317682da-eda6-4b68-ab6b-6fefd0641dcb; Max-Age=864000; Path=/; SameSite=lax
uuid=317682da-eda6-4b68-ab6b-6fefd0641dcb; Domain=hinet.net; Max-Age=864000; Path=/; SameSite=lax
access-control-allow-credentials: true
access-control-allow-origin: https://reurl.cc
vary: Origin
Strict-Transport-Security: max-age=0

bw.scupio.com/adpinline/bidinfo.aspx?cb=0.4764767285061313

210.59.219.180

200 OK

1.5 kB

URL HTTP/1.1
bw.scupio.com/adpinline/bidinfo.aspx?cb=0.4764767285061313
IP
210.59.219.180:0
ASN
#3462 Data Communication Business Group

File type
JSON data\012- HTML document, ASCII text, with very long lines (962), with CRLF line terminators
Size
1.5 kB (1481 bytes)
Hash
5921c9de35e056bd3eb538de5b16f895
bbc75f741dce1986c35a10fe61a13a8b29d33150
03dba50067e3289334d195afd4e8c0afcf642c9fff12ec85e29aaa9e381ad936

HTTP Headers

POST /adpinline/bidinfo.aspx?cb=0.4764767285061313 HTTP/1.1
Host: bw.scupio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 1276
Origin: https://img.scupio.com
Connection: keep-alive
Referer: https://img.scupio.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: application/javascript; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
P3P: CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI   Sa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin: https://img.scupio.com
Access-Control-Allow-Credentials: true
X-AspNet-Version: 4.0.30319
Set-Cookie: ASP.NET_SessionId=ceditb1jmxmdz1khxjjwwq2e; path=/; HttpOnly; SameSite=Lax
ASP.NET_SessionId=ceditb1jmxmdz1khxjjwwq2e; path=/; HttpOnly; SameSite=Lax
OrgKeyValue=CDA20221209103706975364; domain=scupio.com; expires=Thu, 09-Dec-2027 02:37:06 GMT; path=/; secure; SameSite=None
gx=H4sIANIPk2MA%2fxNmYGDg4uY4dPvpns5na6wFWIVYOOwFmADoJTTIFwAAAA%3d%3d; domain=scupio.com; expires=Sat, 09-Dec-2023 02:37:06 GMT; path=/; secure; SameSite=None
fxc=1; domain=scupio.com; expires=Fri, 16-Dec-2022 02:37:06 GMT; path=/; secure; SameSite=None
X-Powered-By: ASP.NET
Date: Fri, 09 Dec 2022 02:37:06 GMT
Content-Length: 1481

bidder.criteo.com/cdb?ptv=132&profileId=184&cb=19424101079

178.250.2.131

200 OK

164 B

URL HTTP/2
bidder.criteo.com/cdb?ptv=132&profileId=184&cb=19424101079
IP
178.250.2.131:0
ASN
#44788 Criteo SA

File type
JSON data\012- , ASCII text, with no line terminators
Size
164 B (164 bytes)
Hash
925e57e32899887232274469d27db86e
856e4bf1fb3537f1b88fdb1fdbbc5eaca9793020
2bce86b77484acf49584354168daf3bd14fd1a6f710a2a9defa5a122b7fbdeee

HTTP Headers

POST /cdb?ptv=132&profileId=184&cb=19424101079 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 530
Origin: https://reurl.cc
Connection: keep-alive
Referer: https://reurl.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 09 Dec 2022 02:37:06 GMT
vary: Origin
server: Finatra
content-type: application/json; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: https://reurl.cc
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 164
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2

bidder.criteo.com/cdb?ptv=132&profileId=184&cb=40803773676

178.250.2.131

200 OK

163 B

URL HTTP/2
bidder.criteo.com/cdb?ptv=132&profileId=184&cb=40803773676
IP
178.250.2.131:0
ASN
#44788 Criteo SA

File type
JSON data\012- , ASCII text, with no line terminators
Size
163 B (163 bytes)
Hash
ee879b828264dfa59583546e6a6013f9
7a510f2ca20a1fe7892a7b785fe6059f8683ec2b
1ad991883a525f12c48c23ae4b1f98b31d39e0c15c31540c250f9d32ebab6dbc

HTTP Headers

POST /cdb?ptv=132&profileId=184&cb=40803773676 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 522
Origin: https://reurl.cc
Connection: keep-alive
Referer: https://reurl.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 09 Dec 2022 02:37:06 GMT
vary: Origin
server: Finatra
content-type: application/json; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: https://reurl.cc
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 163
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2

bidder.criteo.com/cdb?ptv=132&profileId=184&cb=35770553287

178.250.2.131

200 OK

163 B

URL HTTP/2
bidder.criteo.com/cdb?ptv=132&profileId=184&cb=35770553287
IP
178.250.2.131:0
ASN
#44788 Criteo SA

File type
JSON data\012- , ASCII text, with no line terminators
Size
163 B (163 bytes)
Hash
ecb5ac8de2c8088b48708be6258aae71
e407c1b7a0a3d83110787510de4086ba51a78922
7b094e020ec4e939ae0dfa1f70d07c90ebd6e47967f4a38b68a86bac9ba2ec0d

HTTP Headers

POST /cdb?ptv=132&profileId=184&cb=35770553287 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 522
Origin: https://reurl.cc
Connection: keep-alive
Referer: https://reurl.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 09 Dec 2022 02:37:06 GMT
vary: Origin
server: Finatra
content-type: application/json; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: https://reurl.cc
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 163
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2

bw.scupio.com/adpinline/bidinfo.aspx?cb=0.5028751015404518

210.59.219.180

200 OK

1.5 kB

URL HTTP/1.1
bw.scupio.com/adpinline/bidinfo.aspx?cb=0.5028751015404518
IP
210.59.219.180:0
ASN
#3462 Data Communication Business Group

File type
JSON data\012- HTML document, ASCII text, with very long lines (962), with CRLF line terminators
Size
1.5 kB (1479 bytes)
Hash
b57feee5299b9bfbb76dd1bf07cf01b1
22ae9c20d573ae7fa0c2d0a3879d14885e8467d3
b5a4f1033ca0d6d749920798fe8b22b6ba893a9ad01123de2b9613a8dbb3d2ed

HTTP Headers

POST /adpinline/bidinfo.aspx?cb=0.5028751015404518 HTTP/1.1
Host: bw.scupio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 920
Origin: https://img.scupio.com
Connection: keep-alive
Referer: https://img.scupio.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: application/javascript; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
P3P: CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI   Sa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin: https://img.scupio.com
Access-Control-Allow-Credentials: true
X-AspNet-Version: 4.0.30319
Set-Cookie: ASP.NET_SessionId=v5flit45tvdppxoxyai5bbz1; path=/; HttpOnly; SameSite=Lax
ASP.NET_SessionId=v5flit45tvdppxoxyai5bbz1; path=/; HttpOnly; SameSite=Lax
OrgKeyValue=CYA20221209103706912942; domain=scupio.com; expires=Thu, 09-Dec-2027 02:37:06 GMT; path=/; secure; SameSite=None
gx=H4sIANIPk2MA%2fxNmYGDg4ua4sHj2vs5na6wFWIVYOOwFmACwe84hFwAAAA%3d%3d; domain=scupio.com; expires=Sat, 09-Dec-2023 02:37:06 GMT; path=/; secure; SameSite=None
fxc=1; domain=scupio.com; expires=Fri, 16-Dec-2022 02:37:06 GMT; path=/; secure; SameSite=None
X-Powered-By: ASP.NET
Date: Fri, 09 Dec 2022 02:37:06 GMT
Content-Length: 1479

secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac

104.85.187.217

301 Moved Permanently

0 B

URL HTTP/2
secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac
IP
104.85.187.217:0
ASN
#16625 AKAMAI-AS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac HTTP/1.1
Host: secure-assets.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://img.scupio.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: AkamaiGHost
content-length: 0
location: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
date: Fri, 09 Dec 2022 02:37:07 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
07a86cf9d9c8389ebd9c52303c83b27f
fd3524d701bdf111c541b6fc9e038bffcc3b5d6c
de08c944b2cb2671078e452d870757622e286f7214d736ab2c1b1d1c2ab8dcfb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 02:37:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q0RBMjAyMjEyMDkxMDM3MDY5NzUzNjQ%3d&layout=js

216.58.207.226

302 Found

368 B

URL HTTP/2
cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q0RBMjAyMjEyMDkxMDM3MDY5NzUzNjQ%3d&layout=js
IP
216.58.207.226:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
368 B (368 bytes)
Hash
a8d0e85a59ffa5e997af645b4a678368
ffabeb1aed99da6cb5a1a01a38f5b3e2abb79017
7c1117dc08e314f98374cf2bea73fdef23cc011d569b6065299d95e86a3b5eea

HTTP Headers

GET /pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q0RBMjAyMjEyMDkxMDM3MDY5NzUzNjQ%3d&layout=js HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://img.scupio.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm=&google_ula=3918219&google_hm=Q0RBMjAyMjEyMDkxMDM3MDY5NzUzNjQ%3D&layout=js&google_tc=
date: Fri, 09 Dec 2022 02:37:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 368
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 09-Dec-2022 02:52:07 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac

104.88.9.101

200 OK

233 B

URL HTTP/1.1
eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
IP
104.88.9.101:0
ASN
#16625 AKAMAI-AS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Size
233 B (233 bytes)
Hash
6220919f0a2b24a12a281ea8b891ecf6
759111c360edc6df73ed10aaaa212cb22c47ce0d
030c6e199782fb1908f6f89d3cd41950fd3ae0830c5020ba9ed617111bacd180

HTTP Headers

GET /usync.html?p=xapi-bridgewell&endpoint=apac HTTP/1.1
Host: eus.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://img.scupio.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Apache/2.2.15 (CentOS)
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
ETag: "403b9-119-5ec73a0a33d00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 09 Dec 2022 02:37:07 GMT
Connection: keep-alive
Vary: Accept-Encoding

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
07a86cf9d9c8389ebd9c52303c83b27f
fd3524d701bdf111c541b6fc9e038bffcc3b5d6c
de08c944b2cb2671078e452d870757622e286f7214d736ab2c1b1d1c2ab8dcfb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 02:37:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

wp.re-news.tw/wp-content/uploads/2022/11/pic2.png

35.185.136.122

200 OK

685 kB

URL HTTP/2
wp.re-news.tw/wp-content/uploads/2022/11/pic2.png
IP
35.185.136.122:0
ASN
#15169 GOOGLE

File type
PNG image data, 1584 x 779, 8-bit/color RGBA, non-interlaced\012- data
Size
685 kB (685184 bytes)
Hash
36b2f4ec5641aa56d729cf76c0f3c59b
9b9b31e1b1b52e11dd09f9a7a6b12cd08c15d895
e25d59657b08bb4df9cbc2b13536bb5825c12e92e3c9bbd3b346390acdf0de4e

HTTP Headers

GET /wp-content/uploads/2022/11/pic2.png HTTP/1.1
Host: wp.re-news.tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reurl.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 09 Dec 2022 02:37:05 GMT
content-type: image/png
content-length: 685184
last-modified: Sat, 05 Nov 2022 05:13:12 GMT
etag: "a7480-5ecb23f3cd354"
accept-ranges: bytes
X-Firefox-Spdy: h2

sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CDA20221209103706975364

192.96.203.13

302 Found

111 B

URL HTTP/1.1
sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CDA20221209103706975364
IP
192.96.203.13:0
ASN
#30633 LEASEWEB-USA-WDC

File type
ASCII text, with no line terminators
Size
111 B (111 bytes)
Hash
febc6b9a3cb9696ca0b2b57e73dc10ce
21ce8fe59a6c6ea57df6d616aaf10f06fc63dc2c
cc380f03ace5d06dc78f11ad4be2acdc1700991ef995b65b1913322bacfa71ff

HTTP Headers

GET /idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CDA20221209103706975364 HTTP/1.1
Host: sync.aralego.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://img.scupio.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
Set-Cookie: sspid=d46fa354-9b29-31c8-bcbc-9af747ba5c72; Domain=.aralego.com; Path=/; Expires=Sat, 09 Dec 2023 02:37:07 GMT; Secure; SameSite=None
Location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Vary: Accept, Accept-Encoding
Content-Type: text/plain; charset=utf-8
Content-Length: 111
Date: Fri, 09 Dec 2022 02:37:07 GMT
Connection: close

video-lcy1-1.xx.fbcdn.net/hvideo-pnb-vll/_nc_cat-103/_nc_sr_t-4/v/rASdYK9QIU7WjgIAqvBWFcveYwTTpaN1I0Nnq4xrtK5w_2A/_nc_ohc-01b1Xd8FDJEAX9rd0ZE/live-dash/dash-abr-ibr-audio/200963182457341.mpd?ccb=2-4&ms=m_CTPA&sc_t=1&oh=00_AfBFbgnZ9OK2TyZijkxaNJkPedAoRAE12nJVGb28Eq_4Rw&oe=639411A2

157.240.240.2

200 OK

1.5 kB

URL HTTP/2
video-lcy1-1.xx.fbcdn.net/hvideo-pnb-vll/_nc_cat-103/_nc_sr_t-4/v/rASdYK9QIU7WjgIAqvBWFcveYwTTpaN1I0Nnq4xrtK5w_2A/_nc_ohc-01b1Xd8FDJEAX9rd0ZE/live-dash/dash-abr-ibr-audio/200963182457341.mpd?ccb=2-4&ms=m_CTPA&sc_t=1&oh=00_AfBFbgnZ9OK2TyZijkxaNJkPedAoRAE12nJVGb28Eq_4Rw&oe=639411A2
IP
157.240.240.2:0
ASN
#32934 FACEBOOK

File type
XML 1.0 document text\012- XML document, ASCII text
Size
1.5 kB (1481 bytes)
Hash
00085408f70acc372b60da2f13146fe3
3165381f3ad4db8d10b15f56bad1a1df3245b6e4
9b48a36b254347c2282f04868a44b0e7672fbcb7e781f253ee967e0e198277bb

HTTP Headers

GET /hvideo-pnb-vll/_nc_cat-103/_nc_sr_t-4/v/rASdYK9QIU7WjgIAqvBWFcveYwTTpaN1I0Nnq4xrtK5w_2A/_nc_ohc-01b1Xd8FDJEAX9rd0ZE/live-dash/dash-abr-ibr-audio/200963182457341.mpd?ccb=2-4&ms=m_CTPA&sc_t=1&oh=00_AfBFbgnZ9OK2TyZijkxaNJkPedAoRAE12nJVGb28Eq_4Rw&oe=639411A2 HTTP/1.1
Host: video-lcy1-1.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
etag: e73b7c7dccd195b33d6ec60c1947a066
x-fb-content-creation-ts: 1670553427
content-type: application/dash+xml
x-fb-latest-segment-ts: 1324106
content-encoding: gzip
content-length: 1481
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-fb-origin-hit: 1
cache-control: max-age=1
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-Broadcast-Ended, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1
x-fb-trip-id: 207616858
date: Fri, 09 Dec 2022 02:37:07 GMT
x-fb-edge-hit: 0
x-fb-edge-debug: 5h3XfN8oMSir6vKYYZ5i4ie87vvRArAGWLMWPodR_oqSkicYiZbrOSLOI47K54EwCWmUt0Y4unXyUUMWM-EFpMRNxc9ACj17iKrPFYSved8
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: https://www.facebook.com
vary: Origin, Origin
X-Firefox-Spdy: h2

157.240.240.2

200 OK

1.5 kB

URL HTTP/2
video-lcy1-1.xx.fbcdn.net/hvideo-pnb-vll/_nc_cat-103/_nc_sr_t-4/v/rASdYK9QIU7WjgIAqvBWFcveYwTTpaN1I0Nnq4xrtK5w_2A/_nc_ohc-01b1Xd8FDJEAX9rd0ZE/live-dash/dash-abr-ibr-audio/200963182457341.mpd?ccb=2-4&ms=m_CTPA&sc_t=1&oh=00_AfBFbgnZ9OK2TyZijkxaNJkPedAoRAE12nJVGb28Eq_4Rw&oe=639411A2
IP
157.240.240.2:0
ASN
#32934 FACEBOOK

File type
XML 1.0 document text\012- XML document, ASCII text
Size
1.5 kB (1481 bytes)
Hash
00085408f70acc372b60da2f13146fe3
3165381f3ad4db8d10b15f56bad1a1df3245b6e4
9b48a36b254347c2282f04868a44b0e7672fbcb7e781f253ee967e0e198277bb

HTTP Headers

GET /hvideo-pnb-vll/_nc_cat-103/_nc_sr_t-4/v/rASdYK9QIU7WjgIAqvBWFcveYwTTpaN1I0Nnq4xrtK5w_2A/_nc_ohc-01b1Xd8FDJEAX9rd0ZE/live-dash/dash-abr-ibr-audio/200963182457341.mpd?ccb=2-4&ms=m_CTPA&sc_t=1&oh=00_AfBFbgnZ9OK2TyZijkxaNJkPedAoRAE12nJVGb28Eq_4Rw&oe=639411A2 HTTP/1.1
Host: video-lcy1-1.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
etag: e73b7c7dccd195b33d6ec60c1947a066
x-fb-content-creation-ts: 1670553427
content-type: application/dash+xml
x-fb-latest-segment-ts: 1324106
content-encoding: gzip
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-fb-origin-hit: 1
cache-control: max-age=1
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-Broadcast-Ended, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1
content-length: 1481
x-fb-trip-id: 207616858
date: Fri, 09 Dec 2022 02:37:07 GMT
x-fb-edge-hit: 1
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: https://www.facebook.com
vary: Origin, Origin
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
32d90ff0cc366730c3633c1201b4c058
f4175292b607197a15085e14bf69df301dff6706
b4b2f80fbe9b02f3d54dc35a3738c31a4d7cb5a5e528fcbce50263d8c458231a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 02:37:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a0905812e8498e6c5c0a9b4b584b972f
039b784fd1e0152ec7f49a54ba027f0b2bd1e833
ee3531ef0f334dcd73a86b1e4365a020d5db69ff7b82bad136eaf1a8e9d3b47f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 02:37:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

adservice.google.no/adsid/integrator.js?domain=reurl.cc

142.250.74.162

200 OK

100 B

URL HTTP/2
adservice.google.no/adsid/integrator.js?domain=reurl.cc
IP
142.250.74.162:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
100 B (100 bytes)
Hash
917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac

HTTP Headers

GET /adsid/integrator.js?domain=reurl.cc HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reurl.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Fri, 09 Dec 2022 02:37:07 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ad.holmesmind.com/adserver/av?p=13534:64025:138987:b51e51974a7fafe7da83634643d23ea8:14355&type=0

35.75.34.66

200 OK

24 kB

URL HTTP/2
ad.holmesmind.com/adserver/av?p=13534:64025:138987:b51e51974a7fafe7da83634643d23ea8:14355&type=0
IP
35.75.34.66:0
ASN
#16509 AMAZON-02

File type
data
Size
24 kB (23730 bytes)
Hash
b4b70a09147762ea1cca0230081c423b
9c82a9a94b663c3da3001f0b810de434fa2a7a51
d3e74b96016d25ebe999345b3777631711b04991f98eaa7b31b9af4e7adc8d3e

HTTP Headers

GET /adserver/av?p=13534:64025:138987:b51e51974a7fafe7da83634643d23ea8:14355&type=0 HTTP/1.1
Host: ad.holmesmind.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://img.scupio.com/
Cookie: P=667963-wz4aGs31AAUOwm1UOB7AQTvh9MrI7en4; Vision=20221209-23:59,20221209-13,20221209-13,20221209-23:59; C=null; RK=null
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 09 Dec 2022 02:37:05 GMT
content-type: text/html; charset=UTF-8
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

adservice.google.com/adsid/integrator.js?domain=reurl.cc

216.58.207.194

200 OK

100 B

URL HTTP/2
adservice.google.com/adsid/integrator.js?domain=reurl.cc
IP
216.58.207.194:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
100 B (100 bytes)
Hash
917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac

HTTP Headers

GET /adsid/integrator.js?domain=reurl.cc HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reurl.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Fri, 09 Dec 2022 02:37:07 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

bidder.criteo.com/csm/events

178.250.2.131

204 No Content

0 B

URL HTTP/2
bidder.criteo.com/csm/events
IP
178.250.2.131:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /csm/events HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 266
Origin: https://reurl.cc
Connection: keep-alive
Referer: https://reurl.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
date: Fri, 09 Dec 2022 02:37:06 GMT
vary: Origin
server: Finatra
timing-allow-origin: *
access-control-allow-origin: https://reurl.cc
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2

t.ssp.hinet.net/

203.75.214.136

200 OK

322 B

URL HTTP/2
t.ssp.hinet.net/
IP
203.75.214.136:0
ASN
#3462 Data Communication Business Group

File type
data
Size
322 B (322 bytes)
Hash
13325355c6bbf507645da0e73d07536f
cfd074f35f6da5922c4bae7d3a10ee0c8e133c5e
3a174fad0ab885d6531fbddf5f2c23ab3007a642bf6df12cd94503fe553d6d4c

HTTP Headers

GET / HTTP/1.1
Host: t.ssp.hinet.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cdn.holmesmind.com
Connection: keep-alive
Referer: https://cdn.holmesmind.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
date: Fri, 09 Dec 2022 02:37:04 GMT
access-control-allow-origin: https://cdn.holmesmind.com
vary: Accept-Encoding, Origin
access-control-allow-credentials: true
set-cookie: uuid=c1298d8d-7f19-4f3c-b735-cc5c7baf0a7a; expires=Sun, 08-Dec-2024 02:37:04 GMT; Max-Age=63072000; path=/; domain=hinet.net; secure; samesite=none
strict-transport-security: max-age=0
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
32d90ff0cc366730c3633c1201b4c058
f4175292b607197a15085e14bf69df301dff6706
b4b2f80fbe9b02f3d54dc35a3738c31a4d7cb5a5e528fcbce50263d8c458231a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 02:37:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

eus.rubiconproject.com/usync.js

104.88.9.101

200 OK

10 kB

URL HTTP/1.1
eus.rubiconproject.com/usync.js
IP
104.88.9.101:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (18728)
Size
10 kB (10067 bytes)
Hash
8deb7dbc8b2c345210076315246d243e
48da2b0f96ae0319416cd069c090acef1217dd08
792653092209c4e0ac57fbffab14833a2d9c4cbf4e7d37ff12aa82aa57efc152

HTTP Headers

GET /usync.js HTTP/1.1
Host: eus.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Thu, 08 Dec 2022 23:42:39 GMT
Content-Encoding: gzip
Content-Length: 10067
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=75915
Expires: Fri, 09 Dec 2022 23:42:22 GMT
Date: Fri, 09 Dec 2022 02:37:07 GMT
Connection: keep-alive
Vary: Accept-Encoding

ocsp.digicert.com/

93.184.220.29

200 OK

313 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
313 B (313 bytes)
Hash
61774d39caf6116c5f631a66e57630f4
5e26a41cc5e6409e441b1a40a150e70e331fe58a
a98d67df9ebfa7282ceec988489abadc2737b5e029e1f1cc514612681ec0ca80

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5322
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 02:37:07 GMT
Last-Modified: Fri, 09 Dec 2022 01:08:25 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 313

img.scupio.com/html/ls.html

143.204.55.37

200 OK

1.2 kB

URL HTTP/2
img.scupio.com/html/ls.html
IP
143.204.55.37:0
ASN
#16509 AMAZON-02

File type
data
Size
1.2 kB (1150 bytes)
Hash
d15c9f1d36d39ec76bb513234e3be9e3
7d24901a2aff0584bce520fd9252400c96b82f80
4eed2cf3b171a6be77deaddccc8cccfecd03c8599347f3672401deb1c941da63

HTTP Headers

GET /html/ls.html HTTP/1.1
Host: img.scupio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://img.scupio.com/html/ad.html?v=1.0.65
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/html; charset=utf-8
server: nginx/1.12.1
last-modified: Mon, 21 Nov 2016 06:35:53 GMT
content-encoding: gzip
date: Fri, 09 Dec 2022 01:55:00 GMT
expires: Fri, 16 Dec 2022 01:53:59 GMT
cache-control: max-age=604800
etag: W/"583295c9-4dc"
x-cache: Hit from cloudfront
via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: RsQd4PkDfJXKKQgqRkix1J8rve7KC_Vy5UgFyBD9kwxCHkVsNvkdNA==
age: 2587
vary: Origin
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a0905812e8498e6c5c0a9b4b584b972f
039b784fd1e0152ec7f49a54ba027f0b2bd1e833
ee3531ef0f334dcd73a86b1e4365a020d5db69ff7b82bad136eaf1a8e9d3b47f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 02:37:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

dnacdn.net/dna

178.250.2.146

200 OK

0 B

URL HTTP/2
dnacdn.net/dna
IP
178.250.2.146:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 09 Dec 2022 02:37:07 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=ZQJj7180M0RITmhlJTJCZkMwOUJGQlhaMUN2czdjWW5VTnJ6d1NQdXg4eW9ObWZxS1VIMXcxYzNTMkJUJTJGaEdzUW5BMmJ4cw; expires=Wed, 03 Jan 2024 02:37:07 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 297866
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2

ocsp.globalsign.com/gsgccr3dvtlsca2020

151.101.66.133

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
151.101.66.133:0
ASN
#54113 FASTLY

File type
data
Size
1.4 kB (1414 bytes)
Hash
3cf813a44cc02d608dc11481d656f79f
a1241d7aadaa567a01d71929c10d70730e5f1d3a
4afefc47ddcc96c43ecf7f30075c57bbfc8c6863366d80007511cd15ad721f2f

HTTP Headers

POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1414
Server: nginx
Content-Type: application/ocsp-response
Expires: Tue, 13 Dec 2022 02:08:39 GMT
ETag: "a1241d7aadaa567a01d71929c10d70730e5f1d3a"
Last-Modified: Fri, 09 Dec 2022 02:08:40 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Fri, 09 Dec 2022 02:37:07 GMT
Age: 1707
X-Served-By: cache-qpg1235-QPG, cache-bma1681-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 24, 3
X-Timer: S1670553428.781772,VS0,VE0

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
18cc322e73c8b494d8f43b0922588f04
e328ef83b8b4735aa93cd68ab1eb850f16c10c81
4f8f8fa8fd32fb03501eedd8474a922a448744d0464844314923ba1672c995bd

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 02:37:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

dnacdn.net/dna

178.250.2.146

200 OK

0 B

URL HTTP/2
dnacdn.net/dna
IP
178.250.2.146:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 09 Dec 2022 02:37:06 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=2d2tZF80M0RITmhlJTJCZkMwOUJGQlhaMUN2czElMkZjWXF4c3BuVFIyNTRaNkNBeWZrSzZxN1dzNHZ0Y2M2V2s0eVBYJTJGbzc1; expires=Wed, 03 Jan 2024 02:37:07 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 289587
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2

match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=

35.71.131.137

200 OK

70 B

URL HTTP/2
match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
IP
35.71.131.137:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
70 B (70 bytes)
Hash
58a7930cd4577fc33c35828c271eab8f
406e57f86dc101e10f3a57be1e2f7b93c4580474
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

HTTP Headers

GET /track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://img.scupio.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 09 Dec 2022 02:37:07 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

313 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
313 B (313 bytes)
Hash
b9fca58b89602b3894ef9642bc27ea3a
e6e8e93b2e314a95eedf178e69c20c4e4a2c55b8
ec626f763a90a8ffcd5979a3a862b6f36a2ae70c17c3e48d9d6b439e2997d943

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5561
Cache-Control: max-age=118593
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 02:37:07 GMT
Etag: "6391b5db-139"
Expires: Sat, 10 Dec 2022 11:33:40 GMT
Last-Modified: Thu, 08 Dec 2022 10:00:59 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 313

ocsp.digicert.com/

93.184.220.29

200 OK

313 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
313 B (313 bytes)
Hash
b9fca58b89602b3894ef9642bc27ea3a
e6e8e93b2e314a95eedf178e69c20c4e4a2c55b8
ec626f763a90a8ffcd5979a3a862b6f36a2ae70c17c3e48d9d6b439e2997d943

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5560
Cache-Control: max-age=118592
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 02:37:07 GMT
Etag: "6391b5db-139"
Expires: Sat, 10 Dec 2022 11:33:39 GMT
Last-Modified: Thu, 08 Dec 2022 10:00:59 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 313

googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F14210&adk=2180255949&adf=3653020618&pi=t.ma~as.2784%2F14210&w=300&url=https%3A%2F%2Freurl.cc%2FgvjOLp&ea=0&wgl=1&dt=1670553425898&bpp=15&bdt=M&idt=856&shv=r20221206&mjsv=m202212060101&ptt=5&saldr=sa&correlator=3804882616186&frm=23&ife=1&pv=2&ga_vid=573891734.1670553423&ga_sid=1670553427&ga_hid=567915816&ga_fc=1&nhd=2&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=484&ady=108&biw=1268&bih=939&isw=300&ish=250&ifk=1900172581&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C44777506%2C31071250&oid=2&pvsid=1104544433664311&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.e7wpsoup1w8c&fsb=1&dtd=986

142.250.74.162

200 OK

24 kB

URL HTTP/2
googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F14210&adk=2180255949&adf=3653020618&pi=t.ma~as.2784%2F14210&w=300&url=https%3A%2F%2Freurl.cc%2FgvjOLp&ea=0&wgl=1&dt=1670553425898&bpp=15&bdt=M&idt=856&shv=r20221206&mjsv=m202212060101&ptt=5&saldr=sa&correlator=3804882616186&frm=23&ife=1&pv=2&ga_vid=573891734.1670553423&ga_sid=1670553427&ga_hid=567915816&ga_fc=1&nhd=2&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=484&ady=108&biw=1268&bih=939&isw=300&ish=250&ifk=1900172581&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C44777506%2C31071250&oid=2&pvsid=1104544433664311&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.e7wpsoup1w8c&fsb=1&dtd=986
IP
142.250.74.162:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (57933), with no line terminators
Size
24 kB (24321 bytes)
Hash
97f34fd2f3bd795b4c0facb539a25c89
daef67d4cfb64161c8066fc81ff22e13fd51e09f
ab7cb7d2670d52c061cec86721b09d26e6806f763166b9633a44ceb82d061429

HTTP Headers

GET /pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F14210&adk=2180255949&adf=3653020618&pi=t.ma~as.2784%2F14210&w=300&url=https%3A%2F%2Freurl.cc%2FgvjOLp&ea=0&wgl=1&dt=1670553425898&bpp=15&bdt=M&idt=856&shv=r20221206&mjsv=m202212060101&ptt=5&saldr=sa&correlator=3804882616186&frm=23&ife=1&pv=2&ga_vid=573891734.1670553423&ga_sid=1670553427&ga_hid=567915816&ga_fc=1&nhd=2&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=484&ady=108&biw=1268&bih=939&isw=300&ish=250&ifk=1900172581&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C44777506%2C31071250&oid=2&pvsid=1104544433664311&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.e7wpsoup1w8c&fsb=1&dtd=986 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 09 Dec 2022 02:37:07 GMT
server: cafe
content-length: 24321
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 09-Dec-2022 02:52:07 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 09 Dec 2022 02:37:07 GMT
cache-control: private
X-Firefox-Spdy: h2

gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc

178.250.2.146

200 OK

84 kB

URL HTTP/2
gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
IP
178.250.2.146:0
ASN
#44788 Criteo SA

File type
data
Size
84 kB (83731 bytes)
Hash
7b85f34dce130ee971e21117bcdf974e
9ee3c64bf8d00d3cece7c4aa3317951c8f2b320b
d3634ff851a0bda8d77dc2548da14e5114e915688c8747a7ea784346b94646e8

HTTP Headers

GET /syncframe?origin=publishertag&topUrl=reurl.cc HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://img.scupio.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 09 Dec 2022 02:37:06 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=a3cbb7f8-bd03-4561-b121-2c2763e27294; expires=Wed, 03 Jan 2024 02:37:06 GMT; domain=.criteo.com; path=/; secure; samesite=none
optout=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; domain=.criteo.com; path=/
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 675383
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2

bw.scupio.com/ssp/initid.aspx?mode=L&cb=0.4189874881359349

210.59.219.180

200 OK

160 B

URL HTTP/1.1
bw.scupio.com/ssp/initid.aspx?mode=L&cb=0.4189874881359349
IP
210.59.219.180:0
ASN
#3462 Data Communication Business Group

File type
ASCII text, with no line terminators
Size
160 B (160 bytes)
Hash
dede670e27a5bdde04e5ff234d456fef
563f497be2d0f5cc7f805048d0c2595db3fe0875
cad52cb23d0f73f0692cbc88dd45d8a2e526658435eee138e869da10a6d76b66

HTTP Headers

GET /ssp/initid.aspx?mode=L&cb=0.4189874881359349 HTTP/1.1
Host: bw.scupio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://img.scupio.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: application/javascript; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
Set-Cookie: ASP.NET_SessionId=wvpojbvkcvprh3ondqkthu2o; path=/; HttpOnly; SameSite=Lax
P3P: CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI   Sa OTPa OUR STP IND UNI COM NAV INT STA "
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Fri, 09 Dec 2022 02:37:07 GMT
Content-Length: 160

adcdn.holmesmind.com/adserver/Preset.js?z=13847

143.204.55.65

200 OK

936 B

URL HTTP/2
adcdn.holmesmind.com/adserver/Preset.js?z=13847
IP
143.204.55.65:0
ASN
#16509 AMAZON-02

File type
data
Size
936 B (936 bytes)
Hash
403f805abcc2b5f8a720f07f86183530
4c0ebd944fe82e76c9f6d9c219beee01d7a6fe72
ce4e111561254583936add56848c93406985c21581dae2b43f62d73ace1d5ca3

HTTP Headers

GET /adserver/Preset.js?z=13847 HTTP/1.1
Host: adcdn.holmesmind.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reurl.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/html; charset=UTF-8
date: Fri, 09 Dec 2022 02:32:37 GMT
server: nginx/1.14.0 (Ubuntu)
access-control-allow-credentials: true
access-control-allow-origin: https://reurl.cc
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 568aNF04ZWLWMqOl1D-gCvj2SB4WmOMLztfnXNwkDb7crb0ZC137rw==
age: 266
X-Firefox-Spdy: h2

ag.gbc.criteo.com/newidsd

185.235.84.165

200 OK

304 B

URL HTTP/2
ag.gbc.criteo.com/newidsd
IP
185.235.84.165:0
ASN
#44788 Criteo SA

File type
data
Size
304 B (304 bytes)
Hash
9563645d0a8c3578fc96556619d2a773
c3f9c6589a7c0b4b37f18befdca747df2011a464
85764105ba24ae182d4a3bc15bddc7132f746a70177cf0354251c1059aafc0db

HTTP Headers

GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
date: Fri, 09 Dec 2022 02:37:06 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 164341
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2

video-lcy1-1.xx.fbcdn.net/hvideo-pnb-vll/_nc_cat-103/_nc_sr_t-4/v/rASdYK9QIU7WjgIAqvBWFcveYwTTpaN1I0Nnq4xrtK5w_2A/_nc_ohc-01b1Xd8FDJEAX9rd0ZE/live-dash/dash-lp-qd-v/200963182457341_0-init.m4v?ms=m_C&ccb=2-4&sc_t=1

157.240.240.2

200 OK

658 B

URL HTTP/2
video-lcy1-1.xx.fbcdn.net/hvideo-pnb-vll/_nc_cat-103/_nc_sr_t-4/v/rASdYK9QIU7WjgIAqvBWFcveYwTTpaN1I0Nnq4xrtK5w_2A/_nc_ohc-01b1Xd8FDJEAX9rd0ZE/live-dash/dash-lp-qd-v/200963182457341_0-init.m4v?ms=m_C&ccb=2-4&sc_t=1
IP
157.240.240.2:0
ASN
#32934 FACEBOOK

File type
ISO Media, MP4 Base Media v6 \012- data
Size
658 B (658 bytes)
Hash
4f780e3ccc5a3010a690f4b899dae687
2261da913eeaa92a81ed1b69ad40700891d2e8da
799da09ca63ed01c599ccd8cb9c4b6972932cf3deb1fdc07947c104a2e52af9c

HTTP Headers

GET /hvideo-pnb-vll/_nc_cat-103/_nc_sr_t-4/v/rASdYK9QIU7WjgIAqvBWFcveYwTTpaN1I0Nnq4xrtK5w_2A/_nc_ohc-01b1Xd8FDJEAX9rd0ZE/live-dash/dash-lp-qd-v/200963182457341_0-init.m4v?ms=m_C&ccb=2-4&sc_t=1 HTTP/1.1
Host: video-lcy1-1.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-type: video/mp4
etag: f834e46a332b395a9dbecbc9f8e853f6
x-fb-video-livetrace-encoding: dash-lp-qd
content-length: 658
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-fb-origin-hit: 1
cache-control: max-age=900
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1
x-fb-trip-id: 207616858
x-fb-response-time-ms: 104
date: Fri, 09 Dec 2022 02:37:08 GMT
x-fb-video-livetrace-parentsource: CDN:elb:M:lcy1c01:dash-lp-qd:8036
x-fb-edge-hit: 0
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

video-lcy1-1.xx.fbcdn.net/hvideo-pnb-vll/_nc_cat-103/_nc_sr_t-4/v/rASdYK9QIU7WjgIAqvBWFcveYwTTpaN1I0Nnq4xrtK5w_2A/_nc_ohc-01b1Xd8FDJEAX9rd0ZE/live-dash/dash-lp-qd-v/200963182457341_0-1320106.m4v?ms=m_C&ccb=2-4&sc_t=1

157.240.240.2

200 OK

36 kB

URL HTTP/2
video-lcy1-1.xx.fbcdn.net/hvideo-pnb-vll/_nc_cat-103/_nc_sr_t-4/v/rASdYK9QIU7WjgIAqvBWFcveYwTTpaN1I0Nnq4xrtK5w_2A/_nc_ohc-01b1Xd8FDJEAX9rd0ZE/live-dash/dash-lp-qd-v/200963182457341_0-1320106.m4v?ms=m_C&ccb=2-4&sc_t=1
IP
157.240.240.2:0
ASN
#32934 FACEBOOK

File type
data
Size
36 kB (35692 bytes)
Hash
963be7f9c74bfb655fac4c44aff59d38
b493aeb19b9b40f69e8c9c36f9571eb1254bd878
b2d3ac1aed6be86cfa21db7ad97e3e2a153213212c1fb53bfd7f0de8ad553048

HTTP Headers

GET /hvideo-pnb-vll/_nc_cat-103/_nc_sr_t-4/v/rASdYK9QIU7WjgIAqvBWFcveYwTTpaN1I0Nnq4xrtK5w_2A/_nc_ohc-01b1Xd8FDJEAX9rd0ZE/live-dash/dash-lp-qd-v/200963182457341_0-1320106.m4v?ms=m_C&ccb=2-4&sc_t=1 HTTP/1.1
Host: video-lcy1-1.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-type: video/mp4
etag: fffee49b76dbe70376b66fb65576b543
x-fb-video-livetrace-ids: 3071286660:1321240
x-fb-video-livetrace-encoding: dash-lp-qd
content-length: 35692
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-fb-origin-hit: 1
cache-control: max-age=900
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1
x-fb-trip-id: 207616858
x-fb-response-time-ms: 105
date: Fri, 09 Dec 2022 02:37:08 GMT
x-fb-video-livetrace-parentsource: CDN:elb:M:lcy1c01:dash-lp-qd:8045
x-fb-edge-hit: 0
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

video-lcy1-1.xx.fbcdn.net/hvideo-pnb-vll/_nc_cat-103/_nc_sr_t-4/v/rASdYK9QIU7WjgIAqvBWFcveYwTTpaN1I0Nnq4xrtK5w_2A/_nc_ohc-01b1Xd8FDJEAX9rd0ZE/live-dash/dash-lp-qd-a/200963182457341_0-1320106.m4a?ms=m_C&ccb=2-4&sc_t=1

157.240.240.2

200 OK

25 kB

URL HTTP/2
video-lcy1-1.xx.fbcdn.net/hvideo-pnb-vll/_nc_cat-103/_nc_sr_t-4/v/rASdYK9QIU7WjgIAqvBWFcveYwTTpaN1I0Nnq4xrtK5w_2A/_nc_ohc-01b1Xd8FDJEAX9rd0ZE/live-dash/dash-lp-qd-a/200963182457341_0-1320106.m4a?ms=m_C&ccb=2-4&sc_t=1
IP
157.240.240.2:0
ASN
#32934 FACEBOOK

File type
data
Size
25 kB (24705 bytes)
Hash
6f96897bb2d9e73aed6300a7f42c3e41
28a116297a65e39598219130efab37f05fbb3e1c
440b2a3a34c9b808232a2cc05bc36504e71047624e0f4b76520b5bbcb244fcde

HTTP Headers

GET /hvideo-pnb-vll/_nc_cat-103/_nc_sr_t-4/v/rASdYK9QIU7WjgIAqvBWFcveYwTTpaN1I0Nnq4xrtK5w_2A/_nc_ohc-01b1Xd8FDJEAX9rd0ZE/live-dash/dash-lp-qd-a/200963182457341_0-1320106.m4a?ms=m_C&ccb=2-4&sc_t=1 HTTP/1.1
Host: video-lcy1-1.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-type: video/mp4
etag: 7db36a4703a59b3beb9f89d81145610c
x-fb-video-livetrace-encoding: dash-lp-qd
content-length: 24705
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-fb-origin-hit: 1
cache-control: max-age=900
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1
priority: u=3,i
x-fb-trip-id: 207616858
x-fb-response-time-ms: 108
date: Fri, 09 Dec 2022 02:37:08 GMT
x-fb-video-livetrace-parentsource: CDN:elb:M:lcy1c01:dash-lp-qd:8046
x-fb-edge-hit: 0
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
7f699af9ca7843cb9e6a1b7576c2940c
cce981996a863a63f9a8c497fbcebf5eae75607f
1c89b2002df4a7655407dab0a7d4d8bb74a3f8f7ef72d62c649a08a7b6cb64e9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 02:37:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
7f699af9ca7843cb9e6a1b7576c2940c
cce981996a863a63f9a8c497fbcebf5eae75607f
1c89b2002df4a7655407dab0a7d4d8bb74a3f8f7ef72d62c649a08a7b6cb64e9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 02:37:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

tpc.googlesyndication.com/pagead/js/r20221206/r20110914/abg_lite_fy2021.js

216.58.207.193

200 OK

9.4 kB

URL HTTP/2
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/abg_lite_fy2021.js
IP
216.58.207.193:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1592)
Size
9.4 kB (9443 bytes)
Hash
5a5aa8d035ffaad9c0b8653b0a412d2f
f09fe4da7a3d328089a611e314d326aa5cb598f5
de6d29b666b737e039c2de5bedaf81dda437c47a79e17d0d10f188358916187a

HTTP Headers

GET /pagead/js/r20221206/r20110914/abg_lite_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 9443
x-xss-protection: 0
date: Thu, 08 Dec 2022 18:25:11 GMT
expires: Thu, 22 Dec 2022 18:25:11 GMT
cache-control: public, max-age=1209600
age: 29517
etag: 9828741834572772835
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/qs_click_protection_fy2021.js

216.58.207.193

200 OK

7.5 kB

URL HTTP/2
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/qs_click_protection_fy2021.js
IP
216.58.207.193:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1542)
Size
7.5 kB (7480 bytes)
Hash
6f59900fa87e133bae329372aebefe36
260937d2934233c07b112f3564ec9eca7b529fd7
156c12ec7d6973b5742504716567b70740dd66bee9cc0e1a1608df56e77011fd

HTTP Headers

GET /pagead/js/r20221206/r20110914/client/qs_click_protection_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 7480
x-xss-protection: 0
date: Thu, 08 Dec 2022 18:25:11 GMT
expires: Thu, 22 Dec 2022 18:25:11 GMT
cache-control: public, max-age=1209600
age: 29517
etag: 15631949847000551034
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CYA20221209103706912942

192.96.203.13

302 Found

111 B

URL HTTP/1.1
sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CYA20221209103706912942
IP
192.96.203.13:0
ASN
#30633 LEASEWEB-USA-WDC

File type
ASCII text, with no line terminators
Size
111 B (111 bytes)
Hash
febc6b9a3cb9696ca0b2b57e73dc10ce
21ce8fe59a6c6ea57df6d616aaf10f06fc63dc2c
cc380f03ace5d06dc78f11ad4be2acdc1700991ef995b65b1913322bacfa71ff

HTTP Headers

GET /idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CYA20221209103706912942 HTTP/1.1
Host: sync.aralego.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://img.scupio.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
Set-Cookie: sspid=d46fa354-9b29-31c8-bcbc-9af747ba5c72; Domain=.aralego.com; Path=/; Expires=Sat, 09 Dec 2023 02:37:08 GMT; Secure; SameSite=None
Location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Vary: Accept, Accept-Encoding
Content-Type: text/plain; charset=utf-8
Content-Length: 111
Date: Fri, 09 Dec 2022 02:37:08 GMT
Connection: close

bw.scupio.com/ssp/initid.aspx?mode=L&cb=0.6883085775780955

210.59.219.180

200 OK

160 B

URL HTTP/1.1
bw.scupio.com/ssp/initid.aspx?mode=L&cb=0.6883085775780955
IP
210.59.219.180:0
ASN
#3462 Data Communication Business Group

File type
ASCII text, with no line terminators
Size
160 B (160 bytes)
Hash
f7c9914078c37ec73b2b4bb32f4a7b79
78801c448f0f1a6d0c8bfa2f2f48c0f7e3672a8f
81564f4156dc43418ba68bbd59dda12885bf38561f77b58ed86ba0112dcb3eac

HTTP Headers

GET /ssp/initid.aspx?mode=L&cb=0.6883085775780955 HTTP/1.1
Host: bw.scupio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://img.scupio.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: application/javascript; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
Set-Cookie: ASP.NET_SessionId=p2ix330xtxghqwefwmazjxbv; path=/; HttpOnly; SameSite=Lax
P3P: CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI   Sa OTPa OUR STP IND UNI COM NAV INT STA "
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Fri, 09 Dec 2022 02:37:07 GMT
Content-Length: 160

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c9208747f2926b414bae65ed0e18fac5
3b25f459b1fe1a63689880699450305a8aee8b77
2c5333a23ade630e8dd8242aa59e371fa2208e265c58916e6fa799683d53f196

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 02:37:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

bidder.criteo.com/csm/events

178.250.2.131

204 No Content

0 B

URL HTTP/2
bidder.criteo.com/csm/events
IP
178.250.2.131:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /csm/events HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 311
Origin: https://reurl.cc
Connection: keep-alive
Referer: https://reurl.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
date: Fri, 09 Dec 2022 02:37:08 GMT
vary: Origin
server: Finatra
timing-allow-origin: *
access-control-allow-origin: https://reurl.cc
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2

bidder.criteo.com/csm/events

178.250.2.131

204 No Content

0 B

URL HTTP/2
bidder.criteo.com/csm/events
IP
178.250.2.131:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /csm/events HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 309
Origin: https://reurl.cc
Connection: keep-alive
Referer: https://reurl.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
date: Fri, 09 Dec 2022 02:37:07 GMT
vary: Origin
server: Finatra
timing-allow-origin: *
access-control-allow-origin: https://reurl.cc
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2

p4-f2hyhjpf3kzqu-ewnn6utaftsrgvu5-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

142.250.74.131

200 OK

202 B

URL HTTP/2
p4-f2hyhjpf3kzqu-ewnn6utaftsrgvu5-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
202 B (202 bytes)
Hash
216983dd5e34757a6ba7e38c8a323ef6
1a42c64deaf6be13bafc24d975c6d3f44222292c
db5757cd3f5b85815c2be92f312427c3d8302b5af1a00d260c759c085b61d339

HTTP Headers

GET /v6exp3/redir.html HTTP/1.1
Host: p4-f2hyhjpf3kzqu-ewnn6utaftsrgvu5-if-v6exp3-v4.metric.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy-report-only: script-src 'nonce-9FL1pRnKataI9KnHH0bLHQ' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 202
date: Fri, 09 Dec 2022 02:37:08 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Mon, 02 Dec 2019 20:15:00 GMT
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c9208747f2926b414bae65ed0e18fac5
3b25f459b1fe1a63689880699450305a8aee8b77
2c5333a23ade630e8dd8242aa59e371fa2208e265c58916e6fa799683d53f196

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 02:37:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

dnacdn.net/dna

178.250.2.146

200 OK

199 B

URL HTTP/2
dnacdn.net/dna
IP
178.250.2.146:0
ASN
#44788 Criteo SA

File type
data
Size
199 B (199 bytes)
Hash
584524d13ba99a4c06d4f1f0a172c803
9a101ca7eb1d9afdfc74793b1069e0af9a5834d9
8642109a0c30e8fb381055f58cd69d0be1e8d4b8fe2d7d222083bf26149175be

HTTP Headers

GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=2d2tZF80M0RITmhlJTJCZkMwOUJGQlhaMUN2czElMkZjWXF4c3BuVFIyNTRaNkNBeWZrSzZxN1dzNHZ0Y2M2V2s0eVBYJTJGbzc1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 09 Dec 2022 02:37:08 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=b4a_al80M0RITmhlJTJCZkMwOUJGQlhaMUN2czElMkZjWXF4c3BuVFIyNTRaNkNBeWZrSlQwRHV2U0xFSEpsejFnTUVyNFFyNA; expires=Wed, 03 Jan 2024 02:37:08 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 382415
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b5cba4e1962a1fe17c9021f3e418975a
01293d7e4084011451f7d17936ab2427504cdb1a
ecfe30d3abc32ca9f933303d75b2055642d3c7c8197af08fe2c314394699594b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 02:37:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/pagead/drt/ui

142.250.74.164

302 Found

0 B

URL HTTP/2
www.google.com/pagead/drt/ui
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pagead/drt/ui HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 09 Dec 2022 02:37:08 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

gem.gbc.criteo.com/newidsd

185.235.84.148

200 OK

515 B

URL HTTP/2
gem.gbc.criteo.com/newidsd
IP
185.235.84.148:0
ASN
#44788 Criteo SA

File type
data
Size
515 B (515 bytes)
Hash
bc0cd43ceed636a4f2039d83e402681c
f5c063bbff351c71534e8f7e480b65bc14649f4e
468de383eda455306848f10a67187090e602e3c9aead418098a84b318d9d0a44

HTTP Headers

GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Fri, 09 Dec 2022 02:37:07 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 86804
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2

gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=FirefoxSyncframe&so=0&topUrl=reurl.cc&info=b4a_al80M0RITmhlJTJCZkMwOUJGQlhaMUN2czElMkZjWXF4c3BuVFIyNTRaNkNBeWZrSlQwRHV2U0xFSEpsejFnTUVyNFFyNA&idsd=1590629402,802081309

178.250.2.146

200 OK

524 B

URL HTTP/2
gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=FirefoxSyncframe&so=0&topUrl=reurl.cc&info=b4a_al80M0RITmhlJTJCZkMwOUJGQlhaMUN2czElMkZjWXF4c3BuVFIyNTRaNkNBeWZrSlQwRHV2U0xFSEpsejFnTUVyNFFyNA&idsd=1590629402,802081309
IP
178.250.2.146:0
ASN
#44788 Criteo SA

File type
data
Size
524 B (524 bytes)
Hash
06d162064c97b3b6ac86243f2373d840
64626fffa85eb2c824674be612fa843fd6c145c9
5b9a4705cc0a256c4339b451c0be3dcfbeb860e273173bddc6e6e2ffb9c95c83

HTTP Headers

GET /sid/json?origin=publishertag&domain=img.scupio.com&sn=FirefoxSyncframe&so=0&topUrl=reurl.cc&info=b4a_al80M0RITmhlJTJCZkMwOUJGQlhaMUN2czElMkZjWXF4c3BuVFIyNTRaNkNBeWZrSlQwRHV2U0xFSEpsejFnTUVyNFFyNA&idsd=1590629402,802081309 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 09 Dec 2022 02:37:08 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 1299904
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2

gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&pbt=1

178.250.2.146

200 OK

320 B

URL HTTP/2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&pbt=1
IP
178.250.2.146:0
ASN
#44788 Criteo SA

File type
data
Size
320 B (320 bytes)
Hash
612385f47e81782688a731707cfc9dc0
cd7ece17c6909f51a5af22f94ca986b4ab47d593
b21c4a13aec8192ead567526656068c9e0163abe6ad9bc6ce55c16ff01d28f18

HTTP Headers

GET /sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&pbt=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://img.scupio.com
Connection: keep-alive
Referer: https://img.scupio.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 09 Dec 2022 02:37:08 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://img.scupio.com
server-processing-duration-in-ticks: 1191815
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
10ae015a481b29d89da500c7d98243cf
11c12f0aeda31b6da539b9e6022033e29a124307
d654fa17b63be027de9d2554c7dc0c2d83bd57c8b343734e7f5d9d73bd87d8ee

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5424
Cache-Control: max-age=86413
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 02:37:08 GMT
Etag: "639138b1-1d7"
Expires: Sat, 10 Dec 2022 02:37:21 GMT
Last-Modified: Thu, 08 Dec 2022 01:06:57 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
10ae015a481b29d89da500c7d98243cf
11c12f0aeda31b6da539b9e6022033e29a124307
d654fa17b63be027de9d2554c7dc0c2d83bd57c8b343734e7f5d9d73bd87d8ee

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5351
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 02:37:08 GMT
Last-Modified: Fri, 09 Dec 2022 01:07:57 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471

token.rubiconproject.com/token?pid=36584

213.19.162.80

204 No Content

0 B

URL HTTP/1.1
token.rubiconproject.com/token?pid=36584
IP
213.19.162.80:0
ASN
#26667 RUBICONPROJECT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /token?pid=36584 HTTP/1.1
Host: token.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 1da0c96602e9a1076eae4f5554c05cf3

gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&pbt=1

178.250.2.146

200 OK

22 B

URL HTTP/2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&pbt=1
IP
178.250.2.146:0
ASN
#44788 Criteo SA

File type
JSON data\012- , ASCII text, with no line terminators
Size
22 B (22 bytes)
Hash
91d4898f938e4920ac88f87453b33933
1bd4a04303c2501101656075ad8304e1a84eb91e
93ecc6762eafd376cbe2fd18250fa9f12c90f9a86b481430ef29ec40716d8f35

HTTP Headers

OPTIONS /sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&pbt=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://img.scupio.com/
Origin: https://img.scupio.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 09 Dec 2022 02:37:08 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://img.scupio.com
server-processing-duration-in-ticks: 434491
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2

dmp.brand-display.com/cm/api/rubicon

34.111.151.213

302 Found

121 B

URL HTTP/2
dmp.brand-display.com/cm/api/rubicon
IP
34.111.151.213:0
ASN
#15169 GOOGLE

File type
HTML document, ASCII text
Size
121 B (121 bytes)
Hash
b06bd98690496e2a7004c4f297978b1d
8c163d4230f49d8c6122951e6308891e07a7565c
7a824ffdd49dc12635d97d0e82919d9e3345c7e60976e994c9d681b66f5f6764

HTTP Headers

GET /cm/api/rubicon HTTP/1.1
Host: dmp.brand-display.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx/1.22.1
date: Fri, 09 Dec 2022 02:37:08 GMT
content-type: text/html; charset=utf-8
content-length: 121
access-control-allow-origin: *
cache-control: max-age=3600
location: https://pixel.rubiconproject.com/tap.php?v=538100&nid=5446&put=ed0fc728-606a-18d3-5112c591
p3p: CP='This is not a P3P policy!'
set-cookie: _knxq_=ed0fc728-606a-18d3-5112c591.1670553428.0.1670553428.1670553428; Path=/; Domain=brand-display.com; Max-Age=63072000; Secure; SameSite=None
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D

151.101.66.49

302 Found

0 B

URL HTTP/2
sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
IP
151.101.66.49:0
ASN
#54113 FASTLY

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP/1.1
Host: sync-tm.everesttech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
set-cookie: everest_g_v2=g_surferid~Y5KfVAAAAOG-wwAF; Path=/; Domain=.everesttech.net; Expires=Sat, 09-Dec-2023 02:37:08 GMT; Max-Age=31536000
location: https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=Y5KfVAAAAOG-wwAF
server: Jetty(9.4.35.v20201120)
accept-ranges: bytes
date: Fri, 09 Dec 2022 02:37:08 GMT
via: 1.1 varnish
x-served-by: cache-bma1644-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1670553429.801796,VS0,VE91
cache-control: no-cache
pragma: no-cache
content-length: 0
X-Firefox-Spdy: h2

status.geotrust.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
status.geotrust.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
b3b8e087d93e0b4ffe8ffa7a57021836
d67158af9f6d348ba8545fa2f6356207f772af11
ae6fc19d694b51b480ba9c8ab193e2d508997a5faf46561b1160c5fb0bfd5ff7

HTTP Headers

POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5166
Cache-Control: max-age=129729
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 02:37:08 GMT
Etag: "6391e2e7-1d7"
Expires: Sat, 10 Dec 2022 14:39:17 GMT
Last-Modified: Thu, 08 Dec 2022 13:13:11 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=Y5KfVAAAAOG-wwAF

151.101.66.49

200 OK

85 B

URL HTTP/2
sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=Y5KfVAAAAOG-wwAF
IP
151.101.66.49:0
ASN
#54113 FASTLY

File type
PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Size
85 B (85 bytes)
Hash
5bec6606b8392065f9da9898ca6f7b14
73ac5b01b5e3293fb792179626e7f8369cdb944d
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

HTTP Headers

GET /ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=Y5KfVAAAAOG-wwAF HTTP/1.1
Host: sync-tm.everesttech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://eus.rubiconproject.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/png
server: Jetty(9.4.35.v20201120)
accept-ranges: bytes
date: Fri, 09 Dec 2022 02:37:08 GMT
via: 1.1 varnish
age: 2762
x-served-by: cache-bma1644-BMA
x-cache: HIT
x-cache-hits: 1493
x-timer: S1670553429.940251,VS0,VE0
cache-control: no-cache
pragma: no-cache
content-length: 85
X-Firefox-Spdy: h2

rec.scupio.com/recweb/ggid.aspx?layout=js&google_error=3

210.59.219.175

200 OK

0 B

URL HTTP/1.1
rec.scupio.com/recweb/ggid.aspx?layout=js&google_error=3
IP
210.59.219.175:0
ASN
#3462 Data Communication Business Group

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /recweb/ggid.aspx?layout=js&google_error=3 HTTP/1.1
Host: rec.scupio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://img.scupio.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/javascript
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Fri, 09 Dec 2022 02:37:08 GMT
Content-Length: 0

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
298e2d6f8c909ed8f8a6c59cd4c27c50
04021c46e4d8093afe21332b9c7c4cdf7688ae30
a153b0f75e17367c5bd92d8ca60979c8db9d3a9d4de729b7810923bdcaab5595

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 773
Cache-Control: max-age=88214
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 02:37:09 GMT
Etag: "639151e6-1d7"
Expires: Sat, 10 Dec 2022 03:07:23 GMT
Last-Modified: Thu, 08 Dec 2022 02:54:30 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471

pixel.rubiconproject.com/tap.php?v=538100&nid=5446&put=ed0fc728-606a-18d3-5112c591

213.19.162.80

204 No Content

0 B

URL HTTP/1.1
pixel.rubiconproject.com/tap.php?v=538100&nid=5446&put=ed0fc728-606a-18d3-5112c591
IP
213.19.162.80:0
ASN
#26667 RUBICONPROJECT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tap.php?v=538100&nid=5446&put=ed0fc728-606a-18d3-5112c591 HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://eus.rubiconproject.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 1da0c96602e9a1076eae4f5554c05cf3
Content-Type: image/gif

ocsp.sca1b.amazontrust.com/

143.204.42.156

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.156:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
d036ef9979a230bde50c1f5780928e16
ecd54b1da8b36f1186ca6247aebbf6a4bbed9722
d6d744daf5be3e512df701479f6c5ffa320100d1597e35357a4a939d79edc7a7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=118858
Date: Fri, 09 Dec 2022 02:37:09 GMT
Etag: "6391b75c-1d7"
Expires: Sat, 10 Dec 2022 11:38:07 GMT
Last-Modified: Thu, 08 Dec 2022 10:07:24 GMT
Server: ECS (bsa/EB14)
X-Cache: Miss from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: AcFG1xzh_4KPjcWRvp-7pK_1uN7uJdnIfLxfpq_vGKN7jiU15NkGnA==
Age: 5443

rbp.mxptint.net/sn.ashx

4.78.226.234

302 Found

226 B

URL HTTP/1.1
rbp.mxptint.net/sn.ashx
IP
4.78.226.234:0
ASN
#3356 LEVEL3

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
226 B (226 bytes)
Hash
10afac283033ea97daf5ee53002bd875
9b82fb1ac20d70754dcdd1d1536b791326da61b2
a13dc5725214466172e0c28fcebcf61b463ffceb7aa3579eef4678e9c08901eb

HTTP Headers

GET /sn.ashx HTTP/1.1
Host: rbp.mxptint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: https://pixel.rubiconproject.com/tap.php?v=14321&nid=2313&put=R1B332_FA9A7EAE_949A8E30&expires=60
P3P: CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE", CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE"
Set-Cookie: mxpim=R1B332_FA9A7EAE_949A8E30.1.000000000000000000000000000000000000000000000000000000000000000000000000000000000000000063929F55; domain=mxptint.net; expires=Mon, 09-Dec-2024 02:37:09 GMT; path=/; secure; SameSite=None
Date: Fri, 09 Dec 2022 02:37:08 GMT
Content-Length: 226
Strict-Transport-Security: max-age=-353540229; includeSubDomains

pixel.rubiconproject.com/tap.php?v=14321&nid=2313&put=R1B332_FA9A7EAE_949A8E30&expires=60

213.19.162.80

204 No Content

0 B

URL HTTP/1.1
pixel.rubiconproject.com/tap.php?v=14321&nid=2313&put=R1B332_FA9A7EAE_949A8E30&expires=60
IP
213.19.162.80:0
ASN
#26667 RUBICONPROJECT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tap.php?v=14321&nid=2313&put=R1B332_FA9A7EAE_949A8E30&expires=60 HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://eus.rubiconproject.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 1da0c96602e9a1076eae4f5554c05cf3
Content-Type: image/gif

sync.extend.tv/r.gif?exchange=rubicon

18.210.31.97

302 Found

130 B

URL HTTP/1.1
sync.extend.tv/r.gif?exchange=rubicon
IP
18.210.31.97:0
ASN
#14618 AMAZON-AES

File type
HTML document, ASCII text
Size
130 B (130 bytes)
Hash
cd949a635efdc526afb6864b9449bfca
45cefcc0ca64f10b001cab1b499ebffd9f556644
55b99b5043b83093275fea213224b50db066414e45b20ab334c5a71b717ef222

HTTP Headers

GET /r.gif?exchange=rubicon HTTP/1.1
Host: sync.extend.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Content-Type: text/html; charset=utf-8
Date: Fri, 09 Dec 2022 02:37:09 GMT
Expires: Tue, 29 May 1984 15:00:00 GMT
Location: https://pixel.rubiconproject.com/tap.php?v=114806&nid=3840&put=77aa125f-7956-4082-a871-086c9fce2a47
Pragma: no-cache
Set-Cookie: extendtv_user_id=77aa125f-7956-4082-a871-086c9fce2a47; Path=/; Domain=extend.tv; Expires=Sun, 08 Dec 2024 02:37:09 GMT
Content-Length: 130
Connection: keep-alive

rec.scupio.com/recweb/ggid.aspx?layout=js&google_error=3

210.59.219.175

200 OK

0 B

URL HTTP/1.1
rec.scupio.com/recweb/ggid.aspx?layout=js&google_error=3
IP
210.59.219.175:0
ASN
#3462 Data Communication Business Group

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /recweb/ggid.aspx?layout=js&google_error=3 HTTP/1.1
Host: rec.scupio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://img.scupio.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/javascript
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Fri, 09 Dec 2022 02:37:08 GMT
Content-Length: 0

pixel.rubiconproject.com/tap.php?v=114806&nid=3840&put=77aa125f-7956-4082-a871-086c9fce2a47

213.19.162.80

204 No Content

0 B

URL HTTP/1.1
pixel.rubiconproject.com/tap.php?v=114806&nid=3840&put=77aa125f-7956-4082-a871-086c9fce2a47
IP
213.19.162.80:0
ASN
#26667 RUBICONPROJECT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tap.php?v=114806&nid=3840&put=77aa125f-7956-4082-a871-086c9fce2a47 HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://eus.rubiconproject.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 1da0c96602e9a1076eae4f5554c05cf3
Content-Type: image/gif

pixel-apac.rubiconproject.com/exchange/sync.php?p=xapi-bridgewell

69.173.158.64

204 No Content

0 B

URL HTTP/1.1
pixel-apac.rubiconproject.com/exchange/sync.php?p=xapi-bridgewell
IP
69.173.158.64:0
ASN
#26667 RUBICONPROJECT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /exchange/sync.php?p=xapi-bridgewell HTTP/1.1
Host: pixel-apac.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: beb52df1a5a4b2f2cb3f37642c514298
Content-Type: image/gif

fcm.holmesmind.com/cm.php

34.95.67.231

502 Bad Gateway

332 B

URL HTTP/2
fcm.holmesmind.com/cm.php
IP
34.95.67.231:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
332 B (332 bytes)
Hash
47151679e6193060d77a7d92cbe4658c
39f7d591e7b410617149e5275de9cbfef57ebe1f
8128514a9917b6dcdf20f7ee24d6b00a27b2a6aa0f971acb988f358f25ac4005

HTTP Headers

GET /cm.php HTTP/1.1
Host: fcm.holmesmind.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.holmesmind.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site

HTTP/2 502 Bad Gateway
content-type: text/html; charset=UTF-8
referrer-policy: no-referrer
content-length: 332
date: Fri, 09 Dec 2022 02:37:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ag.gbc.criteo.com/newidsd

185.235.84.165

200 OK

39 B

URL HTTP/2
ag.gbc.criteo.com/newidsd
IP
185.235.84.165:0
ASN
#44788 Criteo SA

File type
JSON data\012- , ASCII text, with no line terminators
Size
39 B (39 bytes)
Hash
ab7912be06d485d233c8f8431468e293
faaba746b23e7300ff50c8ae6537ae302022ec60
625c3d707b100aa5993b73167f25030d3eb6d625d0368984fb374c9ef6107b8d

HTTP Headers

GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Fri, 09 Dec 2022 02:37:09 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 138016
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2

gem.gbc.criteo.com/newidsd

185.235.84.148

200 OK

8.4 kB

URL HTTP/2
gem.gbc.criteo.com/newidsd
IP
185.235.84.148:0
ASN
#44788 Criteo SA

File type
data
Size
8.4 kB (8371 bytes)
Hash
4536ee2c508ae0cadc801e80179aee80
ffae0373655d21fe79a605e521af1fff5f832cbc
8e1356d857a1e967e1fb0710335126f7f5a3c22e3e0b2d38f1aeadf66091d5dc

HTTP Headers

GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Fri, 09 Dec 2022 02:37:09 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 114960
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2

gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc

178.250.2.146

200 OK

0 B

URL HTTP/2
gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
IP
178.250.2.146:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /syncframe?origin=publishertag&topUrl=reurl.cc HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://img.scupio.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 09 Dec 2022 02:37:06 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: optout=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; domain=.criteo.com; path=/
uid=6c32b781-2a24-45fa-ac13-4bab58e8ba23; expires=Wed, 03 Jan 2024 02:37:06 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 467631
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2

ad.holmesmind.com/adserver/ads.js?z=13847&rf=https%3A%2F%2Freurl.cc%2FgvjOLp&n=834&o=1&d=1&b=3&ts=1&ii=3&FPCK=5164-YoXNeE2gwGQzQDgedRhnlkXKM1g0BRpS&initver=210830P

35.75.34.66

200 OK

0 B

URL HTTP/2
ad.holmesmind.com/adserver/ads.js?z=13847&rf=https%3A%2F%2Freurl.cc%2FgvjOLp&n=834&o=1&d=1&b=3&ts=1&ii=3&FPCK=5164-YoXNeE2gwGQzQDgedRhnlkXKM1g0BRpS&initver=210830P
IP
35.75.34.66:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /adserver/ads.js?z=13847&rf=https%3A%2F%2Freurl.cc%2FgvjOLp&n=834&o=1&d=1&b=3&ts=1&ii=3&FPCK=5164-YoXNeE2gwGQzQDgedRhnlkXKM1g0BRpS&initver=210830P HTTP/1.1
Host: ad.holmesmind.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reurl.cc/
Cookie: test_cookie=CheckForPermission
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 09 Dec 2022 02:37:04 GMT
content-type: text/html; charset=UTF-8
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-origin: https://reurl.cc
content-encoding: gzip
X-Firefox-Spdy: h2

ad.holmesmind.com/adserver/i?ut=1670553424&p=13856:64025:138987:13504c21400313e560e126bb8f27151b:14355

35.75.34.66

200 OK

0 B

URL HTTP/2
ad.holmesmind.com/adserver/i?ut=1670553424&p=13856:64025:138987:13504c21400313e560e126bb8f27151b:14355
IP
35.75.34.66:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /adserver/i?ut=1670553424&p=13856:64025:138987:13504c21400313e560e126bb8f27151b:14355 HTTP/1.1
Host: ad.holmesmind.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reurl.cc/
Cookie: P=667963-wz4aGs31AAUOwm1UOB7AQTvh9MrI7en4; Vision=20221209-23:59,20221209-13,20221209-13,20221209-23:59; C=null; RK=null
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 09 Dec 2022 02:37:05 GMT
content-type: image/png
server: nginx/1.14.0 (Ubuntu)
X-Firefox-Spdy: h2

ad.holmesmind.com/adserver/i?ut=1670553425&p=13534:64025:138987:b51e51974a7fafe7da83634643d23ea8:14355

35.75.34.66

200 OK

0 B

URL HTTP/2
ad.holmesmind.com/adserver/i?ut=1670553425&p=13534:64025:138987:b51e51974a7fafe7da83634643d23ea8:14355
IP
35.75.34.66:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /adserver/i?ut=1670553425&p=13534:64025:138987:b51e51974a7fafe7da83634643d23ea8:14355 HTTP/1.1
Host: ad.holmesmind.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://img.scupio.com/
Cookie: P=667963-wz4aGs31AAUOwm1UOB7AQTvh9MrI7en4; Vision=20221209-23:59,20221209-13,20221209-13,20221209-23:59; C=null; RK=null
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 09 Dec 2022 02:37:05 GMT
content-type: image/png
server: nginx/1.14.0 (Ubuntu)
X-Firefox-Spdy: h2

ad.holmesmind.com/adserver/av?p=13856:64025:138987:13504c21400313e560e126bb8f27151b:14355&type=1

35.75.34.66

200 OK

0 B

URL HTTP/2
ad.holmesmind.com/adserver/av?p=13856:64025:138987:13504c21400313e560e126bb8f27151b:14355&type=1
IP
35.75.34.66:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /adserver/av?p=13856:64025:138987:13504c21400313e560e126bb8f27151b:14355&type=1 HTTP/1.1
Host: ad.holmesmind.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reurl.cc/
Cookie: P=667963-wz4aGs31AAUOwm1UOB7AQTvh9MrI7en4; Vision=20221209-23:59,20221209-13,20221209-13,20221209-23:59; C=null; RK=null
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 09 Dec 2022 02:37:05 GMT
content-type: text/html; charset=UTF-8
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

ad.holmesmind.com/adserver/ads.js?z=14209&rf=https%3A%2F%2Freurl.cc%2FgvjOLp&n=469&o=1&d=1&b=3&ts=1&ii=3&FPCK=5164-YoXNeE2gwGQzQDgedRhnlkXKM1g0BRpS&initver=210830P

35.75.34.66

200 OK

0 B

URL HTTP/2
ad.holmesmind.com/adserver/ads.js?z=14209&rf=https%3A%2F%2Freurl.cc%2FgvjOLp&n=469&o=1&d=1&b=3&ts=1&ii=3&FPCK=5164-YoXNeE2gwGQzQDgedRhnlkXKM1g0BRpS&initver=210830P
IP
35.75.34.66:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /adserver/ads.js?z=14209&rf=https%3A%2F%2Freurl.cc%2FgvjOLp&n=469&o=1&d=1&b=3&ts=1&ii=3&FPCK=5164-YoXNeE2gwGQzQDgedRhnlkXKM1g0BRpS&initver=210830P HTTP/1.1
Host: ad.holmesmind.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reurl.cc/
Cookie: test_cookie=CheckForPermission
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 09 Dec 2022 02:37:04 GMT
content-type: text/html; charset=UTF-8
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-origin: https://reurl.cc
content-encoding: gzip
X-Firefox-Spdy: h2

ad.holmesmind.com/adserver/av?p=13856:64025:138987:13504c21400313e560e126bb8f27151b:14355&type=1

35.75.34.66

200 OK

0 B

URL HTTP/2
ad.holmesmind.com/adserver/av?p=13856:64025:138987:13504c21400313e560e126bb8f27151b:14355&type=1
IP
35.75.34.66:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /adserver/av?p=13856:64025:138987:13504c21400313e560e126bb8f27151b:14355&type=1 HTTP/1.1
Host: ad.holmesmind.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reurl.cc/
Cookie: P=667963-wz4aGs31AAUOwm1UOB7AQTvh9MrI7en4; Vision=20221209-23:59,20221209-13,20221209-13,20221209-23:59; C=null; RK=null
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 09 Dec 2022 02:37:07 GMT
content-type: text/html; charset=UTF-8
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

dnacdn.net/dna

178.250.2.146

200 OK

0 B

URL HTTP/2
dnacdn.net/dna
IP
178.250.2.146:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=2d2tZF80M0RITmhlJTJCZkMwOUJGQlhaMUN2czElMkZjWXF4c3BuVFIyNTRaNkNBeWZrSzZxN1dzNHZ0Y2M2V2s0eVBYJTJGbzc1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 09 Dec 2022 02:37:07 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=nh6mJV80M0RITmhlJTJCZkMwOUJGQlhaMUN2czElMkZjWXF4c3BuVFIyNTRaNkNBeWZrSWt6QkVmcExFbWd0SVdXdzNBTjl5cQ; expires=Wed, 03 Jan 2024 02:37:08 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 258749
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2

gem.gbc.criteo.com/newidsd

185.235.84.148

200 OK

0 B

URL HTTP/2
gem.gbc.criteo.com/newidsd
IP
185.235.84.148:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Fri, 09 Dec 2022 02:37:09 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 179862
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2

reurl.cc/gvjOLp

35.185.130.121

200 OK

0 B

URL HTTP/2
reurl.cc/gvjOLp
IP
35.185.130.121:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	PayPal Inc.

HTTP Headers

GET /gvjOLp HTTP/1.1
Host: reurl.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 09 Dec 2022 02:37:02 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
target: https://cya.nz/4Fgg
content-encoding: gzip
X-Firefox-Spdy: h2

ag.gbc.criteo.com/newidsd

185.235.84.165

200 OK

0 B

URL HTTP/2
ag.gbc.criteo.com/newidsd
IP
185.235.84.165:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Fri, 09 Dec 2022 02:37:07 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 110257
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2

static.criteo.net/js/ld/publishertag.prebid.js

178.250.2.130

200 OK

0 B

URL HTTP/2
static.criteo.net/js/ld/publishertag.prebid.js
IP
178.250.2.130:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js/ld/publishertag.prebid.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://img.scupio.com
Connection: keep-alive
Referer: https://img.scupio.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 02:37:06 GMT
content-type: text/javascript
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
etag: W/"6356752f-16294"
expires: Sat, 10 Dec 2022 02:37:06 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2

img.scupio.com/js/prebid.js?v=5.20.0

143.204.55.37

200 OK

0 B

URL HTTP/2
img.scupio.com/js/prebid.js?v=5.20.0
IP
143.204.55.37:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js/prebid.js?v=5.20.0 HTTP/1.1
Host: img.scupio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://img.scupio.com/html/ad.html?v=1.0.65
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
server: nginx/1.12.1
last-modified: Tue, 28 Jun 2022 05:54:43 GMT
content-encoding: gzip
date: Fri, 09 Dec 2022 02:36:07 GMT
expires: Sun, 08 Jan 2023 02:35:41 GMT
cache-control: max-age=2592000
etag: W/"62ba97a3-3b047"
x-cache: Hit from cloudfront
via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: i74-8HNSEYtKb-BO4jiZj2T_Aa9kJu51PjzWBCllYx8l-uFS03ga4A==
age: 83
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2

dnacdn.net/dna

178.250.2.146

200 OK

0 B

URL HTTP/2
dnacdn.net/dna
IP
178.250.2.146:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=nh6mJV80M0RITmhlJTJCZkMwOUJGQlhaMUN2czElMkZjWXF4c3BuVFIyNTRaNkNBeWZrSWt6QkVmcExFbWd0SVdXdzNBTjl5cQ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 09 Dec 2022 02:37:09 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=_hVKrV80M0RITmhlJTJCZkMwOUJGQlhaMUN2czElMkZjWXF4c3BuVFIyNTRaNkNBeWZrSW9nRzFNc2cxMlkyTnNReENOYUR5Rg; expires=Wed, 03 Jan 2024 02:37:09 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 297426
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2

t.ssp.hinet.net/cm?c=a546ca&cid=%%%20Partner%20Cookie%20Here%20%%&mp=6bb7d3cf-e931-4d7d-a9c9-0234a48f315e

203.75.214.136

200 OK

0 B

URL HTTP/2
t.ssp.hinet.net/cm?c=a546ca&cid=%%%20Partner%20Cookie%20Here%20%%&mp=6bb7d3cf-e931-4d7d-a9c9-0234a48f315e
IP
203.75.214.136:0
ASN
#3462 Data Communication Business Group

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /cm?c=a546ca&cid=%%%20Partner%20Cookie%20Here%20%%&mp=6bb7d3cf-e931-4d7d-a9c9-0234a48f315e HTTP/1.1
Host: t.ssp.hinet.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://reurl.cc
Connection: keep-alive
Referer: https://reurl.cc/
Cookie: uuid=c1298d8d-7f19-4f3c-b735-cc5c7baf0a7a
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: image/png
cache-control: no-cache, private
date: Fri, 09 Dec 2022 02:37:05 GMT
access-control-allow-origin: https://reurl.cc
vary: Origin
access-control-allow-credentials: true
strict-transport-security: max-age=0
X-Firefox-Spdy: h2

ad.holmesmind.com/adserver/prebid.json?cb=1670553423527&hb=1&ver=1.21

35.75.34.66

200 OK

0 B

URL HTTP/2
ad.holmesmind.com/adserver/prebid.json?cb=1670553423527&hb=1&ver=1.21
IP
35.75.34.66:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /adserver/prebid.json?cb=1670553423527&hb=1&ver=1.21 HTTP/1.1
Host: ad.holmesmind.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 40
Origin: https://img.scupio.com
Connection: keep-alive
Referer: https://img.scupio.com/
Cookie: P=667963-wz4aGs31AAUOwm1UOB7AQTvh9MrI7en4; Vision=20221209-23:59,20221209-13,20221209-13,20221209-23:59; C=null; RK=null
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 09 Dec 2022 02:37:04 GMT
content-type: text/html; charset=UTF-8
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-origin: https://img.scupio.com
content-encoding: gzip
X-Firefox-Spdy: h2

gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&pbt=1

178.250.2.146

200 OK

0 B

URL HTTP/2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&pbt=1
IP
178.250.2.146:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&pbt=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://img.scupio.com
Connection: keep-alive
Referer: https://img.scupio.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 09 Dec 2022 02:37:08 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://img.scupio.com
server-processing-duration-in-ticks: 905920
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2

gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=FirefoxSyncframe&so=0&topUrl=reurl.cc&info=_hVKrV80M0RITmhlJTJCZkMwOUJGQlhaMUN2czElMkZjWXF4c3BuVFIyNTRaNkNBeWZrSW9nRzFNc2cxMlkyTnNReENOYUR5Rg&idsd=1590629402,802081309&cw=1&lsw=1

178.250.2.146

200 OK

0 B

URL HTTP/2
gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=FirefoxSyncframe&so=0&topUrl=reurl.cc&info=_hVKrV80M0RITmhlJTJCZkMwOUJGQlhaMUN2czElMkZjWXF4c3BuVFIyNTRaNkNBeWZrSW9nRzFNc2cxMlkyTnNReENOYUR5Rg&idsd=1590629402,802081309&cw=1&lsw=1
IP
178.250.2.146:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sid/json?origin=publishertag&domain=reurl.cc&sn=FirefoxSyncframe&so=0&topUrl=reurl.cc&info=_hVKrV80M0RITmhlJTJCZkMwOUJGQlhaMUN2czElMkZjWXF4c3BuVFIyNTRaNkNBeWZrSW9nRzFNc2cxMlkyTnNReENOYUR5Rg&idsd=1590629402,802081309&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 09 Dec 2022 02:37:09 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 929898
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2

ag.gbc.criteo.com/newidsd

185.235.84.165

200 OK

0 B

URL HTTP/2
ag.gbc.criteo.com/newidsd
IP
185.235.84.165:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Fri, 09 Dec 2022 02:37:09 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 140929
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2

t.ssp.hinet.net/

203.75.214.136

200 OK

0 B

URL HTTP/2
t.ssp.hinet.net/
IP
203.75.214.136:0
ASN
#3462 Data Communication Business Group

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET / HTTP/1.1
Host: t.ssp.hinet.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://reurl.cc
Connection: keep-alive
Referer: https://reurl.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
date: Fri, 09 Dec 2022 02:37:04 GMT
access-control-allow-origin: https://reurl.cc
vary: Accept-Encoding, Origin
access-control-allow-credentials: true
set-cookie: uuid=be5fa613-6ab6-4274-a9f8-e2b344ad069b; expires=Sun, 08-Dec-2024 02:37:04 GMT; Max-Age=63072000; path=/; domain=hinet.net; secure; samesite=none
strict-transport-security: max-age=0
content-encoding: gzip
X-Firefox-Spdy: h2

img.scupio.com/js/adsbyscupio.js?v=1.0.2

143.204.55.37

200 OK

0 B

URL HTTP/2
img.scupio.com/js/adsbyscupio.js?v=1.0.2
IP
143.204.55.37:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js/adsbyscupio.js?v=1.0.2 HTTP/1.1
Host: img.scupio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://img.scupio.com/html/ad.html?v=1.0.65
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
server: nginx/1.12.1
last-modified: Mon, 19 Apr 2021 03:30:31 GMT
content-encoding: gzip
date: Fri, 09 Dec 2022 02:37:06 GMT
expires: Fri, 09 Dec 2022 05:37:01 GMT
cache-control: max-age=10800
etag: W/"607cf957-11ab"
x-cache: Hit from cloudfront
via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: tdQleqdLd5f-oh5tHj7g9oHaVHnm2U5J5mCWeyZfBBr8n3nCacL1CA==
age: 5
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2

img.scupio.com/html/ad.html?v=1.0.65

143.204.55.37

200 OK

0 B

URL HTTP/2
img.scupio.com/html/ad.html?v=1.0.65
IP
143.204.55.37:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /html/ad.html?v=1.0.65 HTTP/1.1
Host: img.scupio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: text/html; charset=utf-8
server: nginx/1.12.1
last-modified: Thu, 18 Aug 2022 08:25:22 GMT
content-encoding: gzip
date: Fri, 09 Dec 2022 01:54:41 GMT
expires: Sun, 08 Jan 2023 01:53:08 GMT
cache-control: max-age=2592000
etag: W/"62fdf772-14d93"
x-cache: Hit from cloudfront
via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Bum0ESugvsBvj9mlKQe7QuK5hkueYqbrX_o8MnbTEnrug8tSTaj63g==
age: 2635
vary: Origin
X-Firefox-Spdy: h2

static.criteo.net/js/ld/publishertag.prebid.js

178.250.2.130

200 OK

0 B

URL HTTP/2
static.criteo.net/js/ld/publishertag.prebid.js
IP
178.250.2.130:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js/ld/publishertag.prebid.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://img.scupio.com
Connection: keep-alive
Referer: https://img.scupio.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 02:37:06 GMT
content-type: text/javascript
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
etag: W/"6356752f-16294"
expires: Sat, 10 Dec 2022 02:37:06 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2

cdn.holmesmind.com/js/appierV2.js

54.230.111.38

200 OK

0 B

URL HTTP/2
cdn.holmesmind.com/js/appierV2.js
IP
54.230.111.38:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js/appierV2.js HTTP/1.1
Host: cdn.holmesmind.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reurl.cc/
Cookie: test_cookie=CheckForPermission
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 3177
last-modified: Thu, 11 Mar 2021 07:54:26 GMT
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Fri, 09 Dec 2022 02:37:03 GMT
etag: "548ed610a8571343fb3022f543174735"
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: LtwxzS_Wmn4puGoVKJydS0DzfnyA4ADfGWDLr05vQA4szwPSM9N5ew==
age: 42
X-Firefox-Spdy: h2

gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=FirefoxSyncframe&so=0&topUrl=reurl.cc&info=nh6mJV80M0RITmhlJTJCZkMwOUJGQlhaMUN2czElMkZjWXF4c3BuVFIyNTRaNkNBeWZrSWt6QkVmcExFbWd0SVdXdzNBTjl5cQ&idsd=1590629402,802081309

178.250.2.146

200 OK

0 B

URL HTTP/2
gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=FirefoxSyncframe&so=0&topUrl=reurl.cc&info=nh6mJV80M0RITmhlJTJCZkMwOUJGQlhaMUN2czElMkZjWXF4c3BuVFIyNTRaNkNBeWZrSWt6QkVmcExFbWd0SVdXdzNBTjl5cQ&idsd=1590629402,802081309
IP
178.250.2.146:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sid/json?origin=publishertag&domain=img.scupio.com&sn=FirefoxSyncframe&so=0&topUrl=reurl.cc&info=nh6mJV80M0RITmhlJTJCZkMwOUJGQlhaMUN2czElMkZjWXF4c3BuVFIyNTRaNkNBeWZrSWt6QkVmcExFbWd0SVdXdzNBTjl5cQ&idsd=1590629402,802081309 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 09 Dec 2022 02:37:08 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 919628
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2

static.criteo.net/js/ld/publishertag.prebid.117.js

178.250.2.130

200 OK

0 B

URL HTTP/2
static.criteo.net/js/ld/publishertag.prebid.117.js
IP
178.250.2.130:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js/ld/publishertag.prebid.117.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://img.scupio.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 02:37:06 GMT
content-type: text/javascript
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
etag: W/"61cc54f6-15c19"
expires: Sat, 10 Dec 2022 02:37:06 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2

reurl.cc/javascripts/renews.js

35.185.130.121

200 OK

0 B

URL HTTP/2
reurl.cc/javascripts/renews.js
IP
35.185.130.121:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /javascripts/renews.js HTTP/1.1
Host: reurl.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reurl.cc/gvjOLp
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 09 Dec 2022 02:37:03 GMT
content-type: application/javascript
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
vary: Accept-Encoding
etag: W/"63356adf-19c"
expires: Sat, 09 Dec 2023 02:37:03 GMT
cache-control: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

static.criteo.net/js/ld/publishertag.js

178.250.2.130

200 OK

0 B

URL HTTP/2
static.criteo.net/js/ld/publishertag.js
IP
178.250.2.130:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js/ld/publishertag.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reurl.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 02:37:06 GMT
content-type: text/javascript
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
etag: W/"6356752f-1e444"
expires: Sat, 10 Dec 2022 02:37:06 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (266)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations