www.refa.net Open in urlscan Pro
18.179.98.218 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.refa.net/
Effective URL:
https://www.refa.net/
Submission: On April 25 via api (April 25th 2025, 9:20:56 am UTC) from JP — Scanned from JP

Summary HTTP 274 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 83 IPs in 12 countries across 57 domains to perform 274 HTTP transactions. The main IP is 18.179.98.218, located in Tokyo, Japan and belongs to AMAZON-02, US. The main domain is www.refa.net.
TLS certificate: Issued by Amazon RSA 2048 M03 on June 5th 2024. Valid for: a year.

This is the only time www.refa.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
78	18.179.98.218 18.179.98.218	16509 (AMAZON-02) (AMAZON-02)
2	2404:6800:400... 2404:6800:4004:820::200a	15169 (GOOGLE) (GOOGLE)
3	142.251.42.195 142.251.42.195	15169 (GOOGLE) (GOOGLE)
6	2404:6800:400... 2404:6800:4004:821::2008	15169 (GOOGLE) (GOOGLE)
4	124.83.184.124 124.83.184.124	24572 (YAHOO-JP-...) (YAHOO-JP-AS-AP Yahoo Japan)
8	216.58.220.100 216.58.220.100	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4004:828::200e	15169 (GOOGLE) (GOOGLE)
1	2406:2600:4::2e 2406:2600:4::2e	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
2	23.42.117.131 23.42.117.131	16625 (AKAMAI-AS) (AKAMAI-AS)
3	18.172.30.90 18.172.30.90	16509 (AMAZON-02) (AMAZON-02)
1	142.251.222.2 142.251.222.2	15169 (GOOGLE) (GOOGLE)
1	138.113.138.164 138.113.138.164	54994 (ML-1432-5...) (ML-1432-54994)
1	2600:9000:282... 2600:9000:2828:4200:1e:513c:d3c0:93a1	16509 (AMAZON-02) (AMAZON-02)
4	157.240.31.5 157.240.31.5	32934 (FACEBOOK) (FACEBOOK)
1	199.232.148.157 199.232.148.157	54113 (FASTLY) (FASTLY)
1	23.192.193.157 23.192.193.157	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
14	2600:9000:26e... 2600:9000:26ef:2a00:7:2bfb:7c00:93a1	16509 (AMAZON-02) (AMAZON-02)
2 3	2406:2600:4::b 2406:2600:4::b	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	202.232.238.39 202.232.238.39	2497 (IIJ Inter...) (IIJ Internet Initiative Japan Inc.)
1	182.161.74.11 182.161.74.11	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1 2	18.177.234.21 18.177.234.21	16509 (AMAZON-02) (AMAZON-02)
7	142.250.207.2 142.250.207.2	15169 (GOOGLE) (GOOGLE)
1	147.92.191.92 147.92.191.92	38631 (LINE LINE...) (LINE LINE Corporation)
3	202.239.3.249 202.239.3.249	23816 (YAHOO Yah...) (YAHOO Yahoo Japan Corporation)
10	157.240.31.35 157.240.31.35	32934 (FACEBOOK) (FACEBOOK)
1	162.159.140.229 162.159.140.229	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.66.0.227 172.66.0.227	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	142.251.42.200 142.251.42.200	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:38::181	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4008:c15::9c	15169 (GOOGLE) (GOOGLE)
8	172.217.31.163 172.217.31.163	15169 (GOOGLE) (GOOGLE)
3	2404:6800:400... 2404:6800:4004:80f::2002	15169 (GOOGLE) (GOOGLE)
5	182.22.30.204 182.22.30.204	23816 (YAHOO Yah...) (YAHOO Yahoo Japan Corporation)
1	3.164.121.106 3.164.121.106	16509 (AMAZON-02) (AMAZON-02)
3	182.161.74.16 182.161.74.16	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1 6	2620:1ec:33:1... 2620:1ec:33:1::10	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2600:140b:1a0... 2600:140b:1a00:23::173f:e91f	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
7 12	142.251.42.162 142.251.42.162	15169 (GOOGLE) (GOOGLE)
1	54.250.66.208 54.250.66.208	16509 (AMAZON-02) (AMAZON-02)
1 4	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	207.65.34.80 207.65.34.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 3	103.43.90.178 103.43.90.178	29990 (ASN-APPNEX) (ASN-APPNEX)
1	202.233.84.8 202.233.84.8	131957 (MICROAD M...) (MICROAD MicroAd)
1	3.113.227.140 3.113.227.140	16509 (AMAZON-02) (AMAZON-02)
3 5	35.213.7.90 35.213.7.90	19527 (GOOGLE-2) (GOOGLE-2)
2 2	35.213.17.49 35.213.17.49	19527 (GOOGLE-2) (GOOGLE-2)
1	107.178.248.96 107.178.248.96	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 4	69.173.158.64 69.173.158.64	26667 (RUBICONPR...) (RUBICONPROJECT)
1	124.146.153.165 124.146.153.165	2514 (INFOSPHER...) (INFOSPHERE NTT PC Communications)
1	13.114.11.148 13.114.11.148	16509 (AMAZON-02) (AMAZON-02)
2	141.226.231.48 141.226.231.48	200478 (TABOOLA-A...) (TABOOLA-AS Taboola.com ltd)
1	52.196.43.105 52.196.43.105	16509 (AMAZON-02) (AMAZON-02)
1	203.137.133.154 203.137.133.154	4694 (IDCF IDC ...) (IDCF IDC Frontier Inc.)
2	172.188.170.32 172.188.170.32	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	35.201.98.24 35.201.98.24	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	119.63.198.176 119.63.198.176	38627 (BAIDUJP B...) (BAIDUJP Baidu)
1	18.172.52.72 18.172.52.72	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f10:4ce... 2600:1f10:4ce4:4a02:8a21:b52c:f946:1a6c	14618 (AMAZON-AES) (AMAZON-AES)
4 4	142.251.222.38 142.251.222.38	15169 (GOOGLE) (GOOGLE)
4	142.250.196.98 142.250.196.98	15169 (GOOGLE) (GOOGLE)
1 2	142.250.207.6 142.250.207.6	15169 (GOOGLE) (GOOGLE)
1 4	2600:1901:0:d... 2600:1901:0:d706::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2600:140b:6c0... 2600:140b:6c00:48::1735:344	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
2	34.49.1.209 34.49.1.209	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2620:1ec:bdf::46 2620:1ec:bdf::46	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5 8	52.194.129.118 52.194.129.118	16509 (AMAZON-02) (AMAZON-02)
2	3.165.18.96 3.165.18.96	16509 (AMAZON-02) (AMAZON-02)
1	2600:1901:0:2... 2600:1901:0:2dbc::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	172.175.38.6 172.175.38.6	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	3.114.66.39 3.114.66.39	16509 (AMAZON-02) (AMAZON-02)
2	124.146.153.167 124.146.153.167	2514 (INFOSPHER...) (INFOSPHERE NTT PC Communications)
1 3	104.18.27.193 104.18.27.193	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	142.250.199.102 142.250.199.102	15169 (GOOGLE) (GOOGLE)
1 2	103.43.90.21 103.43.90.21	29990 (ASN-APPNEX) (ASN-APPNEX)
1	18.172.52.116 18.172.52.116	16509 (AMAZON-02) (AMAZON-02)
1	35.244.154.8 35.244.154.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	23.222.96.30 23.222.96.30	16625 (AKAMAI-AS) (AKAMAI-AS)
1	35.78.131.249 35.78.131.249	16509 (AMAZON-02) (AMAZON-02)
1	23.106.50.39 23.106.50.39	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD.)
1	23.48.117.105 23.48.117.105	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:140b:1c0... 2600:140b:1c00:38::1732:76b3	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
1 2	35.71.178.8 35.71.178.8	16509 (AMAZON-02) (AMAZON-02)
1	74.118.186.107 74.118.186.107	6336 (TURN-US-ASN) (TURN-US-ASN)
1 2	52.231.230.148 52.231.230.148	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 5	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
3	202.232.238.37 202.232.238.37	2497 (IIJ Inter...) (IIJ Internet Initiative Japan Inc.)
1 1	54.168.99.99 54.168.99.99	16509 (AMAZON-02) (AMAZON-02)
274	83

78 18.179.98.218 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com

www.refa.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:820::200a (Australia)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.42.195 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s47-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2404:6800:4004:821::2008 (Australia)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 124.83.184.124 (Japan)

ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP)

s.yjtag.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.yimg.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b92.yahoo.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 216.58.220.100 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s30-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:828::200e (Australia)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2406:2600:4::2e (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.42.117.131 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-42-117-131.deploy.static.akamaitechnologies.com

js.fout.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.172.30.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-30-90.nrt20.r.cloudfront.net

cd.ladsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.222.2 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s71-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.113.138.164 (Canada)

ASN54994 (ML-1432-54994, CA)

d-cache.microad.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2828:4200:1e:513c:d3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

taj1.ebis.ne.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 157.240.31.5 (Tokyo, Japan)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-nrt1.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.148.157 (Amsterdam, Netherlands)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.192.193.157 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a23-192-193-157.deploy.static.akamaitechnologies.com

d.line-scdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2600:9000:26ef:2a00:7:2bfb:7c00:93a1 (United States)

ASN16509 (AMAZON-02, US)

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2406:2600:4::b (Japan) 2 redirects

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 202.232.238.39 (Nishikichō, Japan)

ASN2497 (IIJ Internet Initiative Japan Inc., JP)

cnt.fout.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.161.74.11 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.177.234.21 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-177-234-21.ap-northeast-1.compute.amazonaws.com

px.ladsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.207.2 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s54-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.92.191.92 (Japan)

ASN38631 (LINE LINE Corporation, JP)

tr.line.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 202.239.3.249 (Japan)

ASN23816 (YAHOO Yahoo Japan Corporation, JP)

am.yahoo.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
apm.yahoo.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 157.240.31.35 (Tokyo, Japan)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-nrt1.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.159.140.229 (None, )

ASN13335 (CLOUDFLARENET, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.66.0.227 (United States)

ASN13335 (CLOUDFLARENET, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.251.42.200 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s47-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:38::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4008:c15::9c (Taipei, Taiwan)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.217.31.163 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s22-in-f3.1e100.net

www.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:80f::2002 (Australia)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 182.22.30.204 (Japan)

ASN23816 (YAHOO Yahoo Japan Corporation, JP)

b97.yahoo.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b99.yahoo.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.164.121.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-164-121-106.nrt12.r.cloudfront.net

um.ladsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 182.161.74.16 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:1ec:33:1::10 (United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:140b:1a00:23::173f:e91f (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)

dmp.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.251.42.162 (Queens, United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: nrt12s46-in-f2.1e100.net

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.250.66.208 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-250-66-208.ap-northeast-1.compute.amazonaws.com

px.ladsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.98.64.218 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

jp-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 207.65.34.80 (United States)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 103.43.90.178 (Singapore, Singapore) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 202.233.84.8 (Japan)

ASN131957 (MICROAD MicroAd, Inc., JP)

s-cs.send.microad.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.113.227.140 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-113-227-140.ap-northeast-1.compute.amazonaws.com

sync.ad-stir.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.213.7.90 (Tokyo, Japan) 3 redirects

ASN19527 (GOOGLE-2, US)
PTR: 90.7.213.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.213.17.49 (Tokyo, Japan) 2 redirects

ASN19527 (GOOGLE-2, US)
PTR: 49.17.213.35.bc.googleusercontent.com

y.one.impact-ad.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.248.96 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 96.248.178.107.bc.googleusercontent.com

penta.a.one.impact-ad.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.158.64 (Singapore, Singapore) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 124.146.153.165 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)

ssl.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.114.11.148 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-114-11-148.ap-northeast-1.compute.amazonaws.com

cs.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.226.231.48 (Hong Kong)

ASN200478 (TABOOLA-AS Taboola.com ltd, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.196.43.105 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-196-43-105.ap-northeast-1.compute.amazonaws.com

adn.caprofitx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 203.137.133.154 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)

cs.gssprt.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.188.170.32 (United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.98.24 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 24.98.201.35.bc.googleusercontent.com

sp.gmossp-sp.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 119.63.198.176 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

discoveryplus.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.172.52.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-52-72.nrt20.r.cloudfront.net

ad.as.amanad.adtdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f10:4ce4:4a02:8a21:b52c:f946:1a6c (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.222.38 (Farmingdale, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: nrt13s72-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.196.98 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s35-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.207.6 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: nrt13s54-in-f6.1e100.net

10707063.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:1901:0:d706:: (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

b6.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:140b:6c00:48::1735:344 (United States)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)

sync6.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.49.1.209 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 209.1.49.34.bc.googleusercontent.com

b.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::46 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.194.129.118 (Tokyo, Japan) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-194-129-118.ap-northeast-1.compute.amazonaws.com

bypass.ad-stir.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.165.18.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-165-18-96.nrt12.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:2dbc:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

atb.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.175.38.6 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

k.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.114.66.39 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-114-66-39.ap-northeast-1.compute.amazonaws.com

adn.caprofitx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 124.146.153.167 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.27.193 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.199.102 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: nrt13s52-in-f6.1e100.net

12693547.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.43.90.21 (Singapore, Singapore) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.172.52.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-52-116.nrt20.r.cloudfront.net

ad.as.amanad.adtdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.154.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.154.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.222.96.30 (Auckland, New Zealand)

ASN16625 (AKAMAI-AS, US)
PTR: a23-222-96-30.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.78.131.249 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-78-131-249.ap-northeast-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.106.50.39 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.48.117.105 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-48-117-105.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:140b:1c00:38::1732:76b3 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)

ade.clmbtech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.178.8 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.118.186.107 (Serangoon New Town, Singapore)

ASN6336 (TURN-US-ASN, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.231.230.148 (Busan, Korea, Republic Of) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 15.197.193.217 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 202.232.238.37 (Nishikichō, Japan)

ASN2497 (IIJ Internet Initiative Japan Inc., JP)

sync.fout.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.168.99.99 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-168-99-99.ap-northeast-1.compute.amazonaws.com

ssp-sync.i-mobile.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
78	refa.net www.refa.net	4 MB
31	doubleclick.net 13 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 63 stats.g.doubleclick.net — Cisco Umbrella Rank: 227 td.doubleclick.net — Cisco Umbrella Rank: 261 cm.g.doubleclick.net — Cisco Umbrella Rank: 353 ad.doubleclick.net — Cisco Umbrella Rank: 190 10707063.fls.doubleclick.net 12693547.fls.doubleclick.net	29 KB
14	tiqcdn.com tags.tiqcdn.com — Cisco Umbrella Rank: 1441	38 KB
13	google.com www.google.com — Cisco Umbrella Rank: 5 analytics.google.com — Cisco Umbrella Rank: 215 adservice.google.com — Cisco Umbrella Rank: 669	700 B
11	im-apps.net 1 redirects dmp.im-apps.net — Cisco Umbrella Rank: 10909 b6.im-apps.net — Cisco Umbrella Rank: 95080 sync6.im-apps.net — Cisco Umbrella Rank: 11401 b.im-apps.net — Cisco Umbrella Rank: 113535 atb.im-apps.net — Cisco Umbrella Rank: 193105	33 KB
11	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	1 MB
10	facebook.com www.facebook.com — Cisco Umbrella Rank: 132	853 B
9	ad-stir.com 5 redirects sync.ad-stir.com — Cisco Umbrella Rank: 7832 bypass.ad-stir.com — Cisco Umbrella Rank: 117717	5 KB
9	yahoo.co.jp b92.yahoo.co.jp — Cisco Umbrella Rank: 60906 am.yahoo.co.jp — Cisco Umbrella Rank: 95685 b97.yahoo.co.jp — Cisco Umbrella Rank: 85932 b99.yahoo.co.jp — Cisco Umbrella Rank: 30624 apm.yahoo.co.jp — Cisco Umbrella Rank: 31307	55 KB
8	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 785 k.clarity.ms — Cisco Umbrella Rank: 6404 c.clarity.ms — Cisco Umbrella Rank: 1425	33 KB
8	google.co.jp www.google.co.jp — Cisco Umbrella Rank: 13851	511 B
7	adsrvr.org 1 redirects js.adsrvr.org — Cisco Umbrella Rank: 1486 insight.adsrvr.org — Cisco Umbrella Rank: 1156 match.adsrvr.org — Cisco Umbrella Rank: 486	10 KB
7	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 574 mug.criteo.com — Cisco Umbrella Rank: 3312 sslwidget.criteo.com — Cisco Umbrella Rank: 2510 dis.criteo.com — Cisco Umbrella Rank: 945	16 KB
7	ladsp.com 1 redirects cd.ladsp.com — Cisco Umbrella Rank: 101640 px.ladsp.com — Cisco Umbrella Rank: 107663 um.ladsp.com — Cisco Umbrella Rank: 249538	11 KB
6	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 444 c.bing.com — Cisco Umbrella Rank: 278	19 KB
6	fout.jp js.fout.jp — Cisco Umbrella Rank: 209067 cnt.fout.jp — Cisco Umbrella Rank: 196233 sync.fout.jp — Cisco Umbrella Rank: 25971	8 KB
5	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 493	1 KB
5	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 362 secure.adnxs.com — Cisco Umbrella Rank: 680	6 KB
4	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 546	6 KB
4	openx.net 1 redirects jp-u.openx.net — Cisco Umbrella Rank: 15888 u.openx.net — Cisco Umbrella Rank: 944	850 B
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 237	90 KB
3	casalemedia.com 1 redirects dsum.casalemedia.com — Cisco Umbrella Rank: 1903 r.casalemedia.com — Cisco Umbrella Rank: 2693	2 KB
3	socdm.com ssl.socdm.com — Cisco Umbrella Rank: 297173 tg.socdm.com — Cisco Umbrella Rank: 2805	3 KB
3	impact-ad.jp 2 redirects y.one.impact-ad.jp — Cisco Umbrella Rank: 8800 penta.a.one.impact-ad.jp — Cisco Umbrella Rank: 148210	1 KB
3	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 1233	524 B
3	gstatic.com fonts.gstatic.com	5 MB
2	3lift.com 1 redirects eb2.3lift.com — Cisco Umbrella Rank: 640	982 B
2	adtdp.com ad.as.amanad.adtdp.com — Cisco Umbrella Rank: 13022	1 KB
2	gmossp-sp.jp 1 redirects sp.gmossp-sp.jp — Cisco Umbrella Rank: 104061	1 KB
2	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 1375	720 B
2	caprofitx.com 1 redirects adn.caprofitx.com — Cisco Umbrella Rank: 109325	1 KB
2	taboola.com sync.taboola.com — Cisco Umbrella Rank: 1376 sync-t1.taboola.com — Cisco Umbrella Rank: 2832	750 B
2	microad.jp d-cache.microad.jp — Cisco Umbrella Rank: 380070 s-cs.send.microad.jp — Cisco Umbrella Rank: 27055	1 KB
2	yimg.jp s.yimg.jp — Cisco Umbrella Rank: 9229	14 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 80	22 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 76	1 KB
1	i-mobile.co.jp 1 redirects ssp-sync.i-mobile.co.jp — Cisco Umbrella Rank: 108723	484 B
1	1rx.io sync.1rx.io — Cisco Umbrella Rank: 661	99 B
1	clmbtech.com ade.clmbtech.com — Cisco Umbrella Rank: 3879	259 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 3934	278 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 879	587 B
1	agkn.com aa.agkn.com — Cisco Umbrella Rank: 741	495 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 907	650 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 636	438 B
1	tremorhub.com partners.tremorhub.com — Cisco Umbrella Rank: 1447	175 B
1	popin.cc discoveryplus.popin.cc — Cisco Umbrella Rank: 234057	469 B
1	gssprt.jp cs.gssprt.jp — Cisco Umbrella Rank: 16879	82 B
1	adingo.jp cs.adingo.jp — Cisco Umbrella Rank: 5528	409 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 1235	666 B
1	t.co t.co — Cisco Umbrella Rank: 1179	646 B
1	line.me tr.line.me — Cisco Umbrella Rank: 17001	425 B
1	line-scdn.net d.line-scdn.net — Cisco Umbrella Rank: 18703	10 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 1313	16 KB
1	ebis.ne.jp taj1.ebis.ne.jp — Cisco Umbrella Rank: 202659	392 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 95	22 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 1067	23 KB
1	yjtag.jp s.yjtag.jp — Cisco Umbrella Rank: 144529	343 B
274	57

	Domain	Requested by
78	www.refa.net	www.refa.net
14	tags.tiqcdn.com	www.refa.net tags.tiqcdn.com
11	www.googletagmanager.com	www.refa.net www.googletagmanager.com tags.tiqcdn.com dmp.im-apps.net
10	www.facebook.com	connect.facebook.net www.refa.net
8	bypass.ad-stir.com	5 redirects www.googletagmanager.com
8	td.doubleclick.net	www.googletagmanager.com
8	www.google.co.jp	www.refa.net
8	www.google.com	www.googletagmanager.com www.refa.net
7	cm.g.doubleclick.net	7 redirects
7	googleads.g.doubleclick.net	www.googleadservices.com www.googletagmanager.com
5	x.bidswitch.net	3 redirects www.refa.net
4	match.adsrvr.org	js.adsrvr.org
4	k.clarity.ms	www.clarity.ms
4	b6.im-apps.net	1 redirects dmp.im-apps.net www.refa.net
4	adservice.google.com	www.refa.net 10707063.fls.doubleclick.net 12693547.fls.doubleclick.net
4	ad.doubleclick.net	4 redirects
4	pixel.rubiconproject.com	1 redirects um.ladsp.com js.fout.jp
4	ib.adnxs.com	2 redirects um.ladsp.com
4	bat.bing.com	tags.tiqcdn.com bat.bing.com www.refa.net
4	connect.facebook.net	www.refa.net connect.facebook.net
3	sync.fout.jp	js.fout.jp
3	simage2.pubmatic.com	um.ladsp.com js.fout.jp
3	jp-u.openx.net	1 redirects um.ladsp.com js.fout.jp
3	b99.yahoo.co.jp	s.yimg.jp www.refa.net
3	px.ladsp.com	1 redirects www.refa.net um.ladsp.com
3	gum.criteo.com	2 redirects static.criteo.net
3	cd.ladsp.com	www.googletagmanager.com www.refa.net px.ladsp.com
3	fonts.gstatic.com	fonts.googleapis.com
2	c.clarity.ms	1 redirects
2	eb2.3lift.com	1 redirects
2	c.bing.com	1 redirects
2	dis.criteo.com
2	12693547.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	dsum.casalemedia.com	1 redirects www.refa.net
2	tg.socdm.com	www.refa.net
2	js.adsrvr.org	www.googletagmanager.com match.adsrvr.org
2	www.clarity.ms	bat.bing.com www.clarity.ms
2	b.im-apps.net	www.refa.net dmp.im-apps.net
2	sync6.im-apps.net	dmp.im-apps.net www.refa.net
2	10707063.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	apm.yahoo.co.jp	s.yimg.jp
2	ad.as.amanad.adtdp.com	um.ladsp.com
2	sp.gmossp-sp.jp	1 redirects um.ladsp.com
2	sync.outbrain.com	um.ladsp.com
2	adn.caprofitx.com	1 redirects um.ladsp.com
2	y.one.impact-ad.jp	2 redirects
2	dmp.im-apps.net	tags.tiqcdn.com www.refa.net
2	b97.yahoo.co.jp	s.yimg.jp www.refa.net
2	js.fout.jp	www.refa.net js.fout.jp
2	s.yimg.jp	www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	fonts.googleapis.com	www.refa.net
1	ssp-sync.i-mobile.co.jp	1 redirects
1	secure.adnxs.com	js.fout.jp
1	insight.adsrvr.org	1 redirects
1	sync.1rx.io
1	ade.clmbtech.com
1	criteo-sync.teads.tv
1	sync-t1.taboola.com
1	rtb-csync.smartadserver.com
1	aa.agkn.com
1	contextual.media.net
1	idsync.rlcdn.com
1	r.casalemedia.com
1	u.openx.net	www.refa.net
1	atb.im-apps.net	www.refa.net
1	partners.tremorhub.com	um.ladsp.com
1	discoveryplus.popin.cc	um.ladsp.com
1	cs.gssprt.jp	um.ladsp.com
1	sync.taboola.com	um.ladsp.com
1	cs.adingo.jp	um.ladsp.com
1	ssl.socdm.com	um.ladsp.com
1	penta.a.one.impact-ad.jp	um.ladsp.com
1	sync.ad-stir.com	um.ladsp.com
1	s-cs.send.microad.jp	um.ladsp.com
1	sslwidget.criteo.com	static.criteo.net
1	um.ladsp.com	px.ladsp.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	analytics.google.com	www.googletagmanager.com
1	analytics.twitter.com	www.refa.net
1	t.co	www.refa.net
1	am.yahoo.co.jp	b92.yahoo.co.jp
1	tr.line.me	www.refa.net
1	mug.criteo.com	www.refa.net
1	cnt.fout.jp	www.refa.net
1	d.line-scdn.net	www.refa.net
1	static.ads-twitter.com	www.refa.net
1	taj1.ebis.ne.jp	www.refa.net
1	b92.yahoo.co.jp	www.googletagmanager.com
1	d-cache.microad.jp	www.refa.net
1	www.googleadservices.com	www.googletagmanager.com
1	static.criteo.net	www.googletagmanager.com
1	s.yjtag.jp	www.refa.net
274	93

This site contains links to these domains. Also see Links.

Domain
www.mtgec.jp
instagram.com
www.facebook.com
www.mtg.gr.jp

Subject Issuer	Validity	Valid
refa.net Amazon RSA 2048 M03	`2024-06-05` - `2025-07-04`	a year	crt.sh
upload.video.google.com WE2	`2025-03-31` - `2025-06-23`	3 months	crt.sh
*.gstatic.com WE2	`2025-03-31` - `2025-06-23`	3 months	crt.sh
*.google-analytics.com WE2	`2025-03-31` - `2025-06-23`	3 months	crt.sh
edge01.yahoo.co.jp Cybertrust Japan SureServer CA G4	`2025-04-15` - `2026-05-14`	a year	crt.sh
*.google.com WE2	`2025-03-31` - `2025-06-23`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2025-04-11` - `2025-07-04`	3 months	crt.sh
*.fout.jp GeoTrust RSA CA 2018	`2024-07-27` - `2025-07-30`	a year	crt.sh
*.ladsp.com GlobalSign RSA OV SSL CA 2018	`2024-05-21` - `2025-06-22`	a year	crt.sh
*.googleadservices.com WE2	`2025-03-31` - `2025-06-23`	3 months	crt.sh
jpssl.cdngc.net GlobalSign RSA OV SSL CA 2018	`2024-09-06` - `2025-09-08`	a year	crt.sh
*.ebis.ne.jp Amazon RSA 2048 M03	`2025-01-22` - `2026-02-20`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2025-02-01` - `2025-05-02`	3 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-25` - `2025-06-24`	a year	crt.sh
line-apps.com DigiCert TLS RSA SHA256 2020 CA1	`2024-09-24` - `2025-09-23`	a year	crt.sh
tags.tiqcdn.com Amazon RSA 2048 M02	`2025-02-17` - `2026-03-18`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2025-04-18` - `2025-07-17`	3 months	crt.sh
*.g.doubleclick.net WE2	`2025-03-31` - `2025-06-23`	3 months	crt.sh
*.line.me GlobalSign RSA OV SSL CA 2018	`2024-08-08` - `2025-09-09`	a year	crt.sh
gw01.yahoo.co.jp Cybertrust Japan SureServer CA G4	`2025-03-28` - `2026-04-27`	a year	crt.sh
t.co E6	`2025-03-24` - `2025-06-22`	3 months	crt.sh
twitter.com E6	`2025-03-06` - `2025-06-04`	3 months	crt.sh
*.google.co.jp WE2	`2025-03-31` - `2025-06-23`	3 months	crt.sh
*.doubleclick.net WE2	`2025-03-31` - `2025-06-23`	3 months	crt.sh
mscedge01.yahoo.co.jp Cybertrust Japan SureServer CA G4	`2024-10-28` - `2025-11-27`	a year	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 07	`2025-03-14` - `2025-09-10`	6 months	crt.sh
*.im-apps.net DigiCert TLS RSA SHA256 2020 CA1	`2025-01-10` - `2026-01-10`	a year	crt.sh
*.pubmatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2025-02-19` - `2026-03-22`	a year	crt.sh
*.send.microad.jp GlobalSign RSA OV SSL CA 2018	`2024-10-10` - `2025-11-11`	a year	crt.sh
*.ad-stir.com Sectigo ECC Domain Validation Secure Server CA	`2024-10-21` - `2025-11-20`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2025-03-04` - `2026-04-03`	a year	crt.sh
ssl.socdm.com Go Daddy Secure Certificate Authority - G2	`2024-12-16` - `2026-01-17`	a year	crt.sh
*.adingo.jp Amazon RSA 2048 M03	`2024-08-14` - `2025-09-13`	a year	crt.sh
*.taboola.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-12-01` - `2025-12-31`	a year	crt.sh
*.caprofitx.com Amazon RSA 2048 M03	`2024-07-10` - `2025-08-07`	a year	crt.sh
cs.gssprt.jp GeoTrust TLS RSA CA G1	`2024-12-30` - `2026-01-30`	a year	crt.sh
*.outbrain.com Thawte TLS RSA CA G1	`2024-11-13` - `2025-12-02`	a year	crt.sh
sp.gmossp-sp.jp WR3	`2025-04-14` - `2025-07-13`	3 months	crt.sh
*.popin.cc Secure Site Pro CA G2	`2024-09-23` - `2025-10-24`	a year	crt.sh
*.as.amanad.adtdp.com Amazon RSA 2048 M03	`2024-12-05` - `2026-01-03`	a year	crt.sh
*.tremorhub.com Amazon RSA 2048 M02	`2024-12-24` - `2026-01-23`	a year	crt.sh
b6.im-apps.net WR3	`2025-04-05` - `2025-07-04`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2024-09-04` - `2025-09-04`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2025-03-19` - `2026-04-02`	a year	crt.sh
atb.im-apps.net WR3	`2025-03-25` - `2025-06-23`	3 months	crt.sh
a.clarity.ms Microsoft Azure RSA TLS Issuing CA 08	`2024-06-23` - `2025-06-18`	a year	crt.sh
b.im-apps.net WR3	`2025-03-13` - `2025-06-11`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2024-08-14` - `2025-08-18`	a year	crt.sh
*.socdm.com GlobalSign RSA OV SSL CA 2018	`2024-05-17` - `2025-06-18`	a year	crt.sh
*.bidswitch.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2025-04-06` - `2025-07-01`	3 months	crt.sh
casalemedia.com E6	`2025-04-08` - `2025-07-07`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2025-02-06` - `2026-03-05`	a year	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2024-10-23` - `2025-10-22`	a year	crt.sh
*.smartadserver.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2025-01-09` - `2026-02-09`	a year	crt.sh
teads.tv R10	`2025-02-18` - `2025-05-19`	3 months	crt.sh
colombiaonline.com R10	`2025-04-10` - `2025-07-09`	3 months	crt.sh
*.1rx.io Sectigo RSA Domain Validation Secure Server CA	`2024-06-13` - `2025-07-14`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2025-02-21` - `2026-03-23`	a year	crt.sh

This page contains 21 frames:

Primary Page: https://www.refa.net/
Frame ID: 1225B1FB37E3AE230A2C24F99489F5A1
Requests: 206 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/54l0/sw_iframe.html?origin=https%3A%2F%2Fwww.refa.net
Frame ID: F792FE056BA2F7AAA403E5C9FCD4FE51
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.refa.net&origin=onetag
Frame ID: 4696DF91C19F8C6A685DB7EBBF955244
Requests: 2 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/774022946?random=1745572846799&cv=11&fst=1745572846799&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be54n0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.refa.net%2F&hn=www.googleadservices.com&frm=0&tiba=ReFa%20%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88%20%7C%20%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94&npa=0&pscdl=noapi&auid=457986581.1745572846&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 1CFE6A1AC793941EC40C5717618FB865
Requests: 1 HTTP requests in this frame

Frame: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_20_25_27_28_30_32_34_42_43&ts=1745572846718&svid=68
Frame ID: 3D0D4D28A6C2F163AAFAA8D1A67A58B3
Requests: 19 HTTP requests in this frame

Frame: https://cd.ladsp.com/html/getTopics2.html?stu=mTxrsbcXjcbp0Lne4Pwl2g
Frame ID: C92A3DE361D22C917007B0F2AA206221
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/774025335?random=1745572846850&cv=11&fst=1745572846850&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be54n0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.refa.net%2F&hn=www.googleadservices.com&frm=0&tiba=ReFa%20%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88%20%7C%20%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94&npa=0&pscdl=noapi&auid=457986581.1745572846&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: F2B08E638C1FFF5A84493A7DB5EDBDA4
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/774046165?random=1745572846885&cv=11&fst=1745572846885&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be54n0v881674415za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.refa.net%2F&hn=www.googleadservices.com&frm=0&tiba=ReFa%20%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88%20%7C%20%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94&npa=0&pscdl=noapi&auid=457986581.1745572846&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 0D508FE5D02AB69AE6F5B02411F703D5
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/774046165?random=1745572846938&cv=11&fst=1745572846938&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be54n0v881674415za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.refa.net%2F&hn=www.googleadservices.com&frm=0&tiba=ReFa%20%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88%20%7C%20%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94&did=dYmQxMT&gdid=dYmQxMT&npa=0&pscdl=noapi&auid=457986581.1745572846&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: CA8E5BB21EC8B0C189D9EB75D7B2C49C
Requests: 1 HTTP requests in this frame

Frame: https://10707063.fls.doubleclick.net/activityi;dc_pre=CI-s9Mvt8owDFeyG6QUdv7o4Kw;src=10707063;type=220501;cat=2205_0;ord=1;num=2215576396758;npa=0;auiddc=457986581.1745572846;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KpA;gtm=45fe54n0v9190208834z877419047za200zb889117918;gcd=13l3l3l3l1l1;dma=0;dc_fmt=2;tag_exp=101509157~102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004;ptag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103130498~103130500~103200001;epver=2;dc_random=1745572846992;_dc_test=1;~oref=https%3A%2F%2Fwww.refa.net%2F
Frame ID: 391D80939061D951F8F0BC1EECE2FA2A
Requests: 2 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=10707063;type=220501;cat=2205_0;ord=1;num=2215576396758;npa=0;auiddc=457986581.1745572846;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KpA;gtm=45fe54n0v9190208834z877419047za200zb889117918;gcd=13l3l3l3l1l1;dma=0;dc_fmt=9;tag_exp=101509157~102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004;ptag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103130498~103130500~103200001;epver=2;dc_random=1745572846992;_dc_test=1;~oref=https%3A%2F%2Fwww.refa.net%2F
Frame ID: A6ACFEFC08085FF62254E3A4CF02331F
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/10974633921?random=1745572847150&cv=11&fst=1745572847150&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be54n0v9102968195za200zb77419047&gcd=13l3l3l3l1l1&dma=0&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103130495~103130497~103200001&ptag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103130498~103130500~103200001&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.refa.net%2F&hn=www.googleadservices.com&frm=0&tiba=ReFa%20%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88%20%7C%20%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94&did=dYmQxMT&gdid=dYmQxMT&npa=0&pscdl=noapi&auid=457986581.1745572846&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: ADBA9E45C9DB2487BF08E15111AB7243
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/10974633921?random=1745572847204&cv=11&fst=1745572847204&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be54n0v9102968195za200zb77419047&gcd=13l3l3l3l1l1&dma=0&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103130495~103130497~103200001&ptag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103130498~103130500~103200001&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.refa.net%2F&hn=www.googleadservices.com&frm=0&tiba=ReFa%20%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88%20%7C%20%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94&did=dYmQxMT&gdid=dYmQxMT&npa=0&pscdl=noapi&auid=457986581.1745572846&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view
Frame ID: B280350F8547D236E27F0DBF086F3201
Requests: 1 HTTP requests in this frame

Frame: https://12693547.fls.doubleclick.net/activityi;dc_pre=CKHtmMzt8owDFWg3ewcdsvcK4w;src=12693547;type=invmedia;cat=1009100;ord=3957912063805;npa=0;auiddc=457986581.1745572846;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KlA;gtm=45fe54n0v9189738244z8896570462za201zb896570462;gcd=13l3l3l3l1l1;dma=0;dc_fmt=2;tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004;ptag_exp=102887800~103051953~103071290~103077950~103106314~103106316~103116025~103130360~103130362~103200001;epver=2;dc_random=1745572847604;_dc_test=1;~oref=https%3A%2F%2Fwww.refa.net%2F
Frame ID: 99031C65F0A49F5DE5F8FA42C0289D73
Requests: 2 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=12693547;type=invmedia;cat=1009100;ord=3957912063805;npa=0;auiddc=457986581.1745572846;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KlA;gtm=45fe54n0v9189738244z8896570462za201zb896570462;gcd=13l3l3l3l1l1;dma=0;dc_fmt=9;tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004;ptag_exp=102887800~103051953~103071290~103077950~103106314~103106316~103116025~103130360~103130362~103200001;epver=2;dc_random=1745572847604;_dc_test=1;~oref=https%3A%2F%2Fwww.refa.net%2F
Frame ID: CD847A45C4E535848D343D61AD47125C
Requests: 1 HTTP requests in this frame

Frame: https://js.fout.jp/beacon.html?from=dmp
Frame ID: 5D48395849B4B8B9C8EA60C491382E3B
Requests: 8 HTTP requests in this frame

Frame: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-Jppt2yjqRW9ciezBer7_pVf-bSkCkUzRXodiRg&expires=30
Frame ID: 95A8236B778AE1F5F128E7883B242C97
Requests: 20 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/upb/?adv=jugy6jk&ref=https%3A%2F%2Fwww.refa.net%2F&upid=tlpkzes&upv=1.1.0&paapi=1
Frame ID: 4427D69E63219F4AF4F00218A1831844
Requests: 2 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Frame ID: 9C6A29B39464D80B9175CB991131EF17
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=3936ce3b-14a6-4d37-b242-8306730474ef&google_gid=CAESEHedRWp3YAkfv8W8klFK71s&google_cver=1
Frame ID: 3D6E6089A745234584523C01DD30BDB3
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch
Frame ID: C4B55E9C399516DBA60F047679580068
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ReFa （リファ）公式ブランドサイト | 株式会社MTG：美容機器・洗顔美容・美容ドリンク・炭酸美容・スキンケア・コラーゲン・ヘッドスパ・ドライヤー

Page URL History Show full URLs

http://www.refa.net/ HTTP 307
https://www.refa.net/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

//static\.criteo\.net/js/ld/ld\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

274
Requests

93 %
HTTPS

21 %
IPv6

57
Domains

93
Subdomains

83
IPs

12
Countries

10600 kB
Transfer

14169 kB
Size

107
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.mtgec.jp/shop/c/c1010/
Title: ONLINE SHOP ONLINE SHOP

Search URL Search Domain Scan URL

URL: http://www.mtgec.jp/shop/c/c1010/
Title: ONLINESHOP

Search URL Search Domain Scan URL

URL: http://www.mtgec.jp/shop/c/c1010/?ref=refaspfooter

Search URL Search Domain Scan URL

URL: http://www.mtgec.jp/shop/c/c1010/?ref=refapcfooter

Search URL Search Domain Scan URL

URL: https://instagram.com/refa_mtg

Search URL Search Domain Scan URL

URL: https://www.facebook.com/mtg.refa.net/

Search URL Search Domain Scan URL

URL: http://www.mtg.gr.jp/privacypolicy.html
Title: 個人情報保護方針

Search URL Search Domain Scan URL

URL: https://www.mtg.gr.jp/feedback/
Title: お問い合わせ

Search URL Search Domain Scan URL

URL: http://www.mtg.gr.jp/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.refa.net/ HTTP 307
https://www.refa.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 107

https://gum.criteo.com/sid/json?origin=onetag&domain=refa.net&sn=ChromeSyncframe&so=undefined&topUrl=www.refa.net&topicsavail=1&fledgeavail=1 HTTP 302
https://mug.criteo.com/sid?cpp=zvTM3XxoUUV5NkkzdXhObjFSY3N4VEZ5R0RsMUdLRVFmYTFhNEt6elhuTHh2THJQbXZmWnErSGJsWERBZVZDck9KNW9NYlZUTTZlTksyL3VxOWluUzd0USs4QWJRbHkzcXQ1dG9CS3BqdFRQY1VzYXE5NEpSZ2RCcWhaeGdRc2oyZE1zZ2FWc0trNHR2bmhZTDVsdnRHWDZ1bjR0TXpQVTVmZUxCUmM4TzN2eUxFK012NTkrK0VCSENtRFkyT3N3STFhUnY1VjZSYU80WVA2bTFUN3JMSVQwSGN1Ynp5bDFRd200dmd3MEx5MUxWNmtLdTA5WVJWblVxQVVZM2hjVzlOQ2R4RHY2bXR6NVl3K2hIRmltMTdJbXAvd0JZNUZxTm80RjU2bGhURlJjcVBEND18&cppv=2

Request Chain 108

https://px.ladsp.com/pixel?advertiser_id=00010701&su=2&site_url=https%3A%2F%2Fwww.refa.net%2F&sua=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwibW9kZWwiOiIiLCJtb2JpbGUiOmZhbHNlLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsImZ1bGxWZXJzaW9uTGlzdCI6W119 HTTP 302
https://px.ladsp.com/pixel?cr=true&advertiser_id=00010701&su=2&site_url=https%3A%2F%2Fwww.refa.net%2F&sua=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwibW9kZWwiOiIiLCJtb2JpbGUiOmZhbHNlLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsImZ1bGxWZXJzaW9uTGlzdCI6W119

Request Chain 158

https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_cm&google_hm=Ab7ZOQs0F0VBks8AKJCcS1ZW18A&logicad_uid=Ab7ZOQs0F0VBks8AKJCcS1ZW18A&svid=03 HTTP 302
https://px.ladsp.com/match/google?logicad_uid=Ab7ZOQs0F0VBks8AKJCcS1ZW18A&svid=03&google_gid=CAESEI6sJBjDLz9dqnPg8D7dU1s&google_cver=1

Request Chain 159

https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AUdtwyr5jO_Cks8AKJCcS1ZW188AAAGWbD_dSw HTTP 302
https://jp-u.openx.net/w/1.0/sd?cc=1&id=537072451&val=AUdtwyr5jO_Cks8AKJCcS1ZW188AAAGWbD_dSw

Request Chain 161

https://ib.adnxs.com/setuid?entity=276&code=AUdtwyr5jO_Cks8AKJCcS1ZW188AAAGWbD_dSw HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D276%26code%3DAUdtwyr5jO_Cks8AKJCcS1ZW188AAAGWbD_dSw

Request Chain 164

https://x.bidswitch.net/sync?dsp_id=102&expires=365&user_id=AUdtwyr5jO_Cks8AKJCcS1ZW188AAAGWbD_dSw HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=102&expires=365&user_id=AUdtwyr5jO_Cks8AKJCcS1ZW188AAAGWbD_dSw HTTP 302
https://y.one.impact-ad.jp/cs?d=105&uid=59a64a89-ce73-4936-a30a-d8de712ecf9e&tg=1&et=30&r=no&bsw_dsp_id=&bsw_dsp_uuid= HTTP 302
https://y.one.impact-ad.jp/ul_cb/cs?d=105&uid=59a64a89-ce73-4936-a30a-d8de712ecf9e&tg=1&et=30&r=no&bsw_dsp_id=&bsw_dsp_uuid= HTTP 302
https://penta.a.one.impact-ad.jp/psm/1.0/actualizar

Request Chain 179

https://ad.doubleclick.net/activity;src=10707063;type=220501;cat=2205_0;ord=1;num=2215576396758;npa=0;auiddc=457986581.1745572846;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KpA;gtm=45fe54n0v9190208834z877419047za200zb889117918;gcd=13l3l3l3l1l1;dma=0;dc_fmt=3;tag_exp=101509157~102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004;ptag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103130498~103130500~103200001;epver=2;dc_random=1745572846992;~oref=https%3A%2F%2Fwww.refa.net%2F HTTP 302
https://ad.doubleclick.net/activity;dc_pre=CNiF7cvt8owDFQ7yFgUdNOgFYg;src=10707063;type=220501;cat=2205_0;ord=1;num=2215576396758;npa=0;auiddc=457986581.1745572846;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KpA;gtm=45fe54n0v9190208834z877419047za200zb889117918;gcd=13l3l3l3l1l1;dma=0;dc_fmt=3;tag_exp=101509157~102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004;ptag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103130498~103130500~103200001;epver=2;dc_random=1745572846992;~oref=https%3A%2F%2Fwww.refa.net%2F HTTP 302
https://adservice.google.com/ddm/fls/z/dc_pre=CNiF7cvt8owDFQ7yFgUdNOgFYg;src=10707063;type=220501;cat=2205_0;ord=1;num=2215576396758;npa=0;auiddc=*;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KpA;gtm=45fe54n0v9190208834z877419047za200zb889117918;gcd=13l3l3l3l1l1;dma=0;dc_fmt=3;tag_exp=101509157~102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004;ptag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103130498~103130500~103200001;epver=2;dc_random=1745572846992;~oref=https%3A%2F%2Fwww.refa.net%2F

Request Chain 180

https://10707063.fls.doubleclick.net/activityi;src=10707063;type=220501;cat=2205_0;ord=1;num=2215576396758;npa=0;auiddc=457986581.1745572846;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KpA;gtm=45fe54n0v9190208834z877419047za200zb889117918;gcd=13l3l3l3l1l1;dma=0;dc_fmt=2;tag_exp=101509157~102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004;ptag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103130498~103130500~103200001;epver=2;dc_random=1745572846992;_dc_test=1;~oref=https%3A%2F%2Fwww.refa.net%2F HTTP 302
https://10707063.fls.doubleclick.net/activityi;dc_pre=CI-s9Mvt8owDFeyG6QUdv7o4Kw;src=10707063;type=220501;cat=2205_0;ord=1;num=2215576396758;npa=0;auiddc=457986581.1745572846;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KpA;gtm=45fe54n0v9190208834z877419047za200zb889117918;gcd=13l3l3l3l1l1;dma=0;dc_fmt=2;tag_exp=101509157~102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004;ptag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103130498~103130500~103200001;epver=2;dc_random=1745572846992;_dc_test=1;~oref=https%3A%2F%2Fwww.refa.net%2F

Request Chain 197

https://b6.im-apps.net/pv/2fURsk?cid=1012284&url=https%3A%2F%2Fwww.refa.net%2F&ref=&title=ReFa%20%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88%20%7C%20%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94%E7%BE%8E%E5%AE%B9%E3%83%BB%E7%BE%8E%E5%AE%B9%E3%83%89%E3%83%AA%E3%83%B3%E3%82%AF%E3%83%BB%E7%82%AD%E9%85%B8%E7%BE%8E%E5%AE%B9%E3%83%BB%E3%82%B9%E3%82%AD%E3%83%B3%E3%82%B1%E3%82%A2%E3%83%BB%E3%82%B3%E3%83%A9%E3%83%BC%E3%82%B2%E3%83%B3%E3%83%BB%E3%83%98%E3%83%83%E3%83%89%E3%82%B9%E3%83%91%E3%83%BB%E3%83%89%E3%83%A9%E3%82%A4%E3%83%A4%E3%83%BC&lang=ja-jp HTTP 302
https://b.im-apps.net/pv/2fURsk?cid=1012284&ehid=VkJyglsOAZfKah1Y&lang=ja-jp&ref&title=ReFa+%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88+%7C+%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94%E7%BE%8E%E5%AE%B9%E3%83%BB%E7%BE%8E%E5%AE%B9%E3%83%89%E3%83%AA%E3%83%B3%E3%82%AF%E3%83%BB%E7%82%AD%E9%85%B8%E7%BE%8E%E5%AE%B9%E3%83%BB%E3%82%B9%E3%82%AD%E3%83%B3%E3%82%B1%E3%82%A2%E3%83%BB%E3%82%B3%E3%83%A9%E3%83%BC%E3%82%B2%E3%83%B3%E3%83%BB%E3%83%98%E3%83%83%E3%83%89%E3%82%B9%E3%83%91%E3%83%BB%E3%83%89%E3%83%A9%E3%82%A4%E3%83%A4%E3%83%BC&url=https%3A%2F%2Fwww.refa.net%2F

Request Chain 227

https://bypass.ad-stir.com/push_sync HTTP 302
https://sp.gmossp-sp.jp/ads/sync.ad?dsp=bypass&uid=8989abb1-66f5-478b-8f90-559901c56fde HTTP 302
https://bypass.ad-stir.com/receive_sync?ssp=gmo&uid=R4L1ISXwNx2Cutvk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=united_bypass&google_hm=iYmrsWb1R4uPkFWZAcVv3g&google_redir=https%3A%2F%2Fbypass.ad-stir.com%2Freceive_sync%3Fssp%3Dgoogle_hosted_match%26google_gid%3Dhosted_match HTTP 302
https://bypass.ad-stir.com/receive_sync?ssp=google_hosted_match&google_gid=hosted_match HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=united_bypass&uid=8989abb1-66f5-478b-8f90-559901c56fde&google_ula=439954433&google_cm HTTP 302
https://bypass.ad-stir.com/receive_sync?ssp=google&uid=8989abb1-66f5-478b-8f90-559901c56fde&google_gid=CAESELC7KzMZS8vYoe0U2XzLnVU&google_cver=1&google_ula=439954433,0 HTTP 302
https://adn.caprofitx.com/v1/cookiesync?bypass_uid=8989abb1-66f5-478b-8f90-559901c56fde HTTP 302
https://bypass.ad-stir.com/receive_sync?ssp=profitx&uid=01a145b2-6829-4348-970e-e0b7ef26906e HTTP 302
https://x.bidswitch.net/sync?dsp_id=204&user_id=8989abb1-66f5-478b-8f90-559901c56fde&expires=90

Request Chain 230

https://dsum.casalemedia.com/crum?cm_dsp_id=214&external_user_id=8989abb1-66f5-478b-8f90-559901c56fde HTTP 302
https://dsum.casalemedia.com/crum?cm_dsp_id=214&external_user_id=8989abb1-66f5-478b-8f90-559901c56fde&C=1

Request Chain 231

https://ad.doubleclick.net/activity;src=12693547;type=invmedia;cat=1009100;ord=3957912063805;npa=0;auiddc=457986581.1745572846;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KlA;gtm=45fe54n0v9189738244z8896570462za201zb896570462;gcd=13l3l3l3l1l1;dma=0;dc_fmt=3;tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004;ptag_exp=102887800~103051953~103071290~103077950~103106314~103106316~103116025~103130360~103130362~103200001;epver=2;dc_random=1745572847604;~oref=https%3A%2F%2Fwww.refa.net%2F HTTP 302
https://ad.doubleclick.net/activity;dc_pre=CND6jMzt8owDFTvGFgUdz7cfCg;src=12693547;type=invmedia;cat=1009100;ord=3957912063805;npa=0;auiddc=457986581.1745572846;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KlA;gtm=45fe54n0v9189738244z8896570462za201zb896570462;gcd=13l3l3l3l1l1;dma=0;dc_fmt=3;tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004;ptag_exp=102887800~103051953~103071290~103077950~103106314~103106316~103116025~103130360~103130362~103200001;epver=2;dc_random=1745572847604;~oref=https%3A%2F%2Fwww.refa.net%2F HTTP 302
https://adservice.google.com/ddm/fls/z/dc_pre=CND6jMzt8owDFTvGFgUdz7cfCg;src=12693547;type=invmedia;cat=1009100;ord=3957912063805;npa=0;auiddc=*;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KlA;gtm=45fe54n0v9189738244z8896570462za201zb896570462;gcd=13l3l3l3l1l1;dma=0;dc_fmt=3;tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004;ptag_exp=102887800~103051953~103071290~103077950~103106314~103106316~103116025~103130360~103130362~103200001;epver=2;dc_random=1745572847604;~oref=https%3A%2F%2Fwww.refa.net%2F

Request Chain 232

https://12693547.fls.doubleclick.net/activityi;src=12693547;type=invmedia;cat=1009100;ord=3957912063805;npa=0;auiddc=457986581.1745572846;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KlA;gtm=45fe54n0v9189738244z8896570462za201zb896570462;gcd=13l3l3l3l1l1;dma=0;dc_fmt=2;tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004;ptag_exp=102887800~103051953~103071290~103077950~103106314~103106316~103116025~103130360~103130362~103200001;epver=2;dc_random=1745572847604;_dc_test=1;~oref=https%3A%2F%2Fwww.refa.net%2F HTTP 302
https://12693547.fls.doubleclick.net/activityi;dc_pre=CKHtmMzt8owDFWg3ewcdsvcK4w;src=12693547;type=invmedia;cat=1009100;ord=3957912063805;npa=0;auiddc=457986581.1745572846;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KlA;gtm=45fe54n0v9189738244z8896570462za201zb896570462;gcd=13l3l3l3l1l1;dma=0;dc_fmt=2;tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004;ptag_exp=102887800~103051953~103071290~103077950~103106314~103106316~103116025~103130360~103130362~103200001;epver=2;dc_random=1745572847604;_dc_test=1;~oref=https%3A%2F%2Fwww.refa.net%2F

Request Chain 237

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-gKpqjijqRW9ciezBer7_pVf-bSlxnavaWENJGA&google_cm&google_hm=ay1nS3BxamlqcVJXOWNpZXpCZXI3X3BWZi1iU2x4bmF2YVdFTkpHQQ HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-gKpqjijqRW9ciezBer7_pVf-bSlxnavaWENJGA&google_gid=CAESEMM4xQWrRcB_PPX4jrVJEhI&google_cver=1&google_ula=913071,0

Request Chain 238

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1847495480127324161

Request Chain 245

https://gum.criteo.com/sync?c=9&r=1&a=1&u=https%3A%2F%2Faa.agkn.com%2Fadscores%2Fg.pixel%3Fsid%3D9212273938%26ct%3D%40USERID%40 HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=o2whhl9hQnRkWXZKa1N3VFJqQXpoa2psZnFtZ01LeXEwUW01Y0xZaG42dDhRY1EwJTNE

Request Chain 253

https://eb2.3lift.com/xuid?mid=2711&xuid=k-wEkIiCjqRW9ciezBer7_pVf-bSkA-IDSSQZ_sw&dongle=013b HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-wEkIiCjqRW9ciezBer7_pVf-bSkA-IDSSQZ_sw&dongle=013b&gdpr=0&cmp_cs=&us_privacy=

Request Chain 255

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=63FAFEEAC20C4020B4A0372851777388&RedC=c.clarity.ms&MXFR=1C845E3899CE6B9C39874BE19DCE6550 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=63FAFEEAC20C4020B4A0372851777388&MUID=00B55D2EDA6F69290DC248F7DB3768CE

Request Chain 256

https://insight.adsrvr.org/track/up?adv=jugy6jk&ref=https%3A%2F%2Fwww.refa.net%2F&upid=tlpkzes&upv=1.1.0&paapi=1 HTTP 302
https://match.adsrvr.org/track/upb/?adv=jugy6jk&ref=https%3A%2F%2Fwww.refa.net%2F&upid=tlpkzes&upv=1.1.0&paapi=1

Request Chain 258

https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_cm&google_sc&from_google=pc2 HTTP 302
https://sync.fout.jp/sync?xid=googleadex&g_match=&from_google=pc2&google_gid=CAESEJ1xCHqML5zNZm-D4tRoU6Q&google_cver=1

Request Chain 259

https://cm.g.doubleclick.net/pixel?google_nid=freakout&from_google=pc3&google_hm=QzdFSFZEcnl4dkFWSzJldUY2N0pzMjYtTWRn HTTP 302
https://sync.fout.jp/report?xid=googleadex&from_google=pc3

Request Chain 262

https://ssp-sync.i-mobile.co.jp/sync.ashx?dspid=5 HTTP 302
https://sync.fout.jp/sync?xid=imobile&uid=ece6136a-06ea-41ce-8a99-d87e50b0a1d2&sync_status=1

Request Chain 265

https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=3936ce3b-14a6-4d37-b242-8306730474ef&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon HTTP 302
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0

Request Chain 266

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=MzkzNmNlM2ItMTRhNi00ZDM3LWIyNDItODMwNjczMDQ3NGVm&gdpr=0&gdpr_consent=&ttd_tdid=3936ce3b-14a6-4d37-b242-8306730474ef HTTP 302
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=3936ce3b-14a6-4d37-b242-8306730474ef&google_gid=CAESEHedRWp3YAkfv8W8klFK71s&google_cver=1

Request Chain 267

https://x.bidswitch.net/syncd?dsp_id=93&user_group=1&user_id=3936ce3b-14a6-4d37-b242-8306730474ef&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch

274 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.refa.net/
Redirect Chain

http://www.refa.net/
https://www.refa.net/

42 KB
8 KB

202ms
7ms

Document
text/html

18.179.98.218
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://www.refa.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

fea2eb260146bdad234decd71e009965911fe9bf6f1f09afeb0f39a80b68866b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 8387
content-security-policy: frame-ancestors 'self' https://*.my.soasc.net;
content-type: text/html; charset=UTF-8
date: Fri, 25 Apr 2025 09:20:45 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

Location: https://www.refa.net/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 common.css
www.refa.net/css/ 80 KB
11 KB 18ms
8ms Stylesheet
text/css 18.179.98.218
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://www.refa.net/css/common.css?v=190920

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

1a2ad774c88495859f82aeeda6be27ff5d949f89e8607a0c23f452d1454d791f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://*.my.soasc.net;
content-encoding: gzip
etag: "13ebc-61c543fab15aa-gzip"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 10911
date: Fri, 25 Apr 2025 09:20:45 GMT
x-xss-protection: 1; mode=block
content-type: text/css
last-modified: Wed, 03 Jul 2024 09:13:51 GMT
server: Apache
vary: Accept-Encoding

GET
H2 200 style_pc.css
www.refa.net/css/ 94 KB
12 KB 19ms
10ms Stylesheet
text/css 18.179.98.218
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://www.refa.net/css/style_pc.css

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

0fe79403b0da509e1489e4ee29a83825f876a00dfbd4a2a84374160008509566

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://*.my.soasc.net;
content-encoding: gzip
etag: "177e7-5fc07dc724440-gzip"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 11652
date: Fri, 25 Apr 2025 09:20:45 GMT
x-xss-protection: 1; mode=block
content-type: text/css
last-modified: Fri, 19 May 2023 08:39:37 GMT
server: Apache
vary: Accept-Encoding

GET
H2 200 slick.css
www.refa.net/css/ 2 KB
874 B 14ms
5ms Stylesheet
text/css 18.179.98.218
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://www.refa.net/css/slick.css

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

daf575d309cd103f22b4870a8bf90e7ec0cf5f03ea8f55658da64442ca64fd87

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://*.my.soasc.net;
content-encoding: gzip
etag: "6ae-56ad2c1ffda80-gzip"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 539
date: Fri, 25 Apr 2025 09:20:45 GMT
x-xss-protection: 1; mode=block
content-type: text/css
last-modified: Fri, 27 Apr 2018 11:25:14 GMT
server: Apache
vary: Accept-Encoding

GET
H2 200 index_pc.css
www.refa.net/css/ 15 KB
4 KB 16ms
8ms Stylesheet
text/css 18.179.98.218
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://www.refa.net/css/index_pc.css

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

23648a805757fe951690f36a2703fc44bed7446f27ab14002b755414eee79eb8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://*.my.soasc.net;
content-encoding: gzip
etag: "3acd-61b14a0c7abc0-gzip"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 3307
date: Fri, 25 Apr 2025 09:20:45 GMT
x-xss-protection: 1; mode=block
content-type: text/css
last-modified: Mon, 17 Jun 2024 11:54:31 GMT
server: Apache
vary: Accept-Encoding

GET
H2 200 movie.css
www.refa.net/special/movie/css/ 10 KB
3 KB 16ms
9ms Stylesheet
text/css 18.179.98.218
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://www.refa.net/special/movie/css/movie.css

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

4cde44f4a6001baefb125113c0dc2c1ab127d26cd44b78d9b8cdd1d5955e3c6e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://*.my.soasc.net;
content-encoding: gzip
etag: "28af-626ea72db3989-gzip"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 2584
date: Fri, 25 Apr 2025 09:20:45 GMT
x-xss-protection: 1; mode=block
content-type: text/css
last-modified: Fri, 15 Nov 2024 02:37:31 GMT
server: Apache
vary: Accept-Encoding

GET
H2 200 slider-pro.css
www.refa.net/css/ 17 KB
3 KB 16ms
9ms Stylesheet
text/css 18.179.98.218
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://www.refa.net/css/slider-pro.css

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

44e8cb44cdd9eb6a4d4e3818aa820f39413552076ed701340672bbc9d2cd1c0b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://*.my.soasc.net;
content-encoding: gzip
etag: "43f9-59dd41edd4b00-gzip"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 2910
date: Fri, 25 Apr 2025 09:20:45 GMT
x-xss-protection: 1; mode=block
content-type: text/css
last-modified: Wed, 05 Feb 2020 13:27:40 GMT
server: Apache
vary: Accept-Encoding

GET
H2 200 modernizr-2.6.2.min.js Show response
www.refa.net/common/js/ 15 KB
6 KB 22ms
15ms Script
application/javascript 18.179.98.218
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://www.refa.net/common/js/modernizr-2.6.2.min.js

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

4d9bc12d794ed221ae1cbebbbeba7b267305c6dc94704412e6cfea0e156a5237

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://*.my.soasc.net;
content-encoding: gzip
etag: "3c3a-56b2f98fe7080-gzip"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 6252
date: Fri, 25 Apr 2025 09:20:45 GMT
x-xss-protection: 1; mode=block
content-type: application/javascript
last-modified: Wed, 02 May 2018 02:10:58 GMT
server: Apache
vary: Accept-Encoding

GET
H2 200 scrollsmoothly.js Show response
www.refa.net/js/ 5 KB
2 KB 23ms
18ms Script
application/javascript 18.179.98.218
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://www.refa.net/js/scrollsmoothly.js

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

bf9122f9db31ccdb893d0d475b22f5ae3686373ed845ec3aeb498231516f58e0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://*.my.soasc.net;
content-encoding: gzip
etag: "13a0-52a1b825a68c0-gzip"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 1840
date: Fri, 25 Apr 2025 09:20:45 GMT
x-xss-protection: 1; mode=block
content-type: application/javascript
last-modified: Sun, 24 Jan 2016 21:55:23 GMT
server: Apache
vary: Accept-Encoding

GET
H2 200 jquery-1.11.3.min.js Show response
www.refa.net/js/ 94 KB
33 KB 25ms
19ms Script
application/javascript 18.179.98.218
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://www.refa.net/js/jquery-1.11.3.min.js

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://*.my.soasc.net;
content-encoding: gzip
etag: "176d5-52a1b824b2680-gzip"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 33279
date: Fri, 25 Apr 2025 09:20:45 GMT
x-xss-protection: 1; mode=block
content-type: application/javascript
last-modified: Sun, 24 Jan 2016 21:55:22 GMT
server: Apache
vary: Accept-Encoding

GET
H2 200 common.js Show response
www.refa.net/common/js/ 23 KB
6 KB 16ms
12ms Script
application/javascript 18.179.98.218
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://www.refa.net/common/js/common.js

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

57139058a78a65e8099ea3d55f1b7fea110264e6841dfe13292dc18d0b905cdf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://*.my.soasc.net;
content-encoding: gzip
etag: "5daa-5c58448208900-gzip"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 5735
date: Fri, 25 Apr 2025 09:20:45 GMT
x-xss-protection: 1; mode=block
content-type: application/javascript
last-modified: Thu, 24 Jun 2021 15:00:20 GMT
server: Apache
vary: Accept-Encoding

GET
H2 200 slick.min.js Show response
www.refa.net/js/ 42 KB
11 KB 21ms
17ms Script
application/javascript 18.179.98.218
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://www.refa.net/js/slick.min.js

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

e1a52c0a06fa9f65e015b02e7ec463fd621211a9d2ae44b6660597900e927fbb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://*.my.soasc.net;
content-encoding: gzip
etag: "a770-56ad2c1ffda80-gzip"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 10445
date: Fri, 25 Apr 2025 09:20:45 GMT
x-xss-protection: 1; mode=block
content-type: application/javascript
last-modified: Fri, 27 Apr 2018 11:25:14 GMT
server: Apache
vary: Accept-Encoding

GET
H2 200 jquery.sliderPro.min.js Show response
www.refa.net/js/ 95 KB
19 KB 26ms
22ms Script
application/javascript 18.179.98.218
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://www.refa.net/js/jquery.sliderPro.min.js

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

f2a6463de97e090de322b1f61620101c0fe90806e87052af3ddc1151dfa7d212

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://*.my.soasc.net;
content-encoding: gzip
etag: "17b7f-59dd4206a0580-gzip"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 18840
date: Fri, 25 Apr 2025 09:20:45 GMT
x-xss-protection: 1; mode=block
content-type: application/javascript
last-modified: Wed, 05 Feb 2020 13:28:06 GMT
server: Apache
vary: Accept-Encoding

GET
H2 200 movie.js Show response
www.refa.net/js/ 2 KB
996 B 16ms
13ms Script
application/javascript 18.179.98.218
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://www.refa.net/js/movie.js

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

16fd28d7d50667ff6bbbe9fdca15d32116ec0c51e4e2fe9fbfddd5b50e0168a7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://*.my.soasc.net;
content-encoding: gzip
etag: "61e-61152843f5f00-gzip"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 650
date: Fri, 25 Apr 2025 09:20:45 GMT
x-xss-protection: 1; mode=block
content-type: application/javascript
last-modified: Wed, 14 Feb 2024 07:32:44 GMT
server: Apache
vary: Accept-Encoding

GET
H2 200 index.js Show response
www.refa.net/js/ 2 KB
1 KB 17ms
14ms Script
application/javascript 18.179.98.218
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://www.refa.net/js/index.js

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

4c3b799ae3bb8f31107585d13a9445920d4d27d8f4fe080ad1a5c750e28f0122

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://*.my.soasc.net;
content-encoding: gzip
etag: "88e-59dd4206a0580-gzip"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 832
date: Fri, 25 Apr 2025 09:20:45 GMT
x-xss-protection: 1; mode=block
content-type: application/javascript
last-modified: Wed, 05 Feb 2020 13:28:06 GMT
server: Apache
vary: Accept-Encoding

GET
H2 200 logo.svg
www.refa.net/images/common/ 4 KB
2 KB 17ms
15ms Image
image/svg+xml 18.179.98.218
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL

https://www.refa.net/images/common/logo.svg

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

80517b8960156057b554b4d7e31939a44657ebef90c5ae7575810e85617d525c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://*.my.soasc.net;
content-encoding: gzip
etag: "10df-59df91964b080-gzip"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 2104
date: Fri, 25 Apr 2025 09:20:45 GMT
x-xss-protection: 1; mode=block
content-type: image/svg+xml
last-modified: Fri, 07 Feb 2020 09:34:42 GMT
server: Apache
vary: Accept-Encoding

GET
H2 200 header-nav-haircare.jpg
www.refa.net/images/common/ 4 KB
5 KB 18ms
16ms Image
image/jpeg 18.179.98.218
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL

https://www.refa.net/images/common/header-nav-haircare.jpg

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

381b85b13b7e5349854d173bd4f107dcbcef218e36df352c417b8745be97500e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://*.my.soasc.net;
etag: "110b-61bc6fea58980"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 4363
date: Fri, 25 Apr 2025 09:20:45 GMT
x-xss-protection: 1; mode=block
content-type: image/jpeg
last-modified: Wed, 26 Jun 2024 08:42:30 GMT
server: Apache

GET
H2 200 header-nav-shower.jpg
www.refa.net/images/common/ 6 KB
6 KB 5ms
5ms Image
image/jpeg 18.179.98.218
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL

https://www.refa.net/images/common/header-nav-shower.jpg

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

17be2466d262d98456527705c60616767ad6171734bf7a26933ce708afcf886f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://*.my.soasc.net;
etag: "1657-61b11b5c14480"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 5719
date: Fri, 25 Apr 2025 09:20:45 GMT
x-xss-protection: 1; mode=block
content-type: image/jpeg
last-modified: Mon, 17 Jun 2024 08:25:38 GMT
server: Apache

GET
H2 200 header-nav-epilator.jpg
www.refa.net/images/common/ 8 KB
8 KB 5ms
4ms Image
image/jpeg 18.179.98.218
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL

https://www.refa.net/images/common/header-nav-epilator.jpg

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

e845d2306c78cf59b1821f3fc0316bc2081dad94029a4d98a487d2977e1e8a00

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://*.my.soasc.net;
etag: "1f41-61b11b5c14480"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 8001
date: Fri, 25 Apr 2025 09:20:45 GMT
x-xss-protection: 1; mode=block
content-type: image/jpeg
last-modified: Mon, 17 Jun 2024 08:25:38 GMT
server: Apache

GET
H2 200 header-nav-beauty.jpg
www.refa.net/images/common/ 7 KB
8 KB 4ms
4ms Image
image/jpeg 18.179.98.218
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL

https://www.refa.net/images/common/header-nav-beauty.jpg

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

c7a98e7678733e7dd4eaa008a9b4c818c91e7a60f0f5cd1c8393eb558f329b46

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://*.my.soasc.net;
etag: "1da3-61b11b5c14480"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 7587
date: Fri, 25 Apr 2025 09:20:45 GMT
x-xss-protection: 1; mode=block
content-type: image/jpeg
last-modified: Mon, 17 Jun 2024 08:25:38 GMT
server: Apache

GET
H2 200 header-nav-brush.jpg
www.refa.net/images/common/ 9 KB
9 KB 7ms
5ms Image
image/jpeg 18.179.98.218
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL

https://www.refa.net/images/common/header-nav-brush.jpg

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

80e13b96531319ca8b59d9debf3b7831000f277eeee39f51052986965d90d7d7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://*.my.soasc.net;
etag: "23b0-61b11b5c14480"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 9136
date: Fri, 25 Apr 2025 09:20:46 GMT
x-xss-protection: 1; mode=block
content-type: image/jpeg
last-modified: Mon, 17 Jun 2024 08:25:38 GMT
server: Apache

GET
H2 200 header-nav-cosme.jpg
www.refa.net/images/common/ 5 KB
5 KB 6ms
5ms Image
image/jpeg 18.179.98.218
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL

https://www.refa.net/images/common/header-nav-cosme.jpg

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

8559dc3c81a4baadc15eefeea7401d0169b34d66b33b72ad074f40d651b1c759

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://*.my.soasc.net;
etag: "12a2-61b11b5c14480"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 4770
date: Fri, 25 Apr 2025 09:20:46 GMT
x-xss-protection: 1; mode=block
content-type: image/jpeg
last-modified: Mon, 17 Jun 2024 08:25:38 GMT
server: Apache

GET
H2 200 bnr-ambassador.jpg
www.refa.net/images/index/ 413 KB
413 KB 7ms
5ms Image
image/jpeg 18.179.98.218
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL

https://www.refa.net/images/index/bnr-ambassador.jpg

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

b898272be45dff5dd67049c0178cac022a9d831a0c8f64b84fa9b26bcf5afd1a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://*.my.soasc.net;
etag: "672d5-6165967583b80"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 422613
date: Fri, 25 Apr 2025 09:20:46 GMT
x-xss-protection: 1; mode=block
content-type: image/jpeg
last-modified: Thu, 18 Apr 2024 06:51:42 GMT
server: Apache

GET
H2 200 bnr-myrefa.png
www.refa.net/images/index/ 162 KB
163 KB 22ms
11ms Image
image/png 18.179.98.218
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL

https://www.refa.net/images/index/bnr-myrefa.png

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

1258bb21295d9c45518ff56df6fe0f297de6ba01307ac57b7d4062a89c826df5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://*.my.soasc.net;
etag: "289c8-61b38454c22c0"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 166344
date: Fri, 25 Apr 2025 09:20:46 GMT
x-xss-protection: 1; mode=block
content-type: image/png
last-modified: Wed, 19 Jun 2024 06:25:55 GMT
server: Apache

GET
H2 200 img_kv_vn01_pc.jpg
www.refa.net/images/index02/ 158 KB
159 KB 18ms
7ms Image
image/jpeg 18.179.98.218
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL

https://www.refa.net/images/index02/img_kv_vn01_pc.jpg

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

3481c87254b9418fe5d1c0a6c33108a23109e41f0867c6118711e5cfa4345144

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://*.my.soasc.net;
etag: "27933-62e8ba95c6340"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 162099
date: Fri, 25 Apr 2025 09:20:46 GMT
x-xss-protection: 1; mode=block
content-type: image/jpeg
last-modified: Thu, 20 Feb 2025 04:53:57 GMT
server: Apache

GET
H2 200 img_kv_vn02_pc.jpg
www.refa.net/images/index02/ 122 KB
122 KB 18ms
7ms Image
image/jpeg 18.179.98.218
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL

https://www.refa.net/images/index02/img_kv_vn02_pc.jpg

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

18ac154fb54f049212fa32a410b2cc3ea2c54b468833815759646aadb531133e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://*.my.soasc.net;
etag: "1e64b-62e8baa043c00"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 124491
date: Fri, 25 Apr 2025 09:20:46 GMT
x-xss-protection: 1; mode=block
content-type: image/jpeg
last-modified: Thu, 20 Feb 2025 04:54:08 GMT
server: Apache

GET
H2 200 img_kv10_pc.jpg
www.refa.net/images/index02/ 329 KB
330 KB 25ms
15ms Image
image/jpeg 18.179.98.218
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL

https://www.refa.net/images/index02/img_kv10_pc.jpg

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

e54dfffb54fe2288c3c8aabf1533f94cf08b08293341375deb1b8321516f34b7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://*.my.soasc.net;
etag: "52504-6286dc088c8c0"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 337156
date: Fri, 25 Apr 2025 09:20:46 GMT
x-xss-protection: 1; mode=block
content-type: image/jpeg
last-modified: Wed, 04 Dec 2024 08:41:47 GMT
server: Apache

GET
H2 200 img_kv11_pc.jpg
www.refa.net/images/index02/ 279 KB
279 KB 44ms
34ms Image
image/jpeg 18.179.98.218
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL

https://www.refa.net/images/index02/img_kv11_pc.jpg

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

ef51d8df2feec3accfe9a5275a64def5d77465add4be0b9741c7ff0f6edca1df

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://*.my.soasc.net;
etag: "45b2f-6286db933f400"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 285487
date: Fri, 25 Apr 2025 09:20:46 GMT
x-xss-protection: 1; mode=block
content-type: image/jpeg
last-modified: Wed, 04 Dec 2024 08:39:44 GMT
server: Apache

GET
H2 200 img_kv12_pc.jpg
www.refa.net/images/index02/ 240 KB
241 KB 26ms
15ms Image
image/jpeg 18.179.98.218
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL

https://www.refa.net/images/index02/img_kv12_pc.jpg

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

4fefb176157c6a3a8d8183ad9596a617f5d67c7d6f2b2840dbe0f6b533f4d43e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://*.my.soasc.net;
etag: "3bfcf-6286db71de540"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 245711
date: Fri, 25 Apr 2025 09:20:46 GMT
x-xss-protection: 1; mode=block
content-type: image/jpeg
last-modified: Wed, 04 Dec 2024 08:39:09 GMT
server: Apache

GET
H2 200 img_kv13_pc.jpg
www.refa.net/images/index02/ 296 KB
297 KB 25ms
15ms Image
image/jpeg 18.179.98.218
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL

https://www.refa.net/images/index02/img_kv13_pc.jpg

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

436ab6fd82a4947f0f0fe61f080cf60dd51c66bc2c201befaccaaaec19fdd2a7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://*.my.soasc.net;
etag: "4a0a4-6286dbb594500"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 303268
date: Fri, 25 Apr 2025 09:20:46 GMT
x-xss-protection: 1; mode=block
content-type: image/jpeg
last-modified: Wed, 04 Dec 2024 08:40:20 GMT
server: Apache

GET
H2 200 img_kv14_pc.jpg
www.refa.net/images/index02/ 231 KB
232 KB 25ms
16ms Image
image/jpeg 18.179.98.218
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL

https://www.refa.net/images/index02/img_kv14_pc.jpg

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

257f0e7d169fff1f3b74c7854791f36fd809cb06a5f499bbb5194619c0ab611a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://*.my.soasc.net;
etag: "39dd5-6286db544df80"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 237013
date: Fri, 25 Apr 2025 09:20:46 GMT
x-xss-protection: 1; mode=block
content-type: image/jpeg
last-modified: Wed, 04 Dec 2024 08:38:38 GMT
server: Apache

GET
H2 200 img_kv15_pc.jpg
www.refa.net/images/index02/ 308 KB
309 KB 25ms
16ms Image
image/jpeg 18.179.98.218
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL

https://www.refa.net/images/index02/img_kv15_pc.jpg

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

1506dbfcc6176e64a8d70331eac38af23119fe821581b490cbacb3b50042c133

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://*.my.soasc.net;
etag: "4d10f-6286dba746340"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 315663
date: Fri, 25 Apr 2025 09:20:46 GMT
x-xss-protection: 1; mode=block
content-type: image/jpeg
last-modified: Wed, 04 Dec 2024 08:40:05 GMT
server: Apache

GET
H2 200 img_kv16_pc.jpg
www.refa.net/images/index02/ 347 KB
348 KB 25ms
16ms Image
image/jpeg 18.179.98.218
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL

https://www.refa.net/images/index02/img_kv16_pc.jpg

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

9a2be8e33b2d1ff981f8e2410479d1ab2f5aa23370a3ba91283ca273c3db63ba

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://*.my.soasc.net;
etag: "56bc3-6286dbe72ba00"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 355267
date: Fri, 25 Apr 2025 09:20:46 GMT
x-xss-protection: 1; mode=block
content-type: image/jpeg
last-modified: Wed, 04 Dec 2024 08:41:12 GMT
server: Apache

GET
H2 200 img_topics241115.png
www.refa.net/images/index02/ 19 KB
19 KB 25ms
16ms Image
image/png 18.179.98.218
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL

https://www.refa.net/images/index02/img_topics241115.png

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

e05338752c34f37afa6b777747eaa7f318fab14a51a8b6876543550db6512745

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://*.my.soasc.net;
etag: "4c95-626db4f46d780"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 19605
date: Fri, 25 Apr 2025 09:20:46 GMT
x-xss-protection: 1; mode=block
content-type: image/png
last-modified: Thu, 14 Nov 2024 08:33:50 GMT
server: Apache

GET
H2 200 img_topics25042402.png
www.refa.net/images/index02/ 19 KB
20 KB 44ms
34ms Image
image/png 18.179.98.218
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL

https://www.refa.net/images/index02/img_topics25042402.png

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

4f9ae5d90f601466f0b2f62dbd41c201fe39b9586adb23f01387dd0a80c4069b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://*.my.soasc.net;
etag: "4dc9-6335788e2cc00"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 19913
date: Fri, 25 Apr 2025 09:20:46 GMT
x-xss-protection: 1; mode=block
content-type: image/png
last-modified: Tue, 22 Apr 2025 05:48:32 GMT
server: Apache

GET
H2 200 img_topics25042401.png
www.refa.net/images/index02/ 26 KB
26 KB 42ms
33ms Image
image/png 18.179.98.218
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL

https://www.refa.net/images/index02/img_topics25042401.png

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

50a15fd8948b9cbbc75c65539420377625d99c59e77ecbfa6ead40d20a50f561

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://*.my.soasc.net;
etag: "6722-6335784e47540"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 26402
date: Fri, 25 Apr 2025 09:20:46 GMT
x-xss-protection: 1; mode=block
content-type: image/png
last-modified: Tue, 22 Apr 2025 05:47:25 GMT
server: Apache

GET
H2 200 img_topics250416.png
www.refa.net/images/index02/ 25 KB
25 KB 25ms
17ms Image
image/png 18.179.98.218
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL

https://www.refa.net/images/index02/img_topics250416.png

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

12c6bd9c71c5c5973eee8b4847f96ba481838ebad0b6dba860c05386d535e841

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://*.my.soasc.net;
etag: "6398-632403123f600"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 25496
date: Fri, 25 Apr 2025 09:20:46 GMT
x-xss-protection: 1; mode=block
content-type: image/png
last-modified: Tue, 08 Apr 2025 08:32:24 GMT
server: Apache

GET
H2 200 img_topics-mybathroom.png
www.refa.net/images/index02/ 28 KB
29 KB 42ms
33ms Image
image/png 18.179.98.218
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL

https://www.refa.net/images/index02/img_topics-mybathroom.png

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

13a3725a7a9cbb6cd31e31aaf38ded77543b8d3f80ecf0649fec2439def693e5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://*.my.soasc.net;
etag: "719e-6310f0119c340"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 29086
date: Fri, 25 Apr 2025 09:20:46 GMT
x-xss-protection: 1; mode=block
content-type: image/png
last-modified: Mon, 24 Mar 2025 04:26:13 GMT
server: Apache

GET
H2 200 img_topics250127.png
www.refa.net/images/index02/ 12 KB
13 KB 41ms
31ms Image
image/png 18.179.98.218
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL

https://www.refa.net/images/index02/img_topics250127.png

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

a91a0b9abba1fd929121fee0db6a068a3b733df621f6a337f5a7cfaadeb39cb4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://*.my.soasc.net;
etag: "3149-62ca64203c300"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 12617
date: Fri, 25 Apr 2025 09:20:46 GMT
x-xss-protection: 1; mode=block
content-type: image/png
last-modified: Mon, 27 Jan 2025 01:47:24 GMT
server: Apache

GET
H2 200 img_topics_experience.jpg
www.refa.net/images/index02/ 8 KB
8 KB 29ms
19ms Image
image/jpeg 18.179.98.218
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL

https://www.refa.net/images/index02/img_topics_experience.jpg

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

59eb9a72a36b3ecad4a44d11d0b90d16397f07290d748d99025efd26cfe43599

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://*.my.soasc.net;
etag: "2022-6254617699dc0"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 8226
date: Fri, 25 Apr 2025 09:20:46 GMT
x-xss-protection: 1; mode=block
content-type: image/jpeg
last-modified: Fri, 25 Oct 2024 05:07:11 GMT
server: Apache

GET
H2 200 img_mtitle_movie.png
www.refa.net/images/index02/ 2 KB
2 KB 29ms
20ms Image
image/png 18.179.98.218
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL

https://www.refa.net/images/index02/img_mtitle_movie.png

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

2d1fa6b88df0daf228a506d6570e26fe40d3b48a60f024f27b5c407301049e9d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://*.my.soasc.net;
etag: "6a7-6113cbe9e0180"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 1703
date: Fri, 25 Apr 2025 09:20:46 GMT
x-xss-protection: 1; mode=block
content-type: image/png
last-modified: Tue, 13 Feb 2024 05:34:14 GMT
server: Apache

GET
H2 200 movie_09.png
www.refa.net/special/movie/images/ 289 KB
289 KB 30ms
22ms Image
image/png 18.179.98.218
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL

https://www.refa.net/special/movie/images/movie_09.png

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

eccb869ac94b5913c7de835ba0755d6c4b09a26cc709d69f1f364141fcdc53bd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://*.my.soasc.net;
etag: "482b2-626d936c67b40"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 295602
date: Fri, 25 Apr 2025 09:20:46 GMT
x-xss-protection: 1; mode=block
content-type: image/png
last-modified: Thu, 14 Nov 2024 06:03:49 GMT
server: Apache

GET
H2 200 img_mtitle_pro.png
www.refa.net/images/index02/ 3 KB
3 KB 30ms
21ms Image
image/png 18.179.98.218
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL

https://www.refa.net/images/index02/img_mtitle_pro.png

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

4f598cbac807f873d0d48a932391c8fe2ba795ac9a4102eabe6e0183cc12dbc4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://*.my.soasc.net;
etag: "bde-59dd422addb00"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 3038
date: Fri, 25 Apr 2025 09:20:46 GMT
x-xss-protection: 1; mode=block
content-type: image/png
last-modified: Wed, 05 Feb 2020 13:28:44 GMT
server: Apache

GET
H2 200 img_pro01.png
www.refa.net/images/index02/ 92 KB
93 KB 32ms
24ms Image
image/png 18.179.98.218
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL

https://www.refa.net/images/index02/img_pro01.png

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

524ee1e948aa16b1ffb35f80197d77a28d4a4709cdf17a24fc9c64353ba05766

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://*.my.soasc.net;
etag: "170b3-61bc6fea58980"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 94387
date: Fri, 25 Apr 2025 09:20:46 GMT
x-xss-protection: 1; mode=block
content-type: image/png
last-modified: Wed, 26 Jun 2024 08:42:30 GMT
server: Apache

GET
H2 200 img_pro_more.png
www.refa.net/images/index02/ 1 KB
1 KB 32ms
24ms Image
image/png 18.179.98.218
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL

https://www.refa.net/images/index02/img_pro_more.png

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

3cb1d3b6a02a855c49562ee15c08f18cd35d00c2edc0f4931d84abcdd76b78d8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://*.my.soasc.net;
etag: "4b1-59dd422cc5f80"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 1201
date: Fri, 25 Apr 2025 09:20:46 GMT
x-xss-protection: 1; mode=block
content-type: image/png
last-modified: Wed, 05 Feb 2020 13:28:46 GMT
server: Apache

GET
H2 200 img_pro02.png
www.refa.net/images/index02/ 88 KB
89 KB 42ms
34ms Image
image/png 18.179.98.218
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL

https://www.refa.net/images/index02/img_pro02.png

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

0e4f4ca9a9984bb66c83a3960717bf3a159ccd187c50f0454c1edc13e2f32c92

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://*.my.soasc.net;
etag: "16155-61b11b5c14480"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 90453
date: Fri, 25 Apr 2025 09:20:46 GMT
x-xss-protection: 1; mode=block
content-type: image/png
last-modified: Mon, 17 Jun 2024 08:25:38 GMT
server: Apache

GET
H2 200 img_pro03.png
www.refa.net/images/index02/ 26 KB
27 KB 33ms
25ms Image
image/png 18.179.98.218
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL

https://www.refa.net/images/index02/img_pro03.png

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

0ba48dccf406bd820e3d57ae7f8ef8d9cb1297b831a842eed939312473b77fe9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://*.my.soasc.net;
etag: "692f-61ed6b8834e78"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 26927
date: Fri, 25 Apr 2025 09:20:46 GMT
x-xss-protection: 1; mode=block
content-type: image/png
last-modified: Sun, 04 Aug 2024 07:43:47 GMT
server: Apache

GET
H2 200 img_pro04.png
www.refa.net/images/index02/ 87 KB
87 KB 33ms
26ms Image
image/png 18.179.98.218
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL

https://www.refa.net/images/index02/img_pro04.png

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

665b7fa7318542e8161416bb89e4ff95b319f8fd758f7d6dff19e7154d9eb51c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://*.my.soasc.net;
etag: "15b05-61b11b5c14480"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 88837
date: Fri, 25 Apr 2025 09:20:46 GMT
x-xss-protection: 1; mode=block
content-type: image/png
last-modified: Mon, 17 Jun 2024 08:25:38 GMT
server: Apache

GET
H2 200 img_pro05.png
www.refa.net/images/index02/ 27 KB
28 KB 33ms
26ms Image
image/png 18.179.98.218
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL

https://www.refa.net/images/index02/img_pro05.png

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

50c917f3539f19ccf47be4cba7a89195fe163b6e75be2004bd6bbad3c5c29c48

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://*.my.soasc.net;
etag: "6daa-61ed6b8852339"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 28074
date: Fri, 25 Apr 2025 09:20:46 GMT
x-xss-protection: 1; mode=block
content-type: image/png
last-modified: Sun, 04 Aug 2024 07:43:47 GMT
server: Apache

GET
H2 200 img_pro06.png
www.refa.net/images/index02/ 50 KB
51 KB 33ms
26ms Image
image/png 18.179.98.218
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL

https://www.refa.net/images/index02/img_pro06.png

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

f693f116ace8ff34b15f0c907bd75a41d85a9dc2d1b2de39aeba00460624f8ed

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://*.my.soasc.net;
etag: "c99d-61b11b5c14480"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 51613
date: Fri, 25 Apr 2025 09:20:46 GMT
x-xss-protection: 1; mode=block
content-type: image/png
last-modified: Mon, 17 Jun 2024 08:25:38 GMT
server: Apache

GET
H2 200 img_title_about.png
www.refa.net/images/index02/ 12 KB
12 KB 33ms
26ms Image
image/png 18.179.98.218
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL

https://www.refa.net/images/index02/img_title_about.png

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

44070a7cb5d5c616e215b0cc03ba5fe0c8185716f7efb4c6b7f7e6e3cfd93aae

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://*.my.soasc.net;
etag: "2e64-59dd422eae400"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 11876
date: Fri, 25 Apr 2025 09:20:46 GMT
x-xss-protection: 1; mode=block
content-type: image/png
last-modified: Wed, 05 Feb 2020 13:28:48 GMT
server: Apache

GET
H2 200 img_mtitle_about.png
www.refa.net/images/index02/ 3 KB
3 KB 34ms
27ms Image
image/png 18.179.98.218
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL

https://www.refa.net/images/index02/img_mtitle_about.png

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

ad595d2bcb4a29c72749ff607de9852c23e4f80ef11b6dca780a21d5e8f65cea

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://*.my.soasc.net;
etag: "c84-59dd422addb00"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 3204
date: Fri, 25 Apr 2025 09:20:46 GMT
x-xss-protection: 1; mode=block
content-type: image/png
last-modified: Wed, 05 Feb 2020 13:28:44 GMT
server: Apache

GET
H2 200 img_about_sp.png
www.refa.net/images/index02/ 20 KB
20 KB 35ms
28ms Image
image/png 18.179.98.218
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL

https://www.refa.net/images/index02/img_about_sp.png

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

845b9a0b4351439241ee717d7d4c8aa54299fb5ef5abb23a4daae3f622469afe

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://*.my.soasc.net;
etag: "4ec4-6113cbda9dd80"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 20164
date: Fri, 25 Apr 2025 09:20:46 GMT
x-xss-protection: 1; mode=block
content-type: image/png
last-modified: Tue, 13 Feb 2024 05:33:58 GMT
server: Apache

GET
H2 200 img_about_pc.png
www.refa.net/images/index02/ 2 KB
3 KB 35ms
28ms Image
image/png 18.179.98.218
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL

https://www.refa.net/images/index02/img_about_pc.png

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

ba485578d0039123c373e049537654a4463ec6539a5e150d1f33f447f9713dd9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://*.my.soasc.net;
etag: "92c-6092520714cc0"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 2348
date: Fri, 25 Apr 2025 09:20:46 GMT
x-xss-protection: 1; mode=block
content-type: image/png
last-modified: Thu, 02 Nov 2023 06:02:03 GMT
server: Apache

GET
H2 200 img_title_stores.png
www.refa.net/images/index02/ 6 KB
7 KB 41ms
34ms Image
image/png 18.179.98.218
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL

https://www.refa.net/images/index02/img_title_stores.png

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

47a1c22451364f6ae69bcc5fc506001e077c923b7b60e02d8715078457d45e98

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://*.my.soasc.net;
etag: "1920-59dd422eae400"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 6432
date: Fri, 25 Apr 2025 09:20:46 GMT
x-xss-protection: 1; mode=block
content-type: image/png
last-modified: Wed, 05 Feb 2020 13:28:48 GMT
server: Apache

GET
H2 200 img_stores.png
www.refa.net/images/index02/ 101 KB
101 KB 38ms
32ms Image
image/png 18.179.98.218
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL

https://www.refa.net/images/index02/img_stores.png

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

ff25a3558bfc76f1e6aecb41b5063f2c6c02d79d5a7f93c2703474dd7ffdb229

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://*.my.soasc.net;
etag: "1923f-61ed6b1dab900"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 102975
date: Fri, 25 Apr 2025 09:20:46 GMT
x-xss-protection: 1; mode=block
content-type: image/png
last-modified: Sun, 04 Aug 2024 07:41:56 GMT
server: Apache

GET
H2 200 img_mtitle_stores.png
www.refa.net/images/index02/ 2 KB
3 KB 22ms
16ms Image
image/png 18.179.98.218
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL

https://www.refa.net/images/index02/img_mtitle_stores.png

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

d2d19470c6e6582fa8077412c42c7ae1b80aa298b80b97fb4eb4ec8b46ff7c75

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://*.my.soasc.net;
etag: "9c7-59dd422addb00"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 2503
date: Fri, 25 Apr 2025 09:20:46 GMT
x-xss-protection: 1; mode=block
content-type: image/png
last-modified: Wed, 05 Feb 2020 13:28:44 GMT
server: Apache

GET
H2 200 btn-pagetop.png
www.refa.net/images/common/ 3 KB
3 KB 22ms
16ms Image
image/png 18.179.98.218
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL

https://www.refa.net/images/common/btn-pagetop.png

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

c38aa8e3a4697d31196a6ccdaa5959b8ded88268dec8b7b4556443d4b31f51e4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://*.my.soasc.net;
etag: "a32-59dd426f87d00"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 2610
date: Fri, 25 Apr 2025 09:20:46 GMT
x-xss-protection: 1; mode=block
content-type: image/png
last-modified: Wed, 05 Feb 2020 13:29:56 GMT
server: Apache

GET
H2 200 bnr-shop-sp.jpg
www.refa.net/images/bnr/ 17 KB
17 KB 24ms
18ms Image
image/jpeg 18.179.98.218
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL

https://www.refa.net/images/bnr/bnr-shop-sp.jpg

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

440c00dc7b522ef7e41675fe03f07e21882d878294ffe6811bde503fdcb9afc4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://*.my.soasc.net;
etag: "439a-56ad2c1ffda80"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 17306
date: Fri, 25 Apr 2025 09:20:46 GMT
x-xss-protection: 1; mode=block
content-type: image/jpeg
last-modified: Fri, 27 Apr 2018 11:25:14 GMT
server: Apache

GET
H2 200 bnr-shop-pc.jpg
www.refa.net/images/bnr/ 35 KB
35 KB 24ms
18ms Image
image/jpeg 18.179.98.218
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL

https://www.refa.net/images/bnr/bnr-shop-pc.jpg

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

9c7413f69684c3785ee0c59fde2a95c90ad749a0b71ed32d96e972be34bab627

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://*.my.soasc.net;
etag: "8c4d-59f9ee351eec0"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 35917
date: Fri, 25 Apr 2025 09:20:46 GMT
x-xss-protection: 1; mode=block
content-type: image/jpeg
last-modified: Fri, 28 Feb 2020 08:47:31 GMT
server: Apache

GET
H2 200 icon-sns-instagram.svg
www.refa.net/images/common/ 1 KB
928 B 25ms
19ms Image
image/svg+xml 18.179.98.218
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL

https://www.refa.net/images/common/icon-sns-instagram.svg

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

55f536d57e399a63e080c49d01c4f40735659098956fda72af1f8b592cc3688e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://*.my.soasc.net;
content-encoding: gzip
etag: "490-56ad2c1ffda80-gzip"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 587
date: Fri, 25 Apr 2025 09:20:46 GMT
x-xss-protection: 1; mode=block
content-type: image/svg+xml
last-modified: Fri, 27 Apr 2018 11:25:14 GMT
server: Apache
vary: Accept-Encoding

GET
H2 200 icon-sns-facebook.svg
www.refa.net/images/common/ 366 B
586 B 24ms
19ms Image
image/svg+xml 18.179.98.218
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL

https://www.refa.net/images/common/icon-sns-facebook.svg

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

db7749bf28c50f07a15842bfe0d9a95fc6865c9d716ea99e27f581a5fe56f208

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://*.my.soasc.net;
content-encoding: gzip
etag: "16e-56ad2c1ffda80-gzip"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 246
date: Fri, 25 Apr 2025 09:20:46 GMT
x-xss-protection: 1; mode=block
content-type: image/svg+xml
last-modified: Fri, 27 Apr 2018 11:25:14 GMT
server: Apache
vary: Accept-Encoding

GET
H2 200 logo_mtg.svg
www.refa.net/images/common/ 2 KB
1 KB 37ms
32ms Image
image/svg+xml 18.179.98.218
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL

https://www.refa.net/images/common/logo_mtg.svg

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

0e0af92009f1fe0ff4d7e2a5a3629e7c4609ba49e27b8a9778137e48f9790fc5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://*.my.soasc.net;
content-encoding: gzip
etag: "75e-56b2f991cf500-gzip"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 741
date: Fri, 25 Apr 2025 09:20:46 GMT
x-xss-protection: 1; mode=block
content-type: image/svg+xml
last-modified: Wed, 02 May 2018 02:11:00 GMT
server: Apache
vary: Accept-Encoding

GET
H2 200 notosansjapanese.css
fonts.googleapis.com/earlyaccess/ 3 KB
455 B 93ms
48ms Stylesheet
text/css 2404:6800:4004:820::200a
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/earlyaccess/notosansjapanese.css

Requested by

Host: www.refa.net
URL: https://www.refa.net/css/common.css?v=190920

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

28b2daaba34cf81a2cfcc1387f8b643970b99217d4bf38d81998f1881728d250

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

cache-control: private, max-age=86400
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 25 Apr 2025 09:20:45 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 25 Apr 2025 09:20:45 GMT
x-xss-protection: 0
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
server: ESF
x-frame-options: SAMEORIGIN

GET
H2 200 mtg.css
www.refa.net/css/ 1 KB
773 B 6ms
5ms Stylesheet
text/css 18.179.98.218
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://www.refa.net/css/mtg.css

Requested by

Host: www.refa.net
URL: https://www.refa.net/css/common.css?v=190920

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

23b168d37d67d881829975f86b7c730f893a51cf337b0700cee1283c8c1d62d7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/css/common.css?v=190920

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://*.my.soasc.net;
content-encoding: gzip
etag: "40a-5ec89406b45c0-gzip"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 437
date: Fri, 25 Apr 2025 09:20:45 GMT
x-xss-protection: 1; mode=block
content-type: text/css
last-modified: Thu, 03 Nov 2022 04:18:39 GMT
server: Apache
vary: Accept-Encoding

GET
H2 200 css
fonts.googleapis.com/ 2 KB
994 B 89ms
44ms Stylesheet
text/css 2404:6800:4004:820::200a
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css?family=Playfair+Display

Requested by

Host: www.refa.net
URL: https://www.refa.net/css/common.css?v=190920

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

415a145bd4c7403ac624e017365aab54cc22d70431d4c81d2f31d2bc89023d16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Fri, 25 Apr 2025 09:20:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 25 Apr 2025 09:20:45 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Fri, 25 Apr 2025 09:05:06 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 howto.css
www.refa.net/css/ 1 KB
783 B 6ms
5ms Stylesheet
text/css 18.179.98.218
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://www.refa.net/css/howto.css

Requested by

Host: www.refa.net
URL: https://www.refa.net/css/common.css?v=190920

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

7e502c6085eb961bec751d36ee86be53ae7b90e0e716d0acefc1c4525abf4388

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/css/common.css?v=190920

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://*.my.soasc.net;
content-encoding: gzip
etag: "44e-5bda246c1a240-gzip"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 448
date: Fri, 25 Apr 2025 09:20:45 GMT
x-xss-protection: 1; mode=block
content-type: text/css
last-modified: Tue, 16 Mar 2021 07:25:53 GMT
server: Apache
vary: Accept-Encoding

GET
H2 200 style_sp.css
www.refa.net/css/ 77 KB
10 KB 30ms
25ms Stylesheet
text/css 18.179.98.218
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://www.refa.net/css/style_sp.css

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

de4f47c8c2395815559148bdb19dec5d4eb84e130e4639e00d915a82eb4680b4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://*.my.soasc.net;
content-encoding: gzip
etag: "13438-6301d711baebd-gzip"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 9986
date: Fri, 25 Apr 2025 09:20:46 GMT
x-xss-protection: 1; mode=block
content-type: text/css
last-modified: Wed, 12 Mar 2025 04:14:30 GMT
server: Apache
vary: Accept-Encoding

GET
H2 200 style_tab.css
www.refa.net/css/ 86 KB
11 KB 32ms
26ms Stylesheet
text/css 18.179.98.218
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://www.refa.net/css/style_tab.css

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

c1f35a05b78d4d581914533d507f1abd3bf7351f7ff41f5f0d388d54e1bf5fb6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://*.my.soasc.net;
content-encoding: gzip
etag: "159a1-5ee955e0cfac0-gzip"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 11304
date: Fri, 25 Apr 2025 09:20:46 GMT
x-xss-protection: 1; mode=block
content-type: text/css
last-modified: Tue, 29 Nov 2022 05:36:19 GMT
server: Apache
vary: Accept-Encoding

GET
H2 200 index_sp.css
www.refa.net/css/ 11 KB
3 KB 30ms
25ms Stylesheet
text/css 18.179.98.218
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://www.refa.net/css/index_sp.css

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

b730ea5162b85026d63b361b95025dc8766e58db7dcae31a8cc4ce1025bfae3a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://*.my.soasc.net;
content-encoding: gzip
etag: "2b91-6117b5d865c00-gzip"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 2633
date: Fri, 25 Apr 2025 09:20:46 GMT
x-xss-protection: 1; mode=block
content-type: text/css
last-modified: Fri, 16 Feb 2024 08:16:48 GMT
server: Apache
vary: Accept-Encoding

GET
H3 200 NotoSansJP-DemiLight.woff2
fonts.gstatic.com/ea/notosansjapanese/v6/ 2 MB
2 MB 51ms
6ms Font
font/woff2 142.251.42.195
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/ea/notosansjapanese/v6/NotoSansJP-DemiLight.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/earlyaccess/notosansjapanese.css

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.195 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f3.1e100.net

Software

sffe /

Resource Hash

7537cf619819feb34e2ac57dbca05ff1584047440ce0c8fcfdc5bcd719536177

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://www.refa.net
Referer: https://fonts.googleapis.com/

Response headers

age: 66291
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 24 Apr 2026 14:55:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 24 Apr 2025 14:55:55 GMT
last-modified: Tue, 22 Sep 2015 23:26:49 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1618068
x-xss-protection: 0
server: sffe

GET
H2 200 jquery.cookie.js Show response
www.refa.net/js/ 3 KB
2 KB 14ms
14ms XHR
application/javascript 18.179.98.218
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://www.refa.net/js/jquery.cookie.js?_=1745572846068

Requested by

Host: www.refa.net
URL: https://www.refa.net/js/jquery-1.11.3.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

96dccaa929e6a14f0f439d8597777a97b22720516942d36fc625ae11e85c3ada

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.refa.net/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://*.my.soasc.net;
content-encoding: gzip
etag: "cb4-53ec84d6e2a40-gzip"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 1407
date: Fri, 25 Apr 2025 09:20:46 GMT
x-xss-protection: 1; mode=block
content-type: application/javascript
last-modified: Fri, 14 Oct 2016 00:28:17 GMT
server: Apache
vary: Accept-Encoding

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 437 KB
141 KB 110ms
63ms Script
application/javascript 2404:6800:4004:821::2008
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WNK3637

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0270d21f63861850022a9551ce17deca43c794ef183e8e6e11aa5df0fe1c9eea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

content-encoding: br
report-to: {"group":"ascgcycc:1310:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1310:0"}],}
expires: Fri, 25 Apr 2025 09:20:46 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 25 Apr 2025 09:20:46 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 25 Apr 2025 09:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1310:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1310:0
content-length: 143482
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 tag.js Show response
s.yjtag.jp/ 0
343 B 61ms
12ms Script
application/javascript 124.83.184.124
YAHOO-JP-AS-AP Ya...

General

Check archive.org

Download Go to

Full URL: https://s.yjtag.jp/tag.js
Requested by: Host: www.refa.net
URL: https://www.refa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 124.83.184.124 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),
Reverse DNS
Software: DragonStorage /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

etag: "d41d8cd98f00b204e9800998ecf8427e"
age: 13917
ats-carp-promotion: 1
accept-ch: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
x-amz-request-id: e173832c-4377-42e7-8343-9eaf636fee24
permissions-policy: ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
accept-ranges: bytes
content-length: 0
date: Fri, 25 Apr 2025 05:28:49 GMT
content-type: application/javascript
last-modified: Fri, 28 Jun 2024 04:51:18 GMT
server: DragonStorage

GET
H2 200 img_redbtn.png
www.refa.net/images/index02/ 481 B
779 B 38ms
33ms Image
image/png 18.179.98.218
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL

https://www.refa.net/images/index02/img_redbtn.png

Requested by

Host: www.refa.net
URL: https://www.refa.net/css/index_pc.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

dcd2068d1d0e40a42043d396e3d60b1437f144965f57a1365dba3901a5c7d81d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/css/index_pc.css

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://*.my.soasc.net;
etag: "1e1-59dd422cc5f80"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 481
date: Fri, 25 Apr 2025 09:20:46 GMT
x-xss-protection: 1; mode=block
content-type: image/png
last-modified: Wed, 05 Feb 2020 13:28:46 GMT
server: Apache

GET
H2 200 movie_play.png
www.refa.net/images/index02/ 12 KB
13 KB 24ms
20ms Image
image/png 18.179.98.218
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL

https://www.refa.net/images/index02/movie_play.png

Requested by

Host: www.refa.net
URL: https://www.refa.net/special/movie/css/movie.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

fc4969afcf1d9804f4f899a6f975b31bfb66408bc7fd43404c6172dc5f79994e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/special/movie/css/movie.css

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://*.my.soasc.net;
etag: "31df-6115283e3d180"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 12767
date: Fri, 25 Apr 2025 09:20:46 GMT
x-xss-protection: 1; mode=block
content-type: image/png
last-modified: Wed, 14 Feb 2024 07:32:38 GMT
server: Apache

GET
H2 200 movie_arr.png
www.refa.net/images/index02/ 642 B
940 B 24ms
20ms Image
image/png 18.179.98.218
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL

https://www.refa.net/images/index02/movie_arr.png

Requested by

Host: www.refa.net
URL: https://www.refa.net/special/movie/css/movie.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

0fe30326ace35e058a501d3a301a7930c82fd9fce3231478452f14fa2237403d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/special/movie/css/movie.css

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://*.my.soasc.net;
etag: "282-6115283e3d180"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 642
date: Fri, 25 Apr 2025 09:20:46 GMT
x-xss-protection: 1; mode=block
content-type: image/png
last-modified: Wed, 14 Feb 2024 07:32:38 GMT
server: Apache

GET
H2 200 img_bg_pc.png
www.refa.net/images/index02/ 18 KB
19 KB 24ms
20ms Image
image/png 18.179.98.218
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL

https://www.refa.net/images/index02/img_bg_pc.png

Requested by

Host: www.refa.net
URL: https://www.refa.net/css/index_pc.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

112512dba86709f5330c91fbfce0b75fbbce56cdb5f25e7ccce6d5ba6b150519

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/css/index_pc.css

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://*.my.soasc.net;
etag: "49cf-61ed6b8673ae8"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 18895
date: Fri, 25 Apr 2025 09:20:46 GMT
x-xss-protection: 1; mode=block
content-type: image/png
last-modified: Sun, 04 Aug 2024 07:43:45 GMT
server: Apache

GET
H2 404 ProximaNova-Regular.otf
www.refa.net/css/font/ 0
0 25ms
24ms Font
text/html 18.179.98.218
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://www.refa.net/css/font/ProximaNova-Regular.otf

Requested by

Host: www.refa.net
URL: https://www.refa.net/css/index_pc.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://www.refa.net
Referer: https://www.refa.net/css/index_pc.css

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://*.my.soasc.net;
content-encoding: gzip
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 2602
date: Fri, 25 Apr 2025 09:20:46 GMT
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
server: Apache

GET
H3 200 NotoSansJP-Regular.woff2
fonts.gstatic.com/ea/notosansjapanese/v6/ 2 MB
2 MB 25ms
12ms Font
font/woff2 142.251.42.195
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/ea/notosansjapanese/v6/NotoSansJP-Regular.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/earlyaccess/notosansjapanese.css

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.195 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f3.1e100.net

Software

sffe /

Resource Hash

5fe36ac41d735e262ed03dfa258ad1c09ae6e73420f494e7c98380f3cdd133d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://www.refa.net
Referer: https://fonts.googleapis.com/

Response headers

age: 85404
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 24 Apr 2026 09:37:22 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 24 Apr 2025 09:37:22 GMT
last-modified: Tue, 22 Sep 2015 23:26:49 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1631896
x-xss-protection: 0
server: sffe

GET
H3 200 NotoSansJP-Bold.woff2
fonts.gstatic.com/ea/notosansjapanese/v6/ 2 MB
2 MB 24ms
10ms Font
font/woff2 142.251.42.195
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/ea/notosansjapanese/v6/NotoSansJP-Bold.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/earlyaccess/notosansjapanese.css

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.195 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f3.1e100.net

Software

sffe /

Resource Hash

0096d793dbff0842ac166ca51051e699d149e88ded75cef3b6de664f9b7721ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://www.refa.net
Referer: https://fonts.googleapis.com/

Response headers

age: 86923
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 24 Apr 2026 09:12:03 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 24 Apr 2025 09:12:03 GMT
last-modified: Tue, 22 Sep 2015 23:26:49 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1711168
x-xss-protection: 0
server: sffe

GET
H2 200 arrow-L.png
www.refa.net/images/index02/ 1 KB
2 KB 20ms
15ms Image
image/png 18.179.98.218
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL

https://www.refa.net/images/index02/arrow-L.png

Requested by

Host: www.refa.net
URL: https://www.refa.net/css/index_pc.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

be2bce89bb5f2723be6c2a7815ac1723ad50487538967bd9e3bf760333e3bcad

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/css/index_pc.css

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://*.my.soasc.net;
etag: "5a5-59dd42233c900"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 1445
date: Fri, 25 Apr 2025 09:20:46 GMT
x-xss-protection: 1; mode=block
content-type: image/png
last-modified: Wed, 05 Feb 2020 13:28:36 GMT
server: Apache

GET
H2 200 arrow-R.png
www.refa.net/images/index02/ 570 B
868 B 20ms
16ms Image
image/png 18.179.98.218
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL

https://www.refa.net/images/index02/arrow-R.png

Requested by

Host: www.refa.net
URL: https://www.refa.net/css/index_pc.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

ab32d76d64ab36478d657f01c5e77e6526c8a6099c364aa0ecd7124621d41fdf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/css/index_pc.css

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://*.my.soasc.net;
etag: "23a-59dd42233c900"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 570
date: Fri, 25 Apr 2025 09:20:46 GMT
x-xss-protection: 1; mode=block
content-type: image/png
last-modified: Wed, 05 Feb 2020 13:28:36 GMT
server: Apache

GET
H2 200 top.js Show response
www.refa.net/js/ 8 KB
2 KB 23ms
21ms XHR
application/javascript 18.179.98.218
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://www.refa.net/js/top.js?_=1745572846069

Requested by

Host: www.refa.net
URL: https://www.refa.net/js/jquery-1.11.3.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

ae5e551805001afa84d27b1400bb18071c12d9829345febb9357d54fb544265e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.refa.net/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://*.my.soasc.net;
content-encoding: gzip
etag: "2153-581371e97c300-gzip"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 1965
date: Fri, 25 Apr 2025 09:20:46 GMT
x-xss-protection: 1; mode=block
content-type: application/javascript
last-modified: Wed, 06 Feb 2019 10:23:40 GMT
server: Apache
vary: Accept-Encoding

POST
H3 200 collect
www.google.com/ccm/ 0
0 91ms
46ms Ping
text/plain 216.58.220.100
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fwww.refa.net%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=1417635382.1745572846&dt=ReFa%20%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88%20%7C%20%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94&auid=457986581.1745572846&navt=n&npa=0&gtm=45He54n0v77419047za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103130498~103130500~103200001&tft=1745572846496&tfd=844&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNK3637
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.58.220.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: nrt12s30-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 375 KB
124 KB 62ms
61ms Script
application/javascript 2404:6800:4004:821::2008
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3QN5BHV6QK&l=dataLayer&cx=c&gtm=45He54n0v77419047za200&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103130498~103130500~103200001

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNK3637

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3936ff1cbad23eb65b85d0541463a7dea57a2d49f30ed6408dc2b6c4280edc2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

content-encoding: br
report-to: {"group":"ascgcycc:1068:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1068:0"}],}
expires: Fri, 25 Apr 2025 09:20:46 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 25 Apr 2025 09:20:46 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1068:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1068:0
content-length: 126589
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 50ms
3ms Script
text/javascript 2404:6800:4004:828::200e
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNK3637

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:828::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

content-encoding: gzip
age: 3009
report-to: {"group":"ascnsrsgac:225:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Fri, 25 Apr 2025 10:30:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 25 Apr 2025 08:30:37 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsgac:225:0
content-length: 20994
server: Golfe2

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 72 KB
23 KB 17ms
5ms Script
text/javascript 2406:2600:4::2e
CRITEO-AS-AP Crit...

General

Check archive.org

Download Go to

Full URL

https://static.criteo.net/js/ld/ld.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNK3637

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::2e , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

2b1569f169809d69310a339774c908c2ee095d2d90ce5f1464d922ef02ac474e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: max-age=86400, public
timing-allow-origin: *
content-encoding: gzip
etag: W/"67fd7adf-11feb"
cross-origin-resource-policy: cross-origin
expires: Sat, 26 Apr 2025 09:20:46 GMT
access-control-allow-origin: *
date: Fri, 25 Apr 2025 09:20:46 GMT
content-type: text/javascript
last-modified: Mon, 14 Apr 2025 21:15:11 GMT
server: nginx

GET
H2 200 ytag.js Show response
s.yimg.jp/images/listing/tool/cv/ 34 KB
11 KB 34ms
10ms Script
application/javascript 124.83.184.124
YAHOO-JP-AS-AP Ya...

General

Check archive.org

Download Go to

Full URL: https://s.yimg.jp/images/listing/tool/cv/ytag.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNK3637
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 124.83.184.124 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),
Reverse DNS
Software: /
Resource Hash: 5a9fc9a8f2f9175d67b30b0c5e2fd4bf0e1a89c3e7c26574c2d9be8d0728494b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

cache-control: public, max-age=600
content-encoding: gzip
accept-ch: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
age: 535
ats-carp-promotion: 1
permissions-policy: ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
content-length: 11430
date: Fri, 25 Apr 2025 09:11:51 GMT
last-modified: Thu, 10 Apr 2025 06:13:01 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
x-ntap-sg-trace-id: f291bf734eea7f6e

GET
H/1.1 200
OK segmentation.js Show response
js.fout.jp/ 13 KB
3 KB 54ms
15ms Script
application/javascript 23.42.117.131
AKAMAI-AS

General

Check archive.org

Download Go to

Full URL: https://js.fout.jp/segmentation.js
Requested by: Host: www.refa.net
URL: https://www.refa.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.42.117.131 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-42-117-131.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 28fbbe396672899343f5a40b8d32c33d863bb7d266cd3cca08291790677e9f52

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

Cache-Control: max-age=801
Content-Encoding: gzip
ETag: "66c69d60-3240"
Connection: keep-alive
Expires: Fri, 25 Apr 2025 09:34:07 GMT
Accept-Ranges: bytes
P3P: CP="ADM NOI OUR"
Content-Length: 2878
Date: Fri, 25 Apr 2025 09:20:46 GMT
Content-Type: application/javascript
Last-Modified: Thu, 22 Aug 2024 02:07:28 GMT
Server: nginx
Vary: Accept-Encoding

GET
H2 200 pixel.js Show response
cd.ladsp.com/script/ 1 KB
2 KB 90ms
4ms Script
text/javascript 18.172.30.90
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://cd.ladsp.com/script/pixel.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNK3637
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.30.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-30-90.nrt20.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ef71352e0a4b4b55774686c8bb9ad5783b33460c6dae197532b954f008379390

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

cache-control: public, max-age=864000, immutable
etag: "ce6d701190191d9e53a73c451743d171"
age: 1016427
via: 1.1 69dddb16195636c0d79d55ed3431cbb4.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 1480
x-amz-cf-id: Gcbt0VBj30x0qqEmSm7XiXUgVi91ZharDt0r2k7YjNVfCRET5_hmHQ==
date: Sun, 13 Apr 2025 15:00:20 GMT
content-type: text/javascript
last-modified: Wed, 08 Jan 2020 07:33:56 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-P1

GET
H3 200 conversion.js Show response
www.googleadservices.com/pagead/ 62 KB
22 KB 97ms
50ms Script
text/javascript 142.251.222.2
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNK3637

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.222.2 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f2.1e100.net

Software

cafe /

Resource Hash

40f10ff64da9f0c2ef03317b611eee8fa8f181f7494cc4d0770fa476a8dd952d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

content-encoding: br
etag: 6541549823418896178
x-content-type-options: nosniff
expires: Fri, 25 Apr 2025 09:20:46 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Fri, 25 Apr 2025 09:20:46 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 22864
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK blade_track_jp.js Show response
d-cache.microad.jp/js/ 0
553 B 232ms
13ms Script
application/javascript 138.113.138.164
ML-1432-54994

General

Check archive.org

Download Go to

Full URL: https://d-cache.microad.jp/js/blade_track_jp.js
Requested by: Host: www.refa.net
URL: https://www.refa.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 138.113.138.164 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

X-Px: ht PSrbdbOSA2fy102KIX
Cache-Control: max-age=604800
x-ws-request-id: 680b53ee_PSrbdbOSA2fy102_21361-30387
ETag: "0"
Connection: keep-alive
Via: 1.1 PSrbdbOSA2sj134:14 (W), 1.1 PSrbdbOSA2fy102:17 (W)
Expires: Thu, 15 May 2025 22:05:56 GMT
Accept-Ranges: bytes
Content-Length: 0
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
Date: Fri, 25 Apr 2025 09:20:46 GMT
Content-Type: application/javascript
Last-Modified: Wed, 23 Jun 2021 05:11:22 GMT
Server: PWS/8.3.1.0.8

GET
H2 200 s_retargeting.js Show response
b92.yahoo.co.jp/js/ 7 KB
7 KB 55ms
11ms Script
application/javascript 124.83.184.124
YAHOO-JP-AS-AP Ya...

General

Check archive.org

Download Go to

Full URL

https://b92.yahoo.co.jp/js/s_retargeting.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNK3637

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

124.83.184.124 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),

Reverse DNS

Software

DragonStorage /

Resource Hash

76f7ed1e950345347015644836dd7a02a7fbe5f31c6034c60b75f2d980bf965c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

etag: "ac76555ae1769b02dcd1baf78b45d21b"
age: 529
x-content-type-options: nosniff
date: Fri, 25 Apr 2025 09:11:57 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 15 Feb 2024 01:51:14 GMT
x-frame-options: SAMEORIGIN
cache-control: public, max-age=600
accept-ch: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
cross-origin-resource-policy: cross-origin
x-amz-request-id: d4dbb00c-8af4-4502-a684-b2f89fdb13c3
permissions-policy: unload=(), ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
accept-ranges: bytes
content-length: 7245
x-xss-protection: 1;mode=block
server: DragonStorage

GET
H2 200 cmt.js Show response
taj1.ebis.ne.jp/yFcxPY5G/ 0
392 B 21ms
10ms Script
application/javascript 2600:9000:2828:4200:1e:513c:d3c0:93a1
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://taj1.ebis.ne.jp/yFcxPY5G/cmt.js
Requested by: Host: www.refa.net
URL: https://www.refa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2828:4200:1e:513c:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

cache-control: immutable, max-age=600, s-maxage=60, public
etag: "0-62e88ce30d280"
cross-origin-resource-policy: cross-origin
via: 1.1 41950f1d65f7beabe1024f6157d1a838.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: RefreshHit from cloudfront
content-length: 0
x-amz-cf-id: 2QOngIS9dNxxSJLeAOmwWs4Pnx30zof79ZVD22c57Xz2q2hnQN-vDw==
date: Fri, 25 Apr 2025 09:20:46 GMT
content-type: application/javascript
last-modified: Thu, 20 Feb 2025 01:29:30 GMT
server: Apache
x-amz-cf-pop: NRT57-P5
vary: Accept-Encoding

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 271 KB
68 KB 11ms
5ms Script
application/x-javascript 157.240.31.5
FACEBOOK

General

Check archive.org

Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.31.5 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-nrt1.fbcdn.net

Software

Resource Hash

c9826309b452d120fd6d1cfc0cf457b923024f39d7098265a4c5e1e27d6a96e7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' blob: ;script-src data: 'nonce-pd66J5aQ' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: 'self' https://.google-analytics.com .google.com;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: .cdninstagram.com https://.google-analytics.com;font-src 'self' data: blob: ;img-src 'self' data: blob: https://.google-analytics.com;media-src 'self' data: blob: ;child-src 'self' data: blob: ;frame-src 'self' data: blob: ;manifest-src 'self' data: blob: ;object-src 'self' data: blob: ;worker-src 'self' data: blob: *;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 25 Apr 2025 09:20:46 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' blob: *;script-src data: 'nonce-pd66J5aQ' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: 'self' https://*.google-analytics.com *.google.com;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com https://*.google-analytics.com;font-src 'self' data: blob: *;img-src 'self' data: blob: * https://*.google-analytics.com;media-src 'self' data: blob: *;child-src 'self' data: blob: *;frame-src 'self' data: blob: *;manifest-src 'self' data: blob: *;object-src 'self' data: blob: *;worker-src 'self' data: blob: *;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=23, mss=1232, tbw=4783, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: WyqkrBuAFvjJPIwuoHJZZ49oBaoAYUkrlKw/ZZC9+iqPDIn8PVzboi8KsP8at+FaTp5OjxwkUUMoMghadx82Ug==
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: default-src 'self' blob: *;script-src 'nonce-pd66J5aQ' 'report-sample' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: 'self' data: https://*.google-analytics.com *.google.com;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com https://*.google-analytics.com;font-src 'self' data: blob: *;img-src 'self' data: blob: * https://*.google-analytics.com;media-src 'self' data: blob: *;child-src 'self' data: blob: *;frame-src 'self' data: blob: *;manifest-src 'self' data: blob: *;object-src 'self' data: blob: *;worker-src 'self' data: blob: *;report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 69961
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 57 KB
16 KB 114ms
3ms Script
application/javascript 199.232.148.157
FASTLY

General

Check archive.org

Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.refa.net
URL: https://www.refa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.148.157 Amsterdam, Netherlands, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ac89958fd75e99eba92cdb3f927cce205bd05c2c6ffe643c4bf52ca6558d61b3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

vary: Accept-Encoding,Host
cache-control: no-cache
content-encoding: gzip
etag: "d980aaf9efaa780ff3fdc50fad42ffbd+gzip+gzip"
accept-ranges: bytes
x-cache: HIT, HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length: 15921
date: Fri, 25 Apr 2025 09:20:46 GMT
x-tw-cdn: FT
last-modified: Mon, 21 Apr 2025 18:01:05 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-iad-kjyo7100089-IAD, cache-nrt-rjtt7900025-NRT
x-amz-server-side-encryption: AES256

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 280 KB
100 KB 74ms
73ms Script
application/javascript 2404:6800:4004:821::2008
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-774022946

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNK3637

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9716b0b098b4f761d80f366829851c4ec50729f25d4a85c336cd715ddaf278e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

content-encoding: br
report-to: {"group":"ascgcycc:1068:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1068:0"}],}
expires: Fri, 25 Apr 2025 09:20:46 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 25 Apr 2025 09:20:46 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 25 Apr 2025 09:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1068:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1068:0
content-length: 102695
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 conversion.js Show response
s.yimg.jp/images/listing/tool/cv/ 6 KB
2 KB 10ms
10ms Script
application/javascript 124.83.184.124
YAHOO-JP-AS-AP Ya...

General

Check archive.org

Download Go to

Full URL: https://s.yimg.jp/images/listing/tool/cv/conversion.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNK3637
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 124.83.184.124 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),
Reverse DNS
Software: /
Resource Hash: 9e3a9103c80346b1b39bea3de46f44a462b3f594fa45e7206252bc41d7e3e855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

cache-control: public, max-age=600
content-encoding: gzip
accept-ch: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
age: 274
ats-carp-promotion: 1
permissions-policy: ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
content-length: 2140
date: Fri, 25 Apr 2025 09:16:12 GMT
last-modified: Tue, 25 Jan 2022 16:25:04 GMT
content-type: application/javascript
vary: Accept-Encoding
x-ntap-sg-trace-id: 8bc2db189562ded4

GET
H2 200 lt.js Show response
d.line-scdn.net/n/line_tag/public/release/v1/ 32 KB
10 KB 61ms
9ms Script
application/javascript 23.192.193.157
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to

Full URL

https://d.line-scdn.net/n/line_tag/public/release/v1/lt.js

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.192.193.157 Tokyo, Japan, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

a23-192-193-157.deploy.static.akamaitechnologies.com

Software

VOS /

Resource Hash

589dc9e3526bc771a26cd4f2f0e33785d14e061b9ecce3535065d9cd5c43e0af

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

content-encoding: gzip
x-amz-version-id: DDDdZAClWUeAh-dY1m-8pU.uZtP5Isp
etag: "deb60f5d7ffaa8b1111afb925dd163de"
expires: Fri, 02 May 2025 01:37:21 GMT
x-rgw-object-type: Normal
date: Fri, 25 Apr 2025 09:20:46 GMT
content-type: application/javascript
last-modified: Wed, 02 Apr 2025 01:34:14 GMT
x-amz-expiration: expiry-date="Mon, 02 Jun 2025 00:00:00 GMT", rule-id="bucket_lifecycle"
vary: Accept-Encoding
strict-transport-security: max-age=15768000
cache-control: max-age=576995
x-amz-request-id: tx0000001f041e3012a7841-0067ec94f4-18549c78-jp2
accept-ranges: bytes
content-length: 9897
server: VOS

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 280 KB
100 KB 86ms
85ms Script
application/javascript 2404:6800:4004:821::2008
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-774025335

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNK3637

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dd395b69fadfc900533d5b4f4a5687f137da30b224b41b926d834f226469bd1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

content-encoding: br
report-to: {"group":"ascgcycc:1068:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1068:0"}],}
expires: Fri, 25 Apr 2025 09:20:46 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 25 Apr 2025 09:20:46 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 25 Apr 2025 09:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1068:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1068:0
content-length: 102711
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 312 KB
109 KB 86ms
85ms Script
application/javascript 2404:6800:4004:821::2008
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-774046165

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNK3637

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

50d9d64a854b997824aeea5bd46b47a63b9136cde479e3cb977284ccbd7e27aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

content-encoding: br
report-to: {"group":"ascgcycc:1068:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1068:0"}],}
expires: Fri, 25 Apr 2025 09:20:46 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 25 Apr 2025 09:20:46 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 25 Apr 2025 09:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1068:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1068:0
content-length: 111342
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 pixel2.js Show response
cd.ladsp.com/script/ 7 KB
3 KB 32ms
4ms Script
text/javascript 18.172.30.90
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://cd.ladsp.com/script/pixel2.js
Requested by: Host: www.refa.net
URL: https://www.refa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.30.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-30-90.nrt20.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2caf72ed04f9de90d7ecb5fa23f95de7a1f977b19dfbb4bbe6e92765fe581b3e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

cache-control: public, max-age=864000, immutable
content-encoding: gzip
etag: "1865a48add09346bb849f814b9bb46e6"
age: 1316974
via: 1.1 69dddb16195636c0d79d55ed3431cbb4.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 2638
x-amz-cf-id: StES1GulTmvyJYyzRxCiNM0VnruVZe0Q767DGui9tXBfwSLlYBWOGg==
date: Thu, 10 Apr 2025 03:31:13 GMT
content-type: text/javascript
last-modified: Thu, 05 Dec 2024 02:03:50 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-P1
x-amz-server-side-encryption: AES256

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/mtg/refa-net/prod/ 25 KB
9 KB 110ms
4ms Script
application/javascript 2600:9000:26ef:2a00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://tags.tiqcdn.com/utag/mtg/refa-net/prod/utag.js
Requested by: Host: www.refa.net
URL: https://www.refa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26ef:2a00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca85d4a417a32bf646e74f6ddfd068a95dfafb72ade0b4200ce718f963f318dc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

vary: accept-encoding
cache-control: max-age=300
content-encoding: br
etag: W/"2da323be064abb2d32f849afa0b3d22d"
x-amz-version-id: LrdUEohat9mYKLmhyc1xdIJr6yAxuJT9
age: 287
via: 1.1 5f1822aafd04742a6e2a74df1017e234.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: msxCN-iG9ZGxvQAV4QJ0cVofIGq00DgS9qk_jhy1imwKDuZNM58amQ==
date: Fri, 25 Apr 2025 09:16:00 GMT
content-type: application/javascript
last-modified: Wed, 02 Apr 2025 09:05:45 GMT
server: AmazonS3
x-amz-cf-pop: NRT12-P4
x-amz-server-side-encryption: AES256

GET
H2 200 sw_iframe.html Show response
www.googletagmanager.com/static/service_worker/54l0/ Frame F792 3 KB
2 KB 43ms
2ms Document
text/html 2404:6800:4004:821::2008
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/54l0/sw_iframe.html?origin=https%3A%2F%2Fwww.refa.net

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNK3637

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d36b373b44b77f016e4b7df913ba2da2a8025456f016bc794861f210c0e3ada3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 66228
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1482
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Thu, 24 Apr 2025 14:56:58 GMT
expires: Fri, 24 Apr 2026 14:56:58 GMT
last-modified: Mon, 21 Apr 2025 09:28:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 4696 16 KB
6 KB 14ms
2ms Document
text/html 2406:2600:4::b
CRITEO-AS-AP Crit...

General

Check archive.org

Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=www.refa.net&origin=onetag

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

95a6465b4150259acc5301f8bb35c3d4b453db3eb366ee8d8571c7f52fb2f9b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.refa.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 25 Apr 2025 09:20:46 GMT
server: Kestrel
server-processing-duration-in-ticks: 319651
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H/1.1 200
OK cnt
cnt.fout.jp/15861/ 43 B
634 B 659ms
221ms Image
image/gif 202.232.238.39
IIJ Internet Init...

General

Check archive.org

Download Go to Show image

Full URL: https://cnt.fout.jp/15861/cnt?id=15861&url=https%3A%2F%2Fwww.refa.net%2F&rurl=&siteid=&segid=&price=&dat=&params=&encoding=&bc=1&eids=&cachebuster=4509729164866
Requested by: Host: www.refa.net
URL: https://www.refa.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 202.232.238.39 Nishikichō, Japan, ASN2497 (IIJ Internet Initiative Japan Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 6135fe16d7578e65be79a3e5d6ba252095648c1b871808f69b1482f6ff7f6839

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

Transfer-Encoding: chunked
Cache-Control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Content-Encoding: gzip
Pragma: no-cache
Connection: keep-alive
P3P: CP="ADM NOI OUR"
Date: Fri, 25 Apr 2025 09:20:47 GMT
Content-Type: image/gif
Server: nginx

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
450 B 44ms
42ms XHR
text/plain 2404:6800:4004:828::200e
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=959188727&t=pageview&_s=1&dl=https%3A%2F%2Fwww.refa.net%2F&ul=ja-jp&de=UTF-8&dt=ReFa%20%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88%20%7C%20%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94%E7%BE%8E%E5%AE%B9%E3%83%BB%E7%BE%8E%E5%AE%B9%E3%83%89%E3%83%AA%E3%83%B3%E3%82%AF%E3%83%BB%E7%82%AD%E9%85%B8%E7%BE%8E%E5%AE%B9%E3%83%BB%E3%82%B9%E3%82%AD%E3%83%B3%E3%82%B1%E3%82%A2%E3%83%BB%E3%82%B3%E3%83%A9%E3%83%BC%E3%82%B2%E3%83%B3%E3%83%BB%E3%83%98%E3%83%83%E3%83%89%E3%82%B9%E3%83%91%E3%83%BB%E3%83%89%E3%83%A9%E3%82%A4%E3%83%A4%E3%83%BC&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=1468204780&gjid=1760382988&cid=1419763608.1745572847&tid=UA-66487979-1&_gid=370160333.1745572847&_r=1&_slc=1&gtm=45He54n0n81WNK3637v77419047za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103130498~103130500~103200001&z=1670929189

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:828::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.refa.net/

Response headers

report-to: {"group":"ascnsrsgac:175:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 25 Apr 2025 09:20:46 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://www.refa.net
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsgac:175:0
content-length: 3
server: Golfe2

GET
H2

200

sid Show response
mug.criteo.com/ Frame 4696
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=refa.net&sn=ChromeSyncframe&so=undefined&topUrl=www.refa.net&topicsavail=1&fledgeavail=1
https://mug.criteo.com/sid?cpp=zvTM3XxoUUV5NkkzdXhObjFSY3N4VEZ5R0RsMUdLRVFmYTFhNEt6elhuTHh2THJQbXZmWnErSGJsWERBZVZDck9KNW9NYlZUTTZlTksyL3VxOWluUzd0USs4QWJRbHkzcXQ1dG9CS3BqdFRQY1VzYXE5NEpSZ2RCcWhaeG...

441 B
1001 B

64ms
5ms

Fetch
application/json

182.161.74.11
CRITEO-AS-AP Crit...

General

Check archive.org

Download Go to

Full URL

https://mug.criteo.com/sid?cpp=zvTM3XxoUUV5NkkzdXhObjFSY3N4VEZ5R0RsMUdLRVFmYTFhNEt6elhuTHh2THJQbXZmWnErSGJsWERBZVZDck9KNW9NYlZUTTZlTksyL3VxOWluUzd0USs4QWJRbHkzcXQ1dG9CS3BqdFRQY1VzYXE5NEpSZ2RCcWhaeGdRc2oyZE1zZ2FWc0trNHR2bmhZTDVsdnRHWDZ1bjR0TXpQVTVmZUxCUmM4TzN2eUxFK012NTkrK0VCSENtRFkyT3N3STFhUnY1VjZSYU80WVA2bTFUN3JMSVQwSGN1Ynp5bDFRd200dmd3MEx5MUxWNmtLdTA5WVJWblVxQVVZM2hjVzlOQ2R4RHY2bXR6NVl3K2hIRmltMTdJbXAvd0JZNUZxTm80RjU2bGhURlJjcVBEND18&cppv=2

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Server

182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

0f4d4af20dac5960594ba1a1739a87c175961bef8ea1de59f2a4acd4f706db66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://gum.criteo.com/

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 898325
expires: 0
access-control-allow-origin: https://gum.criteo.com
date: Fri, 25 Apr 2025 09:20:46 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
server: Kestrel

Redirect headers

strict-transport-security: max-age=31536000; preload;
cache-control: no-cache, no-store, must-revalidate
location: https://mug.criteo.com/sid?cpp=zvTM3XxoUUV5NkkzdXhObjFSY3N4VEZ5R0RsMUdLRVFmYTFhNEt6elhuTHh2THJQbXZmWnErSGJsWERBZVZDck9KNW9NYlZUTTZlTksyL3VxOWluUzd0USs4QWJRbHkzcXQ1dG9CS3BqdFRQY1VzYXE5NEpSZ2RCcWhaeGdRc2oyZE1zZ2FWc0trNHR2bmhZTDVsdnRHWDZ1bjR0TXpQVTVmZUxCUmM4TzN2eUxFK012NTkrK0VCSENtRFkyT3N3STFhUnY1VjZSYU80WVA2bTFUN3JMSVQwSGN1Ynp5bDFRd200dmd3MEx5MUxWNmtLdTA5WVJWblVxQVVZM2hjVzlOQ2R4RHY2bXR6NVl3K2hIRmltMTdJbXAvd0JZNUZxTm80RjU2bGhURlJjcVBEND18&cppv=2
pragma: no-cache
server-processing-duration-in-ticks: 287315
expires: 0
content-length: 0
date: Fri, 25 Apr 2025 09:20:46 GMT
server: Kestrel

GET
H2

200

pixel Show response
px.ladsp.com/
Redirect Chain

https://px.ladsp.com/pixel?advertiser_id=00010701&su=2&site_url=https%3A%2F%2Fwww.refa.net%2F&sua=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwibW9kZWwiOiIiLCJtb2JpbGUiOmZhbHNlLCJwbGF0Zm9ybSI6IiIsInB...
https://px.ladsp.com/pixel?cr=true&advertiser_id=00010701&su=2&site_url=https%3A%2F%2Fwww.refa.net%2F&sua=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwibW9kZWwiOiIiLCJtb2JpbGUiOmZhbHNlLCJwbGF0Zm9ybSI...

747 B
880 B

4ms
3ms

Script
text/javascript

18.177.234.21
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://px.ladsp.com/pixel?cr=true&advertiser_id=00010701&su=2&site_url=https%3A%2F%2Fwww.refa.net%2F&sua=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwibW9kZWwiOiIiLCJtb2JpbGUiOmZhbHNlLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsImZ1bGxWZXJzaW9uTGlzdCI6W119
Requested by: Host: www.refa.net
URL: https://www.refa.net/
Protocol: H2
Server: 18.177.234.21 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-177-234-21.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: 96f76836380e6440d26a053b37d4a59de43d22c75c5924550eab6e7b45f45da7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

expires: -1
cache-control: private, no-store, no-cache, must-revalidate
content-encoding: gzip
date: Fri, 25 Apr 2025 09:20:46 GMT
pragma: no-cache
content-type: text/javascript;charset=utf-8
vary: accept-encoding

Redirect headers

expires: -1
cache-control: private, no-store, no-cache, must-revalidate
location: https://px.ladsp.com/pixel?cr=true&advertiser_id=00010701&su=2&site_url=https%3A%2F%2Fwww.refa.net%2F&sua=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwibW9kZWwiOiIiLCJtb2JpbGUiOmZhbHNlLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsImZ1bGxWZXJzaW9uTGlzdCI6W119
content-length: 0
date: Fri, 25 Apr 2025 09:20:46 GMT
pragma: no-cache

GET
H3 200 2088394124800450 Show response
connect.facebook.net/signals/config/ 67 KB
14 KB 3ms
3ms Script
application/x-javascript 157.240.31.5
FACEBOOK

General

Check archive.org

Download Go to

Full URL

https://connect.facebook.net/signals/config/2088394124800450?v=2.9.199&r=stable&domain=www.refa.net&hme=53363064397d256bdf8f213dd9a9e18c291fc2ed691e4233e4a9e488f248f817&ex_m=73%2C128%2C113%2C117%2C64%2C5%2C106%2C72%2C18%2C100%2C92%2C53%2C57%2C182%2C203%2C210%2C206%2C207%2C209%2C31%2C107%2C55%2C80%2C208%2C177%2C180%2C204%2C205%2C190%2C139%2C43%2C195%2C192%2C193%2C36%2C152%2C17%2C52%2C199%2C198%2C141%2C20%2C42%2C1%2C45%2C68%2C69%2C70%2C74%2C96%2C19%2C16%2C99%2C95%2C94%2C114%2C54%2C116%2C41%2C115%2C32%2C97%2C28%2C178%2C181%2C149%2C13%2C14%2C15%2C7%2C8%2C27%2C24%2C25%2C60%2C65%2C67%2C78%2C56%2C105%2C108%2C29%2C79%2C11%2C9%2C83%2C50%2C23%2C110%2C109%2C111%2C102%2C12%2C22%2C3%2C40%2C77%2C21%2C161%2C89%2C135%2C49%2C48%2C101%2C76%2C0%2C98%2C59%2C87%2C35%2C30%2C85%2C86%2C91%2C39%2C6%2C93%2C84%2C46%2C34%2C37%2C90%2C4%2C88%2C248%2C175%2C126%2C164%2C157%2C2%2C38%2C66%2C44%2C112%2C47%2C82%2C71%2C118%2C63%2C62%2C33%2C103%2C61%2C58%2C51%2C81%2C75%2C26%2C104%2C10%2C119

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.31.5 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-nrt1.fbcdn.net

Software

Resource Hash

cfe7849253d80d10ecae686ee790fda42ccc1a826a9e5bbe9bb35c74fa03a5c3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' blob: ;script-src data: 'nonce-B5fFA2cZ' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: 'self' https://.google-analytics.com .google.com;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: .cdninstagram.com https://.google-analytics.com;font-src 'self' data: blob: ;img-src 'self' data: blob: https://.google-analytics.com;media-src 'self' data: blob: ;child-src 'self' data: blob: ;frame-src 'self' data: blob: ;manifest-src 'self' data: blob: ;object-src 'self' data: blob: ;worker-src 'self' data: blob: *;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 25 Apr 2025 09:20:46 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' blob: *;script-src data: 'nonce-B5fFA2cZ' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: 'self' https://*.google-analytics.com *.google.com;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com https://*.google-analytics.com;font-src 'self' data: blob: *;img-src 'self' data: blob: * https://*.google-analytics.com;media-src 'self' data: blob: *;child-src 'self' data: blob: *;frame-src 'self' data: blob: *;manifest-src 'self' data: blob: *;object-src 'self' data: blob: *;worker-src 'self' data: blob: *;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=84, mss=1232, tbw=79535, tp=73, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: 4FHv0Mqz2JBiObBvs7+W3PVICiZAU+75v6eEiY9XWAo9D58eh/Qs7TFyatC3I0ewwL5iP1sKSSkeSMFHCRVmKg==
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: default-src 'self' blob: *;script-src 'nonce-B5fFA2cZ' 'report-sample' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: 'self' data: https://*.google-analytics.com *.google.com;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com https://*.google-analytics.com;font-src 'self' data: blob: *;img-src 'self' data: blob: * https://*.google-analytics.com;media-src 'self' data: blob: *;child-src 'self' data: blob: *;frame-src 'self' data: blob: *;manifest-src 'self' data: blob: *;object-src 'self' data: blob: *;worker-src 'self' data: blob: *;report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 13818
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/953126323/ 5 KB
2 KB 97ms
51ms Script
text/javascript 142.250.207.2
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/953126323/?random=1745572846650&cv=9&fst=1745572846650&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926%2C512247839%2C658953495&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=540&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&data=ecomm_prodid%3DREPLACE_WITH_VALUE%3Becomm_pagetype%3DREPLACE_WITH_VALUE%3Becomm_totalvalue%3DREPLACE_WITH_VALUE&frm=0&url=https%3A%2F%2Fwww.refa.net%2F&tiba=ReFa%20%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88%20%7C%20%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.207.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s54-in-f2.1e100.net

Software

cafe /

Resource Hash

b52576e755de4b2d313277295d1151cb82093e51cdb0c3a80845f99ec898e1cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2008
date: Fri, 25 Apr 2025 09:20:46 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H/1.1 200
OK tag.gif
tr.line.me/ 43 B
425 B 59ms
9ms Image
image/gif 147.92.191.92
LINE LINE Corpora...

General

Check archive.org

Download Go to Show image

Full URL: https://tr.line.me/tag.gif?b_id=a34a74ce-6468-4a21-9645-b1486f43d74a&b_u=https%3A%2F%2Fwww.refa.net%2F&b_d=www.refa.net&b_p=%2F&b_t=ReFa%20%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88%20%7C%20%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94%E7%BE%8E%E5%AE%B9%E3%83%BB%E7%BE%8E%E5%AE%B9%E3%83%89%E3%83%AA%E3%83%B3%E3%82%AF%E3%83%BB%E7%82%AD%E9%85%B8%E7%BE%8E%E5%AE%B9%E3%83%BB%E3%82%B9%E3%82%AD%E3%83%B3%E3%82%B1%E3%82%A2%E3%83%BB%E3%82%B3%E3%83%A9%E3%83%BC%E3%82%B2%E3%83%B3%E3%83%BB%E3%83%98%E3%83%83%E3%83%89%E3%82%B9%E3%83%91%E3%83%BB%E3%83%89%E3%83%A9%E3%82%A4%E3%83%A4%E3%83%BC&c_t=lap&t_id=a7e2460d-a29a-45c7-8599-3f8bc7761730&s_id=ba227365-ca989118&x4=100&e=pv&v=3.5.0&_t=1745572846658
Requested by: Host: www.refa.net
URL: https://www.refa.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 147.92.191.92 , Japan, ASN38631 (LINE LINE Corporation, JP),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

Cache-Control: private, no-store, no-cache, must-revalidate
Content-Length: 43
Date: Fri, 25 Apr 2025 09:20:46 GMT
Content-Type: image/gif
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive

GET
H2 200 /
am.yahoo.co.jp/rt/ 0
0 36ms
17ms Fetch
text/javascript 202.239.3.249
YAHOO Yahoo Japan...

General

Check archive.org

Download Go to

Full URL

https://am.yahoo.co.jp/rt/?p=UHWDCG97KB&label=&ref=https%3A%2F%2Fwww.refa.net%2F&rref=&pt=&item=&cat=&price=&quantity=&r=1745572847.1249998&pvid=1969hnll5p9m9wl04la&su=18001034-f125-4ec5-aa0e-5cd89648fc26&_impl=prev

Requested by

Host: b92.yahoo.co.jp
URL: https://b92.yahoo.co.jp/js/s_retargeting.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

202.239.3.249 , Japan, ASN23816 (YAHOO Yahoo Japan Corporation, JP),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

access-control-expose-headers: X-Z-Burls
observe-browsing-topics: ?1
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 25 Apr 2025 09:20:46 GMT
content-type: text/javascript; charset=utf-8
vary: Origin
x-frame-options: SAMEORIGIN
cache-control: no-store, no-cache, max-age=0, must-revalidate, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
permissions-policy: ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*, unload=()
access-control-allow-origin: https://www.refa.net
content-length: 0
x-xss-protection: 1; mode=block

GET
H3 200 /
www.facebook.com/privacy_sandbox/topics/registration/ 67 B
0 155ms
145ms Fetch
image/png 157.240.31.35
FACEBOOK

General

Check archive.org

Download Go to

Full URL

https://www.facebook.com/privacy_sandbox/topics/registration/?id=2088394124800450

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/signals/config/2088394124800450?v=2.9.199&r=stable&domain=www.refa.net&hme=53363064397d256bdf8f213dd9a9e18c291fc2ed691e4233e4a9e488f248f817&ex_m=73%2C128%2C113%2C117%2C64%2C5%2C106%2C72%2C18%2C100%2C92%2C53%2C57%2C182%2C203%2C210%2C206%2C207%2C209%2C31%2C107%2C55%2C80%2C208%2C177%2C180%2C204%2C205%2C190%2C139%2C43%2C195%2C192%2C193%2C36%2C152%2C17%2C52%2C199%2C198%2C141%2C20%2C42%2C1%2C45%2C68%2C69%2C70%2C74%2C96%2C19%2C16%2C99%2C95%2C94%2C114%2C54%2C116%2C41%2C115%2C32%2C97%2C28%2C178%2C181%2C149%2C13%2C14%2C15%2C7%2C8%2C27%2C24%2C25%2C60%2C65%2C67%2C78%2C56%2C105%2C108%2C29%2C79%2C11%2C9%2C83%2C50%2C23%2C110%2C109%2C111%2C102%2C12%2C22%2C3%2C40%2C77%2C21%2C161%2C89%2C135%2C49%2C48%2C101%2C76%2C0%2C98%2C59%2C87%2C35%2C30%2C85%2C86%2C91%2C39%2C6%2C93%2C84%2C46%2C34%2C37%2C90%2C4%2C88%2C248%2C175%2C126%2C164%2C157%2C2%2C38%2C66%2C44%2C112%2C47%2C82%2C71%2C118%2C63%2C62%2C33%2C103%2C61%2C58%2C51%2C81%2C75%2C26%2C104%2C10%2C119

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.31.35 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-nrt1.facebook.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'nonce-iHtcOF3O' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;child-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net accounts.meta.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;manifest-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;object-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

access-control-expose-headers: X-FB-Debug, X-Loader-Length, X-Stack, Error-MID
content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7497178286798859991&cpp=C3&cv=1022232475&st=1745572846785"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
observe-browsing-topics: ?1
expires: Sat, 01 Jan 2000 00:00:00 GMT
access-control-allow-methods: OPTIONS
alt-svc: h3=":443"; ma=86400
date: Fri, 25 Apr 2025 09:20:46 GMT
content-type: image/png
vary: Origin, Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=1,i
x-fb-debug: sm4NY6tVuRNSV0moIPgYO9kRZT9iNE1J1C/YEGhU/BYfa0e4a7pc9SQ+odGmuugn9nSiGWDhtqjv0Phvc2RIbg==
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7497178286798859991&cpp=C3&cv=1022232475&st=1745572846785", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'nonce-iHtcOF3O' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;child-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net accounts.meta.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;manifest-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;object-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: UNKNOWN; q=-1, rtt=-1, rtx=0, c=23, mss=1232, tbw=4782, tp=9, tpl=0, uplat=143, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: same-origin
access-control-allow-credentials: true
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
access-control-allow-origin: *
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 980253745499760 Show response
connect.facebook.net/signals/config/ 27 KB
3 KB 7ms
5ms Script
application/x-javascript 157.240.31.5
FACEBOOK

General

Check archive.org

Download Go to

Full URL

https://connect.facebook.net/signals/config/980253745499760?v=2.9.199&r=stable&domain=www.refa.net&hme=53363064397d256bdf8f213dd9a9e18c291fc2ed691e4233e4a9e488f248f817&ex_m=73%2C128%2C113%2C117%2C64%2C5%2C106%2C72%2C18%2C100%2C92%2C53%2C57%2C182%2C203%2C210%2C206%2C207%2C209%2C31%2C107%2C55%2C80%2C208%2C177%2C180%2C204%2C205%2C190%2C139%2C43%2C195%2C192%2C193%2C36%2C152%2C17%2C52%2C199%2C198%2C141%2C20%2C42%2C1%2C45%2C68%2C69%2C70%2C74%2C96%2C19%2C16%2C99%2C95%2C94%2C114%2C54%2C116%2C41%2C115%2C32%2C97%2C28%2C178%2C181%2C149%2C13%2C14%2C15%2C7%2C8%2C27%2C24%2C25%2C60%2C65%2C67%2C78%2C56%2C105%2C108%2C29%2C79%2C11%2C9%2C83%2C50%2C23%2C110%2C109%2C111%2C102%2C12%2C22%2C3%2C40%2C77%2C21%2C161%2C89%2C135%2C49%2C48%2C101%2C76%2C0%2C98%2C59%2C87%2C35%2C30%2C85%2C86%2C91%2C39%2C6%2C93%2C84%2C46%2C34%2C37%2C90%2C4%2C88%2C248%2C175%2C126%2C164%2C157%2C2%2C38%2C66%2C44%2C112%2C47%2C82%2C71%2C118%2C63%2C62%2C33%2C103%2C61%2C58%2C51%2C81%2C75%2C26%2C104%2C10%2C119%2C213%2C212%2C214%2C219%2C220%2C221%2C217%2C201%2C140%2C173%2C200%2C202%2C250%2C176%2C234%2C129%2C167%2C154%2C137%2C247%2C123%2C144%2C130%2C197%2C120%2C159%2C136

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.31.5 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-nrt1.fbcdn.net

Software

Resource Hash

d9a880dd8308875ac7208525acc75f7a58884df6921ad6b03bf05c7672741225

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' blob: ;script-src data: 'nonce-2rs4Zg6E' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: 'self' https://.google-analytics.com .google.com;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: .cdninstagram.com https://.google-analytics.com;font-src 'self' data: blob: ;img-src 'self' data: blob: https://.google-analytics.com;media-src 'self' data: blob: ;child-src 'self' data: blob: ;frame-src 'self' data: blob: ;manifest-src 'self' data: blob: ;object-src 'self' data: blob: ;worker-src 'self' data: blob: *;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 25 Apr 2025 09:20:46 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' blob: *;script-src data: 'nonce-2rs4Zg6E' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: 'self' https://*.google-analytics.com *.google.com;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com https://*.google-analytics.com;font-src 'self' data: blob: *;img-src 'self' data: blob: * https://*.google-analytics.com;media-src 'self' data: blob: *;child-src 'self' data: blob: *;frame-src 'self' data: blob: *;manifest-src 'self' data: blob: *;object-src 'self' data: blob: *;worker-src 'self' data: blob: *;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=97, mss=1232, tbw=95783, tp=90, tpl=0, uplat=2, ullat=-1
pragma: public
x-fb-debug: +yAANKgVSXUFJrZh7Ypg9EQdsoQl+7ELWB0iXTXeZ+dHAbx49HjLBGlvXVPLyrvXVp9KYGehUgY+P/oIYgG0IQ==
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: default-src 'self' blob: *;script-src 'nonce-2rs4Zg6E' 'report-sample' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: 'self' data: https://*.google-analytics.com *.google.com;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com https://*.google-analytics.com;font-src 'self' data: blob: *;img-src 'self' data: blob: * https://*.google-analytics.com;media-src 'self' data: blob: *;child-src 'self' data: blob: *;frame-src 'self' data: blob: *;manifest-src 'self' data: blob: *;object-src 'self' data: blob: *;worker-src 'self' data: blob: *;report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 3354
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 13ms
4ms Image
text/plain 157.240.31.35
FACEBOOK

General

Check archive.org

Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2088394124800450&ev=PageView&dl=https%3A%2F%2Fwww.refa.net%2F&rl=&if=false&ts=1745572846700&sw=1600&sh=1200&v=2.9.199&r=stable&ec=0&o=4126&fbp=fb.1.1745572846697.921218279429259436&ler=empty&cdl=API_unavailable&it=1745572846647&coo=false&exp=k0&rqm=GET

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.31.35 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-nrt1.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=23, mss=1232, tbw=4830, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Fri, 25 Apr 2025 09:20:46 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
195 B 181ms
174ms Image
image/png 157.240.31.35
FACEBOOK

General

Check archive.org

Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2088394124800450&ev=PageView&dl=https%3A%2F%2Fwww.refa.net%2F&rl=&if=false&ts=1745572846700&sw=1600&sh=1200&v=2.9.199&r=stable&ec=0&o=4126&fbp=fb.1.1745572846697.921218279429259436&ler=empty&cdl=API_unavailable&it=1745572846647&coo=false&exp=k0&rqm=FGET

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.31.35 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-nrt1.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'nonce-ofsMrVGN' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;child-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net accounts.meta.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;manifest-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;object-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7497178287126006768&cpp=C3&cv=1022232475&st=1745572846784"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 25 Apr 2025 09:20:46 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: J59sR/MEsVdrcevGs6c148mM6YoMf4+aqK8O9D7yd2z8E/rQoO7XZZk7iBCd1uQAyXxk52tSgw1KEmJilpp6yw==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7497178287126006768&cpp=C3&cv=1022232475&st=1745572846784", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'nonce-ofsMrVGN' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;child-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net accounts.meta.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;manifest-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;object-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=24, mss=1232, tbw=5525, tp=19, tpl=0, uplat=172, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 adsct
t.co/i/ 43 B
646 B 199ms
150ms Image
image/gif 162.159.140.229
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&dv=Asia%2FTokyo%26en-US%2Cen%26Google%20Inc.%26Linux%20x86_64%26255%261600%261200%2612%2624%261600%261200%260%26na&eci=2&event_id=de97b8fd-5f76-4f91-8da8-937de6f47329&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=23806491-b2ba-4e82-9618-1044688ea776&tw_document_href=https%3A%2F%2Fwww.refa.net%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1pfx&type=javascript&version=2.3.32

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.140.229 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare tsa_p /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

strict-transport-security: max-age=0
x-transaction-id: 0c32f542a93d0c1f
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 7da3889e080f6cbf9581ba621cbe48978d35e3b1279d83d220ff39b537a27a52
cf-cache-status: DYNAMIC
cf-ray: 935cc43448787965-NRT
x-response-time: 5
content-length: 43
date: Fri, 25 Apr 2025 09:20:46 GMT
content-type: image/gif;charset=utf-8
perf: 7402827104
server: cloudflare tsa_p

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
666 B 230ms
148ms Image
image/gif 172.66.0.227
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&dv=Asia%2FTokyo%26en-US%2Cen%26Google%20Inc.%26Linux%20x86_64%26255%261600%261200%2612%2624%261600%261200%260%26na&eci=2&event_id=de97b8fd-5f76-4f91-8da8-937de6f47329&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=23806491-b2ba-4e82-9618-1044688ea776&tw_document_href=https%3A%2F%2Fwww.refa.net%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1pfx&type=javascript&version=2.3.32

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.0.227 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare tsa_p /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

strict-transport-security: max-age=631138519
x-transaction-id: f2af54a6f2b22432
cache-control: no-cache, no-store, max-age=0
x-connection-hash: e490ad8861afa03f4f372ed025ca1a17efe1f9ed28a24e4cd2ca037a227b02e9
cf-cache-status: DYNAMIC
cf-ray: 935cc4347fffd77f-NRT
x-response-time: 5
content-length: 43
date: Fri, 25 Apr 2025 09:20:46 GMT
content-type: image/gif;charset=utf-8
perf: 7402827104
server: cloudflare tsa_p

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 281 KB
99 KB 87ms
86ms Script
application/javascript 142.251.42.200
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-10707063&l=dataLayer&cx=c&gtm=45je54n0v889117918za200zb77419047&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103130498~103130500~103200001

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3QN5BHV6QK&l=dataLayer&cx=c&gtm=45He54n0v77419047za200&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103130498~103130500~103200001

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.200 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

feed403f04d7db028b34eabf56c867808451f44bcb2cdb4443338148d9d34b41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

content-encoding: br
report-to: {"group":"ascgcysghrgc:42:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Fri, 25 Apr 2025 09:20:46 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 25 Apr 2025 09:20:46 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 25 Apr 2025 09:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcysghrgc:42:0
content-length: 101291
x-xss-protection: 0
server: Google Tag Manager

POST
H2 204 collect
analytics.google.com/g/ 0
0 94ms
43ms Fetch
text/plain 2001:4860:4802:38::181
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-3QN5BHV6QK&gtm=45je54n0v889117918z877419047za200zb77419047&_p=1745572846078&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103130498~103130500~103200001&ptag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103130498~103130500~103200001&cid=1419763608.1745572847&ul=ja-jp&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1745572846&sct=1&seg=0&dl=https%3A%2F%2Fwww.refa.net%2F&dt=ReFa%20%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88%20%7C%20%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94%E7%BE%8E%E5%AE%B9%E3%83%BB%E7%BE%8E%E5%AE%B9%E3%83%89%E3%83%AA%E3%83%B3%E3%82%AF%E3%83%BB%E7%82%AD%E9%85%B8%E7%BE%8E%E5%AE%B9%E3%83%BB%E3%82%B9%E3%82%AD%E3%83%B3%E3%82%B1%E3%82%A2%E3%83%BB%E3%82%B3%E3%83%A9%E3%83%BC%E3%82%B2%E3%83%B3%E3%83%BB%E3%83%98%E3%83%83%E3%83%89%E3%82%B9%E3%83%91%E3%83%BB%E3%83%89%E3%83%A9%E3%82%A4%E3%83%A4%E3%83%BC&en=page_view&_fv=1&_ss=1&tfd=1121
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3QN5BHV6QK&l=dataLayer&cx=c&gtm=45He54n0v77419047za200&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103130498~103130500~103200001
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:153:0
report-to: {"group":"ascnsrsggc:153:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:153:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.refa.net
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:153:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 25 Apr 2025 09:20:46 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
555 B 133ms
42ms Ping
text/plain 2404:6800:4008:c15::9c
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-3QN5BHV6QK&cid=1419763608.1745572847&gtm=45je54n0v889117918z877419047za200zb77419047&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103130498~103130500~103200001&ptag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103130498~103130500~103200001
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3QN5BHV6QK&l=dataLayer&cx=c&gtm=45He54n0v77419047za200&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103130498~103130500~103200001
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4008:c15::9c Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:122:0
report-to: {"group":"ascnsrsggc:122:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:122:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.refa.net
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:122:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 25 Apr 2025 09:20:46 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 ga-audiences
www.google.co.jp/ads/ 42 B
63 B 92ms
46ms Image
image/gif 172.217.31.163
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://www.google.co.jp/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-3QN5BHV6QK&cid=1419763608.1745572847&gtm=45je54n0v889117918z877419047za200zb77419047&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103130498~103130500~103200001&ptag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103130498~103130500~103200001&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103130498~103130500~103200001&ptag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103130498~103130500~103200001&z=71862866

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.31.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s22-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Fri, 25 Apr 2025 09:20:46 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/774022946/ 5 KB
2 KB 92ms
91ms Script
text/javascript 142.250.207.2
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/774022946/?random=1745572846799&cv=11&fst=1745572846799&bg=ffffff&guid=ON&async=1&gtm=45be54n0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.refa.net%2F&hn=www.googleadservices.com&frm=0&tiba=ReFa%20%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88%20%7C%20%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94&npa=0&pscdl=noapi&auid=457986581.1745572846&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-774022946

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.207.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s54-in-f2.1e100.net

Software

cafe /

Resource Hash

01f99487495f53d459f660fe19eb60fea5f9a42b075ef8e0cf230e50fef8f1f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 1999
date: Fri, 25 Apr 2025 09:20:46 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 774022946 Show response
td.doubleclick.net/td/rul/ Frame 1CFE 13 B
646 B 58ms
9ms Document
text/html 2404:6800:4004:80f::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://td.doubleclick.net/td/rul/774022946?random=1745572846799&cv=11&fst=1745572846799&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be54n0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.refa.net%2F&hn=www.googleadservices.com&frm=0&tiba=ReFa%20%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88%20%7C%20%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94&npa=0&pscdl=noapi&auid=457986581.1745572846&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-774022946

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.refa.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 25 Apr 2025 09:20:46 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK conversion_async.js Show response
b97.yahoo.co.jp/pagead/ 62 KB
23 KB 575ms
61ms Script
text/javascript 182.22.30.204
YAHOO Yahoo Japan...

General

Check archive.org

Download Go to

Full URL

https://b97.yahoo.co.jp/pagead/conversion_async.js

Requested by

Host: s.yimg.jp
URL: https://s.yimg.jp/images/listing/tool/cv/conversion.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

182.22.30.204 , Japan, ASN23816 (YAHOO Yahoo Japan Corporation, JP),

Reverse DNS

Software

cafe /

Resource Hash

521ffb719d3a151ff80f1d59ffa16a6fbf3c128828cbd66c717ae0c3f73758b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

Content-Encoding: br
ETag: 2076975532811082731
Age: 0
X-Content-Type-Options: nosniff
Expires: Fri, 25 Apr 2025 09:20:47 GMT
Date: Fri, 25 Apr 2025 09:20:47 GMT
Content-Type: text/javascript; charset=UTF-8
Content-Disposition: attachment; filename="f.txt"
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Timing-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Permissions-Policy: unload=(), ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
X-XSS-Protection: 0
Server: cafe

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 2ms
1ms Image
text/plain 157.240.31.35
FACEBOOK

General

Check archive.org

Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=980253745499760&ev=PageView&dl=https%3A%2F%2Fwww.refa.net%2F&rl=&if=false&ts=1745572846814&sw=1600&sh=1200&v=2.9.199&r=stable&ec=0&o=4126&fbp=fb.1.1745572846697.921218279429259436&ler=empty&cdl=API_unavailable&it=1745572846647&coo=false&exp=k0&rqm=GET

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.31.35 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-nrt1.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=24, mss=1232, tbw=5269, tp=15, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Fri, 25 Apr 2025 09:20:46 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
192 B 152ms
151ms Image
image/png 157.240.31.35
FACEBOOK

General

Check archive.org

Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=980253745499760&ev=PageView&dl=https%3A%2F%2Fwww.refa.net%2F&rl=&if=false&ts=1745572846814&sw=1600&sh=1200&v=2.9.199&r=stable&ec=0&o=4126&fbp=fb.1.1745572846697.921218279429259436&ler=empty&cdl=API_unavailable&it=1745572846647&coo=false&exp=k0&rqm=FGET

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.31.35 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-nrt1.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'nonce-oiUChPoA' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;child-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net accounts.meta.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;manifest-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;object-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7497178287488197439&cpp=C3&cv=1022232475&st=1745572846890"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 25 Apr 2025 09:20:46 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: ks3DZF3tscwf/BbllhHhg7eStbuiVGRguMdNniPP1PZ5983qBy01/YuDXs8NVCEsWbVwmqH6D3rCEwFnpJRQ+w==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7497178287488197439&cpp=C3&cv=1022232475&st=1745572846890", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'nonce-oiUChPoA' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;child-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net accounts.meta.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;manifest-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;object-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=27, mss=1232, tbw=9971, tp=25, tpl=0, uplat=148, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 utag.1.js Show response
tags.tiqcdn.com/utag/mtg/refa-net/prod/ 12 KB
4 KB 10ms
5ms Script
application/javascript 2600:9000:26ef:2a00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://tags.tiqcdn.com/utag/mtg/refa-net/prod/utag.1.js?utv=ut4.49.202210270538
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mtg/refa-net/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26ef:2a00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9e1e55ca62eee0910dde7263a83c8689ab503fa39e55d469f087bd4da73aaa96

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

vary: accept-encoding
cache-control: max-age=300
content-encoding: br
etag: W/"d480d49da00ea264ff93fd45ace10f43"
x-amz-version-id: RfY1fWBLVZ.fc2mtt6mmRSlixyfLaXjp
age: 285
via: 1.1 5f1822aafd04742a6e2a74df1017e234.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: 2IobM8qW7v9sba5uIcuSE1oZIF5vBjYHE9mp8Nn3o24zek8XzgNm9A==
date: Fri, 25 Apr 2025 09:16:02 GMT
content-type: application/javascript
last-modified: Wed, 02 Apr 2025 09:05:45 GMT
server: AmazonS3
x-amz-cf-pop: NRT12-P4
x-amz-server-side-encryption: AES256

GET
H2 200 utag.2.js Show response
tags.tiqcdn.com/utag/mtg/refa-net/prod/ 6 KB
2 KB 18ms
14ms Script
application/javascript 2600:9000:26ef:2a00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://tags.tiqcdn.com/utag/mtg/refa-net/prod/utag.2.js?utv=ut4.49.202210270538
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mtg/refa-net/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26ef:2a00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0a03387c46336ef65b37a33cac758afaddd1429bc3ea9c014cb135bb3b9aece8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

vary: accept-encoding
cache-control: max-age=300
content-encoding: br
etag: W/"01764906a2670e8a97abad87837b69e9"
x-amz-version-id: KN6.RLINQkyvVpj_2QPNhcTV2EIRw00C
age: 8
via: 1.1 5f1822aafd04742a6e2a74df1017e234.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: 6RzHAmh-8xamp-lpDl08Y6-KoFqOp9oC9dGC-cUe541RA6nRQV0TAg==
date: Fri, 25 Apr 2025 09:20:39 GMT
content-type: application/javascript
last-modified: Wed, 02 Apr 2025 09:05:44 GMT
server: AmazonS3
x-amz-cf-pop: NRT12-P4
x-amz-server-side-encryption: AES256

GET
H2 200 utag.3.js Show response
tags.tiqcdn.com/utag/mtg/refa-net/prod/ 2 KB
1 KB 18ms
14ms Script
application/javascript 2600:9000:26ef:2a00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://tags.tiqcdn.com/utag/mtg/refa-net/prod/utag.3.js?utv=ut4.49.202210270538
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mtg/refa-net/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26ef:2a00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0b98a19365222891ff6bdd5d467a71e5bd25b0cba2ea3733392c6f52bcb44ebf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

vary: accept-encoding
cache-control: max-age=300
content-encoding: br
etag: W/"de5291e9dc164d3805645276aabc7fff"
x-amz-version-id: _AM4DJAmQ2vb.Dk_0v3UmHfm4kU4eUUa
age: 8
via: 1.1 5f1822aafd04742a6e2a74df1017e234.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: 6W_ATZyN7EyNEWO_Ti9t4GoRQOSg2EkMoh3tInjsiQ6Rcwxg1nmpeQ==
date: Fri, 25 Apr 2025 09:20:39 GMT
content-type: application/javascript
last-modified: Wed, 02 Apr 2025 09:05:44 GMT
server: AmazonS3
x-amz-cf-pop: NRT12-P4
x-amz-server-side-encryption: AES256

GET
H2 200 utag.4.js Show response
tags.tiqcdn.com/utag/mtg/refa-net/prod/ 2 KB
1 KB 11ms
7ms Script
application/javascript 2600:9000:26ef:2a00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://tags.tiqcdn.com/utag/mtg/refa-net/prod/utag.4.js?utv=ut4.49.202210270538
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mtg/refa-net/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26ef:2a00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 28011ea8e672ce692536247bea4fce0eda0eda3edb71daa474974b0d7a3c64d9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

vary: accept-encoding
cache-control: max-age=300
content-encoding: br
etag: W/"de7b2f6ee9d63570aef9c61439371855"
x-amz-version-id: q35rtPC.YRxYiq_yXjo7UjKSeqB6m4ay
age: 105
via: 1.1 5f1822aafd04742a6e2a74df1017e234.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: ptWdWkfqLpxTI9T6l1mSvhtkR-m37NzVkyGTLzUmRikMfEdyK23okA==
date: Fri, 25 Apr 2025 09:19:02 GMT
content-type: application/javascript
last-modified: Wed, 02 Apr 2025 09:05:44 GMT
server: AmazonS3
x-amz-cf-pop: NRT12-P4
x-amz-server-side-encryption: AES256

GET
H2 200 utag.5.js Show response
tags.tiqcdn.com/utag/mtg/refa-net/prod/ 2 KB
1 KB 10ms
7ms Script
application/javascript 2600:9000:26ef:2a00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://tags.tiqcdn.com/utag/mtg/refa-net/prod/utag.5.js?utv=ut4.49.202210270538
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mtg/refa-net/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26ef:2a00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01148624e9caa337843d91978293481f0c48c8d635e98aee2939b095a54ad2c7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

vary: accept-encoding
cache-control: max-age=300
content-encoding: br
etag: W/"9924ab56ce90bd1e8a9b389bd27a4d47"
x-amz-version-id: 6tLRg63P_FQKVtjlCnCh1itqQYvmdo88
age: 92
via: 1.1 5f1822aafd04742a6e2a74df1017e234.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: hve7NnfeS0ZQK0TONnAKl0KdyPAfU2smV-YlOKnDgeG3YnFddSEJ7Q==
date: Fri, 25 Apr 2025 09:19:15 GMT
content-type: application/javascript
last-modified: Wed, 02 Apr 2025 09:05:43 GMT
server: AmazonS3
x-amz-cf-pop: NRT12-P4
x-amz-server-side-encryption: AES256

GET
H2 200 utag.6.js Show response
tags.tiqcdn.com/utag/mtg/refa-net/prod/ 2 KB
1 KB 13ms
9ms Script
application/javascript 2600:9000:26ef:2a00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://tags.tiqcdn.com/utag/mtg/refa-net/prod/utag.6.js?utv=ut4.49.202210270538
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mtg/refa-net/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26ef:2a00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7bef66040637d065b8289d806d1460f78ec8a0fb462125cd554ce3f8ba333846

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

vary: accept-encoding
cache-control: max-age=300
content-encoding: br
etag: W/"9c8ae6de1b9d16602336716b560fa6e9"
x-amz-version-id: hVGI3leQ13SFajKW5TW1zpK2kPOl255j
age: 92
via: 1.1 5f1822aafd04742a6e2a74df1017e234.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: x544kOfjbUv4iI4oidpHqtPGkBPUYBi_TRXZ_wRT-dJ79p3LQjqbRA==
date: Fri, 25 Apr 2025 09:19:15 GMT
content-type: application/javascript
last-modified: Wed, 02 Apr 2025 09:05:45 GMT
server: AmazonS3
x-amz-cf-pop: NRT12-P4
x-amz-server-side-encryption: AES256

GET
H2 200 utag.7.js Show response
tags.tiqcdn.com/utag/mtg/refa-net/prod/ 21 KB
7 KB 13ms
10ms Script
application/javascript 2600:9000:26ef:2a00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://tags.tiqcdn.com/utag/mtg/refa-net/prod/utag.7.js?utv=ut4.49.202210270538
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mtg/refa-net/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26ef:2a00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8ebc6bfe7959d723e5a43241bd42371be02a7a7c0d922213b76e30d11f590a40

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

vary: accept-encoding
cache-control: max-age=300
content-encoding: br
etag: W/"3cce4b40eecc5a3c030a6697487582cf"
x-amz-version-id: ub6FDs08tgMjqhtUrEL_gaU7nBoUhg2I
age: 105
via: 1.1 5f1822aafd04742a6e2a74df1017e234.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: LMPyJUleoOrYWlKOO9zX6bOga1I5hsShgcKiok993YD8xjjtmjn7rA==
date: Fri, 25 Apr 2025 09:19:02 GMT
content-type: application/javascript
last-modified: Wed, 02 Apr 2025 09:05:44 GMT
server: AmazonS3
x-amz-cf-pop: NRT12-P4
x-amz-server-side-encryption: AES256

GET
H2 200 utag.8.js Show response
tags.tiqcdn.com/utag/mtg/refa-net/prod/ 2 KB
1 KB 11ms
9ms Script
application/javascript 2600:9000:26ef:2a00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://tags.tiqcdn.com/utag/mtg/refa-net/prod/utag.8.js?utv=ut4.49.202305240135
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mtg/refa-net/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26ef:2a00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d2e494cce0cb67fe795c1b218d34a107a0ccb73a8cbd1f592ce15e77f806e348

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

vary: accept-encoding
cache-control: max-age=300
content-encoding: br
etag: W/"c7fc17fd8168583a88f56699ba15b4c2"
x-amz-version-id: gYxx2GYNbFs8O91.Vhtbszn9cG7zN4hR
age: 105
via: 1.1 5f1822aafd04742a6e2a74df1017e234.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: EnsNi03zbSFwdoRmrmvs62BZGXCg-b9Ls1hwmcBqxtBRuJjnme6rhw==
date: Fri, 25 Apr 2025 09:19:02 GMT
content-type: application/javascript
last-modified: Wed, 02 Apr 2025 09:05:43 GMT
server: AmazonS3
x-amz-cf-pop: NRT12-P4
x-amz-server-side-encryption: AES256

GET
H2 200 utag.9.js Show response
tags.tiqcdn.com/utag/mtg/refa-net/prod/ 2 KB
1 KB 11ms
9ms Script
application/javascript 2600:9000:26ef:2a00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://tags.tiqcdn.com/utag/mtg/refa-net/prod/utag.9.js?utv=ut4.49.202402150104
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mtg/refa-net/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26ef:2a00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f0d8fe227ec2e803f9c176208dc047140089b580a8722b4c17d64eece8eb41b5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

vary: accept-encoding
cache-control: max-age=300
content-encoding: br
etag: W/"a542db9fd113d0c7dc1cc078e9fd1e2c"
x-amz-version-id: kLsk88hPJD37E.OY07gTn7bvn6vwIvGQ
age: 92
via: 1.1 5f1822aafd04742a6e2a74df1017e234.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: fd606L5qbTaKayguH2DfsBQrSR2VqvNLupvaV-XaBYftNTKDm-228g==
date: Fri, 25 Apr 2025 09:19:15 GMT
content-type: application/javascript
last-modified: Wed, 02 Apr 2025 09:05:43 GMT
server: AmazonS3
x-amz-cf-pop: NRT12-P4
x-amz-server-side-encryption: AES256

GET
H2 200 utag.14.js Show response
tags.tiqcdn.com/utag/mtg/refa-net/prod/ 2 KB
1 KB 14ms
12ms Script
application/javascript 2600:9000:26ef:2a00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://tags.tiqcdn.com/utag/mtg/refa-net/prod/utag.14.js?utv=ut4.49.202502190645
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mtg/refa-net/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26ef:2a00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1a2ce6cc85dfc81d5f8d383ff7ab1366eba6cc47cd90f1b13035474267d9e4aa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

vary: accept-encoding
cache-control: max-age=300
content-encoding: br
etag: W/"ff043e36f32e418240462cba83dc0fae"
x-amz-version-id: JDmqoNFxLNfdD60KHjs8LA1H62Ct.XsO
age: 285
via: 1.1 5f1822aafd04742a6e2a74df1017e234.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: O9lYGkr8c2njwTnp6YELO57tT8pWZvL14bzZ2U6oBkmqM61izUPC1Q==
date: Fri, 25 Apr 2025 09:16:02 GMT
content-type: application/javascript
last-modified: Wed, 02 Apr 2025 09:05:44 GMT
server: AmazonS3
x-amz-cf-pop: NRT12-P4
x-amz-server-side-encryption: AES256

GET
H2 200 utag.15.js Show response
tags.tiqcdn.com/utag/mtg/refa-net/prod/ 2 KB
1 KB 12ms
10ms Script
application/javascript 2600:9000:26ef:2a00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://tags.tiqcdn.com/utag/mtg/refa-net/prod/utag.15.js?utv=ut4.49.202502190645
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mtg/refa-net/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26ef:2a00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c8ccbeb009c06056c4feb3e7789e7ec84cd42760012c996b4b8c8aa139926850

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

vary: accept-encoding
cache-control: max-age=300
content-encoding: br
etag: W/"c6e50abc113567434d538e7a66981e30"
x-amz-version-id: sOjPaMPVOSzfPmp4LEpA6hxFFro2DWef
age: 259
via: 1.1 5f1822aafd04742a6e2a74df1017e234.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: q0lHVlDERD6RxcPYmnQTXzilNGwp5n-k93rGMkWCTt02y-f67-NNcQ==
date: Fri, 25 Apr 2025 09:16:30 GMT
content-type: application/javascript
last-modified: Wed, 02 Apr 2025 09:05:45 GMT
server: AmazonS3
x-amz-cf-pop: NRT12-P4
x-amz-server-side-encryption: AES256

GET
H2 200 utag.16.js Show response
tags.tiqcdn.com/utag/mtg/refa-net/prod/ 20 KB
7 KB 16ms
14ms Script
application/javascript 2600:9000:26ef:2a00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://tags.tiqcdn.com/utag/mtg/refa-net/prod/utag.16.js?utv=ut4.49.202503240218
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mtg/refa-net/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26ef:2a00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0e3bcdd405be5082639213a43e713e0d6e8b801c37f6c0be7291f324b0853407

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

vary: accept-encoding
cache-control: max-age=300
content-encoding: br
etag: W/"1538cb74a97630fde23586d16752853a"
x-amz-version-id: dTg6XcRK65vR2gF28T5Dg5bZUS8H5M1M
age: 259
via: 1.1 5f1822aafd04742a6e2a74df1017e234.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: g9NYmsUWpVL5E-U9OpY_U0CBUVi5gPyixQHV_Fl7gfLYh1MJo1_8bg==
date: Fri, 25 Apr 2025 09:16:30 GMT
content-type: application/javascript
last-modified: Wed, 02 Apr 2025 09:05:44 GMT
server: AmazonS3
x-amz-cf-pop: NRT12-P4
x-amz-server-side-encryption: AES256

GET
H2 200 iframe Show response
um.ladsp.com/match/ Frame 3D0D 3 KB
3 KB 95ms
7ms Document
text/html 3.164.121.106
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_20_25_27_28_30_32_34_42_43&ts=1745572846718&svid=68
Requested by: Host: px.ladsp.com
URL: https://px.ladsp.com/pixel?advertiser_id=00010701&su=2&site_url=https%3A%2F%2Fwww.refa.net%2F&sua=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwibW9kZWwiOiIiLCJtb2JpbGUiOmZhbHNlLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsImZ1bGxWZXJzaW9uTGlzdCI6W119
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.164.121.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-164-121-106.nrt12.r.cloudfront.net
Software: /
Resource Hash: 5e6dd4c607bd4eb230bf6fd39bdccdd77337b06a314b8bb4631b724a1515428a

Request headers

Referer: https://www.refa.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

cache-control: private, no-store, no-cache, must-revalidate
content-type: text/html;charset=utf-8
date: Fri, 25 Apr 2025 09:20:46 GMT
expires: -1
pragma: no-cache
via: 1.1 f76917b432f94f721577901af1dbe63e.cloudfront.net (CloudFront)
x-amz-cf-id: SLw0X5CL_rBLIKGTifz-npcDxSJg6iWpN821BQSmR58HiYmbTjhkXg==
x-amz-cf-pop: NRT12-P3
x-cache: Miss from cloudfront

GET
H2 200 getTopics2.html Show response
cd.ladsp.com/html/ Frame C92A 640 B
1 KB 15ms
1ms Document
text/html 18.172.30.90
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://cd.ladsp.com/html/getTopics2.html?stu=mTxrsbcXjcbp0Lne4Pwl2g
Requested by: Host: px.ladsp.com
URL: https://px.ladsp.com/pixel?advertiser_id=00010701&su=2&site_url=https%3A%2F%2Fwww.refa.net%2F&sua=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwibW9kZWwiOiIiLCJtb2JpbGUiOmZhbHNlLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsImZ1bGxWZXJzaW9uTGlzdCI6W119
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.30.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-30-90.nrt20.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 67741fe2bd4e9b44e67da55f3fa7f2e039a908c89c3894fa0870e13c6a313e8f

Request headers

Referer: https://www.refa.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 2112834
cache-control: public, max-age=259200, immutable
content-length: 640
content-type: text/html
date: Mon, 31 Mar 2025 22:26:53 GMT
etag: "ed608d6a6556d56a50143e8d720f3e7f"
last-modified: Tue, 08 Aug 2023 02:13:29 GMT
server: AmazonS3
via: 1.1 f76b4c0eb6c4658feb5d2183e218bcee.cloudfront.net (CloudFront)
x-amz-cf-id: 750ZIvjfNZjfhWvzAGo-UOmr4qg9XVL-BXKmvje_U4zkDGOIhbiFYg==
x-amz-cf-pop: NRT20-P1
x-amz-meta-s3cmd-attrs: atime:1691460792/ctime:1691460792/gid:901/gname:logicad/md5:ed608d6a6556d56a50143e8d720f3e7f/mode:33204/mtime:1691460792/uid:901/uname:logicad
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

GET
H3 200 /
www.google.com/pagead/1p-user-list/953126323/ 42 B
64 B 12ms
11ms Image
image/gif 216.58.220.100
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/953126323/?random=1745572846650&cv=9&fst=1745571600000&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926%2C512247839%2C658953495&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=540&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&data=ecomm_prodid%3DREPLACE_WITH_VALUE%3Becomm_pagetype%3DREPLACE_WITH_VALUE%3Becomm_totalvalue%3DREPLACE_WITH_VALUE&frm=0&url=https%3A%2F%2Fwww.refa.net%2F&tiba=ReFa%20%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88%20%7C%20%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDZpuyzuiYST4NWJMTYKvag-bVJWAdePLZ9lg&random=1524546694&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.220.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s30-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Fri, 25 Apr 2025 09:20:46 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.co.jp/pagead/1p-user-list/953126323/ 42 B
64 B 12ms
11ms Image
image/gif 172.217.31.163
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://www.google.co.jp/pagead/1p-user-list/953126323/?random=1745572846650&cv=9&fst=1745571600000&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926%2C512247839%2C658953495&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=540&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&data=ecomm_prodid%3DREPLACE_WITH_VALUE%3Becomm_pagetype%3DREPLACE_WITH_VALUE%3Becomm_totalvalue%3DREPLACE_WITH_VALUE&frm=0&url=https%3A%2F%2Fwww.refa.net%2F&tiba=ReFa%20%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88%20%7C%20%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDZpuyzuiYST4NWJMTYKvag-bVJWAdePLZ9lg&random=1524546694&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.31.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s22-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Fri, 25 Apr 2025 09:20:46 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/774025335/ 5 KB
2 KB 99ms
98ms Script
text/javascript 142.250.207.2
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/774025335/?random=1745572846850&cv=11&fst=1745572846850&bg=ffffff&guid=ON&async=1&gtm=45be54n0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.refa.net%2F&hn=www.googleadservices.com&frm=0&tiba=ReFa%20%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88%20%7C%20%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94&npa=0&pscdl=noapi&auid=457986581.1745572846&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-774025335

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.207.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s54-in-f2.1e100.net

Software

cafe /

Resource Hash

4cfb58b6ed297977f3cbdaa6f104ffa1a98dd7ef6afc32b9743e44204bee86cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 1994
date: Fri, 25 Apr 2025 09:20:46 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 774025335 Show response
td.doubleclick.net/td/rul/ Frame F2B0 13 B
301 B 9ms
8ms Document
text/html 2404:6800:4004:80f::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://td.doubleclick.net/td/rul/774025335?random=1745572846850&cv=11&fst=1745572846850&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be54n0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.refa.net%2F&hn=www.googleadservices.com&frm=0&tiba=ReFa%20%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88%20%7C%20%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94&npa=0&pscdl=noapi&auid=457986581.1745572846&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-774025335

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.refa.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 25 Apr 2025 09:20:46 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/774046165/ 5 KB
2 KB 100ms
99ms Script
text/javascript 142.250.207.2
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/774046165/?random=1745572846885&cv=11&fst=1745572846885&bg=ffffff&guid=ON&async=1&gtm=45be54n0v881674415za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.refa.net%2F&hn=www.googleadservices.com&frm=0&tiba=ReFa%20%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88%20%7C%20%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94&npa=0&pscdl=noapi&auid=457986581.1745572846&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-774046165

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.207.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s54-in-f2.1e100.net

Software

cafe /

Resource Hash

a322c36940ddfde2d4009e8e8d710c051d305f95a2b56b47875bde7f67cb46be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2009
date: Fri, 25 Apr 2025 09:20:46 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 774046165 Show response
td.doubleclick.net/td/rul/ Frame 0D50 26 KB
2 KB 15ms
14ms Document
text/html 2404:6800:4004:80f::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://td.doubleclick.net/td/rul/774046165?random=1745572846885&cv=11&fst=1745572846885&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be54n0v881674415za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.refa.net%2F&hn=www.googleadservices.com&frm=0&tiba=ReFa%20%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88%20%7C%20%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94&npa=0&pscdl=noapi&auid=457986581.1745572846&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-774046165

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fe86be91525d5927de41733152b8c071c3990ddabc653bcec70a89ca7276508

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.refa.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 2381
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 25 Apr 2025 09:20:46 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 event Show response
sslwidget.criteo.com/ 12 KB
6 KB 30ms
12ms Script
application/x-javascript 182.161.74.16
CRITEO-AS-AP Crit...

General

Check archive.org

Download Go to

Full URL

https://sslwidget.criteo.com/event?a=24259&v=5.37.0&otl=1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&bundle=fXNwX196ZEJ2ZXFWUjU5ejJ3ZjlNWjZYRHhFWUg4S0FXdCUyQmg1azZoWGp4SUtKSWZMbEtEanNnSFJhdFNsJTJGNENueVZ6ZDIzSm55JTJGVyUyQkUlMkZJakZ0cUFsSXFwWmNqJTJGcjVLNjk0SmExR3JtNlMlMkZpbzNrOXhUUWdPb1YlMkZoYVdoTXRPejJ0JTJGQWFyRGV0aEJGQUNibGNYU3I3TVdybnclM0QlM0Q&sc=%7B%22fbp%22%3A%22fb.1.1745572846697.921218279429259436%22%7D&tld=refa.net&fu=https%253A%252F%252Fwww.refa.net%252F&ceid=b2e66388-5244-4f1b-ada7-c09ea44b578c

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.16 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

4c70642b2f2405a01887ba7872c31b86e0e8c6b0d9919082d992e6ff493aa394

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: no-cache
timing-allow-origin: *
content-encoding: gzip
pragma: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 7779672
expires: 0
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
date: Fri, 25 Apr 2025 09:20:46 GMT
content-type: application/x-javascript
server: Kestrel

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 330 KB
113 KB 99ms
98ms Script
application/javascript 142.251.42.200
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10974633921&l=dataLayer&cx=c&gtm=45He54n0v77419047za200&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103130498~103130500~103200001

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNK3637

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.200 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

84a7719cc023e5cf673789a34abc6c5368232304ee01ec830a319354d5adf101

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

content-encoding: br
report-to: {"group":"ascgcycc:1068:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1068:0"}],}
expires: Fri, 25 Apr 2025 09:20:46 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 25 Apr 2025 09:20:46 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 25 Apr 2025 09:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1068:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1068:0
content-length: 115611
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 330 KB
113 KB 149ms
149ms Script
application/javascript 142.251.42.200
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10974633921

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mtg/refa-net/prod/utag.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.200 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

15e30a5c383d667eb756f277e8d51975850eb00f0ad1b04ad157701f75d712bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

content-encoding: br
report-to: {"group":"ascgcycc:1068:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1068:0"}],}
expires: Fri, 25 Apr 2025 09:20:47 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 25 Apr 2025 09:20:47 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 25 Apr 2025 09:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1068:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1068:0
content-length: 115588
x-xss-protection: 0
server: Google Tag Manager

GET
H/1.1 200
OK conversion_async.js Show response
b99.yahoo.co.jp/pagead/ 62 KB
23 KB 79ms
62ms Script
text/javascript 182.22.30.204
YAHOO Yahoo Japan...

General

Check archive.org

Download Go to

Full URL

https://b99.yahoo.co.jp/pagead/conversion_async.js

Requested by

Host: s.yimg.jp
URL: https://s.yimg.jp/images/listing/tool/cv/ytag.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

182.22.30.204 , Japan, ASN23816 (YAHOO Yahoo Japan Corporation, JP),

Reverse DNS

Software

cafe /

Resource Hash

521ffb719d3a151ff80f1d59ffa16a6fbf3c128828cbd66c717ae0c3f73758b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

Content-Encoding: br
ETag: 2076975532811082731
Age: 2
X-Content-Type-Options: nosniff
Expires: Fri, 25 Apr 2025 09:20:46 GMT
Date: Fri, 25 Apr 2025 09:20:46 GMT
Content-Type: text/javascript; charset=UTF-8
Content-Disposition: attachment; filename="f.txt"
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Timing-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Permissions-Policy: unload=(), ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
X-XSS-Protection: 0
Server: cafe

GET
H2 200 bat.js Show response
bat.bing.com/ 51 KB
15 KB 45ms
26ms Script
application/javascript 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mtg/refa-net/prod/utag.8.js?utv=ut4.49.202305240135

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

759043dafa55d63c0788faf5611e14607e598d740d5bc64ecc772d841014d04c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: gzip
etag: "02e6b8458a2db1:0"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0E26C1B9BC10445C9F5DCB554B7CBF55 Ref B: TYO201151003025 Ref C: 2025-04-25T09:20:46Z
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 14711
date: Fri, 25 Apr 2025 09:20:46 GMT
content-type: application/javascript
last-modified: Mon, 31 Mar 2025 16:18:20 GMT
vary: Accept-Encoding

GET
H2 200 itm.js Show response
dmp.im-apps.net/js/1012284/0001/ 7 KB
3 KB 122ms
3ms Script
text/javascript 2600:140b:1a00:23::173f:e91f
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to

Full URL: https://dmp.im-apps.net/js/1012284/0001/itm.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mtg/refa-net/prod/utag.6.js?utv=ut4.49.202210270538
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:140b:1a00:23::173f:e91f Tokyo, Japan, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: /
Resource Hash: de313643df0360a13d94fb9583114305bc3fd804ee4ce9df5d396a3c3d00200d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

x-amz-replication-status: PENDING
cache-control: max-age=1762
content-encoding: gzip
etag: "b2d11c6dc8064f4596be8bc658ca6a09"
x-amz-version-id: 5OoGFgxevpBYogArCo._PSYXGzoRitWf
expires: Fri, 25 Apr 2025 09:50:09 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3039
p3p: CP="NOI PSD OTR"
date: Fri, 25 Apr 2025 09:20:47 GMT
last-modified: Mon, 10 Mar 2025 05:45:56 GMT
content-type: text/javascript
vary: Accept-Encoding
x-amz-server-side-encryption: AES256

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/774046165/ 5 KB
2 KB 156ms
155ms Script
text/javascript 142.250.207.2
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/774046165/?random=1745572846938&cv=11&fst=1745572846938&bg=ffffff&guid=ON&async=1&gtm=45be54n0v881674415za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.refa.net%2F&hn=www.googleadservices.com&frm=0&tiba=ReFa%20%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88%20%7C%20%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94&did=dYmQxMT&gdid=dYmQxMT&npa=0&pscdl=noapi&auid=457986581.1745572846&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-774046165

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.207.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s54-in-f2.1e100.net

Software

cafe /

Resource Hash

c196db22c9b04316ea703c62bfde5d7d23849746391241e6e4e7b6832f7616ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2021
date: Fri, 25 Apr 2025 09:20:46 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 774046165 Show response
td.doubleclick.net/td/rul/ Frame CA8E 26 KB
2 KB 17ms
16ms Document
text/html 142.251.42.162
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://td.doubleclick.net/td/rul/774046165?random=1745572846938&cv=11&fst=1745572846938&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be54n0v881674415za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.refa.net%2F&hn=www.googleadservices.com&frm=0&tiba=ReFa%20%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88%20%7C%20%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94&did=dYmQxMT&gdid=dYmQxMT&npa=0&pscdl=noapi&auid=457986581.1745572846&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-774046165

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

cafe /

Resource Hash

bc168df3e06eb5270ee21298056bd5b7f79c8716ff2cdb96545867ad6a24af1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.refa.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 2373
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 25 Apr 2025 09:20:46 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 505248416521218 Show response
connect.facebook.net/signals/config/ 32 KB
4 KB 4ms
3ms Script
application/x-javascript 157.240.31.5
FACEBOOK

General

Check archive.org

Download Go to

Full URL

https://connect.facebook.net/signals/config/505248416521218?v=2.9.199&r=stable&domain=www.refa.net&hme=53363064397d256bdf8f213dd9a9e18c291fc2ed691e4233e4a9e488f248f817&ex_m=73%2C128%2C113%2C117%2C64%2C5%2C106%2C72%2C18%2C100%2C92%2C53%2C57%2C182%2C203%2C210%2C206%2C207%2C209%2C31%2C107%2C55%2C80%2C208%2C177%2C180%2C204%2C205%2C190%2C139%2C43%2C195%2C192%2C193%2C36%2C152%2C17%2C52%2C199%2C198%2C141%2C20%2C42%2C1%2C45%2C68%2C69%2C70%2C74%2C96%2C19%2C16%2C99%2C95%2C94%2C114%2C54%2C116%2C41%2C115%2C32%2C97%2C28%2C178%2C181%2C149%2C13%2C14%2C15%2C7%2C8%2C27%2C24%2C25%2C60%2C65%2C67%2C78%2C56%2C105%2C108%2C29%2C79%2C11%2C9%2C83%2C50%2C23%2C110%2C109%2C111%2C102%2C12%2C22%2C3%2C40%2C77%2C21%2C161%2C89%2C135%2C49%2C48%2C101%2C76%2C0%2C98%2C59%2C87%2C35%2C30%2C85%2C86%2C91%2C39%2C6%2C93%2C84%2C46%2C34%2C37%2C90%2C4%2C88%2C248%2C175%2C126%2C164%2C157%2C2%2C38%2C66%2C44%2C112%2C47%2C82%2C71%2C118%2C63%2C62%2C33%2C103%2C61%2C58%2C51%2C81%2C75%2C26%2C104%2C10%2C119%2C213%2C212%2C214%2C219%2C220%2C221%2C217%2C201%2C140%2C173%2C200%2C202%2C250%2C176%2C234%2C129%2C167%2C154%2C137%2C247%2C123%2C144%2C130%2C197%2C120%2C159%2C136

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.31.5 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-nrt1.fbcdn.net

Software

Resource Hash

de59b24ff3b0d08ea52d3a8ba27b98b01e49702e25cebaeca12641a678564325

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' blob: ;script-src data: 'nonce-8TmSlFfV' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: 'self' https://.google-analytics.com .google.com;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: .cdninstagram.com https://.google-analytics.com;font-src 'self' data: blob: ;img-src 'self' data: blob: https://.google-analytics.com;media-src 'self' data: blob: ;child-src 'self' data: blob: ;frame-src 'self' data: blob: ;manifest-src 'self' data: blob: ;object-src 'self' data: blob: ;worker-src 'self' data: blob: *;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 25 Apr 2025 09:20:46 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' blob: *;script-src data: 'nonce-8TmSlFfV' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: 'self' https://*.google-analytics.com *.google.com;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com https://*.google-analytics.com;font-src 'self' data: blob: *;img-src 'self' data: blob: * https://*.google-analytics.com;media-src 'self' data: blob: *;child-src 'self' data: blob: *;frame-src 'self' data: blob: *;manifest-src 'self' data: blob: *;object-src 'self' data: blob: *;worker-src 'self' data: blob: *;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=101, mss=1232, tbw=100823, tp=97, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: hLvKGmPIeOcm2WqYEKaikVZgT/HYmS0abUWfE9X2Z2Xt1WszbO7s9Bi2FwF2qCP36npvdTDK0K7atrVbWE0tww==
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: default-src 'self' blob: *;script-src 'nonce-8TmSlFfV' 'report-sample' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: 'self' data: https://*.google-analytics.com *.google.com;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com https://*.google-analytics.com;font-src 'self' data: blob: *;img-src 'self' data: blob: * https://*.google-analytics.com;media-src 'self' data: blob: *;child-src 'self' data: blob: *;frame-src 'self' data: blob: *;manifest-src 'self' data: blob: *;object-src 'self' data: blob: *;worker-src 'self' data: blob: *;report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 4468
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
431 B 4ms
4ms Script
application/javascript 2600:9000:26ef:2a00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=mtg/refa-net/202504020905&cb=1745572846952
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mtg/refa-net/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26ef:2a00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

x-amz-version-id: 2XUX04X5QEw0.xFya64khU._sHTRl_Pz
etag: "7bc0ee636b3b83484fc3b9348863bd22"
age: 431
x-cache: Hit from cloudfront
x-amz-cf-id: Z1J6HNq4ObwYiv5fdRMGzFEkp1BnV50l9rlCNhuzgDmCo2MrD10dfg==
date: Fri, 25 Apr 2025 09:13:36 GMT
content-type: application/javascript
vary: accept-encoding
last-modified: Sat, 11 Mar 2023 06:57:46 GMT
cache-control: max-age=300
via: 1.1 5f1822aafd04742a6e2a74df1017e234.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 2
x-amz-cf-pop: NRT12-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2

200

google
px.ladsp.com/match/ Frame 3D0D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_cm&google_hm=Ab7ZOQs0F0VBks8AKJCcS1ZW18A&logicad_uid=Ab7ZOQs0F0VBks8AKJCcS1ZW18A&svid=03
https://px.ladsp.com/match/google?logicad_uid=Ab7ZOQs0F0VBks8AKJCcS1ZW18A&svid=03&google_gid=CAESEI6sJBjDLz9dqnPg8D7dU1s&google_cver=1

43 B
283 B

12ms
3ms

Image
image/gif

54.250.66.208
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://px.ladsp.com/match/google?logicad_uid=Ab7ZOQs0F0VBks8AKJCcS1ZW18A&svid=03&google_gid=CAESEI6sJBjDLz9dqnPg8D7dU1s&google_cver=1
Requested by: Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_20_25_27_28_30_32_34_42_43&ts=1745572846718&svid=68
Protocol: H2
Server: 54.250.66.208 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-250-66-208.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://um.ladsp.com/

Response headers

expires: -1
cache-control: private, no-store, no-cache, must-revalidate
content-length: 43
date: Fri, 25 Apr 2025 09:20:47 GMT
pragma: no-cache
content-type: image/gif

Redirect headers

cache-control: no-cache, must-revalidate
location: https://px.ladsp.com/match/google?logicad_uid=Ab7ZOQs0F0VBks8AKJCcS1ZW18A&svid=03&google_gid=CAESEI6sJBjDLz9dqnPg8D7dU1s&google_cver=1
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 343
date: Fri, 25 Apr 2025 09:20:47 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)

GET
H2

200

sd
jp-u.openx.net/w/1.0/ Frame 3D0D
Redirect Chain

https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AUdtwyr5jO_Cks8AKJCcS1ZW188AAAGWbD_dSw
https://jp-u.openx.net/w/1.0/sd?cc=1&id=537072451&val=AUdtwyr5jO_Cks8AKJCcS1ZW188AAAGWbD_dSw

43 B
171 B

43ms
42ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to Show image

Full URL: https://jp-u.openx.net/w/1.0/sd?cc=1&id=537072451&val=AUdtwyr5jO_Cks8AKJCcS1ZW188AAAGWbD_dSw
Requested by: Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_20_25_27_28_30_32_34_42_43&ts=1745572846718&svid=68
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://um.ladsp.com/

Response headers

cache-control: private, max-age=0, no-cache
pragma: no-cache
x-forwarded-for: 146.70.201.221
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
p3p: CP="CUR ADM OUR NOR STA NID"
date: Fri, 25 Apr 2025 09:20:46 GMT
content-type: image/gif
vary: Accept

Redirect headers

location: https://jp-u.openx.net/w/1.0/sd?cc=1&id=537072451&val=AUdtwyr5jO_Cks8AKJCcS1ZW188AAAGWbD_dSw
x-forwarded-for: 146.70.201.221
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Fri, 25 Apr 2025 09:20:46 GMT
content-type: text/plain; charset=utf-8
vary: Origin

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 3D0D 0
225 B 30ms
5ms Image
text/html 207.65.34.80
AS-PUBMATIC

General

Check archive.org

Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=AUdtwyr5jO_Cks8AKJCcS1ZW188AAAGWbD_dSw
Requested by: Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_20_25_27_28_30_32_34_42_43&ts=1745572846718&svid=68
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://um.ladsp.com/

Response headers

cache-control: no-store, no-cache, private
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-encoding: gzip
date: Fri, 25 Apr 2025 09:20:38 GMT
content-type: text/html; charset=utf-8
server: nginx

GET
H2

200

bounce
ib.adnxs.com/ Frame 3D0D
Redirect Chain

https://ib.adnxs.com/setuid?entity=276&code=AUdtwyr5jO_Cks8AKJCcS1ZW188AAAGWbD_dSw
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D276%26code%3DAUdtwyr5jO_Cks8AKJCcS1ZW188AAAGWbD_dSw

43 B
1 KB

77ms
77ms

Image
image/gif

103.43.90.178
ASN-APPNEX

General

Check archive.org

Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D276%26code%3DAUdtwyr5jO_Cks8AKJCcS1ZW188AAAGWbD_dSw

Requested by

Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_20_25_27_28_30_32_34_42_43&ts=1745572846718&svid=68

Protocol

Server

103.43.90.178 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://um.ladsp.com/

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 146.70.201.221; 146.70.201.221; 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; *.adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: *
an-x-request-uuid: 34881f94-9e4c-4541-aa36-919368665e7c
content-length: 43
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Fri, 25 Apr 2025 09:20:47 GMT
x-xss-protection: 0
content-type: image/gif
server: nginx/1.23.4

Redirect headers

cache-control: no-store, no-cache, private
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D276%26code%3DAUdtwyr5jO_Cks8AKJCcS1ZW188AAAGWbD_dSw
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
x-proxy-origin: 146.70.201.221; 146.70.201.221; 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; *.adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
an-x-request-uuid: d4de16af-2b92-4a55-bebf-d70864c6e405
content-length: 0
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Fri, 25 Apr 2025 09:20:47 GMT
x-xss-protection: 0
content-type: text/html; charset=utf-8
server: nginx/1.23.4

GET
H2 200 hs
s-cs.send.microad.jp/ Frame 3D0D 43 B
563 B 500ms
138ms Image
image/gif 202.233.84.8
MICROAD MicroAd

General

Check archive.org

Download Go to Show image

Full URL

https://s-cs.send.microad.jp/hs?k=logicad_2&id=AUdtwyr5jO_Cks8AKJCcS1ZW188AAAGWbD_dWA

Requested by

Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_20_25_27_28_30_32_34_42_43&ts=1745572846718&svid=68

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

202.233.84.8 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://um.ladsp.com/

Response headers

strict-transport-security: max-age=31536000
timing-allow-origin: *
content-encoding: gzip
x-content-type-options: nosniff
access-control-allow-origin: *
p3p: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
date: Fri, 25 Apr 2025 09:20:47 GMT
x-xss-protection: 1; mode=block
content-type: image/gif
server: nginx
access-control-allow-headers: origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control

GET
H2 200 /
sync.ad-stir.com/ Frame 3D0D 43 B
359 B 61ms
6ms Image
image/gif 3.113.227.140
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://sync.ad-stir.com/?symbol=LOGICAD&uid=AUdtwyr5jO_Cks8AKJCcS1ZW188AAAGWbD_dSw
Requested by: Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_20_25_27_28_30_32_34_42_43&ts=1745572846718&svid=68
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.113.227.140 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-113-227-140.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://um.ladsp.com/

Response headers

cache-control: max-age=300
content-length: 43
date: Fri, 25 Apr 2025 09:20:47 GMT
content-type: image/gif

GET
H2

200

actualizar
penta.a.one.impact-ad.jp/psm/1.0/ Frame 3D0D
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=102&expires=365&user_id=AUdtwyr5jO_Cks8AKJCcS1ZW188AAAGWbD_dSw
https://x.bidswitch.net/ul_cb/sync?dsp_id=102&expires=365&user_id=AUdtwyr5jO_Cks8AKJCcS1ZW188AAAGWbD_dSw
https://y.one.impact-ad.jp/cs?d=105&uid=59a64a89-ce73-4936-a30a-d8de712ecf9e&tg=1&et=30&r=no&bsw_dsp_id=&bsw_dsp_uuid=
https://y.one.impact-ad.jp/ul_cb/cs?d=105&uid=59a64a89-ce73-4936-a30a-d8de712ecf9e&tg=1&et=30&r=no&bsw_dsp_id=&bsw_dsp_uuid=
https://penta.a.one.impact-ad.jp/psm/1.0/actualizar

42 B
336 B

159ms
48ms

Image
image/gif

107.178.248.96
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to Show image

Full URL

https://penta.a.one.impact-ad.jp/psm/1.0/actualizar

Requested by

Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_20_25_27_28_30_32_34_42_43&ts=1745572846718&svid=68

Protocol

Server

107.178.248.96 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

96.248.178.107.bc.googleusercontent.com

Software

nginx /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://um.ladsp.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
date: Fri, 25 Apr 2025 09:20:47 GMT
content-type: image/gif
server: nginx

Redirect headers

via: 1.1 google
cache-control: no-cache, no-store, must-revalidate
location: https://penta.a.one.impact-ad.jp/psm/1.0/actualizar
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 25 Apr 2025 09:20:47 GMT

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame 3D0D 42 B
1 KB 400ms
87ms Image
image/gif 69.173.158.64
RUBICONPROJECT

General

Check archive.org

Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=143202&nid=4016&expires=30&put=Ab7ZOQs0F0VBks8AKJCcS1ZW1xA
Requested by: Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_20_25_27_28_30_32_34_42_43&ts=1745572846718&svid=68
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://um.ladsp.com/

Response headers

Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: cc2b9026541f49c9c095b4cedfcedb9a
Pragma: no-cache
content-length: 42
Content-Type: image/gif

GET
H/1.1 200
OK sync
ssl.socdm.com/rtb/ Frame 3D0D 43 B
821 B 143ms
12ms Image
image/gif 124.146.153.165
INFOSPHERE NTT PC...

General

Check archive.org

Download Go to Show image

Full URL: https://ssl.socdm.com/rtb/sync?proto=adgen&dspid=12
Requested by: Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_20_25_27_28_30_32_34_42_43&ts=1745572846718&svid=68
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 124.146.153.165 , Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://um.ladsp.com/

Response headers

Cache-Control: private
X-SO-Cluster-ID: 0
X-SO-LB-Hostname: m-ng7.dc4p.scaleout.jp
X-SO-LB-Data: {"ban":false,"clean_query":"\/rtb\/sync?proto=adgen&dspid=12","cluster_id":0,"gdpr":false,"ipv4":"146.70.201.221","key":"aAtT78Co8GsAAETDzLIAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad1052"}
X-SO-Upstream-ID: m-ad1052
X-SO-HostName: m-ad1052.dc4p.scaleout.jp
Connection: keep-alive
X-SO-IP: 146.70.201.221
X-SO-Key: aAtT78Co8GsAAETDzLIAAAAA
Content-Length: 43
P3P: CP="See also http://www.scaleout.jp/privacy/"
Date: Fri, 25 Apr 2025 09:20:47 GMT
X-SO-Ads-Time: 1
Content-Type: image/gif
Server: nginx

GET
H2 200 /
cs.adingo.jp/sync/ Frame 3D0D 43 B
409 B 28ms
6ms Image
image/gif 13.114.11.148
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://cs.adingo.jp/sync/?from=logicad&id=AUdtwyr5jO_Cks8AKJCcS1ZW188AAAGWbD_dYA
Requested by: Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_20_25_27_28_30_32_34_42_43&ts=1745572846718&svid=68
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.114.11.148 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-114-11-148.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://um.ladsp.com/

Response headers

expires: Wed, 17 Sep 1975 21:32:10 GMT
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
date: Fri, 25 Apr 2025 09:20:47 GMT
pragma: no-cache
content-type: image/gif
server: nginx

GET
H2 200 /
sync.taboola.com/sg/sonet-mediartb-network/1/rtb-h/ Frame 3D0D 0
375 B 271ms
57ms Image
text/plain 141.226.231.48
TABOOLA-AS Tabool...

General

Check archive.org

Download Go to Show image

Full URL: https://sync.taboola.com/sg/sonet-mediartb-network/1/rtb-h/?taboola_hm=AUdtwyr5jO_Cks8AKJCcS1ZW188AAAGWbD_dZQ
Requested by: Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_20_25_27_28_30_32_34_42_43&ts=1745572846718&svid=68
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.231.48 , Hong Kong, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://um.ladsp.com/

Response headers

x-fastly-to-nlb-rtt: 55303
date: Fri, 25 Apr 2025 09:20:47 GMT
server: nginx
access-control-allow-credentials: true

GET
H/1.1 200
OK cookiesync
adn.caprofitx.com/v1/ Frame 3D0D 35 B
567 B 98ms
6ms Image
image/gif 52.196.43.105
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://adn.caprofitx.com/v1/cookiesync?logicad_uid=AUdtwyr5jO_Cks8AKJCcS1ZW188AAAGWbD_dZw
Requested by: Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_20_25_27_28_30_32_34_42_43&ts=1745572846718&svid=68
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.196.43.105 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-196-43-105.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://um.ladsp.com/

Response headers

Content-Length: 35
Date: Fri, 25 Apr 2025 09:20:47 GMT
Content-Type: image/gif
Server: nginx
Connection: keep-alive

GET
H2 403 cs
cs.gssprt.jp/yie/ld/ Frame 3D0D 82 B
82 B 24ms
5ms Image
application/octet-stream 203.137.133.154
IDCF IDC Frontier...

General

Check archive.org

Download Go to Show image

Full URL: https://cs.gssprt.jp/yie/ld/cs?dspid=logicad&uid=Ab7ZOQs0F0VBks8AKJCcS1ZW1xw
Requested by: Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_20_25_27_28_30_32_34_42_43&ts=1745572846718&svid=68
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.137.133.154 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: f9dc427bd933b43f00a6b153402c80c6edf36640e4b9f40495e1b00eb82bcaa2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://um.ladsp.com/

Response headers

content-length: 82
date: Fri, 25 Apr 2025 09:20:47 GMT
content-type: application/octet-stream
server: nginx
cross-origin-resource-policy: cross-origin

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame 3D0D 0
360 B 238ms
79ms Image
text/plain 172.188.170.32
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to Show image

Full URL

https://sync.outbrain.com/cookie-sync?p=logicad&uid=AUdtwyr5jO_Cks8AKJCcS1ZW188AAAGWbD_dag

Requested by

Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_20_25_27_28_30_32_34_42_43&ts=1745572846718&svid=68

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

172.188.170.32 , United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://um.ladsp.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache
content-length: 0
date: Fri, 25 Apr 2025 09:20:47 GMT
x-traceid: 4cd42894fe58366198edf518254fd3c8

GET
H2 200 sync.ad
sp.gmossp-sp.jp/ads/ Frame 3D0D 43 B
515 B 31ms
9ms Image
image/gif 35.201.98.24
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to Show image

Full URL

https://sp.gmossp-sp.jp/ads/sync.ad?dsp=logicad&dspuid=AUdtwyr5jO_Cks8AKJCcS1ZW188AAAGWbD_dbA

Requested by

Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_20_25_27_28_30_32_34_42_43&ts=1745572846718&svid=68

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.98.24 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

24.98.201.35.bc.googleusercontent.com

Software

Google Frontend /

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://um.ladsp.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=3600
via: 1.1 google
expires: Fri, 25 Apr 2025 10:20:47 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
date: Fri, 25 Apr 2025 09:20:47 GMT
content-type: image/gif
x-cloud-trace-context: 2f353bc7173fe514c08fb8a950036bf5
server: Google Frontend

GET
H/1.1 200 cs
discoveryplus.popin.cc/popin_discovery/ Frame 3D0D 35 B
469 B 40ms
11ms Image
image/gif 119.63.198.176
BAIDUJP Baidu

General

Check archive.org

Download Go to Show image

Full URL: https://discoveryplus.popin.cc/popin_discovery/cs?pid=logicad&puid=AUdtwyr5jO_Cks8AKJCcS1ZW188AAAGWbD_dbg
Requested by: Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_20_25_27_28_30_32_34_42_43&ts=1745572846718&svid=68
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.176 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://um.ladsp.com/

Response headers

Cross-Origin-Resource-Policy: cross-origin
Content-Length: 35
Date: Fri, 25 Apr 2025 09:20:47 GMT
Content-Type: image/gif
Server: nginx/1.13.5
Connection: keep-alive

GET
H2 200 sync
ad.as.amanad.adtdp.com/v1/ Frame 3D0D 42 B
833 B 54ms
12ms Image
image/gif 18.172.52.72
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL

https://ad.as.amanad.adtdp.com/v1/sync?dsp_id=29&uid=AUdtwyr5jO_Cks8AKJCcS1ZW188AAAGWbD_ddg

Requested by

Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_20_25_27_28_30_32_34_42_43&ts=1745572846718&svid=68

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.172.52.72 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-172-52-72.nrt20.r.cloudfront.net

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://um.ladsp.com/

Response headers

x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT
x-cache: Miss from cloudfront
x-amz-cf-id: VlK4aKZziJog8MFt-4YDGAL4k7nidGLQGaHwja_68Ju0KN_LzAqpbg==
date: Fri, 25 Apr 2025 09:20:47 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Architecture, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
via: 1.1 e9b294e06b5f3217927a97fd8cf6f922.cloudfront.net (CloudFront)
access-control-allow-origin: *
content-length: 42
x-xss-protection: 0
x-amz-cf-pop: NRT20-P2

GET
H2 200 sync
partners.tremorhub.com/ Frame 3D0D 43 B
175 B 624ms
170ms Image
image/gif 2600:1f10:4ce4:4a02:8a21:b52c:f946:1a6c
AMAZON-AES

General

Check archive.org

Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UILD=AUdtwyr5jO_Cks8AKJCcS1ZW188AAAGWbD_ddw
Requested by: Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_20_25_27_28_30_32_34_42_43&ts=1745572846718&svid=68
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f10:4ce4:4a02:8a21:b52c:f946:1a6c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://um.ladsp.com/

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Fri, 25 Apr 2025 09:20:47 GMT
content-type: image/gif
server: nginx

GET
H3 200 /
www.google.com/pagead/1p-user-list/774022946/ 42 B
64 B 6ms
6ms Image
image/gif 216.58.220.100
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/774022946/?random=1745572846799&cv=11&fst=1745571600000&bg=ffffff&guid=ON&async=1&gtm=45be54n0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.refa.net%2F&hn=www.googleadservices.com&frm=0&tiba=ReFa%20%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88%20%7C%20%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94&npa=0&pscdl=noapi&auid=457986581.1745572846&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDZpuyztqV0dBJIbBQ9ijhD1V6I33Dsvv-GFb_3rhetwz0PNgctD0I5&random=404546111&rmt_tld=0&ipr=y

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.220.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s30-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Fri, 25 Apr 2025 09:20:46 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.co.jp/pagead/1p-user-list/774022946/ 42 B
64 B 7ms
7ms Image
image/gif 172.217.31.163
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://www.google.co.jp/pagead/1p-user-list/774022946/?random=1745572846799&cv=11&fst=1745571600000&bg=ffffff&guid=ON&async=1&gtm=45be54n0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.refa.net%2F&hn=www.googleadservices.com&frm=0&tiba=ReFa%20%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88%20%7C%20%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94&npa=0&pscdl=noapi&auid=457986581.1745572846&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDZpuyztqV0dBJIbBQ9ijhD1V6I33Dsvv-GFb_3rhetwz0PNgctD0I5&random=404546111&rmt_tld=1&ipr=y

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.31.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s22-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Fri, 25 Apr 2025 09:20:46 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 /
apm.yahoo.co.jp/rt/ 0
0 26ms
15ms Fetch
text/javascript 202.239.3.249
YAHOO Yahoo Japan...

General

Check archive.org

Download Go to

Full URL

https://apm.yahoo.co.jp/rt/?p=F575CXIWEQ&label=&ref=https%3A%2F%2Fwww.refa.net%2F&rref=&pt=&item=&cat=&price=&quantity=&et_optout=false&r=1745572847.9149349&pvid=1969hnll5p9m9wl04la&su=18001034-f125-4ec5-aa0e-5cd89648fc26&__lt__cid_valid=true&_impl=ytag

Requested by

Host: s.yimg.jp
URL: https://s.yimg.jp/images/listing/tool/cv/ytag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

202.239.3.249 , Japan, ASN23816 (YAHOO Yahoo Japan Corporation, JP),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

access-control-expose-headers: X-Z-Burls
observe-browsing-topics: ?1
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 25 Apr 2025 09:20:46 GMT
content-type: text/javascript; charset=utf-8
vary: Origin
x-frame-options: SAMEORIGIN
cache-control: no-store, no-cache, max-age=0, must-revalidate, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
permissions-policy: ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*, unload=()
access-control-allow-origin: https://www.refa.net
content-length: 0
x-xss-protection: 1; mode=block

GET
H3

200

dc_pre=CNiF7cvt8owDFQ7yFgUdNOgFYg;src=10707063;type=220501;cat=2205_0;ord=1;num=2215576396758;npa=0;auiddc=*;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KpA;gtm=45fe54n0v919... Show response
adservice.google.com/ddm/fls/z/
Redirect Chain

https://ad.doubleclick.net/activity;src=10707063;type=220501;cat=2205_0;ord=1;num=2215576396758;npa=0;auiddc=457986581.1745572846;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu...
https://ad.doubleclick.net/activity;dc_pre=CNiF7cvt8owDFQ7yFgUdNOgFYg;src=10707063;type=220501;cat=2205_0;ord=1;num=2215576396758;npa=0;auiddc=457986581.1745572846;uaa=;uab=;uafvl=;uamb=0;uam=;uap=...
https://adservice.google.com/ddm/fls/z/dc_pre=CNiF7cvt8owDFQ7yFgUdNOgFYg;src=10707063;type=220501;cat=2205_0;ord=1;num=2215576396758;npa=0;auiddc=*;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;psc...

42 B
63 B

90ms
45ms

Fetch
image/gif

142.250.196.98
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CNiF7cvt8owDFQ7yFgUdNOgFYg;src=10707063;type=220501;cat=2205_0;ord=1;num=2215576396758;npa=0;auiddc=*;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KpA;gtm=45fe54n0v9190208834z877419047za200zb889117918;gcd=13l3l3l3l1l1;dma=0;dc_fmt=3;tag_exp=101509157~102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004;ptag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103130498~103130500~103200001;epver=2;dc_random=1745572846992;~oref=https%3A%2F%2Fwww.refa.net%2F

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Fri, 25 Apr 2025 09:20:47 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

Redirect headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
location: https://adservice.google.com/ddm/fls/z/dc_pre=CNiF7cvt8owDFQ7yFgUdNOgFYg;src=10707063;type=220501;cat=2205_0;ord=1;num=2215576396758;npa=0;auiddc=*;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KpA;gtm=45fe54n0v9190208834z877419047za200zb889117918;gcd=13l3l3l3l1l1;dma=0;dc_fmt=3;tag_exp=101509157~102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004;ptag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103130498~103130500~103200001;epver=2;dc_random=1745572846992;~oref=https%3A%2F%2Fwww.refa.net%2F
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Fri, 25 Apr 2025 09:20:47 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: cafe

GET
H2

200

activityi;dc_pre=CI-s9Mvt8owDFeyG6QUdv7o4Kw;src=10707063;type=220501;cat=2205_0;ord=1;num=2215576396758;npa=0;auiddc=457986581.1745572846;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;f... Show response
10707063.fls.doubleclick.net/ Frame 391D
Redirect Chain

https://10707063.fls.doubleclick.net/activityi;src=10707063;type=220501;cat=2205_0;ord=1;num=2215576396758;npa=0;auiddc=457986581.1745572846;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noap...
https://10707063.fls.doubleclick.net/activityi;dc_pre=CI-s9Mvt8owDFeyG6QUdv7o4Kw;src=10707063;type=220501;cat=2205_0;ord=1;num=2215576396758;npa=0;auiddc=457986581.1745572846;uaa=;uab=;uafvl=;uamb=...

814 B
630 B

47ms
46ms

Document
text/html

142.250.207.6
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://10707063.fls.doubleclick.net/activityi;dc_pre=CI-s9Mvt8owDFeyG6QUdv7o4Kw;src=10707063;type=220501;cat=2205_0;ord=1;num=2215576396758;npa=0;auiddc=457986581.1745572846;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KpA;gtm=45fe54n0v9190208834z877419047za200zb889117918;gcd=13l3l3l3l1l1;dma=0;dc_fmt=2;tag_exp=101509157~102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004;ptag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103130498~103130500~103200001;epver=2;dc_random=1745572846992;_dc_test=1;~oref=https%3A%2F%2Fwww.refa.net%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-10707063&l=dataLayer&cx=c&gtm=45je54n0v889117918za200zb77419047&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103130498~103130500~103200001

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s54-in-f6.1e100.net

Software

cafe /

Resource Hash

f9dba462d380b6ca44cf58feec02c6627e82baba075ec698722053efca925b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.refa.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 427
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 25 Apr 2025 09:20:47 GMT
expires: Fri, 25 Apr 2025 09:20:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 25 Apr 2025 09:20:47 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://10707063.fls.doubleclick.net/activityi;dc_pre=CI-s9Mvt8owDFeyG6QUdv7o4Kw;src=10707063;type=220501;cat=2205_0;ord=1;num=2215576396758;npa=0;auiddc=457986581.1745572846;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KpA;gtm=45fe54n0v9190208834z877419047za200zb889117918;gcd=13l3l3l3l1l1;dma=0;dc_fmt=2;tag_exp=101509157~102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004;ptag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103130498~103130500~103200001;epver=2;dc_random=1745572846992;_dc_test=1;~oref=https%3A%2F%2Fwww.refa.net%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activityi;fledge=1;src=10707063;type=220501;cat=2205_0;ord=1;num=2215576396758;npa=0;auiddc=457986581.1745572846;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KpA;gtm=45fe54n0... Show response
td.doubleclick.net/td/fls/rul/ Frame A6AC 13 B
38 B 8ms
7ms Document
text/html 142.251.42.162
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=10707063;type=220501;cat=2205_0;ord=1;num=2215576396758;npa=0;auiddc=457986581.1745572846;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KpA;gtm=45fe54n0v9190208834z877419047za200zb889117918;gcd=13l3l3l3l1l1;dma=0;dc_fmt=9;tag_exp=101509157~102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004;ptag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103130498~103130500~103200001;epver=2;dc_random=1745572846992;_dc_test=1;~oref=https%3A%2F%2Fwww.refa.net%2F?

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

cafe /

Resource Hash

b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.refa.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 25 Apr 2025 09:20:47 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 tr
www.facebook.com/ 0
16 B 3ms
2ms Image
text/plain 157.240.31.35
FACEBOOK

General

Check archive.org

Download Go to Show image

Full URL

https://www.facebook.com/tr?id=482992555229961&ev=PageView&cd[content_type]=product&cd[content_ids]=%5B%22%22%5D&eid=95a9177120bd4198bb9b4123492f36c2&cd[application_id]=423936147658676&ud[external_id]=eb511cba43fbe67e4730e65313188b7a6333990d9366f1b8f6254370b33c2087&fbp=fb.1.1745572846697.921218279429259436&cd[p_id]=24259&cd[is_app_event]=n&dl=https%3A%2F%2Fwww.refa.net%2F

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.31.35 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-nrt1.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=29, mss=1232, tbw=12499, tp=29, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Fri, 25 Apr 2025 09:20:47 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H2 200 /
apm.yahoo.co.jp/rt/ 0
0 27ms
25ms Fetch
text/javascript 202.239.3.249
YAHOO Yahoo Japan...

General

Check archive.org

Download Go to

Full URL

https://apm.yahoo.co.jp/rt/?p=UHWDCG97KB&label=&ref=https%3A%2F%2Fwww.refa.net%2F&rref=&pt=&item=&cat=&price=&quantity=&et_optout=false&r=1745572847.9309287&pvid=1969hnll5p9m9wl04la&su=18001034-f125-4ec5-aa0e-5cd89648fc26&__lt__cid_valid=true&_impl=ytag

Requested by

Host: s.yimg.jp
URL: https://s.yimg.jp/images/listing/tool/cv/ytag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

202.239.3.249 , Japan, ASN23816 (YAHOO Yahoo Japan Corporation, JP),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

access-control-expose-headers: X-Z-Burls
observe-browsing-topics: ?1
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 25 Apr 2025 09:20:47 GMT
content-type: text/javascript; charset=utf-8
vary: Origin
x-frame-options: SAMEORIGIN
cache-control: no-store, no-cache, max-age=0, must-revalidate, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
permissions-policy: ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*, unload=()
access-control-allow-origin: https://www.refa.net
content-length: 0
x-xss-protection: 1; mode=block

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 6ms
4ms Image
text/plain 157.240.31.35
FACEBOOK

General

Check archive.org

Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=505248416521218&ev=PageView&dl=https%3A%2F%2Fwww.refa.net%2F&rl=&if=false&ts=1745572847049&sw=1600&sh=1200&v=2.9.199&r=stable&ec=0&o=4126&fbp=fb.1.1745572846697.921218279429259436&ler=empty&cdl=API_unavailable&it=1745572846647&coo=false&eid=27f3b689b52a403d1d14ae845931ce4d&tm=1&exp=k2&rqm=GET

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.31.35 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-nrt1.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=30, mss=1232, tbw=12835, tp=34, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Fri, 25 Apr 2025 09:20:47 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
194 B 159ms
157ms Image
image/png 157.240.31.35
FACEBOOK

General

Check archive.org

Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=505248416521218&ev=PageView&dl=https%3A%2F%2Fwww.refa.net%2F&rl=&if=false&ts=1745572847049&sw=1600&sh=1200&v=2.9.199&r=stable&ec=0&o=4126&fbp=fb.1.1745572846697.921218279429259436&ler=empty&cdl=API_unavailable&it=1745572846647&coo=false&eid=27f3b689b52a403d1d14ae845931ce4d&tm=1&exp=k2&rqm=FGET

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.31.35 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-nrt1.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'nonce-5R7whKrD' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;child-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net accounts.meta.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;manifest-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;object-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7497178290959781847&cpp=C3e&cv=1022232475&st=1745572847127"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 25 Apr 2025 09:20:47 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: 7hrpQHP6j68jxeDDm5gCYBPjhXUem1zKWRtc0bZSWH6tIYBbPWd1WgE2JV0IO1RF9ixFEGyDWiTI4qxwXmHPjg==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7497178290959781847&cpp=C3e&cv=1022232475&st=1745572847127", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'nonce-5R7whKrD' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;child-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net accounts.meta.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;manifest-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;object-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=30, mss=1232, tbw=13290, tp=40, tpl=0, uplat=155, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
cross-origin-opener-policy-report-only: restrict-properties;report-to="coop_report"
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 5ms
3ms Image
text/plain 157.240.31.35
FACEBOOK

General

Check archive.org

Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=980253745499760&ev=PageView&dl=https%3A%2F%2Fwww.refa.net%2F&rl=&if=false&ts=1745572847051&sw=1600&sh=1200&v=2.9.199&r=stable&ec=1&o=4126&fbp=fb.1.1745572846697.921218279429259436&ler=empty&cdl=API_unavailable&it=1745572846647&coo=false&eid=315ffd9a5603008091d5b8b73e7872b2&tm=1&exp=k2&rqm=GET

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.31.35 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-nrt1.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=30, mss=1232, tbw=13027, tp=36, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Fri, 25 Apr 2025 09:20:47 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
192 B 169ms
168ms Image
image/png 157.240.31.35
FACEBOOK

General

Check archive.org

Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=980253745499760&ev=PageView&dl=https%3A%2F%2Fwww.refa.net%2F&rl=&if=false&ts=1745572847051&sw=1600&sh=1200&v=2.9.199&r=stable&ec=1&o=4126&fbp=fb.1.1745572846697.921218279429259436&ler=empty&cdl=API_unavailable&it=1745572846647&coo=false&eid=315ffd9a5603008091d5b8b73e7872b2&tm=1&exp=k2&rqm=FGET

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.31.35 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-nrt1.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'nonce-lu3UcX5P' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;child-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net accounts.meta.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;manifest-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;object-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7497178292151230033&cpp=C3&cv=1022232475&st=1745572847133"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 25 Apr 2025 09:20:47 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: BstHHgU7w3zvkNpcRzR7Go+kYBHWu11lc2DnsygkB9daOq53i0T9uM18nH0p7dv9b48ZFFka0+nKJY6Nj0ruyA==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7497178292151230033&cpp=C3&cv=1022232475&st=1745572847133", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'nonce-lu3UcX5P' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;child-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net accounts.meta.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;manifest-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;object-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=32, mss=1232, tbw=15802, tp=43, tpl=0, uplat=165, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
cross-origin-opener-policy-report-only: restrict-properties;report-to="coop_report"
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 /
www.google.com/pagead/1p-user-list/774025335/ 42 B
64 B 8ms
7ms Image
image/gif 216.58.220.100
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/774025335/?random=1745572846850&cv=11&fst=1745571600000&bg=ffffff&guid=ON&async=1&gtm=45be54n0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.refa.net%2F&hn=www.googleadservices.com&frm=0&tiba=ReFa%20%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88%20%7C%20%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94&npa=0&pscdl=noapi&auid=457986581.1745572846&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDZpuyzY_fXLw3dwb5KHusIkunnjecV48H9vLgwDchunI0C4TVGp1o0&random=334333699&rmt_tld=0&ipr=y

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.220.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s30-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Fri, 25 Apr 2025 09:20:47 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.co.jp/pagead/1p-user-list/774025335/ 42 B
64 B 8ms
7ms Image
image/gif 172.217.31.163
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://www.google.co.jp/pagead/1p-user-list/774025335/?random=1745572846850&cv=11&fst=1745571600000&bg=ffffff&guid=ON&async=1&gtm=45be54n0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.refa.net%2F&hn=www.googleadservices.com&frm=0&tiba=ReFa%20%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88%20%7C%20%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94&npa=0&pscdl=noapi&auid=457986581.1745572846&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDZpuyzY_fXLw3dwb5KHusIkunnjecV48H9vLgwDchunI0C4TVGp1o0&random=334333699&rmt_tld=1&ipr=y

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.31.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s22-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Fri, 25 Apr 2025 09:20:47 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 187039622.js Show response
bat.bing.com/p/action/ 7 KB
3 KB 24ms
23ms Script
application/javascript 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to

Full URL

https://bat.bing.com/p/action/187039622.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8ecd899b23b5480c354a38a0a3792aa8b267dd59c93a874d71993696b0a9dc57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=60
content-encoding: br
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0970708FD3604E33834B5B36B8AF1626 Ref B: TYO201151003025 Ref C: 2025-04-25T09:20:47Z
x-cache: CONFIG_NOCACHE
date: Fri, 25 Apr 2025 09:20:46 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding

GET
H3 200 /
www.google.com/pagead/1p-user-list/774046165/ 42 B
64 B 10ms
10ms Image
image/gif 216.58.220.100
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/774046165/?random=1745572846885&cv=11&fst=1745571600000&bg=ffffff&guid=ON&async=1&gtm=45be54n0v881674415za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.refa.net%2F&hn=www.googleadservices.com&frm=0&tiba=ReFa%20%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88%20%7C%20%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94&npa=0&pscdl=noapi&auid=457986581.1745572846&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDZpuyzVtoW19W7xmT9cZV7QTnUBMUpQT_PJJ1iHB3FDr_kOHiHvjYC&random=378255513&rmt_tld=0&ipr=y

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.220.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s30-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Fri, 25 Apr 2025 09:20:47 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.co.jp/pagead/1p-user-list/774046165/ 42 B
64 B 10ms
9ms Image
image/gif 172.217.31.163
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://www.google.co.jp/pagead/1p-user-list/774046165/?random=1745572846885&cv=11&fst=1745571600000&bg=ffffff&guid=ON&async=1&gtm=45be54n0v881674415za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.refa.net%2F&hn=www.googleadservices.com&frm=0&tiba=ReFa%20%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88%20%7C%20%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94&npa=0&pscdl=noapi&auid=457986581.1745572846&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDZpuyzVtoW19W7xmT9cZV7QTnUBMUpQT_PJJ1iHB3FDr_kOHiHvjYC&random=378255513&rmt_tld=1&ipr=y

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.31.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s22-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Fri, 25 Apr 2025 09:20:47 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H/1.1 200
OK /
b99.yahoo.co.jp/pagead/conversion/1001260589/ 42 B
742 B 26ms
21ms Image
image/gif 182.22.30.204
YAHOO Yahoo Japan...

General

Check archive.org

Download Go to Show image

Full URL

https://b99.yahoo.co.jp/pagead/conversion/1001260589/?random=1745572847072&cv=9&fst=1745572847072&num=1&fmt=3&guid=ON&disvt=false&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=540&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.refa.net%2F&tiba=ReFa%20%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88%20%7C%20%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&async=1

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

182.22.30.204 , Japan, ASN23816 (YAHOO Yahoo Japan Corporation, JP),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

Age: 0
X-Content-Type-Options: nosniff
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Date: Fri, 25 Apr 2025 09:20:47 GMT
Content-Type: image/gif
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: script-src 'none'; object-src 'none'
Cache-Control: no-cache, no-store, must-revalidate
Timing-Allow-Origin: *
Pragma: no-cache
Accept-CH: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Permissions-Policy: unload=(), ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
Content-Length: 42
X-XSS-Protection: 0
Server: cafe

GET
H/1.1 200
OK /
b99.yahoo.co.jp/pagead/conversion/1001047227/ 42 B
742 B 27ms
20ms Image
image/gif 182.22.30.204
YAHOO Yahoo Japan...

General

Check archive.org

Download Go to Show image

Full URL

https://b99.yahoo.co.jp/pagead/conversion/1001047227/?random=1745572847076&cv=9&fst=1745572847076&num=1&fmt=3&guid=ON&disvt=false&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=540&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.refa.net%2F&tiba=ReFa%20%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88%20%7C%20%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&async=1

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

182.22.30.204 , Japan, ASN23816 (YAHOO Yahoo Japan Corporation, JP),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

Age: 0
X-Content-Type-Options: nosniff
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Date: Fri, 25 Apr 2025 09:20:47 GMT
Content-Type: image/gif
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: script-src 'none'; object-src 'none'
Cache-Control: no-cache, no-store, must-revalidate
Timing-Allow-Origin: *
Pragma: no-cache
Accept-CH: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Permissions-Policy: unload=(), ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
Content-Length: 42
X-XSS-Protection: 0
Server: cafe

GET
H2 200 topics
b6.im-apps.net/ 14 B
0 31ms
7ms Fetch
application/json 2600:1901:0:d706::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://b6.im-apps.net/topics
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/js/1012284/0001/itm.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:d706:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

cache-control: private, no-store
access-control-allow-credentials: true
observe-browsing-topics: ?1
via: 1.1 google
access-control-allow-origin: https://www.refa.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 25 Apr 2025 09:20:47 GMT
content-type: application/json

GET
H/1.1 200
OK segment Show response
sync6.im-apps.net/1012284/ 2 KB
3 KB 54ms
30ms XHR
application/json 2600:140b:6c00:48::1735:344
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to

Full URL: https://sync6.im-apps.net/1012284/segment?token=X19pbV9zaWRzMA
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/js/1012284/0001/itm.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:140b:6c00:48::1735:344 , United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: /
Resource Hash: faaaa20ec2e395dc630c7d9019688df002cb00744f4fff1f4e3f901eaedecf5f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

Cache-Control: private, max-age=1800
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.refa.net
Content-Length: 2521
Date: Fri, 25 Apr 2025 09:20:47 GMT
Content-Type: application/json
Vary: Origin

GET
H2

200

2fURsk
b.im-apps.net/pv/
Redirect Chain

https://b6.im-apps.net/pv/2fURsk?cid=1012284&url=https%3A%2F%2Fwww.refa.net%2F&ref=&title=ReFa%20%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%...
https://b.im-apps.net/pv/2fURsk?cid=1012284&ehid=VkJyglsOAZfKah1Y&lang=ja-jp&ref&title=ReFa+%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82...

43 B
565 B

66ms
6ms

Image
image/gif

34.49.1.209
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to Show image

Full URL: https://b.im-apps.net/pv/2fURsk?cid=1012284&ehid=VkJyglsOAZfKah1Y&lang=ja-jp&ref&title=ReFa+%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88+%7C+%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94%E7%BE%8E%E5%AE%B9%E3%83%BB%E7%BE%8E%E5%AE%B9%E3%83%89%E3%83%AA%E3%83%B3%E3%82%AF%E3%83%BB%E7%82%AD%E9%85%B8%E7%BE%8E%E5%AE%B9%E3%83%BB%E3%82%B9%E3%82%AD%E3%83%B3%E3%82%B1%E3%82%A2%E3%83%BB%E3%82%B3%E3%83%A9%E3%83%BC%E3%82%B2%E3%83%B3%E3%83%BB%E3%83%98%E3%83%83%E3%83%89%E3%82%B9%E3%83%91%E3%83%BB%E3%83%89%E3%83%A9%E3%82%A4%E3%83%A4%E3%83%BC&url=https%3A%2F%2Fwww.refa.net%2F
Requested by: Host: www.refa.net
URL: https://www.refa.net/
Protocol: H2
Server: 34.49.1.209 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 209.1.49.34.bc.googleusercontent.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
date: Fri, 25 Apr 2025 09:20:47 GMT
content-type: image/gif
last-modified: Mon, 28 Sep 1970 06:00:00 GMT

Redirect headers

via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
location: https://b.im-apps.net/pv/2fURsk?cid=1012284&ehid=VkJyglsOAZfKah1Y&lang=ja-jp&ref&title=ReFa+%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88+%7C+%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94%E7%BE%8E%E5%AE%B9%E3%83%BB%E7%BE%8E%E5%AE%B9%E3%83%89%E3%83%AA%E3%83%B3%E3%82%AF%E3%83%BB%E7%82%AD%E9%85%B8%E7%BE%8E%E5%AE%B9%E3%83%BB%E3%82%B9%E3%82%AD%E3%83%B3%E3%82%B1%E3%82%A2%E3%83%BB%E3%82%B3%E3%83%A9%E3%83%BC%E3%82%B2%E3%83%B3%E3%83%BB%E3%83%98%E3%83%83%E3%83%89%E3%82%B9%E3%83%91%E3%83%BB%E3%83%89%E3%83%A9%E3%82%A4%E3%83%A4%E3%83%BC&url=https%3A%2F%2Fwww.refa.net%2F
content-length: 151
date: Fri, 25 Apr 2025 09:20:47 GMT
content-type: text/html

GET
H2 200 187039622 Show response
www.clarity.ms/tag/uet/ 865 B
1 KB 188ms
171ms Script
application/x-javascript 2620:1ec:bdf::46
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to

Full URL: https://www.clarity.ms/tag/uet/187039622?insights=1
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/187039622.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::46 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 7056cadddfb827921163a97671f6e02142116e0dbcfe568208b63335a5ced7dd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

cache-control: no-cache, no-store
request-context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
expires: -1
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 865
date: Fri, 25 Apr 2025 09:20:47 GMT
content-type: application/x-javascript
x-azure-ref: 20250425T092047Z-1754b9cc9cb7mv66hC1TYOa5zw0000000e7g00000001knph

GET
H2 204 0
bat.bing.com/action/ 0
232 B 75ms
73ms Image
text/plain 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=187039622&Ver=2&mid=92969751-e6ec-4141-9b38-cbf4f6b56164&bo=1&sid=924feb0021b611f0a4add7728e51d341&vid=924ff13021b611f0ba03b1ba71961c85&vids=1&msclkid=N&pi=918639831&lg=ja-JP&sw=1600&sh=1200&sc=24&tl=ReFa%20%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88%20%7C%20%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94%E7%BE%8E%E5%AE%B9%E3%83%BB%E7%BE%8E%E5%AE%B9%E3%83%89%E3%83%AA%E3%83%B3%E3%82%AF%E3%83%BB%E7%82%AD%E9%85%B8%E7%BE%8E%E5%AE%B9%E3%83%BB%E3%82%B9%E3%82%AD%E3%83%B3%E3%82%B1%E3%82%A2%E3%83%BB%E3%82%B3%E3%83%A9%E3%83%BC%E3%82%B2%E3%83%B3%E3%83%BB%E3%83%98%E3%83%83%E3%83%89%E3%82%B9%E3%83%91%E3%83%BB%E3%83%89%E3%83%A9%E3%82%A4%E3%83%A4%E3%83%BC&kw=ReFa,%E3%83%AA%E3%83%95%E3%82%A1,MTG,%E6%A6%AE%E5%80%89%E5%A5%88%E3%80%85,%E5%B1%B1%E7%94%B0%E8%A3%95%E8%B2%B4,%E7%BE%8E%E9%A1%94%E3%83%AD%E3%83%BC%E3%83%A9%E3%83%BC,%E7%BE%8E%E5%AE%B9%E3%83%AD%E3%83%BC%E3%83%A9%E3%83%BC,%E6%B4%97%E9%A1%94,%E7%BE%8E%E5%AE%B9%E6%B6%B2,%E5%8C%96%E7%B2%A7%E6%B0%B4,%E7%BE%8E%E5%AE%B9%E7%BF%92%E6%85%A3,%E7%BE%8E%E5%AE%B9%E3%83%89%E3%83%AA%E3%83%B3%E3%82%AF,%E3%82%B3%E3%83%A9%E3%83%BC%E3%82%B2%E3%83%B3,%E3%82%B3%E3%83%A9%E3%83%BC%E3%82%B2%E3%83%B3%E3%83%89%E3%83%AA%E3%83%B3%E3%82%AF,%E9%A0%AD%E7%9A%AE,%E7%82%AD%E9%85%B8,%E7%82%AD%E9%85%B8%E3%83%9F%E3%82%B9%E3%83%88,%E3%83%AA%E3%83%95%E3%83%88%E3%82%A2%E3%83%83%E3%83%97,%E3%81%9F%E3%82%8B%E3%81%BF%E6%94%B9%E5%96%84,%E8%82%8C,%E3%81%8A%E3%81%86%E3%81%A1%E7%BE%8E%E5%AE%B9,%E3%82%AD%E3%83%AC%E3%82%A4,%E7%B6%BA%E9%BA%97,%E7%BE%8E%E3%81%97%E3%81%95,%E3%81%8B%E3%82%8F%E3%81%84%E3%81%84,%E3%83%98%E3%83%83%E3%83%89%E3%82%B9%E3%83%91,%E3%82%B9%E3%82%AD%E3%83%B3%E3%82%B1%E3%82%A2,%E3%83%89%E3%83%A9%E3%82%A4%E3%83%A4%E3%83%BC,%E3%83%98%E3%82%A2%E3%82%A2%E3%82%A4%E3%83%AD%E3%83%B3&p=https%3A%2F%2Fwww.refa.net%2F&r=&lt=468&evt=pageLoad&sv=1&cdb=AQwT&rn=471306

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4079EE65C7494A06B88470AE2973D045 Ref B: TYO201151003025 Ref C: 2025-04-25T09:20:47Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Fri, 25 Apr 2025 09:20:46 GMT

GET
H2 204 0
bat.bing.com/action/ 0
362 B 23ms
21ms Image
text/plain 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=187039622&Ver=2&mid=92969751-e6ec-4141-9b38-cbf4f6b56164&bo=2&sid=924feb0021b611f0a4add7728e51d341&vid=924ff13021b611f0ba03b1ba71961c85&vids=0&msclkid=N&pagetype=home&en=Y&p=https%3A%2F%2Fwww.refa.net%2F&sw=1600&sh=1200&sc=24&evt=custom&cdb=AQwT&rn=190692

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 803FE21DBC134ABDB7F75CD16605EA09 Ref B: TYO201151003025 Ref C: 2025-04-25T09:20:47Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Fri, 25 Apr 2025 09:20:46 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/774046165/ 42 B
64 B 7ms
6ms Image
image/gif 216.58.220.100
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/774046165/?random=1745572846938&cv=11&fst=1745571600000&bg=ffffff&guid=ON&async=1&gtm=45be54n0v881674415za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.refa.net%2F&hn=www.googleadservices.com&frm=0&tiba=ReFa%20%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88%20%7C%20%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94&did=dYmQxMT&gdid=dYmQxMT&npa=0&pscdl=noapi&auid=457986581.1745572846&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDZpuyzMFjkh9bKzlaSiA7NHjRQMjkrHxFpwM_tFUv33JvFTGh6BhDh&random=1221915526&rmt_tld=0&ipr=y

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.220.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s30-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Fri, 25 Apr 2025 09:20:47 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.co.jp/pagead/1p-user-list/774046165/ 42 B
64 B 10ms
8ms Image
image/gif 172.217.31.163
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://www.google.co.jp/pagead/1p-user-list/774046165/?random=1745572846938&cv=11&fst=1745571600000&bg=ffffff&guid=ON&async=1&gtm=45be54n0v881674415za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.refa.net%2F&hn=www.googleadservices.com&frm=0&tiba=ReFa%20%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88%20%7C%20%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94&did=dYmQxMT&gdid=dYmQxMT&npa=0&pscdl=noapi&auid=457986581.1745572846&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDZpuyzMFjkh9bKzlaSiA7NHjRQMjkrHxFpwM_tFUv33JvFTGh6BhDh&random=1221915526&rmt_tld=1&ipr=y

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.31.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s22-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Fri, 25 Apr 2025 09:20:47 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10974633921/ 5 KB
2 KB 61ms
61ms Script
text/javascript 142.250.207.2
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10974633921/?random=1745572847150&cv=11&fst=1745572847150&bg=ffffff&guid=ON&async=1&gtm=45be54n0v9102968195za200zb77419047&gcd=13l3l3l3l1l1&dma=0&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103130495~103130497~103200001&ptag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103130498~103130500~103200001&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.refa.net%2F&hn=www.googleadservices.com&frm=0&tiba=ReFa%20%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88%20%7C%20%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94&did=dYmQxMT&gdid=dYmQxMT&npa=0&pscdl=noapi&auid=457986581.1745572846&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10974633921&l=dataLayer&cx=c&gtm=45He54n0v77419047za200&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103130498~103130500~103200001

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.207.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s54-in-f2.1e100.net

Software

cafe /

Resource Hash

db18894477b9adf3bb7cbd717cd14cf77b18827fb6f57ca92b40a8e065ab7480

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2047
date: Fri, 25 Apr 2025 09:20:47 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 10974633921 Show response
td.doubleclick.net/td/rul/ Frame ADBA 11 KB
2 KB 13ms
12ms Document
text/html 142.251.42.162
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://td.doubleclick.net/td/rul/10974633921?random=1745572847150&cv=11&fst=1745572847150&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be54n0v9102968195za200zb77419047&gcd=13l3l3l3l1l1&dma=0&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103130495~103130497~103200001&ptag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103130498~103130500~103200001&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.refa.net%2F&hn=www.googleadservices.com&frm=0&tiba=ReFa%20%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88%20%7C%20%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94&did=dYmQxMT&gdid=dYmQxMT&npa=0&pscdl=noapi&auid=457986581.1745572846&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

cafe /

Resource Hash

90bd413f9a64c95501976df47ad94702efade170018846977d66a086aa97725f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.refa.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 1552
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 25 Apr 2025 09:20:47 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10974633921/ 5 KB
2 KB 96ms
96ms Script
text/javascript 142.250.207.2
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10974633921/?random=1745572847204&cv=11&fst=1745572847204&bg=ffffff&guid=ON&async=1&gtm=45be54n0v9102968195za200zb77419047&gcd=13l3l3l3l1l1&dma=0&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103130495~103130497~103200001&ptag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103130498~103130500~103200001&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.refa.net%2F&hn=www.googleadservices.com&frm=0&tiba=ReFa%20%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88%20%7C%20%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94&did=dYmQxMT&gdid=dYmQxMT&npa=0&pscdl=noapi&auid=457986581.1745572846&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view&rfmt=3&fmt=4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.207.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s54-in-f2.1e100.net

Software

cafe /

Resource Hash

54a6e3d48c01389588bed37b054d563d56b6b6fe980bc8e086148c80488df4fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2048
date: Fri, 25 Apr 2025 09:20:47 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 10974633921 Show response
td.doubleclick.net/td/rul/ Frame B280 11 KB
2 KB 16ms
15ms Document
text/html 142.251.42.162
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://td.doubleclick.net/td/rul/10974633921?random=1745572847204&cv=11&fst=1745572847204&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be54n0v9102968195za200zb77419047&gcd=13l3l3l3l1l1&dma=0&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103130495~103130497~103200001&ptag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103130498~103130500~103200001&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.refa.net%2F&hn=www.googleadservices.com&frm=0&tiba=ReFa%20%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88%20%7C%20%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94&did=dYmQxMT&gdid=dYmQxMT&npa=0&pscdl=noapi&auid=457986581.1745572846&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

cafe /

Resource Hash

1cd9fbd562188e62f5cc582f1aa282277238efcfcd7d0a1bfdabedeb9805dd38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.refa.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 1551
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 25 Apr 2025 09:20:47 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 332 KB
113 KB 63ms
63ms Script
application/javascript 142.251.42.200
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5PVRT2K&l=itm_dl1_1012284

Requested by

Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/js/1012284/0001/itm.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.200 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

0bfeb4995ea62040453ba709f72d8015acbbb94a10807e1a3388729e27c41235

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

content-encoding: br
report-to: {"group":"ascgcycc:1310:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1310:0"}],}
expires: Fri, 25 Apr 2025 09:20:47 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 25 Apr 2025 09:20:47 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 25 Apr 2025 09:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1310:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1310:0
content-length: 115827
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 /
www.google.com/pagead/1p-user-list/10974633921/ 42 B
64 B 7ms
6ms Image
image/gif 216.58.220.100
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10974633921/?random=1745572847150&cv=11&fst=1745571600000&bg=ffffff&guid=ON&async=1&gtm=45be54n0v9102968195za200zb77419047&gcd=13l3l3l3l1l1&dma=0&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103130495~103130497~103200001&ptag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103130498~103130500~103200001&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.refa.net%2F&hn=www.googleadservices.com&frm=0&tiba=ReFa%20%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88%20%7C%20%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94&did=dYmQxMT&gdid=dYmQxMT&npa=0&pscdl=noapi&auid=457986581.1745572846&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDZpuyzW7y_VDDw2_kNez0T-5kA4bmRygUdU93tslTissKERLlFA3wt&random=1934726442&rmt_tld=0&ipr=y

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.220.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s30-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Fri, 25 Apr 2025 09:20:47 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.co.jp/pagead/1p-user-list/10974633921/ 42 B
64 B 7ms
6ms Image
image/gif 172.217.31.163
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://www.google.co.jp/pagead/1p-user-list/10974633921/?random=1745572847150&cv=11&fst=1745571600000&bg=ffffff&guid=ON&async=1&gtm=45be54n0v9102968195za200zb77419047&gcd=13l3l3l3l1l1&dma=0&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103130495~103130497~103200001&ptag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103130498~103130500~103200001&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.refa.net%2F&hn=www.googleadservices.com&frm=0&tiba=ReFa%20%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88%20%7C%20%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94&did=dYmQxMT&gdid=dYmQxMT&npa=0&pscdl=noapi&auid=457986581.1745572846&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDZpuyzW7y_VDDw2_kNez0T-5kA4bmRygUdU93tslTissKERLlFA3wt&random=1934726442&rmt_tld=1&ipr=y

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.31.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s22-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Fri, 25 Apr 2025 09:20:47 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 dc_pre=CI-s9Mvt8owDFeyG6QUdv7o4Kw;src=10707063;type=220501;cat=2205_0;ord=1;num=2215576396758;npa=0;auiddc=*;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KpA;gtm=45fe54n0v919...
adservice.google.com/ddm/fls/z/ Frame 391D 42 B
63 B 93ms
45ms Image
image/gif 142.250.196.98
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CI-s9Mvt8owDFeyG6QUdv7o4Kw;src=10707063;type=220501;cat=2205_0;ord=1;num=2215576396758;npa=0;auiddc=*;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KpA;gtm=45fe54n0v9190208834z877419047za200zb889117918;gcd=13l3l3l3l1l1;dma=0;dc_fmt=2;tag_exp=101509157~102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004;ptag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103130498~103130500~103200001;epver=2;dc_random=1745572846992;_dc_test=1;~oref=https%3A%2F%2Fwww.refa.net%2F

Requested by

Host: 10707063.fls.doubleclick.net
URL: https://10707063.fls.doubleclick.net/activityi;dc_pre=CI-s9Mvt8owDFeyG6QUdv7o4Kw;src=10707063;type=220501;cat=2205_0;ord=1;num=2215576396758;npa=0;auiddc=457986581.1745572846;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KpA;gtm=45fe54n0v9190208834z877419047za200zb889117918;gcd=13l3l3l3l1l1;dma=0;dc_fmt=2;tag_exp=101509157~102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004;ptag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103130498~103130500~103200001;epver=2;dc_random=1745572846992;_dc_test=1;~oref=https%3A%2F%2Fwww.refa.net%2F?

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://10707063.fls.doubleclick.net/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Fri, 25 Apr 2025 09:20:47 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.8.1/ 70 KB
29 KB 4ms
4ms Script
application/javascript 2620:1ec:bdf::46
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to

Full URL: https://www.clarity.ms/s/0.8.1/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/187039622?insights=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::46 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 2e914ba245ff42449ed9ad8103d185ec7f8ddf5896a1b1a1b9c0a5427893c420

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

x-azure-ref: 20250425T092047Z-1754b9cc9cb7mv66hC1TYOa5zw0000000e7g00000001knrc
cache-control: public, max-age=86400
x-ms-version: 2018-03-28
content-encoding: br
etag: W/"0x8DD6722E0B7F6F4"
x-fd-int-roxy-purgeid: 79034942
x-ms-request-id: 97c7b7c8-d01e-007a-76c4-ac339b000000
access-control-allow-origin: *
x-cache: TCP_HIT
date: Fri, 25 Apr 2025 09:20:47 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 19 Mar 2025 20:16:05 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/10974633921/ 42 B
64 B 6ms
6ms Image
image/gif 216.58.220.100
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10974633921/?random=1745572847204&cv=11&fst=1745571600000&bg=ffffff&guid=ON&async=1&gtm=45be54n0v9102968195za200zb77419047&gcd=13l3l3l3l1l1&dma=0&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103130495~103130497~103200001&ptag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103130498~103130500~103200001&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.refa.net%2F&hn=www.googleadservices.com&frm=0&tiba=ReFa%20%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88%20%7C%20%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94&did=dYmQxMT&gdid=dYmQxMT&npa=0&pscdl=noapi&auid=457986581.1745572846&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDZpuyzZq1J8xsoiTpkTFR4iT7D72ngsihy2Mhoo6gKVdrcowpw8QXn&random=2170527730&rmt_tld=0&ipr=y

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.220.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s30-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Fri, 25 Apr 2025 09:20:47 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.co.jp/pagead/1p-user-list/10974633921/ 42 B
64 B 7ms
6ms Image
image/gif 172.217.31.163
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://www.google.co.jp/pagead/1p-user-list/10974633921/?random=1745572847204&cv=11&fst=1745571600000&bg=ffffff&guid=ON&async=1&gtm=45be54n0v9102968195za200zb77419047&gcd=13l3l3l3l1l1&dma=0&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103130495~103130497~103200001&ptag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103130498~103130500~103200001&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.refa.net%2F&hn=www.googleadservices.com&frm=0&tiba=ReFa%20%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88%20%7C%20%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94&did=dYmQxMT&gdid=dYmQxMT&npa=0&pscdl=noapi&auid=457986581.1745572846&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDZpuyzZq1J8xsoiTpkTFR4iT7D72ngsihy2Mhoo6gKVdrcowpw8QXn&random=2170527730&rmt_tld=1&ipr=y

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.31.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s22-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Fri, 25 Apr 2025 09:20:47 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H/1.1 200
OK /
b97.yahoo.co.jp/pagead/conversion/1001047234/ 42 B
742 B 37ms
34ms Image
image/gif 182.22.30.204
YAHOO Yahoo Japan...

General

Check archive.org

Download Go to Show image

Full URL

https://b97.yahoo.co.jp/pagead/conversion/1001047234/?random=1745572847398&cv=9&fst=1745572847398&num=1&fmt=3&guid=ON&disvt=false&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=540&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.refa.net%2F&tiba=ReFa%20%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88%20%7C%20%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&async=1

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

182.22.30.204 , Japan, ASN23816 (YAHOO Yahoo Japan Corporation, JP),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

Age: 0
X-Content-Type-Options: nosniff
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Date: Fri, 25 Apr 2025 09:20:47 GMT
Content-Type: image/gif
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: script-src 'none'; object-src 'none'
Cache-Control: no-cache, no-store, must-revalidate
Timing-Allow-Origin: *
Pragma: no-cache
Accept-CH: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Permissions-Policy: unload=(), ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
Content-Length: 42
X-XSS-Protection: 0
Server: cafe

GET
H2 200 log.2.js Show response
dmp.im-apps.net/sdk/ 71 KB
23 KB 24ms
23ms Script
text/javascript 2600:140b:1a00:23::173f:e91f
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to

Full URL: https://dmp.im-apps.net/sdk/log.2.js
Requested by: Host: www.refa.net
URL: https://www.refa.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:140b:1a00:23::173f:e91f Tokyo, Japan, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: /
Resource Hash: 41a3a830e07e40cdbf135818a398d3b439a1b5e7a6d5b1e3c4112a06b5d63fb6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

x-amz-replication-status: COMPLETED
cache-control: public, max-age=10800
content-encoding: gzip
etag: "4dcde26c5f4ff9f3eb79962a77d10a4a"
x-amz-version-id: qfyT9NNLsCm.Oon0dNwAOJ3UjhRxObwo
expires: Fri, 25 Apr 2025 12:20:47 GMT
accept-ranges: bytes
content-length: 22961
p3p: CP="NOI PSD OTR"
date: Fri, 25 Apr 2025 09:20:47 GMT
last-modified: Tue, 19 Sep 2023 16:24:17 GMT
content-type: text/javascript
vary: Accept-Encoding
x-amz-server-side-encryption: AES256

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 281 KB
99 KB 50ms
50ms Script
application/javascript 142.251.42.200
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-12693547&l=itm_dl1_1012284&cx=c&gtm=45He54n0v896570462za200&tag_exp=102887800~103051953~103071290~103077950~103106314~103106316~103116025~103130360~103130362~103200001

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5PVRT2K&l=itm_dl1_1012284

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.200 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

8874e48a579600823ed18b028068ff8588dc63edea823cd83eca0b75674812e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

content-encoding: br
report-to: {"group":"ascgcysghrgc:42:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Fri, 25 Apr 2025 09:20:47 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 25 Apr 2025 09:20:47 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 25 Apr 2025 09:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcysghrgc:42:0
content-length: 101196
x-xss-protection: 0
server: Google Tag Manager

GET
H/1.1 200
OK fraud Show response
sync6.im-apps.net/v1/ 28 B
791 B 29ms
29ms XHR
application/json 2600:140b:6c00:48::1735:344
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to

Full URL: https://sync6.im-apps.net/v1/fraud?escv_id=31871
Requested by: Host: www.refa.net
URL: https://www.refa.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:140b:6c00:48::1735:344 , United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: /
Resource Hash: 74a8928649d9a790c33200230bcac1405bc83a4954fab1658994bd9d4a91b2ff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

Cache-Control: private, max-age=1800
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.refa.net
Content-Length: 28
Date: Fri, 25 Apr 2025 09:20:47 GMT
Content-Type: application/json
Vary: Origin

GET
H2 200 mk Show response
bypass.ad-stir.com/ 1 KB
742 B 58ms
6ms Script
application/x-javascript 52.194.129.118
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://bypass.ad-stir.com/mk?p=174145
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5PVRT2K&l=itm_dl1_1012284
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.194.129.118 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-194-129-118.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: b4fe853a4a242eb2611be36071d11446d5fa7ce6542173623d57d31cf4451edc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

cache-control: no-store
content-length: 492
content-encoding: gzip
date: Fri, 25 Apr 2025 09:20:47 GMT
p3p: CP="CAO PSA OUR"
content-type: application/x-javascript; charset=UTF-8

GET
H2 200 mk Show response
bypass.ad-stir.com/ 1 KB
740 B 61ms
9ms Script
application/x-javascript 52.194.129.118
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://bypass.ad-stir.com/mk?p=174153
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5PVRT2K&l=itm_dl1_1012284
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.194.129.118 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-194-129-118.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: e2f4ab919fb945d7759912286e53177d359d1fbaac2c03953e2cdbc71e1cce29

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

cache-control: no-store
content-length: 491
content-encoding: gzip
date: Fri, 25 Apr 2025 09:20:47 GMT
p3p: CP="CAO PSA OUR"
content-type: application/x-javascript; charset=UTF-8

GET
H2 200 mk Show response
bypass.ad-stir.com/ 1 KB
741 B 89ms
37ms Script
application/x-javascript 52.194.129.118
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://bypass.ad-stir.com/mk?p=174154
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5PVRT2K&l=itm_dl1_1012284
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.194.129.118 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-194-129-118.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: b4fe853a4a242eb2611be36071d11446d5fa7ce6542173623d57d31cf4451edc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

cache-control: no-store
content-length: 492
content-encoding: gzip
date: Fri, 25 Apr 2025 09:20:47 GMT
p3p: CP="CAO PSA OUR"
content-type: application/x-javascript; charset=UTF-8

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 16 KB
7 KB 29ms
5ms Script
application/javascript 3.165.18.96
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5PVRT2K&l=itm_dl1_1012284
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.165.18.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-165-18-96.nrt12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3856ad2d466bb48b721dd6ce633740f10d9a8f1175e04303e320692c80e65f00

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

Transfer-Encoding: chunked
Vary: accept-encoding
Content-Encoding: gzip
ETag: W/"c983f10c81b415129d0b1ff58b2f9513"
Age: 6886
Connection: keep-alive
Via: 1.1 c25e2ec3018a19622fe1511130eacf82.cloudfront.net (CloudFront)
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: h9hhGZpStlbSaHCOctA4GfiqSvd5pitmG0kCqmC31tJ_tJxAK6faqg==
Date: Fri, 25 Apr 2025 07:26:02 GMT
Content-Type: application/javascript
Last-Modified: Fri, 25 Apr 2025 07:23:07 GMT
Server: AmazonS3
X-Amz-Cf-Pop: NRT12-P4
x-amz-server-side-encryption: AES256

GET
H2 200 /
atb.im-apps.net/a/imsync/1012284/10091495/ 43 B
231 B 20ms
6ms Image
image/gif 2600:1901:0:2dbc::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to Show image

Full URL: https://atb.im-apps.net/a/imsync/1012284/10091495/?token=a73d9558d932212d1bf1cae414fabe5b
Requested by: Host: www.refa.net
URL: https://www.refa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:2dbc:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
date: Fri, 25 Apr 2025 09:20:47 GMT
content-type: image/gif
last-modified: Mon, 28 Sep 1970 06:00:00 GMT

GET
H2 200 targeting
b6.im-apps.net/1012284/site/ 43 B
511 B 6ms
5ms Image
image/gif 2600:1901:0:d706::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to Show image

Full URL: https://b6.im-apps.net/1012284/site/targeting
Requested by: Host: www.refa.net
URL: https://www.refa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:d706:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
date: Fri, 25 Apr 2025 09:20:47 GMT
content-type: image/gif
last-modified: Mon, 28 Sep 1970 06:00:00 GMT

GET
H2 200 cart
b6.im-apps.net/1012284/site/ 43 B
428 B 6ms
6ms Image
image/gif 2600:1901:0:d706::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to Show image

Full URL: https://b6.im-apps.net/1012284/site/cart
Requested by: Host: www.refa.net
URL: https://www.refa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:d706:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
date: Fri, 25 Apr 2025 09:20:47 GMT
content-type: image/gif
last-modified: Mon, 28 Sep 1970 06:00:00 GMT

POST
H/1.1 204
No Content collect Show response
k.clarity.ms/ 0
276 B 664ms
319ms XHR
text/plain 172.175.38.6
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to

Full URL: https://k.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.8.1/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.175.38.6 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://www.refa.net/

Response headers

Request-Context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
Access-Control-Allow-Origin: https://www.refa.net
Date: Fri, 25 Apr 2025 09:20:48 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

POST
H2 204 tracker
b.im-apps.net/ 0
418 B 7ms
5ms Ping
text/plain 34.49.1.209
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://b.im-apps.net/tracker
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/sdk/log.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.49.1.209 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 209.1.49.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Referer: https://www.refa.net/

Response headers

via: 1.1 google
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.refa.net
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 25 Apr 2025 09:20:47 GMT
access-control-allow-credentials: true

GET
H2

200

sync
x.bidswitch.net/
Redirect Chain

https://bypass.ad-stir.com/push_sync
https://sp.gmossp-sp.jp/ads/sync.ad?dsp=bypass&uid=8989abb1-66f5-478b-8f90-559901c56fde
https://bypass.ad-stir.com/receive_sync?ssp=gmo&uid=R4L1ISXwNx2Cutvk
https://cm.g.doubleclick.net/pixel?google_nid=united_bypass&google_hm=iYmrsWb1R4uPkFWZAcVv3g&google_redir=https%3A%2F%2Fbypass.ad-stir.com%2Freceive_sync%3Fssp%3Dgoogle_hosted_match%26google_gid%3D...
https://bypass.ad-stir.com/receive_sync?ssp=google_hosted_match&google_gid=hosted_match
https://cm.g.doubleclick.net/pixel?google_nid=united_bypass&uid=8989abb1-66f5-478b-8f90-559901c56fde&google_ula=439954433&google_cm
https://bypass.ad-stir.com/receive_sync?ssp=google&uid=8989abb1-66f5-478b-8f90-559901c56fde&google_gid=CAESELC7KzMZS8vYoe0U2XzLnVU&google_cver=1&google_ula=439954433,0
https://adn.caprofitx.com/v1/cookiesync?bypass_uid=8989abb1-66f5-478b-8f90-559901c56fde
https://bypass.ad-stir.com/receive_sync?ssp=profitx&uid=01a145b2-6829-4348-970e-e0b7ef26906e
https://x.bidswitch.net/sync?dsp_id=204&user_id=8989abb1-66f5-478b-8f90-559901c56fde&expires=90

43 B
183 B

21ms
9ms

Image
image/gif

35.213.7.90
GOOGLE-2

General

Check archive.org

Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=204&user_id=8989abb1-66f5-478b-8f90-559901c56fde&expires=90
Requested by: Host: www.refa.net
URL: https://www.refa.net/
Protocol: H2
Server: 35.213.7.90 Tokyo, Japan, ASN19527 (GOOGLE-2, US),
Reverse DNS: 90.7.213.35.bc.googleusercontent.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

via: 1.1 google
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
date: Fri, 25 Apr 2025 09:20:47 GMT
content-type: image/gif

Redirect headers

location: https://x.bidswitch.net/sync?dsp_id=204&user_id=8989abb1-66f5-478b-8f90-559901c56fde&expires=90
content-length: 1
date: Fri, 25 Apr 2025 09:20:47 GMT
content-type: text/html; charset=utf-8

GET
H2 200 sd
u.openx.net/w/1.0/ 43 B
278 B 131ms
43ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to Show image

Full URL: https://u.openx.net/w/1.0/sd?id=556681178&val=8989abb1-66f5-478b-8f90-559901c56fde
Requested by: Host: www.refa.net
URL: https://www.refa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

cache-control: private, max-age=0, no-cache
pragma: no-cache
x-forwarded-for: 146.70.201.221
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
p3p: CP="CUR ADM OUR NOR STA NID"
date: Fri, 25 Apr 2025 09:20:47 GMT
content-type: image/gif
vary: Accept

GET
H/1.1 200
OK idsync
tg.socdm.com/aux/ 43 B
925 B 104ms
86ms Image
image/gif 124.146.153.167
INFOSPHERE NTT PC...

General

Check archive.org

Download Go to Show image

Full URL: https://tg.socdm.com/aux/idsync?proto=bypass_dsp&ssp_uid=8989abb1-66f5-478b-8f90-559901c56fde
Requested by: Host: www.refa.net
URL: https://www.refa.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 124.146.153.167 , Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

X-SO-LB-Hostname: m-ng8.dc4p.scaleout.jp
P3P: CP="See also http://www.scaleout.jp/privacy/"
Date: Fri, 25 Apr 2025 09:20:47 GMT
Content-Type: image/gif
Cache-Control: private
X-SO-Cluster-ID: 0
X-SO-Upstream-ID: m-ad1052
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=bypass_dsp&ssp_uid=8989abb1-66f5-478b-8f90-559901c56fde","cluster_id":0,"gdpr":false,"ipv4":"146.70.201.221","key":"aAtT78Co8GsAAETDzLIAAAAA","privacy_sensitive":false,"uid":"aAtT78Co8GsAAETDzLIAAAAA","upstream_id":"m-ad1052"}
X-SO-HostName: m-ad1052.dc4p.scaleout.jp
Connection: keep-alive
X-SO-IP: 146.70.201.221
X-SO-Key: aAtT78Co8GsAAETDzLIAAAAA
Content-Length: 43
X-SO-Ads-Time: 81
X-SO-UID: aAtT78Co8GsAAETDzLIAAAAA
Server: nginx

GET
H3

200

crum
dsum.casalemedia.com/
Redirect Chain

https://dsum.casalemedia.com/crum?cm_dsp_id=214&external_user_id=8989abb1-66f5-478b-8f90-559901c56fde
https://dsum.casalemedia.com/crum?cm_dsp_id=214&external_user_id=8989abb1-66f5-478b-8f90-559901c56fde&C=1

43 B
754 B

26ms
26ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://dsum.casalemedia.com/crum?cm_dsp_id=214&external_user_id=8989abb1-66f5-478b-8f90-559901c56fde&C=1
Requested by: Host: www.refa.net
URL: https://www.refa.net/
Protocol: H3
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TPHMBextxAl3EMM6a68rAUjTewYG%2FokLAEazyrvFTbxh1gvVqV7EmdTgdWJDMdBFrQ44%2FRu0wgMpVlgGmYf8LrIhnPNGDGAOMp8fEOtqRTbuUpYNqLIVvO9oPVJT7ISORFVoBZ5g"}],"group":"cf-nel","max_age":604800}
expires: 0
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date: Fri, 25 Apr 2025 09:20:47 GMT
content-type: image/gif
vary: Accept-Encoding
priority: u=3,i
cache-control: no-cache
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
cf-ray: 935cc4396d96e005-NRT
content-length: 43
server: cloudflare

Redirect headers

cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SSt59ptMOhIWBxjL7GlqC8Hi6Rx5CGeoMKfVivnsJuDNjfc3bJP0qFaK7TxoNHdJCJVUiT%2B2cRGiVeEqNli%2FxSd0YUta4wWMik1LTAs3PvG7Jai0BwiDa%2F4pEU8g0Sr%2F6BicaYnJ"}],"group":"cf-nel","max_age":604800}
expires: 0
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date: Fri, 25 Apr 2025 09:20:47 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: no-cache
location: /crum?cm_dsp_id=214&external_user_id=8989abb1-66f5-478b-8f90-559901c56fde&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
cf-ray: 935cc4394d6ee005-NRT
content-length: 0
server: cloudflare

GET
H3

200

dc_pre=CND6jMzt8owDFTvGFgUdz7cfCg;src=12693547;type=invmedia;cat=1009100;ord=3957912063805;npa=0;auiddc=*;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KlA;gtm=45fe54n0v918973... Show response
adservice.google.com/ddm/fls/z/
Redirect Chain

https://ad.doubleclick.net/activity;src=12693547;type=invmedia;cat=1009100;ord=3957912063805;npa=0;auiddc=457986581.1745572846;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=Kl...
https://ad.doubleclick.net/activity;dc_pre=CND6jMzt8owDFTvGFgUdz7cfCg;src=12693547;type=invmedia;cat=1009100;ord=3957912063805;npa=0;auiddc=457986581.1745572846;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;ua...
https://adservice.google.com/ddm/fls/z/dc_pre=CND6jMzt8owDFTvGFgUdz7cfCg;src=12693547;type=invmedia;cat=1009100;ord=3957912063805;npa=0;auiddc=*;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=...

42 B
63 B

47ms
46ms

Fetch
image/gif

142.250.196.98
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CND6jMzt8owDFTvGFgUdz7cfCg;src=12693547;type=invmedia;cat=1009100;ord=3957912063805;npa=0;auiddc=*;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KlA;gtm=45fe54n0v9189738244z8896570462za201zb896570462;gcd=13l3l3l3l1l1;dma=0;dc_fmt=3;tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004;ptag_exp=102887800~103051953~103071290~103077950~103106314~103106316~103116025~103130360~103130362~103200001;epver=2;dc_random=1745572847604;~oref=https%3A%2F%2Fwww.refa.net%2F

Requested by

Host: www.refa.net
URL: https://www.refa.net/

Protocol

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Fri, 25 Apr 2025 09:20:47 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

Redirect headers

x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Fri, 25 Apr 2025 09:20:47 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"13212007692116168396"}],"aggregatable_trigger_data":[{"filters":[{"14":["13494218"]}],"key_piece":"0xd038c02c8d440002","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0xc210aa75d43b1be5","not_filters":{"14":["13494218"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356},"aggregation_coordinator_origin":"https://publickeyservice.msmt.gcp.privacysandboxservices.com","debug_key":"10792151943100665908","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"13212007692116168396","filters":[{"14":["13494218"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"13212007692116168396","filters":[{"14":["13494218"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"13212007692116168396","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"13212007692116168396","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["12693547"]}}
content-type: image/png
cache-control: no-cache, must-revalidate
timing-allow-origin: *
location: https://adservice.google.com/ddm/fls/z/dc_pre=CND6jMzt8owDFTvGFgUdz7cfCg;src=12693547;type=invmedia;cat=1009100;ord=3957912063805;npa=0;auiddc=*;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KlA;gtm=45fe54n0v9189738244z8896570462za201zb896570462;gcd=13l3l3l3l1l1;dma=0;dc_fmt=3;tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004;ptag_exp=102887800~103051953~103071290~103077950~103106314~103106316~103116025~103130360~103130362~103200001;epver=2;dc_random=1745572847604;~oref=https%3A%2F%2Fwww.refa.net%2F
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2

200

activityi;dc_pre=CKHtmMzt8owDFWg3ewcdsvcK4w;src=12693547;type=invmedia;cat=1009100;ord=3957912063805;npa=0;auiddc=457986581.1745572846;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=... Show response
12693547.fls.doubleclick.net/ Frame 9903
Redirect Chain

https://12693547.fls.doubleclick.net/activityi;src=12693547;type=invmedia;cat=1009100;ord=3957912063805;npa=0;auiddc=457986581.1745572846;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;f...
https://12693547.fls.doubleclick.net/activityi;dc_pre=CKHtmMzt8owDFWg3ewcdsvcK4w;src=12693547;type=invmedia;cat=1009100;ord=3957912063805;npa=0;auiddc=457986581.1745572846;uaa=;uab=;uafvl=;uamb=0;u...

792 B
616 B

53ms
49ms

Document
text/html

142.250.199.102
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://12693547.fls.doubleclick.net/activityi;dc_pre=CKHtmMzt8owDFWg3ewcdsvcK4w;src=12693547;type=invmedia;cat=1009100;ord=3957912063805;npa=0;auiddc=457986581.1745572846;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KlA;gtm=45fe54n0v9189738244z8896570462za201zb896570462;gcd=13l3l3l3l1l1;dma=0;dc_fmt=2;tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004;ptag_exp=102887800~103051953~103071290~103077950~103106314~103106316~103116025~103130360~103130362~103200001;epver=2;dc_random=1745572847604;_dc_test=1;~oref=https%3A%2F%2Fwww.refa.net%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-12693547&l=itm_dl1_1012284&cx=c&gtm=45He54n0v896570462za200&tag_exp=102887800~103051953~103071290~103077950~103106314~103106316~103116025~103130360~103130362~103200001

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.199.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s52-in-f6.1e100.net

Software

cafe /

Resource Hash

620e2edae90690b19d7b21b68960830c0845ec6d564e078287fb4cd24c6d506e

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.refa.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 413
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 25 Apr 2025 09:20:47 GMT
expires: Fri, 25 Apr 2025 09:20:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 25 Apr 2025 09:20:47 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://12693547.fls.doubleclick.net/activityi;dc_pre=CKHtmMzt8owDFWg3ewcdsvcK4w;src=12693547;type=invmedia;cat=1009100;ord=3957912063805;npa=0;auiddc=457986581.1745572846;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KlA;gtm=45fe54n0v9189738244z8896570462za201zb896570462;gcd=13l3l3l3l1l1;dma=0;dc_fmt=2;tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004;ptag_exp=102887800~103051953~103071290~103077950~103106314~103106316~103116025~103130360~103130362~103200001;epver=2;dc_random=1745572847604;_dc_test=1;~oref=https%3A%2F%2Fwww.refa.net%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activityi;fledge=1;src=12693547;type=invmedia;cat=1009100;ord=3957912063805;npa=0;auiddc=457986581.1745572846;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KlA;gtm=45fe54n0v91... Show response
td.doubleclick.net/td/fls/rul/ Frame CD84 13 B
38 B 9ms
9ms Document
text/html 142.251.42.162
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=12693547;type=invmedia;cat=1009100;ord=3957912063805;npa=0;auiddc=457986581.1745572846;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KlA;gtm=45fe54n0v9189738244z8896570462za201zb896570462;gcd=13l3l3l3l1l1;dma=0;dc_fmt=9;tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004;ptag_exp=102887800~103051953~103071290~103077950~103106314~103106316~103116025~103130360~103130362~103200001;epver=2;dc_random=1745572847604;_dc_test=1;~oref=https%3A%2F%2Fwww.refa.net%2F?

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

cafe /

Resource Hash

b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.refa.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 25 Apr 2025 09:20:47 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dc_pre=CKHtmMzt8owDFWg3ewcdsvcK4w;src=12693547;type=invmedia;cat=1009100;ord=3957912063805;npa=0;auiddc=*;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KlA;gtm=45fe54n0v918973...
adservice.google.com/ddm/fls/z/ Frame 9903 42 B
63 B 48ms
47ms Image
image/gif 142.250.196.98
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CKHtmMzt8owDFWg3ewcdsvcK4w;src=12693547;type=invmedia;cat=1009100;ord=3957912063805;npa=0;auiddc=*;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KlA;gtm=45fe54n0v9189738244z8896570462za201zb896570462;gcd=13l3l3l3l1l1;dma=0;dc_fmt=2;tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004;ptag_exp=102887800~103051953~103071290~103077950~103106314~103106316~103116025~103130360~103130362~103200001;epver=2;dc_random=1745572847604;_dc_test=1;~oref=https%3A%2F%2Fwww.refa.net%2F

Requested by

Host: 12693547.fls.doubleclick.net
URL: https://12693547.fls.doubleclick.net/activityi;dc_pre=CKHtmMzt8owDFWg3ewcdsvcK4w;src=12693547;type=invmedia;cat=1009100;ord=3957912063805;npa=0;auiddc=457986581.1745572846;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KlA;gtm=45fe54n0v9189738244z8896570462za201zb896570462;gcd=13l3l3l3l1l1;dma=0;dc_fmt=2;tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004;ptag_exp=102887800~103051953~103071290~103077950~103106314~103106316~103116025~103130360~103130362~103200001;epver=2;dc_random=1745572847604;_dc_test=1;~oref=https%3A%2F%2Fwww.refa.net%2F?

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://12693547.fls.doubleclick.net/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Fri, 25 Apr 2025 09:20:47 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H/1.1 200
OK beacon.html Show response
js.fout.jp/ Frame 5D48 9 KB
3 KB 35ms
7ms Document
text/html 23.42.117.131
AKAMAI-AS

General

Check archive.org

Download Go to

Full URL: https://js.fout.jp/beacon.html?from=dmp
Requested by: Host: js.fout.jp
URL: https://js.fout.jp/segmentation.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.42.117.131 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-42-117-131.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 2724d11992815bd94e9c2045ae99df34478108c76aef64051f32492301e5c646

Request headers

Referer: https://www.refa.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=390
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 3008
Content-Type: text/html
Date: Fri, 25 Apr 2025 09:20:48 GMT
ETag: "67b3f45f-2431"
Expires: Fri, 25 Apr 2025 09:27:18 GMT
Last-Modified: Tue, 18 Feb 2025 02:45:51 GMT
P3P: CP="ADM NOI OUR"
Server: nginx
Vary: Accept-Encoding

GET
H2 200 sync
x.bidswitch.net/ Frame 95A8 43 B
92 B 15ms
8ms Image
image/gif 35.213.7.90
GOOGLE-2

General

Check archive.org

Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-Jppt2yjqRW9ciezBer7_pVf-bSkCkUzRXodiRg&expires=30
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.213.7.90 Tokyo, Japan, ASN19527 (GOOGLE-2, US),
Reverse DNS: 90.7.213.35.bc.googleusercontent.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

via: 1.1 google
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
date: Fri, 25 Apr 2025 09:20:48 GMT
content-type: image/gif

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 95A8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-gKpqjijqRW9ciezBer7_pVf-bSlxnavaWENJGA&google_cm&google_hm=ay1nS3BxamlqcVJXOWNpZXpCZXI3X3BWZi1iU2x4bmF2Y...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-gKpqjijqRW9ciezBer7_pVf-bSlxnavaWENJGA&google_gid=CAESEMM4xQWrRcB_PPX4jrVJEhI&google_cver=1&google_ula=913071,0

43 B
718 B

10ms
5ms

Image
image/gif

182.161.74.16
CRITEO-AS-AP Crit...

General

Check archive.org

Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-gKpqjijqRW9ciezBer7_pVf-bSlxnavaWENJGA&google_gid=CAESEMM4xQWrRcB_PPX4jrVJEhI&google_cver=1&google_ula=913071,0

Protocol

Server

182.161.74.16 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: no-cache
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1608088
expires: Mon, 26 Jul 1997 05:00:00 GMT
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
date: Fri, 25 Apr 2025 09:20:47 GMT
content-type: image/gif
server: Kestrel

Redirect headers

cache-control: no-cache, must-revalidate
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-gKpqjijqRW9ciezBer7_pVf-bSlxnavaWENJGA&google_gid=CAESEMM4xQWrRcB_PPX4jrVJEhI&google_cver=1&google_ula=913071,0
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 398
date: Fri, 25 Apr 2025 09:20:48 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 95A8
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1847495480127324161

43 B
715 B

4ms
4ms

Image
image/gif

182.161.74.16
CRITEO-AS-AP Crit...

General

Check archive.org

Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1847495480127324161

Protocol

Server

182.161.74.16 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: no-cache
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1356028
expires: Mon, 26 Jul 1997 05:00:00 GMT
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
date: Fri, 25 Apr 2025 09:20:47 GMT
content-type: image/gif
server: Kestrel

Redirect headers

cache-control: no-store, no-cache, private
location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1847495480127324161
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 146.70.201.221; 146.70.201.221; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; *.adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: *
an-x-request-uuid: 975d9432-30ee-47fc-9fd4-3ee0d2f63867
content-length: 0
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Fri, 25 Apr 2025 09:20:48 GMT
x-xss-protection: 0
content-type: text/html; charset=utf-8
server: nginx/1.23.4

GET
H/1.1 200
OK idsync
tg.socdm.com/aux/ Frame 95A8 43 B
925 B 90ms
85ms Image
image/gif 124.146.153.167
INFOSPHERE NTT PC...

General

Check archive.org

Download Go to Show image

Full URL: https://tg.socdm.com/aux/idsync?proto=criteo&dsp_uid=k-PLWXvyjqRW9ciezBer7_pVf-bSmxu-r7uqYMqA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 124.146.153.167 , Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

X-SO-LB-Hostname: m-ng8.dc4p.scaleout.jp
P3P: CP="See also http://www.scaleout.jp/privacy/"
Date: Fri, 25 Apr 2025 09:20:48 GMT
Content-Type: image/gif
Cache-Control: private
X-SO-Cluster-ID: 0
X-SO-Upstream-ID: m-ad1052
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=criteo&dsp_uid=k-PLWXvyjqRW9ciezBer7_pVf-bSmxu-r7uqYMqA","cluster_id":0,"gdpr":false,"ipv4":"146.70.201.221","key":"aAtT78Co8GsAAETDzLIAAAAA","privacy_sensitive":false,"uid":"aAtT78Co8GsAAETDzLIAAAAA","upstream_id":"m-ad1052"}
X-SO-HostName: m-ad1052.dc4p.scaleout.jp
Connection: keep-alive
X-SO-IP: 146.70.201.221
X-SO-Key: aAtT78Co8GsAAETDzLIAAAAA
Content-Length: 43
X-SO-Ads-Time: 81
X-SO-UID: aAtT78Co8GsAAETDzLIAAAAA
Server: nginx

GET
H2 200 sync
ad.as.amanad.adtdp.com/v1/ Frame 95A8 42 B
633 B 18ms
4ms Image
image/gif 18.172.52.116
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL

https://ad.as.amanad.adtdp.com/v1/sync?dsp_id=4,5&uid=k-WYDAQSjqRW9ciezBer7_pVf-bSlTZy31CRzT9A

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.172.52.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-172-52-116.nrt20.r.cloudfront.net

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT
x-cache: Miss from cloudfront
x-amz-cf-id: vfINmbcRt1_BhDVJsSC-R7VFI5DU7Tytex4cvQfq4zJKxOHzTqeA1w==
date: Fri, 25 Apr 2025 09:20:48 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Architecture, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
via: 1.1 f02d017424157050c47c7df93be43466.cloudfront.net (CloudFront)
access-control-allow-origin: *
content-length: 42
x-xss-protection: 0
x-amz-cf-pop: NRT20-P2

GET
H3 200 rum
r.casalemedia.com/ Frame 95A8 43 B
760 B 35ms
28ms Image
image/gif 104.18.27.193
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-3wzezyjqRW9ciezBer7_pVf-bSlTTQD0cva6Pg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ICSAB%2FPUgkfihP%2FBnonBcfUE1L8EqZgT%2F3QhY67HpaC4CWyQgYVI7DWA%2Fjg4FIKmtxXj%2BTN21%2B9%2Fg9righzuEWbAgEYVYi%2F4ovzFx4G6Y1%2BVz4GKU5bcoKPT2TmDjinXsVv%2F"}],"group":"cf-nel","max_age":604800}
expires: 0
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date: Fri, 25 Apr 2025 09:20:48 GMT
content-type: image/gif
vary: Accept-Encoding
priority: u=3,i
cache-control: no-cache
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
cf-ray: 935cc43c18b8e005-NRT
content-length: 43
server: cloudflare

GET
H2 200 362338.gif
idsync.rlcdn.com/ Frame 95A8 42 B
438 B 205ms
152ms Image
image/gif 35.244.154.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to Show image

Full URL: https://idsync.rlcdn.com/362338.gif?partner_uid=k-A6y7KCjqRW9ciezBer7_pVf-bSnqRJ5yWOk-FQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.154.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, no-store
timing-allow-origin: *
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length: 42
date: Fri, 25 Apr 2025 09:20:48 GMT
content-type: image/gif

GET
H2 200 cksync.php
contextual.media.net/ Frame 95A8 86 B
650 B 266ms
116ms Image
image/gif 23.222.96.30
AKAMAI-AS

General

Check archive.org

Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-R2X9RijqRW9ciezBer7_pVf-bSmadREjtOX1lQ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.222.96.30 Auckland, New Zealand, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-222-96-30.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c8b624ad07331f0d6c28a75c54582cf826c19b8c7ef32eb5a0bb948fc2c7f374

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=0, no-cache, no-store
timing-allow-origin: *
pragma: no-cache
expires: Fri, 25 Apr 2025 09:20:48 GMT
x-mnet-hl2: E
alt-svc: h3=":443"; ma=93600
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-length: 86
date: Fri, 25 Apr 2025 09:20:48 GMT
content-type: image/gif
server: Apache

GET
H2 200 c.gif
c.bing.com/ Frame 95A8 42 B
504 B 29ms
22ms Image
image/gif 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to Show image

Full URL: https://c.bing.com/c.gif?Red3=CTOMS_pd&cbid=k-on0LdijqRW9ciezBer7_pVf-bSmrQOVA0IMhXQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
etag: "9def19a40b5db1:0"
x-msedge-ref: Ref A: 8A67ACB692544CFB8B59E9C5C990CC52 Ref B: TYO201151003025 Ref C: 2025-04-25T09:20:48Z
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 42
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date: Fri, 25 Apr 2025 09:20:47 GMT
content-type: image/gif
last-modified: Thu, 24 Apr 2025 17:40:58 GMT
x-powered-by: ASP.NET

GET
H2

200

g.pixel
aa.agkn.com/adscores/ Frame 95A8
Redirect Chain

https://gum.criteo.com/sync?c=9&r=1&a=1&u=https%3A%2F%2Faa.agkn.com%2Fadscores%2Fg.pixel%3Fsid%3D9212273938%26ct%3D%40USERID%40
https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=o2whhl9hQnRkWXZKa1N3VFJqQXpoa2psZnFtZ01LeXEwUW01Y0xZaG42dDhRY1EwJTNE

43 B
495 B

198ms
4ms

Image
image/gif

35.78.131.249
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=o2whhl9hQnRkWXZKa1N3VFJqQXpoa2psZnFtZ01LeXEwUW01Y0xZaG42dDhRY1EwJTNE
Protocol: H2
Server: 35.78.131.249 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-78-131-249.ap-northeast-1.compute.amazonaws.com
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-methods: GET, OPTIONS
expires: 0
access-control-allow-origin: *
content-length: 43
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
date: Fri, 25 Apr 2025 09:20:48 GMT
content-type: image/gif
server: AAWebServer
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type

Redirect headers

strict-transport-security: max-age=31536000; preload;
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
location: https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=o2whhl9hQnRkWXZKa1N3VFJqQXpoa2psZnFtZ01LeXEwUW01Y0xZaG42dDhRY1EwJTNE
content-length: 0
date: Fri, 25 Apr 2025 09:20:47 GMT
server: Kestrel
server-processing-duration-in-ticks: 769677

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame 95A8 0
360 B 226ms
83ms Image
text/plain 172.188.170.32
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to Show image

Full URL

https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-kLeLuijqRW9ciezBer7_pVf-bSlDRD_sBFg6hw&initiator=partner

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

172.188.170.32 , United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache
content-length: 0
date: Fri, 25 Apr 2025 09:20:48 GMT
x-traceid: 4c55fca3e32460eb2c1441d44a633607

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 95A8 0
225 B 16ms
4ms Image
text/html 207.65.34.80
AS-PUBMATIC

General

Check archive.org

Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-WXxGiijqRW9ciezBer7_pVf-bSlrIhS0gMWyyg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-store, no-cache, private
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-encoding: gzip
date: Fri, 25 Apr 2025 09:20:47 GMT
content-type: text/html; charset=utf-8
server: nginx

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame 95A8 42 B
1 KB 317ms
82ms Image
image/gif 69.173.158.64
RUBICONPROJECT

General

Check archive.org

Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-OhJLZSjqRW9ciezBer7_pVf-bSmOxtc0BZ6B7A&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: d264e84c9dc1a645a3048554992c5d82
Pragma: no-cache
content-length: 42
Content-Type: image/gif

GET
H2 200 /
rtb-csync.smartadserver.com/redir/ Frame 95A8 43 B
587 B 336ms
86ms Image
image/gif 23.106.50.39
LEASEWEB-APAC-SIN...

General

Check archive.org

Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-CCC0SyjqRW9ciezBer7_pVf-bSknMwOfbEr9OA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.106.50.39 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache,no-store
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date: Fri, 25 Apr 2025 09:20:47 GMT
pragma: no-cache
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 95A8 0
375 B 259ms
53ms Image
text/plain 141.226.231.48
TABOOLA-AS Tabool...

General

Check archive.org

Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-M3mJ6yjqRW9ciezBer7_pVf-bSm3FA96iNy4Ng
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.231.48 , Hong Kong, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

x-fastly-to-nlb-rtt: 51387
date: Fri, 25 Apr 2025 09:20:48 GMT
server: nginx
access-control-allow-credentials: true

GET
H2 200 um
criteo-sync.teads.tv/ Frame 95A8 23 B
278 B 89ms
10ms Image
image/gif 23.48.117.105
AKAMAI-AS

General

Check archive.org

Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-DUGotSjqRW9ciezBer7_pVf-bSmGVdz7aLlZhA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.117.105 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-48-117-105.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.1 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

expires: Fri, 25 Apr 2025 09:20:48 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 23
pragma: no-cache
date: Fri, 25 Apr 2025 09:20:48 GMT
content-type: image/gif
server: pekko-http/1.0.1

GET
H2 200 sync.htm
ade.clmbtech.com/uid/ Frame 95A8 68 B
259 B 173ms
124ms Image
image/jpeg 2600:140b:1c00:38::1732:76b3
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to Show image

Full URL

https://ade.clmbtech.com/uid/sync.htm?pid=13079&cuid=k-ngrudijqRW9ciezBer7_pVf-bSmIMNMGNgfjeA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:140b:1c00:38::1732:76b3 Tokyo, Japan, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Bhoot /

Resource Hash

2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
x-content-type-options: nosniff
content-length: 68
x-xss-protection: 1; mode=block
date: Fri, 25 Apr 2025 09:20:48 GMT
content-type: image/jpeg
server: Bhoot
x-upstream: 172.29.17.245:80
x-frame-options: sameorigin

GET
H2

200

xuid
eb2.3lift.com/ Frame 95A8
Redirect Chain

https://eb2.3lift.com/xuid?mid=2711&xuid=k-wEkIiCjqRW9ciezBer7_pVf-bSkA-IDSSQZ_sw&dongle=013b
https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-wEkIiCjqRW9ciezBer7_pVf-bSkA-IDSSQZ_sw&dongle=013b&gdpr=0&cmp_cs=&us_privacy=

37 B
476 B

74ms
73ms

Image
image/gif

35.71.178.8
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-wEkIiCjqRW9ciezBer7_pVf-bSkA-IDSSQZ_sw&dongle=013b&gdpr=0&cmp_cs=&us_privacy=
Protocol: H2
Server: 35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ade9ecc7904667038.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
date: Fri, 25 Apr 2025 09:20:48 GMT
content-type: image/gif

Redirect headers

cache-control: no-cache, no-store, must-revalidate
location: /xuid?ld=1&mid=2711&xuid=k-wEkIiCjqRW9ciezBer7_pVf-bSkA-IDSSQZ_sw&dongle=013b&gdpr=0&cmp_cs=&us_privacy=
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
date: Fri, 25 Apr 2025 09:20:48 GMT

GET
H2 204 k-RvyGESjqRW9ciezBer7_pVf-bSnvVvuGw6H7Jg
sync.1rx.io/usersync/criteodsp/ Frame 95A8 0
99 B 261ms
86ms Image
text/plain 74.118.186.107
TURN-US-ASN

General

Check archive.org

Download Go to Show image

Full URL: https://sync.1rx.io/usersync/criteodsp/k-RvyGESjqRW9ciezBer7_pVf-bSnvVvuGw6H7Jg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.118.186.107 Serangoon New Town, Singapore, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

expires: 0
cache-control: no-store, no-cache, must-revalidate
date: Fri, 25 Apr 2025 09:20:48 GMT
pragma: no-cache

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=63FAFEEAC20C4020B4A0372851777388&RedC=c.clarity.ms&MXFR=1C845E3899CE6B9C39874BE19DCE6550
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=63FAFEEAC20C4020B4A0372851777388&MUID=00B55D2EDA6F69290DC248F7DB3768CE

42 B
442 B

21ms
21ms

Image
image/gif

52.231.230.148
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=63FAFEEAC20C4020B4A0372851777388&MUID=00B55D2EDA6F69290DC248F7DB3768CE
Protocol: H2
Server: 52.231.230.148 Busan, Korea, Republic Of, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
etag: "9def19a40b5db1:0"
accept-ranges: bytes
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length: 42
date: Fri, 25 Apr 2025 09:20:48 GMT
content-type: image/gif
last-modified: Thu, 24 Apr 2025 17:40:58 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

Redirect headers

cache-control: private, no-cache, proxy-revalidate, no-store
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=63FAFEEAC20C4020B4A0372851777388&MUID=00B55D2EDA6F69290DC248F7DB3768CE
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 649129AE7C09441BB2F5B47F07F4B6B5 Ref B: TYO201151003025 Ref C: 2025-04-25T09:20:48Z
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length: 0
date: Fri, 25 Apr 2025 09:20:47 GMT
x-powered-by: ASP.NET

GET
H2

200

/ Show response
match.adsrvr.org/track/upb/ Frame 4427
Redirect Chain

https://insight.adsrvr.org/track/up?adv=jugy6jk&ref=https%3A%2F%2Fwww.refa.net%2F&upid=tlpkzes&upv=1.1.0&paapi=1
https://match.adsrvr.org/track/upb/?adv=jugy6jk&ref=https%3A%2F%2Fwww.refa.net%2F&upid=tlpkzes&upv=1.1.0&paapi=1

983 B
971 B

24ms
19ms

Document
text/html

15.197.193.217
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://match.adsrvr.org/track/upb/?adv=jugy6jk&ref=https%3A%2F%2Fwww.refa.net%2F&upid=tlpkzes&upv=1.1.0&paapi=1
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 9044f2b7896c5ff30175a5dd7d4d59668628bb4fd20f44d5b16efde9eb1c06db

Request headers

Referer: https://www.refa.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html
date: Fri, 25 Apr 2025 09:20:48 GMT
server: Kestrel
vary: Accept-Encoding

Redirect headers

content-length: 40
date: Fri, 25 Apr 2025 09:20:48 GMT
location: https://match.adsrvr.org/track/upb/?adv=jugy6jk&ref=https%3A%2F%2Fwww.refa.net%2F&upid=tlpkzes&upv=1.1.0&paapi=1
server: Kestrel

GET
H3 200 sd
jp-u.openx.net/w/1.0/ Frame 5D48 43 B
61 B 45ms
43ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to Show image

Full URL: https://jp-u.openx.net/w/1.0/sd?id=537072523&val=C7EHVDryxvAVK2euF67Js26-Mdg
Requested by: Host: js.fout.jp
URL: https://js.fout.jp/beacon.html?from=dmp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://js.fout.jp/

Response headers

cache-control: private, max-age=0, no-cache
pragma: no-cache
x-forwarded-for: 146.70.201.221
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
p3p: CP="CUR ADM OUR NOR STA NID"
date: Fri, 25 Apr 2025 09:20:47 GMT
content-type: image/gif
vary: Accept

GET
H/1.1

200
OK

sync
sync.fout.jp/ Frame 5D48
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_cm&google_sc&from_google=pc2
https://sync.fout.jp/sync?xid=googleadex&g_match=&from_google=pc2&google_gid=CAESEJ1xCHqML5zNZm-D4tRoU6Q&google_cver=1

43 B
527 B

664ms
221ms

Image
image/gif

202.232.238.37
IIJ Internet Init...

General

Check archive.org

Download Go to Show image

Full URL

https://sync.fout.jp/sync?xid=googleadex&g_match=&from_google=pc2&google_gid=CAESEJ1xCHqML5zNZm-D4tRoU6Q&google_cver=1

Requested by

Host: js.fout.jp
URL: https://js.fout.jp/beacon.html?from=dmp

Protocol

HTTP/1.1

Server

202.232.238.37 Nishikichō, Japan, ASN2497 (IIJ Internet Initiative Japan Inc., JP),

Reverse DNS

Software

nginx /

Resource Hash

6135fe16d7578e65be79a3e5d6ba252095648c1b871808f69b1482f6ff7f6839

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://js.fout.jp/

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=15768000
Cache-Control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Content-Encoding: gzip
Pragma: no-cache
Connection: keep-alive
P3P: CP="ADM NOI OUR"
Date: Fri, 25 Apr 2025 09:20:48 GMT
Content-Type: image/gif
Server: nginx

Redirect headers

cache-control: no-cache, must-revalidate
location: https://sync.fout.jp/sync?xid=googleadex&g_match=&from_google=pc2&google_gid=CAESEJ1xCHqML5zNZm-D4tRoU6Q&google_cver=1
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 331
date: Fri, 25 Apr 2025 09:20:48 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)

GET
H/1.1

200
OK

report
sync.fout.jp/ Frame 5D48
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=freakout&from_google=pc3&google_hm=QzdFSFZEcnl4dkFWSzJldUY2N0pzMjYtTWRn
https://sync.fout.jp/report?xid=googleadex&from_google=pc3

43 B
285 B

671ms
222ms

Image
image/gif

202.232.238.37
IIJ Internet Init...

General

Check archive.org

Download Go to Show image

Full URL: https://sync.fout.jp/report?xid=googleadex&from_google=pc3
Requested by: Host: js.fout.jp
URL: https://js.fout.jp/beacon.html?from=dmp
Protocol: HTTP/1.1
Server: 202.232.238.37 Nishikichō, Japan, ASN2497 (IIJ Internet Initiative Japan Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://js.fout.jp/

Response headers

Transfer-Encoding: chunked
Content-Encoding: gzip
Date: Fri, 25 Apr 2025 09:20:48 GMT
Content-Type: image/gif
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive

Redirect headers

cache-control: no-cache, must-revalidate
location: https://sync.fout.jp/report?xid=googleadex&from_google=pc3
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 259
date: Fri, 25 Apr 2025 09:20:48 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)

GET
H2 200 setuid
secure.adnxs.com/ Frame 5D48 43 B
1 KB 152ms
72ms Image
image/gif 103.43.90.178
ASN-APPNEX

General

Check archive.org

Download Go to Show image

Full URL

https://secure.adnxs.com/setuid?entity=125&code=C7EHVDryxvAVK2euF67Js26-Mdg

Requested by

Host: js.fout.jp
URL: https://js.fout.jp/beacon.html?from=dmp

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

103.43.90.178 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://js.fout.jp/

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
x-proxy-origin: 146.70.201.221; 146.70.201.221; 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; *.adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
an-x-request-uuid: d187ccaf-9858-4cff-b8f9-a9e7a92eb05b
content-length: 43
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Fri, 25 Apr 2025 09:20:48 GMT
x-xss-protection: 0
content-type: image/gif
server: nginx/1.23.4

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame 5D48 42 B
1 KB 88ms
86ms Image
image/gif 69.173.158.64
RUBICONPROJECT

General

Check archive.org

Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=59910&nid=3504&put=C7EHVDryxvAVK2euF67Js26-Mdg
Requested by: Host: js.fout.jp
URL: https://js.fout.jp/beacon.html?from=dmp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://js.fout.jp/

Response headers

Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: da1c8a4a3f9301c03fbeb7a6212a0a54
Pragma: no-cache
content-length: 42
Content-Type: image/gif

GET
H/1.1

200
OK

sync
sync.fout.jp/ Frame 5D48
Redirect Chain

https://ssp-sync.i-mobile.co.jp/sync.ashx?dspid=5
https://sync.fout.jp/sync?xid=imobile&uid=ece6136a-06ea-41ce-8a99-d87e50b0a1d2&sync_status=1

43 B
527 B

657ms
221ms

Image
image/gif

202.232.238.37
IIJ Internet Init...

General

Check archive.org

Download Go to Show image

Full URL

https://sync.fout.jp/sync?xid=imobile&uid=ece6136a-06ea-41ce-8a99-d87e50b0a1d2&sync_status=1

Requested by

Host: js.fout.jp
URL: https://js.fout.jp/beacon.html?from=dmp

Protocol

HTTP/1.1

Server

202.232.238.37 Nishikichō, Japan, ASN2497 (IIJ Internet Initiative Japan Inc., JP),

Reverse DNS

Software

nginx /

Resource Hash

6135fe16d7578e65be79a3e5d6ba252095648c1b871808f69b1482f6ff7f6839

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://js.fout.jp/

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=15768000
Cache-Control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Content-Encoding: gzip
Pragma: no-cache
Connection: keep-alive
P3P: CP="ADM NOI OUR"
Date: Fri, 25 Apr 2025 09:20:48 GMT
Content-Type: image/gif
Server: nginx

Redirect headers

Cache-Control: private
Location: https://sync.fout.jp/sync?xid=imobile&uid=ece6136a-06ea-41ce-8a99-d87e50b0a1d2&sync_status=1
Connection: keep-alive
P3P: CP = "NOI DEV PSA PSD IVA PVD OTP OUR OTR IND OTC"
Content-Length: 0
Date: Fri, 25 Apr 2025 09:20:48 GMT
X-Powered-By: ASP.NET
Server: Microsoft-IIS/10.0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 5D48 0
74 B 6ms
5ms Image
text/html 207.65.34.80
AS-PUBMATIC

General

Check archive.org

Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwOTcmdGw9NDMyMDA=&piggybackCookie=C7EHVDryxvAVK2euF67Js26-Mdg
Requested by: Host: js.fout.jp
URL: https://js.fout.jp/beacon.html?from=dmp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://js.fout.jp/

Response headers

cache-control: no-store, no-cache, private
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-encoding: gzip
date: Fri, 25 Apr 2025 09:20:39 GMT
content-type: text/html; charset=utf-8
server: nginx

GET
H/1.1 200
OK universal_pixel.1.1.0.js Show response
js.adsrvr.org/ Frame 4427 422 B
934 B 13ms
4ms Script
application/javascript 3.165.18.96
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by: Host: match.adsrvr.org
URL: https://match.adsrvr.org/track/upb/?adv=jugy6jk&ref=https%3A%2F%2Fwww.refa.net%2F&upid=tlpkzes&upv=1.1.0&paapi=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.165.18.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-165-18-96.nrt12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2538590b87a5eb44bb27a7a5039451a5606d80c587cb361de40ed4193c9a552f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://match.adsrvr.org/

Response headers

ETag: "4e7de5ca0248ffa6216174e643f3112d"
Age: 6887
Connection: keep-alive
Via: 1.1 9d5c79373645427ea46c82face54e1cc.cloudfront.net (CloudFront)
Accept-Ranges: bytes
X-Cache: Hit from cloudfront
Content-Length: 422
X-Amz-Cf-Id: R_wNcFAwKcvAXmDbneO9ObMakbjQVfWwGFCr49Sj-uamI9-voHPtpw==
Date: Fri, 25 Apr 2025 07:26:02 GMT
Content-Type: application/javascript
Last-Modified: Fri, 25 Apr 2025 07:23:07 GMT
Server: AmazonS3
X-Amz-Cf-Pop: NRT12-P4
x-amz-server-side-encryption: AES256

GET
H2

200

rubicon Show response
match.adsrvr.org/track/cmf/ Frame 9C6A
Redirect Chain

https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=3936ce3b-14a6-4d37-b242-8306730474ef&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0

70 B
468 B

17ms
17ms

Document
image/gif

15.197.193.217
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://match.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

content-length: 70
content-type: image/gif
date: Fri, 25 Apr 2025 09:20:48 GMT
server: Kestrel

Redirect headers

Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
Expires: 0
Location: https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
X-RPHost: 0ed95c36ed1932be3ba76fc523a6e179
content-length: 0

GET
H2

200

google Show response
match.adsrvr.org/track/cmf/ Frame 3D6E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=MzkzNmNlM2ItMTRhNi00ZDM3LWIyNDItODMwNjczMDQ3NGVm&gdpr=0&gdpr_consent=&ttd_tdid=3936ce3b-14a6-4d37-b242-83067...
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=3936ce3b-14a6-4d37-b242-8306730474ef&google_gid=CAESEHedRWp3YAkfv8W8klFK71s&google_cver=1

70 B
467 B

19ms
18ms

Document
image/gif

15.197.193.217
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=3936ce3b-14a6-4d37-b242-8306730474ef&google_gid=CAESEHedRWp3YAkfv8W8klFK71s&google_cver=1
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://match.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

content-length: 70
content-type: image/gif
date: Fri, 25 Apr 2025 09:20:48 GMT
server: Kestrel

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 386
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 25 Apr 2025 09:20:48 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=3936ce3b-14a6-4d37-b242-8306730474ef&google_gid=CAESEHedRWp3YAkfv8W8klFK71s&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

GET
H2

200

generic Show response
match.adsrvr.org/track/cmf/ Frame C4B5
Redirect Chain

https://x.bidswitch.net/syncd?dsp_id=93&user_group=1&user_id=3936ce3b-14a6-4d37-b242-8306730474ef&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch

70 B
467 B

17ms
17ms

Document
image/gif

15.197.193.217
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://match.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

content-length: 70
content-type: image/gif
date: Fri, 25 Apr 2025 09:20:48 GMT
server: Kestrel

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Fri, 25 Apr 2025 09:20:48 GMT
location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch
via: 1.1 google

GET
H2 200 setuid
ib.adnxs.com/ Frame 95A8 43 B
1 KB 69ms
69ms Image
image/gif 103.43.90.21
ASN-APPNEX

General

Check archive.org

Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=52&code=k-SSwALyjqRW9ciezBer7_pVf-bSksbGRK-b8aTg

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

103.43.90.21 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
x-proxy-origin: 146.70.201.221; 146.70.201.221; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; *.adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
an-x-request-uuid: d19aa802-d116-40ad-b1f9-a26dea330d03
content-length: 43
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Fri, 25 Apr 2025 09:20:48 GMT
x-xss-protection: 0
content-type: image/gif
server: nginx/1.23.4

POST
H/1.1 204
No Content collect Show response
k.clarity.ms/ 0
276 B 190ms
189ms XHR
text/plain 172.175.38.6
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to

Full URL: https://k.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.8.1/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.175.38.6 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://www.refa.net/

Response headers

Request-Context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
Access-Control-Allow-Origin: https://www.refa.net
Date: Fri, 25 Apr 2025 09:20:48 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H2 200 favicon.ico
www.refa.net/ 32 KB
33 KB 6ms
5ms Other
image/vnd.microsoft.icon 18.179.98.218
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://www.refa.net/favicon.ico

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

749833df9eeeac4b6e5b7eac5f5eb02318917e242440bb3b06536e09acc84a71

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.refa.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://*.my.soasc.net;
etag: "80dc-59df9822da400"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 32988
date: Fri, 25 Apr 2025 09:20:48 GMT
x-xss-protection: 1; mode=block
content-type: image/vnd.microsoft.icon
last-modified: Fri, 07 Feb 2020 10:04:00 GMT
server: Apache

POST
H/1.1 204
No Content collect Show response
k.clarity.ms/ 0
276 B 159ms
157ms XHR
text/plain 172.175.38.6
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to

Full URL: https://k.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.8.1/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.175.38.6 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://www.refa.net/

Response headers

Request-Context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
Access-Control-Allow-Origin: https://www.refa.net
Date: Fri, 25 Apr 2025 09:20:50 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

POST
H/1.1 204
No Content collect Show response
k.clarity.ms/ 0
276 B 163ms
160ms XHR
text/plain 172.175.38.6
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to

Full URL: https://k.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.8.1/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.175.38.6 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://www.refa.net/

Response headers

Request-Context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
Access-Control-Allow-Origin: https://www.refa.net
Date: Fri, 25 Apr 2025 09:20:55 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

Verdicts & Comments Add Verdict or Comment

96 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

107 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.refa.net/	1970-01-21 04:54:19	Name: ReFaCN Value: repeat
.refa.net/	1970-01-21 07:02:28	Name: _gcl_au Value: 1.1.457986581.1745572846
.refa.net/	1970-01-21 13:38:28	Name: _yjsu_yjad Value: 1745572846.18001034-f125-4ec5-aa0e-5cd89648fc26
.criteo.com/	1970-01-21 14:14:28	Name: uid Value: 10d2438c-96c6-419d-a6cd-126442b35aa4
.criteo.com/	1970-01-21 14:14:28	Name: receive-cookie-deprecation Value: 1
.refa.net/	1970-01-21 04:54:19	Name: _gid Value: GA1.2.370160333.1745572847
.refa.net/	1970-01-21 04:52:52	Name: _gat_UA-66487979-1 Value: 1
.www.refa.net/	1970-01-21 14:28:52	Name: __lt__cid Value: a34a74ce-6468-4a21-9645-b1486f43d74a
.www.refa.net/	1970-01-21 04:52:54	Name: __lt__sid Value: ba227365-ca989118
.ladsp.com/	1970-01-21 04:52:56	Name: cr Value: 1
.refa.net/	1970-01-21 07:02:28	Name: _fbp Value: fb.1.1745572846697.921218279429259436
.yahoo.co.jp/	1970-01-21 13:38:28	Name: XA Value: 0r0ppchk0mkve&sd=A&t=1745572846&u=1745572846&v=1
.yahoo.co.jp/	1970-01-21 14:28:52	Name: XB Value: 9212f42e-21b6-11f0-821e-4934fceaf088&v=6&u=1745572846&s=pi
.line.me/	1970-01-21 14:28:52	Name: _ldbrbid Value: tr__k1y/XGgLU+6c6kDJcNhyAg==
.ladsp.com/	1970-01-21 14:28:52	Name: smn_uid Value: aHnnB9ex6j8AhC26OfCsjCiQnEtWVtc
.ladsp.com/	1970-01-21 05:36:04	Name: receive-cookie-deprecation Value: 1
.refa.net/	1970-01-21 14:28:52	Name: _ga_3QN5BHV6QK Value: GS1.1.1745572846.1.0.1745572846.60.0.0
.refa.net/	1970-01-21 14:28:52	Name: _ga Value: GA1.1.1419763608.1745572847
.refa.net/	1970-01-21 13:38:28	Name: utag_main Value: v_id:01966c3fdcbf0065c79da5b792dc05065001505d00b08$_sn:1$_se:1$_ss:1$_st:1745574646784$ses_id:1745572846784%3Bexp-session$_pn:1%3Bexp-session
.refa.net/	1970-01-21 14:22:16	Name: cto_bundle Value: fXNwX196ZEJ2ZXFWUjU5ejJ3ZjlNWjZYRHhFWUg4S0FXdCUyQmg1azZoWGp4SUtKSWZMbEtEanNnSFJhdFNsJTJGNENueVZ6ZDIzSm55JTJGVyUyQkUlMkZJakZ0cUFsSXFwWmNqJTJGcjVLNjk0SmExR3JtNlMlMkZpbzNrOXhUUWdPb1YlMkZoYVdoTXRPejJ0JTJGQWFyRGV0aEJGQUNibGNYU3I3TVdybnclM0QlM0Q
.t.co/	1970-01-21 14:28:52	Name: muc_ads Value: ff9a77ea-df90-4e22-8763-529ce421fd9e
.t.co/	1970-01-21 04:52:54	Name: __cf_bm Value: 7IfAmxcrLRBGAOkdTQcmIqN2SylAOfOD.lUzH_SKaPc-1745572846-1.0.1.1-lm1tbUePwSGTftJNy.c5rWudHj6G_MngFXSJVuF_ovTY0XND24BkZne5BLbC.dTVIOZ9o1XC4RwTntWVhlcByV2vpNQ7M_t99oDCSB5fkCA
.ladsp.com/	1970-01-21 14:28:52	Name: lum Value: CMu6_-HmMhIFCAEQqAESBQgZEMABEgQIDRB4EgIIDhICCCoSBQgDEPABEgIICxICCA8SAggQEgIIERICCBQSAggbEgIIHBICCB4SAgggEgIIIhICCCsSBQgKEJAN
.twitter.com/	1970-01-21 14:28:52	Name: personalization_id Value: "v1_K/Knm8/mVCl2K8B0ZvrqYw=="
.twitter.com/	1970-01-21 04:52:54	Name: __cf_bm Value: d.Y_p6h3vrwx7bb9JD1ypmnjr7ZsMglwHLZ0ieM1ZaU-1745572846-1.0.1.1-5mlJ90ZWeplEEo3xT0i1yNXbXAk6SFblMOyW4BhoYNNAlNFbqQgNWZO7hhqdhS5Bicil5aJmje_JrCqtiZUz6mkEQziAvewq54zUJCjBuok
.doubleclick.net/	1970-01-21 14:28:52	Name: IDE Value: AHWqTUkxdLFerT5APechJ9CGpAXZzUqQl_gOVdcBPe6n6DhYqT3fRM2jHA2LVMXe
.ladsp.com/	1970-01-21 05:13:02	Name: tpc Value: 1745572847&mTxrsbcXjcbp0Lne4Pwl2g&
.openx.net/	1970-01-21 13:38:28	Name: i Value: ad18ab32-bf87-4411-9515-d8bcd7ca21bf\|1745572847
.im-apps.net/	1970-01-21 09:12:04	Name: receive-cookie-deprecation Value: 1
.adingo.jp/	1970-01-21 05:36:04	Name: logicad Value: AUdtwyr5jO_Cks8AKJCcS1ZW188AAAGWbD_dYA
.ad-stir.com/	1970-01-21 13:38:28	Name: uid Value: 8989abb1-66f5-478b-8f90-559901c56fde
.ad-stir.com/	1970-01-21 05:13:02	Name: d20 Value: AUdtwyr5jO_Cks8AKJCcS1ZW188AAAGWbD_dSw
.refa.net/	1970-01-21 04:54:19	Name: _uetsid Value: 924feb0021b611f0a4add7728e51d341
.refa.net/	1970-01-21 14:14:28	Name: _uetvid Value: 924ff13021b611f0ba03b1ba71961c85
.im-apps.net/	1970-01-21 14:28:52	Name: imid_created_secure Value: 1745572847
.bat.bing.com/	1970-01-21 05:02:57	Name: MR Value: 0
.sp.gmossp-sp.jp/	1970-01-21 14:28:52	Name: deviceIdentifier Value: R4L1ISXwNx2Cutvk
.gmossp-sp.jp/	1970-01-21 14:28:52	Name: dsp_logicad Value: AUdtwyr5jO_Cks8AKJCcS1ZW188AAAGWbD_dbA
.popin.cc/	1970-01-21 14:28:52	Name: piuid Value: b5013db31dc84d3e92595f902d75397b
.popin.cc/	1970-01-21 06:19:16	Name: p_logicad Value: AUdtwyr5jO_Cks8AKJCcS1ZW188AAAGWbD_dbg
.adn.caprofitx.com/	1970-01-21 13:39:01	Name: pfxid Value: 01a145b2-6829-4348-970e-e0b7ef26906e
.adn.caprofitx.com/	1970-01-21 13:39:01	Name: pfxids_logicad Value: eyJpZCI6IkFVZHR3eXI1ak9fQ2tzOEFLSkNjUzFaVzE4OEFBQUdXYkRfZFp3IiwidXBkYXRlZEF0IjoiMjAyNS0wNC0yNVQwOToyMDo0Ny4xNjBaIn0
.bing.com/	1970-01-21 14:14:28	Name: MUID Value: 00B55D2EDA6F69290DC248F7DB3768CE
.socdm.com/	1970-01-21 14:28:52	Name: SOC Value: aAtT78Co8GsAAETDzLIAAAAA
.adtdp.com/	1970-01-21 13:38:28	Name: uid Value: d1f5a122-7d10-4091-81d6-10ec9d734aa7
.adtdp.com/	1970-01-21 13:38:28	Name: pr Value: aja
.im-apps.net/	1970-01-21 14:28:52	Name: imid_secure Value: wis-7bKtTxqxrA5QtkblQg
.bidswitch.net/	1970-01-21 13:38:28	Name: tuuid Value: 59a64a89-ce73-4936-a30a-d8de712ecf9e
.bidswitch.net/	1970-01-21 13:38:28	Name: c Value: 1745572847
.bidswitch.net/	1970-01-21 13:38:28	Name: tuuid_lu Value: 1745572847
.fout.jp/	1970-01-21 14:28:52	Name: receive-cookie-deprecation Value: 1
.fout.jp/	1970-01-21 14:28:52	Name: uid Value: C7EHVDryxvAVK2euF67Js26-Mdg
www.clarity.ms/	1970-01-21 13:38:28	Name: CLID Value: 37dc2c74a2cf4b0b921c64e3a05f1788.20250425.20260425
.doubleclick.net/	1970-01-21 09:12:04	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-21 07:02:28	Name: XANDR_PANID Value: KJ2CCUlheL_UPtSK3h8NWbo4zbkHN3Id_ncEvy3AJWiDPqlV8oldtRuuym3oyolVmpQ_x6nhYjtrUMobrs82Wdv_Vvo6LOyEYaZyg42i8Lo.
.adnxs.com/	1970-01-21 07:02:28	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-21 07:02:28	Name: uuid2 Value: 1847495480127324161
.taboola.com/	1970-01-21 13:38:28	Name: t_gid Value: d6a5662c-4784-483e-b671-650a08dfad0b-tuctf04d96f
.taboola.com/	1970-01-21 13:38:28	Name: t_pt_gid Value: d6a5662c-4784-483e-b671-650a08dfad0b-tuctf04d96f
.refa.net/	1970-01-21 13:38:28	Name: _clck Value: 1jcmsp4%7C2%7Cfvd%7C0%7C1941
.impact-ad.jp/	1970-01-21 13:38:28	Name: tuuid Value: b0d6ecba-bd88-440f-9389-f27c3fcf9852
.impact-ad.jp/	1970-01-21 13:38:28	Name: c Value: 1745572847
.impact-ad.jp/	1970-01-21 13:38:28	Name: tuuid_lu Value: 1745572847
y.one.impact-ad.jp/	1970-01-21 13:38:28	Name: cmt Value: !105=59a64a89-ce73-4936-a30a-d8de712ecf9e=1=517407647=514815647
.rubiconproject.com/	1970-01-21 13:38:28	Name: khaos Value: M9WL055L-15-FXEG
.rubiconproject.com/	1970-01-21 13:38:28	Name: khaos_p Value: M9WL055L-15-FXEG
.rubiconproject.com/	1970-01-21 07:02:28	Name: receive-cookie-deprecation Value: 1
www.refa.net/	1970-01-21 14:18:48	Name: _im_id.1012284 Value: e8e77bbe0db27408.1745572847.
www.refa.net/	1970-01-21 04:52:54	Name: _im_ses.1012284 Value: 1
.ad-stir.com/	1970-01-21 13:38:28	Name: bpmkv Value: 1
.send.microad.jp/	1970-01-21 07:02:28	Name: TR Value: f408310996754ee3b4a8bbfdb7c01eab954f73627da63725
.gmossp-sp.jp/	1970-01-21 14:28:52	Name: dsp_bypass Value: 8989abb1-66f5-478b-8f90-559901c56fde
.impact-ad.jp/	1970-01-21 05:13:02	Name: psm Value: 0
.casalemedia.com/	1970-01-21 13:38:28	Name: CMID Value: aAtT724sBycAMSgLCAhWfgAA
.casalemedia.com/	1970-01-21 07:02:28	Name: CMPS Value: 5528
.casalemedia.com/	1970-01-21 07:02:28	Name: CMPRO Value: 5528
.doubleclick.net/	1970-01-21 05:36:04	Name: ar_debug Value: 1
.adn.caprofitx.com/	1970-01-21 13:39:01	Name: pfxids_bypass Value: eyJpZCI6Ijg5ODlhYmIxLTY2ZjUtNDc4Yi04ZjkwLTU1OTkwMWM1NmZkZSIsInVwZGF0ZWRBdCI6IjIwMjUtMDQtMjVUMDk6MjA6NDcuNzEzWiJ9
.ad-stir.com/	1970-01-21 05:13:02	Name: bpuids Value: "8,20011,11,14"
.ad-stir.com/	1970-01-21 05:13:02	Name: bpsfin Value: 1
.fout.jp/	1970-01-21 13:38:28	Name: lastW_mapping Value: 1745572848
.c.bing.com/	1970-01-21 05:02:57	Name: MR Value: 0
.adsrvr.org/	1970-01-21 13:38:28	Name: TDID Value: 3936ce3b-14a6-4d37-b242-8306730474ef
.i-mobile.co.jp/	1970-01-21 13:37:22	Name: xid Value: ece6136a-06ea-41ce-8a99-d87e50b0a1d2
.teads.tv/	1970-01-21 13:37:02	Name: tt_viewer Value: 579a81b0-f71b-4bbd-a16a-4dae25eaa96e
.refa.net/	1970-01-21 04:54:19	Name: _clsk Value: vcz0j6%7C1745572848133%7C1%7C1%7Ck.clarity.ms%2Fcollect
.rlcdn.com/	1970-01-21 13:38:28	Name: rlas3 Value: c6TSF2ejemaU3fE5g8andjFNSWRGQZrtifhGh2k7T1I=
.rlcdn.com/	1970-01-21 06:19:16	Name: pxrc Value: CAA=
.agkn.com/	1970-01-21 13:38:28	Name: ab Value: 0001%3AVnUuQCj%2B7msggQC06WBPS2Apt7BHBBzB
.criteo.com/	1970-01-21 14:14:28	Name: cto_bundle Value: 47JA1F9vOWRVSk4lMkZXaXBMeHkyUk1ZWFEwcmhaQkw4T0VacTBNN0N1ZUhReU05enhseXIlMkZWeTloVFBGNUtFMm0xQ21vWmxTVGNicW14JTJCRmFMUEUlMkZTQ3pTQzhDOVNPNmlOUXNlS1RJMElxJTJCQXJyZG9TOFF5T2VLTDRLNWl1ZmFMbjVwd2FqTlpYbUQ2YXh0V0ZTZnlSaUxENE9nJTNEJTNE
.adsrvr.org/	1970-01-21 13:38:28	Name: TDCPM Value: CAESFgoHcnViaWNvbhILCLzqtPaP-YE-EAUSFQoGZ29vZ2xlEgsItsKj94_5gT4QBRIYCgliaWRzd2l0Y2gSCwj2wbX2j_mBPhAFGAUgAygDMgsIhMW3o6b5gT4QBUIPIg0IARIJCgV0aWVyMxABWgdqdWd5NmprYAE.
.media.net/	1970-01-21 13:38:28	Name: visitor-id Value: 3885744484400850000V10
.media.net/	1970-01-21 05:36:04	Name: data-c-ts Value: 1745572848
.media.net/	1970-01-21 05:36:04	Name: data-c Value: k-R2X9RijqRW9ciezBer7_pVf-bSmadREjtOX1lQ~~3
.adnxs.com/	1970-01-21 07:02:28	Name: anj Value: dTM7k!M40mh.v04ghqdmU(7T]v0.@D!]taT8i_j-exRW5##qMSi%3cffx/>hx-6dsDPKaI3FdH*dq1RE%SbLu</+OzUm_l)Ij6z1k/jAeD)N+Auw.^]fxLJprhpHL?L0iwow!8yT_rCfF)w_<EBa`cSyU8+[s-.V9hy6]/Cr+iaH8O34=6+[lgPqK`I=w.fC:3_28<(T67m2q7nlmif[eKF]yT?ONya!tNhToPDUOpZ
.c.bing.com/	1970-01-21 14:14:28	Name: SRM_B Value: 00B55D2EDA6F69290DC248F7DB3768CE
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 14:14:28	Name: MUID Value: 00B55D2EDA6F69290DC248F7DB3768CE
.c.clarity.ms/	1970-01-21 05:02:57	Name: MR Value: 0
.c.clarity.ms/	1970-01-21 04:52:53	Name: ANONCHK Value: 0
.rubiconproject.com/	1970-01-21 13:38:28	Name: audit_p Value: 1\|F2Fkn68BVUkulk1qS03zawWpGiEGll2Bg8Q7t7abOHDULEzLSiMGrbA6NB2Dn+ThztHXJ091DeMwHTRO1/p4iL+YuzCqzjSQgXr7nSTpjJ3Z6rMoVGSjxzI6m2GwvSZBJ/zZhUkskSikkpvnVflOG0pK7ZNketz4b3yKlwyIsxog1u3OEw5FU9APlTu0R9RN
.rubiconproject.com/	1970-01-21 13:38:28	Name: audit Value: 1\|F2Fkn68BVUkulk1qS03zawWpGiEGll2Bg8Q7t7abOHDULEzLSiMGrbA6NB2Dn+ThztHXJ091DeMwHTRO1/p4iL+YuzCqzjSQgXr7nSTpjJ3Z6rMoVGSjxzI6m2GwvSZBJ/zZhUkskSikkpvnVflOG0pK7ZNketz4b3yKlwyIsxog1u3OEw5FU9APlTu0R9RN
.smartadserver.com/	1970-01-21 07:02:28	Name: pid Value: 7695926000318173270
.smartadserver.com/	1970-01-21 14:23:07	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-21 05:36:04	Name: csync Value: 79:k-CCC0SyjqRW9ciezBer7_pVf-bSknMwOfbEr9OA
.3lift.com/	1970-01-21 07:02:28	Name: tluidp Value: 1985602518247664480894
.3lift.com/	1970-01-21 07:02:28	Name: tluid Value: 1985602518247664480894

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.refa.net/css/font/ProximaNova-Regular.otf Message: Failed to load resource: the server responded with a status of 404 ()
javascript	warning	URL: https://cd.ladsp.com/script/pixel.js(Line 1) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript	warning	URL: https://www.googleadservices.com/pagead/conversion.js(Line 27) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
network	error	URL: https://cs.gssprt.jp/yie/ld/cs?dspid=logicad&uid=Ab7ZOQs0F0VBks8AKJCcS1ZW1xw Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10707063.fls.doubleclick.net
12693547.fls.doubleclick.net
aa.agkn.com
ad.as.amanad.adtdp.com
ad.doubleclick.net
ade.clmbtech.com
adn.caprofitx.com
adservice.google.com
am.yahoo.co.jp
analytics.google.com
analytics.twitter.com
apm.yahoo.co.jp
atb.im-apps.net
b.im-apps.net
b6.im-apps.net
b92.yahoo.co.jp
b97.yahoo.co.jp
b99.yahoo.co.jp
bat.bing.com
bypass.ad-stir.com
c.bing.com
c.clarity.ms
cd.ladsp.com
cm.g.doubleclick.net
cnt.fout.jp
connect.facebook.net
contextual.media.net
criteo-sync.teads.tv
cs.adingo.jp
cs.gssprt.jp
d-cache.microad.jp
d.line-scdn.net
dis.criteo.com
discoveryplus.popin.cc
dmp.im-apps.net
dsum.casalemedia.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
idsync.rlcdn.com
insight.adsrvr.org
jp-u.openx.net
js.adsrvr.org
js.fout.jp
k.clarity.ms
match.adsrvr.org
mug.criteo.com
partners.tremorhub.com
penta.a.one.impact-ad.jp
pixel.rubiconproject.com
px.ladsp.com
r.casalemedia.com
rtb-csync.smartadserver.com
s-cs.send.microad.jp
s.yimg.jp
s.yjtag.jp
secure.adnxs.com
simage2.pubmatic.com
sp.gmossp-sp.jp
ssl.socdm.com
sslwidget.criteo.com
ssp-sync.i-mobile.co.jp
static.ads-twitter.com
static.criteo.net
stats.g.doubleclick.net
sync-t1.taboola.com
sync.1rx.io
sync.ad-stir.com
sync.fout.jp
sync.outbrain.com
sync.taboola.com
sync6.im-apps.net
t.co
tags.tiqcdn.com
taj1.ebis.ne.jp
td.doubleclick.net
tg.socdm.com
tr.line.me
u.openx.net
um.ladsp.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.co.jp
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.refa.net
x.bidswitch.net
y.one.impact-ad.jp
103.43.90.178
103.43.90.21
104.18.27.193
107.178.248.96
119.63.198.176
124.146.153.165
124.146.153.167
124.83.184.124
13.114.11.148
138.113.138.164
141.226.231.48
142.250.196.98
142.250.199.102
142.250.207.2
142.250.207.6
142.251.222.2
142.251.222.38
142.251.42.162
142.251.42.195
142.251.42.200
147.92.191.92
15.197.193.217
157.240.31.35
157.240.31.5
162.159.140.229
172.175.38.6
172.188.170.32
172.217.31.163
172.66.0.227
18.172.30.90
18.172.52.116
18.172.52.72
18.177.234.21
18.179.98.218
182.161.74.11
182.161.74.16
182.22.30.204
199.232.148.157
2001:4860:4802:38::181
202.232.238.37
202.232.238.39
202.233.84.8
202.239.3.249
203.137.133.154
207.65.34.80
216.58.220.100
23.106.50.39
23.192.193.157
23.222.96.30
23.42.117.131
23.48.117.105
2404:6800:4004:80f::2002
2404:6800:4004:820::200a
2404:6800:4004:821::2008
2404:6800:4004:828::200e
2404:6800:4008:c15::9c
2406:2600:4::2e
2406:2600:4::b
2600:140b:1a00:23::173f:e91f
2600:140b:1c00:38::1732:76b3
2600:140b:6c00:48::1735:344
2600:1901:0:2dbc::
2600:1901:0:d706::
2600:1f10:4ce4:4a02:8a21:b52c:f946:1a6c
2600:9000:26ef:2a00:7:2bfb:7c00:93a1
2600:9000:2828:4200:1e:513c:d3c0:93a1
2620:1ec:33:1::10
2620:1ec:bdf::46
3.113.227.140
3.114.66.39
3.164.121.106
3.165.18.96
34.49.1.209
34.98.64.218
35.201.98.24
35.213.17.49
35.213.7.90
35.244.154.8
35.71.178.8
35.78.131.249
52.194.129.118
52.196.43.105
52.231.230.148
54.168.99.99
54.250.66.208
69.173.158.64
74.118.186.107
0096d793dbff0842ac166ca51051e699d149e88ded75cef3b6de664f9b7721ad
01148624e9caa337843d91978293481f0c48c8d635e98aee2939b095a54ad2c7
01f99487495f53d459f660fe19eb60fea5f9a42b075ef8e0cf230e50fef8f1f7
0270d21f63861850022a9551ce17deca43c794ef183e8e6e11aa5df0fe1c9eea
0a03387c46336ef65b37a33cac758afaddd1429bc3ea9c014cb135bb3b9aece8
0b98a19365222891ff6bdd5d467a71e5bd25b0cba2ea3733392c6f52bcb44ebf
0ba48dccf406bd820e3d57ae7f8ef8d9cb1297b831a842eed939312473b77fe9
0bfeb4995ea62040453ba709f72d8015acbbb94a10807e1a3388729e27c41235
0e0af92009f1fe0ff4d7e2a5a3629e7c4609ba49e27b8a9778137e48f9790fc5
0e3bcdd405be5082639213a43e713e0d6e8b801c37f6c0be7291f324b0853407
0e4f4ca9a9984bb66c83a3960717bf3a159ccd187c50f0454c1edc13e2f32c92
0f4d4af20dac5960594ba1a1739a87c175961bef8ea1de59f2a4acd4f706db66
0fe30326ace35e058a501d3a301a7930c82fd9fce3231478452f14fa2237403d
0fe79403b0da509e1489e4ee29a83825f876a00dfbd4a2a84374160008509566
112512dba86709f5330c91fbfce0b75fbbce56cdb5f25e7ccce6d5ba6b150519
1258bb21295d9c45518ff56df6fe0f297de6ba01307ac57b7d4062a89c826df5
12c6bd9c71c5c5973eee8b4847f96ba481838ebad0b6dba860c05386d535e841
13a3725a7a9cbb6cd31e31aaf38ded77543b8d3f80ecf0649fec2439def693e5
1506dbfcc6176e64a8d70331eac38af23119fe821581b490cbacb3b50042c133
15e30a5c383d667eb756f277e8d51975850eb00f0ad1b04ad157701f75d712bd
16fd28d7d50667ff6bbbe9fdca15d32116ec0c51e4e2fe9fbfddd5b50e0168a7
17be2466d262d98456527705c60616767ad6171734bf7a26933ce708afcf886f
18ac154fb54f049212fa32a410b2cc3ea2c54b468833815759646aadb531133e
1a2ad774c88495859f82aeeda6be27ff5d949f89e8607a0c23f452d1454d791f
1a2ce6cc85dfc81d5f8d383ff7ab1366eba6cc47cd90f1b13035474267d9e4aa
1cd9fbd562188e62f5cc582f1aa282277238efcfcd7d0a1bfdabedeb9805dd38
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
23648a805757fe951690f36a2703fc44bed7446f27ab14002b755414eee79eb8
23b168d37d67d881829975f86b7c730f893a51cf337b0700cee1283c8c1d62d7
2538590b87a5eb44bb27a7a5039451a5606d80c587cb361de40ed4193c9a552f
257f0e7d169fff1f3b74c7854791f36fd809cb06a5f499bbb5194619c0ab611a
2724d11992815bd94e9c2045ae99df34478108c76aef64051f32492301e5c646
28011ea8e672ce692536247bea4fce0eda0eda3edb71daa474974b0d7a3c64d9
28b2daaba34cf81a2cfcc1387f8b643970b99217d4bf38d81998f1881728d250
28fbbe396672899343f5a40b8d32c33d863bb7d266cd3cca08291790677e9f52
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b1569f169809d69310a339774c908c2ee095d2d90ce5f1464d922ef02ac474e
2caf72ed04f9de90d7ecb5fa23f95de7a1f977b19dfbb4bbe6e92765fe581b3e
2d1fa6b88df0daf228a506d6570e26fe40d3b48a60f024f27b5c407301049e9d
2e914ba245ff42449ed9ad8103d185ec7f8ddf5896a1b1a1b9c0a5427893c420
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3481c87254b9418fe5d1c0a6c33108a23109e41f0867c6118711e5cfa4345144
381b85b13b7e5349854d173bd4f107dcbcef218e36df352c417b8745be97500e
3856ad2d466bb48b721dd6ce633740f10d9a8f1175e04303e320692c80e65f00
3936ff1cbad23eb65b85d0541463a7dea57a2d49f30ed6408dc2b6c4280edc2c
3cb1d3b6a02a855c49562ee15c08f18cd35d00c2edc0f4931d84abcdd76b78d8
40f10ff64da9f0c2ef03317b611eee8fa8f181f7494cc4d0770fa476a8dd952d
415a145bd4c7403ac624e017365aab54cc22d70431d4c81d2f31d2bc89023d16
41a3a830e07e40cdbf135818a398d3b439a1b5e7a6d5b1e3c4112a06b5d63fb6
436ab6fd82a4947f0f0fe61f080cf60dd51c66bc2c201befaccaaaec19fdd2a7
44070a7cb5d5c616e215b0cc03ba5fe0c8185716f7efb4c6b7f7e6e3cfd93aae
440c00dc7b522ef7e41675fe03f07e21882d878294ffe6811bde503fdcb9afc4
44e8cb44cdd9eb6a4d4e3818aa820f39413552076ed701340672bbc9d2cd1c0b
47a1c22451364f6ae69bcc5fc506001e077c923b7b60e02d8715078457d45e98
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c3b799ae3bb8f31107585d13a9445920d4d27d8f4fe080ad1a5c750e28f0122
4c70642b2f2405a01887ba7872c31b86e0e8c6b0d9919082d992e6ff493aa394
4cde44f4a6001baefb125113c0dc2c1ab127d26cd44b78d9b8cdd1d5955e3c6e
4cfb58b6ed297977f3cbdaa6f104ffa1a98dd7ef6afc32b9743e44204bee86cb
4d9bc12d794ed221ae1cbebbbeba7b267305c6dc94704412e6cfea0e156a5237
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f598cbac807f873d0d48a932391c8fe2ba795ac9a4102eabe6e0183cc12dbc4
4f9ae5d90f601466f0b2f62dbd41c201fe39b9586adb23f01387dd0a80c4069b
4fefb176157c6a3a8d8183ad9596a617f5d67c7d6f2b2840dbe0f6b533f4d43e
50a15fd8948b9cbbc75c65539420377625d99c59e77ecbfa6ead40d20a50f561
50c917f3539f19ccf47be4cba7a89195fe163b6e75be2004bd6bbad3c5c29c48
50d9d64a854b997824aeea5bd46b47a63b9136cde479e3cb977284ccbd7e27aa
521ffb719d3a151ff80f1d59ffa16a6fbf3c128828cbd66c717ae0c3f73758b9
524ee1e948aa16b1ffb35f80197d77a28d4a4709cdf17a24fc9c64353ba05766
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a6e3d48c01389588bed37b054d563d56b6b6fe980bc8e086148c80488df4fa
55f536d57e399a63e080c49d01c4f40735659098956fda72af1f8b592cc3688e
57139058a78a65e8099ea3d55f1b7fea110264e6841dfe13292dc18d0b905cdf
589dc9e3526bc771a26cd4f2f0e33785d14e061b9ecce3535065d9cd5c43e0af
59eb9a72a36b3ecad4a44d11d0b90d16397f07290d748d99025efd26cfe43599
5a9fc9a8f2f9175d67b30b0c5e2fd4bf0e1a89c3e7c26574c2d9be8d0728494b
5e6dd4c607bd4eb230bf6fd39bdccdd77337b06a314b8bb4631b724a1515428a
5fe36ac41d735e262ed03dfa258ad1c09ae6e73420f494e7c98380f3cdd133d3
6135fe16d7578e65be79a3e5d6ba252095648c1b871808f69b1482f6ff7f6839
620e2edae90690b19d7b21b68960830c0845ec6d564e078287fb4cd24c6d506e
665b7fa7318542e8161416bb89e4ff95b319f8fd758f7d6dff19e7154d9eb51c
67741fe2bd4e9b44e67da55f3fa7f2e039a908c89c3894fa0870e13c6a313e8f
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
7056cadddfb827921163a97671f6e02142116e0dbcfe568208b63335a5ced7dd
749833df9eeeac4b6e5b7eac5f5eb02318917e242440bb3b06536e09acc84a71
74a8928649d9a790c33200230bcac1405bc83a4954fab1658994bd9d4a91b2ff
7537cf619819feb34e2ac57dbca05ff1584047440ce0c8fcfdc5bcd719536177
759043dafa55d63c0788faf5611e14607e598d740d5bc64ecc772d841014d04c
76f7ed1e950345347015644836dd7a02a7fbe5f31c6034c60b75f2d980bf965c
7bef66040637d065b8289d806d1460f78ec8a0fb462125cd554ce3f8ba333846
7e502c6085eb961bec751d36ee86be53ae7b90e0e716d0acefc1c4525abf4388
7fe86be91525d5927de41733152b8c071c3990ddabc653bcec70a89ca7276508
80517b8960156057b554b4d7e31939a44657ebef90c5ae7575810e85617d525c
80e13b96531319ca8b59d9debf3b7831000f277eeee39f51052986965d90d7d7
845b9a0b4351439241ee717d7d4c8aa54299fb5ef5abb23a4daae3f622469afe
84a7719cc023e5cf673789a34abc6c5368232304ee01ec830a319354d5adf101
8559dc3c81a4baadc15eefeea7401d0169b34d66b33b72ad074f40d651b1c759
8874e48a579600823ed18b028068ff8588dc63edea823cd83eca0b75674812e9
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ebc6bfe7959d723e5a43241bd42371be02a7a7c0d922213b76e30d11f590a40
8ecd899b23b5480c354a38a0a3792aa8b267dd59c93a874d71993696b0a9dc57
9044f2b7896c5ff30175a5dd7d4d59668628bb4fd20f44d5b16efde9eb1c06db
90bd413f9a64c95501976df47ad94702efade170018846977d66a086aa97725f
95a6465b4150259acc5301f8bb35c3d4b453db3eb366ee8d8571c7f52fb2f9b9
96dccaa929e6a14f0f439d8597777a97b22720516942d36fc625ae11e85c3ada
96f76836380e6440d26a053b37d4a59de43d22c75c5924550eab6e7b45f45da7
9716b0b098b4f761d80f366829851c4ec50729f25d4a85c336cd715ddaf278e9
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a2be8e33b2d1ff981f8e2410479d1ab2f5aa23370a3ba91283ca273c3db63ba
9c7413f69684c3785ee0c59fde2a95c90ad749a0b71ed32d96e972be34bab627
9e1e55ca62eee0910dde7263a83c8689ab503fa39e55d469f087bd4da73aaa96
9e3a9103c80346b1b39bea3de46f44a462b3f594fa45e7206252bc41d7e3e855
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a322c36940ddfde2d4009e8e8d710c051d305f95a2b56b47875bde7f67cb46be
a91a0b9abba1fd929121fee0db6a068a3b733df621f6a337f5a7cfaadeb39cb4
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ab32d76d64ab36478d657f01c5e77e6526c8a6099c364aa0ecd7124621d41fdf
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ac89958fd75e99eba92cdb3f927cce205bd05c2c6ffe643c4bf52ca6558d61b3
ad595d2bcb4a29c72749ff607de9852c23e4f80ef11b6dca780a21d5e8f65cea
ae5e551805001afa84d27b1400bb18071c12d9829345febb9357d54fb544265e
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4fe853a4a242eb2611be36071d11446d5fa7ce6542173623d57d31cf4451edc
b52576e755de4b2d313277295d1151cb82093e51cdb0c3a80845f99ec898e1cc
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
b730ea5162b85026d63b361b95025dc8766e58db7dcae31a8cc4ce1025bfae3a
b898272be45dff5dd67049c0178cac022a9d831a0c8f64b84fa9b26bcf5afd1a
ba485578d0039123c373e049537654a4463ec6539a5e150d1f33f447f9713dd9
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc168df3e06eb5270ee21298056bd5b7f79c8716ff2cdb96545867ad6a24af1f
be2bce89bb5f2723be6c2a7815ac1723ad50487538967bd9e3bf760333e3bcad
bf9122f9db31ccdb893d0d475b22f5ae3686373ed845ec3aeb498231516f58e0
c196db22c9b04316ea703c62bfde5d7d23849746391241e6e4e7b6832f7616ae
c1f35a05b78d4d581914533d507f1abd3bf7351f7ff41f5f0d388d54e1bf5fb6
c38aa8e3a4697d31196a6ccdaa5959b8ded88268dec8b7b4556443d4b31f51e4
c7a98e7678733e7dd4eaa008a9b4c818c91e7a60f0f5cd1c8393eb558f329b46
c8b624ad07331f0d6c28a75c54582cf826c19b8c7ef32eb5a0bb948fc2c7f374
c8ccbeb009c06056c4feb3e7789e7ec84cd42760012c996b4b8c8aa139926850
c9826309b452d120fd6d1cfc0cf457b923024f39d7098265a4c5e1e27d6a96e7
ca85d4a417a32bf646e74f6ddfd068a95dfafb72ade0b4200ce718f963f318dc
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfe7849253d80d10ecae686ee790fda42ccc1a826a9e5bbe9bb35c74fa03a5c3
d2d19470c6e6582fa8077412c42c7ae1b80aa298b80b97fb4eb4ec8b46ff7c75
d2e494cce0cb67fe795c1b218d34a107a0ccb73a8cbd1f592ce15e77f806e348
d36b373b44b77f016e4b7df913ba2da2a8025456f016bc794861f210c0e3ada3
d9a880dd8308875ac7208525acc75f7a58884df6921ad6b03bf05c7672741225
daf575d309cd103f22b4870a8bf90e7ec0cf5f03ea8f55658da64442ca64fd87
db18894477b9adf3bb7cbd717cd14cf77b18827fb6f57ca92b40a8e065ab7480
db7749bf28c50f07a15842bfe0d9a95fc6865c9d716ea99e27f581a5fe56f208
dcd2068d1d0e40a42043d396e3d60b1437f144965f57a1365dba3901a5c7d81d
dd395b69fadfc900533d5b4f4a5687f137da30b224b41b926d834f226469bd1c
de313643df0360a13d94fb9583114305bc3fd804ee4ce9df5d396a3c3d00200d
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de4f47c8c2395815559148bdb19dec5d4eb84e130e4639e00d915a82eb4680b4
de59b24ff3b0d08ea52d3a8ba27b98b01e49702e25cebaeca12641a678564325
e05338752c34f37afa6b777747eaa7f318fab14a51a8b6876543550db6512745
e1a52c0a06fa9f65e015b02e7ec463fd621211a9d2ae44b6660597900e927fbb
e2f4ab919fb945d7759912286e53177d359d1fbaac2c03953e2cdbc71e1cce29
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e54dfffb54fe2288c3c8aabf1533f94cf08b08293341375deb1b8321516f34b7
e845d2306c78cf59b1821f3fc0316bc2081dad94029a4d98a487d2977e1e8a00
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
eccb869ac94b5913c7de835ba0755d6c4b09a26cc709d69f1f364141fcdc53bd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef51d8df2feec3accfe9a5275a64def5d77465add4be0b9741c7ff0f6edca1df
ef71352e0a4b4b55774686c8bb9ad5783b33460c6dae197532b954f008379390
f0d8fe227ec2e803f9c176208dc047140089b580a8722b4c17d64eece8eb41b5
f2a6463de97e090de322b1f61620101c0fe90806e87052af3ddc1151dfa7d212
f693f116ace8ff34b15f0c907bd75a41d85a9dc2d1b2de39aeba00460624f8ed
f9dba462d380b6ca44cf58feec02c6627e82baba075ec698722053efca925b19
f9dc427bd933b43f00a6b153402c80c6edf36640e4b9f40495e1b00eb82bcaa2
faaaa20ec2e395dc630c7d9019688df002cb00744f4fff1f4e3f901eaedecf5f
fc4969afcf1d9804f4f899a6f975b31bfb66408bc7fd43404c6172dc5f79994e
fea2eb260146bdad234decd71e009965911fe9bf6f1f09afeb0f39a80b68866b
feed403f04d7db028b34eabf56c867808451f44bcb2cdb4443338148d9d34b41
ff25a3558bfc76f1e6aecb41b5063f2c6c02d79d5a7f93c2703474dd7ffdb229

www.refa.net Open in urlscan Pro 18.179.98.218 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

274 Requests

93 %HTTPS

21 %IPv6

57 Domains

93 Subdomains

83 IPs

12 Countries

10600 kBTransfer

14169 kBSize

107 Cookies

9 Outgoing links

Page URL History

Redirected requests

274 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.refa.net Open in urlscan Pro
18.179.98.218 Public Scan

Screenshot
Live screenshot

Full Image

274
Requests

93 %
HTTPS

21 %
IPv6

57
Domains

93
Subdomains

83
IPs

12
Countries

10600 kB
Transfer

14169 kB
Size

107
Cookies

274 HTTP transactions
0 data transactions